From 333d66d5636821f71fe61c53894982fb086da2b4 Mon Sep 17 00:00:00 2001 From: Luan van der Westhuizen Date: Wed, 27 May 2026 10:20:41 +0200 Subject: [PATCH 1/3] Use current principal API for auth identity --- docs/product/command-spec.md | 50 +++++++++- packages/cli/src/lib/auth/auth-ops.ts | 108 ++++++++++++++++++++-- packages/cli/src/presenters/auth.ts | 37 +++++++- packages/cli/src/types/auth.ts | 9 ++ packages/cli/src/use-cases/auth.ts | 9 ++ packages/cli/tests/auth-ops.test.ts | 97 ++++++++++++++++++- packages/cli/tests/auth-real-mode.test.ts | 97 +++++++++++++++++++ packages/cli/tests/auth-usecases.test.ts | 9 ++ packages/cli/tests/auth.test.ts | 7 ++ 9 files changed, 409 insertions(+), 14 deletions(-) diff --git a/docs/product/command-spec.md b/docs/product/command-spec.md index 57ccaa7..e14481e 100644 --- a/docs/product/command-spec.md +++ b/docs/product/command-spec.md @@ -156,21 +156,65 @@ In `--json`, `result` uses this shape: "authenticated": true, "provider": "github", "user": { - "email": "alice@example.com" + "id": "usr_123", + "email": "alice@example.com", + "name": "Alice" + }, + "workspace": { + "id": "wksp_123", + "name": "Acme Inc" }, + "credential": { + "type": "oauth", + "id": null, + "name": null + } +} +``` + +For service-token sessions, `user` is `null` and `credential` identifies the token when the API can resolve it: + +```json +{ + "authenticated": true, + "provider": null, + "user": null, "workspace": { - "id": "ws_123", + "id": "wksp_123", "name": "Acme Inc" + }, + "credential": { + "type": "service_token", + "id": "itgr_123", + "name": "ci-deploys-prod" } } ``` +Fallback auth states may omit user details when the deployed Management API does not yet expose `/v1/me`: + +```json +{ + "authenticated": true, + "provider": "github", + "user": { + "email": "alice@example.com" + }, + "workspace": { + "id": "wksp_123", + "name": "Acme Inc" + }, + "credential": null +} +``` + Rules: - `authenticated` is always present - `provider` is `github`, `google`, or `null` -- `user` contains the current user email or is `null` +- `user` contains the current user id, email, and display name when known, a fallback email-only object during rollout, or `null` - `workspace` is the active workspace or `null` +- `credential` identifies the active credential when known, or is `null` - signed-out state is an empty auth state, not an error ## `prisma-cli version` diff --git a/packages/cli/src/lib/auth/auth-ops.ts b/packages/cli/src/lib/auth/auth-ops.ts index 90fd68a..79ef374 100644 --- a/packages/cli/src/lib/auth/auth-ops.ts +++ b/packages/cli/src/lib/auth/auth-ops.ts @@ -1,5 +1,11 @@ +import type { ManagementApiClient } from "@prisma/management-api-sdk"; import { FileTokenStorage } from "../../adapters/token-storage"; -import type { AuthStateResult } from "../../types/auth"; +import type { + AuthCredential, + AuthStateResult, + AuthUser, + AuthWorkspace, +} from "../../types/auth"; import { SERVICE_TOKEN_ENV_VAR } from "./client"; import { requireComputeAuth } from "./guard"; import { login } from "./login"; @@ -10,7 +16,9 @@ function decodeJwtPayload(token: string): Record { try { const payload = token.split(".")[1]; if (!payload) return {}; - return JSON.parse(Buffer.from(payload, "base64url").toString("utf8")) as Record; + return JSON.parse( + Buffer.from(payload, "base64url").toString("utf8"), + ) as Record; } catch { return {}; } @@ -60,17 +68,35 @@ export async function readAuthState(env: NodeJS.ProcessEnv): Promise { + const client = await requireComputeAuth(env); + const currentPrincipal = await readCurrentPrincipalAuthState(client); + if (currentPrincipal) { + return currentPrincipal; + } + const claims = decodeJwtPayload(token); const workspaceId = workspaceIdFromClaims(claims); @@ -84,25 +110,33 @@ async function readServiceTokenAuthState( provider: null, user: null, workspace: null, + credential: null, }; } - return buildAuthState({ workspaceIdFromCredential: workspaceId, claims, env }); + return buildAuthState({ + workspaceIdFromCredential: workspaceId, + claims, + env, + client, + }); } async function buildAuthState({ workspaceIdFromCredential, claims, env, + client, }: { workspaceIdFromCredential: string; claims: Record; env: NodeJS.ProcessEnv; + client?: ManagementApiClient | null; }): Promise { let workspaceId = workspaceIdFromCredential; let workspaceName = workspaceIdFromCredential; - const client = await requireComputeAuth(env); + client ??= await requireComputeAuth(env); if (client) { try { @@ -111,7 +145,7 @@ async function buildAuthState({ }); // A 401 from the workspace lookup means the credential the caller // presented is fundamentally invalid (revoked, wrong signing key, - // expired) — surface signed-out state instead of returning a + // expired) - surface signed-out state instead of returning a // workspace shape that makes a broken token look fine. Other // statuses (404/5xx/network) keep the silent fallback so transient // lookup failures do not turn `auth whoami` into a hard error. @@ -121,6 +155,7 @@ async function buildAuthState({ provider: null, user: null, workspace: null, + credential: null, }; } if (data?.data?.id) { @@ -131,7 +166,7 @@ async function buildAuthState({ workspaceName = data.data.name; } } catch { - // fall through — use workspaceId as name + // fall through - use workspaceId as name } } @@ -144,7 +179,66 @@ async function buildAuthState({ id: workspaceId, name: workspaceName, }, + credential: null, + }; +} + +type CurrentPrincipalResponse = { + data?: { + user: (AuthUser & { id: string; name: string | null }) | null; + workspace: AuthWorkspace | null; + credential: AuthCredential; }; +}; + +type CurrentPrincipalClient = ManagementApiClient & { + GET( + path: "/v1/me", + ): Promise<{ + data?: CurrentPrincipalResponse; + error?: unknown; + response?: { status: number }; + }>; +}; + +async function readCurrentPrincipalAuthState( + client: ManagementApiClient | null, +): Promise { + if (!client) return null; + + try { + const { data, response } = await (client as CurrentPrincipalClient).GET("/v1/me"); + + if (response?.status === 401) { + return { + authenticated: false, + provider: null, + user: null, + workspace: null, + credential: null, + }; + } + + const principal = data?.data; + if (!principal) return null; + if (!principal.credential) return null; + + return { + authenticated: true, + provider: null, + user: principal.user + ? { + id: principal.user.id, + email: principal.user.email, + name: principal.user.name, + } + : null, + workspace: principal.workspace, + credential: principal.credential, + }; + } catch { + return null; + } } export async function performLogout(env: NodeJS.ProcessEnv): Promise { diff --git a/packages/cli/src/presenters/auth.ts b/packages/cli/src/presenters/auth.ts index 8045fcc..f3a1676 100644 --- a/packages/cli/src/presenters/auth.ts +++ b/packages/cli/src/presenters/auth.ts @@ -18,6 +18,11 @@ export function renderAuthSuccess( if (result.user) { rows.push({ key: "user", value: result.user.email }); + } else { + const credentialLabel = credentialUserLabel(result); + if (credentialLabel) { + rows.push({ key: "user", value: credentialLabel }); + } } if (result.workspace?.name) { @@ -58,9 +63,19 @@ export function renderAuthSuccess( fields: result.authenticated ? [ { key: "status", value: "signed in", tone: "success" as const }, - ...(result.user ? [{ key: "user", value: result.user.email }] : []), - ...(result.provider ? [{ key: "provider", value: providerLabel(result.provider) }] : []), - ...(result.workspace?.name ? [{ key: "workspace", value: result.workspace.name }] : []), + ...(() => { + if (result.user) { + return [{ key: "user", value: result.user.email }]; + } + const credentialLabel = credentialUserLabel(result); + return credentialLabel ? [{ key: "user", value: credentialLabel }] : []; + })(), + ...(result.provider + ? [{ key: "provider", value: providerLabel(result.provider) }] + : []), + ...(result.workspace?.name + ? [{ key: "workspace", value: result.workspace.name }] + : []), ] : [{ key: "status", value: "signed out", tone: "dim" as const }], }, @@ -79,3 +94,19 @@ function providerLabel(provider: AuthProviderId | null): string { return ""; } + +function credentialUserLabel(result: AuthStateResult): string | null { + if (result.credential?.type === "service_token") { + return result.credential.name + ? `` + : ""; + } + + if (result.credential?.type === "management_token") { + return result.credential.name + ? `` + : ""; + } + + return null; +} diff --git a/packages/cli/src/types/auth.ts b/packages/cli/src/types/auth.ts index 72472b8..fe1e86e 100644 --- a/packages/cli/src/types/auth.ts +++ b/packages/cli/src/types/auth.ts @@ -1,7 +1,9 @@ export type AuthProviderId = "github" | "google"; export interface AuthUser { + id?: string; email: string; + name?: string | null; } export interface AuthWorkspace { @@ -9,9 +11,16 @@ export interface AuthWorkspace { name: string; } +export interface AuthCredential { + type: "oauth" | "service_token" | "management_token"; + id: string | null; + name: string | null; +} + export interface AuthStateResult { authenticated: boolean; provider: AuthProviderId | null; user: AuthUser | null; workspace: AuthWorkspace | null; + credential?: AuthCredential | null; } diff --git a/packages/cli/src/use-cases/auth.ts b/packages/cli/src/use-cases/auth.ts index e88d075..0b2b091 100644 --- a/packages/cli/src/use-cases/auth.ts +++ b/packages/cli/src/use-cases/auth.ts @@ -97,6 +97,7 @@ async function resolveCurrentAuthState(dependencies: AuthUseCaseDependencies): P provider: null, user: null, workspace: null, + credential: null, }; } @@ -110,6 +111,7 @@ async function resolveCurrentAuthState(dependencies: AuthUseCaseDependencies): P provider: null, user: null, workspace: null, + credential: null, }; } @@ -117,8 +119,15 @@ async function resolveCurrentAuthState(dependencies: AuthUseCaseDependencies): P authenticated: true, provider: provider.id, user: { + id: user.id, email: user.email, + name: user.name, }, workspace, + credential: { + type: "oauth", + id: null, + name: null, + }, }; } diff --git a/packages/cli/tests/auth-ops.test.ts b/packages/cli/tests/auth-ops.test.ts index 83a5820..52db3a4 100644 --- a/packages/cli/tests/auth-ops.test.ts +++ b/packages/cli/tests/auth-ops.test.ts @@ -13,6 +13,72 @@ function encodeJwt(claims: Record): string { } describe("readAuthState", () => { + it("resolves the current OAuth principal from /v1/me when available", async () => { + const getTokens = vi.fn().mockResolvedValue({ + workspaceId: "cmmxlp7ae1251zyfs8mdpnavm", + accessToken: encodeJwt({ sub: "user:usr_123" }), + refreshToken: "refresh-token", + }); + const requireComputeAuth = vi.fn().mockResolvedValue({ + GET: vi.fn().mockImplementation((pathName: string) => { + if (pathName === "/v1/me") { + return { + data: { + data: { + user: { + id: "usr_123", + email: "luan@example.com", + name: "Luan", + }, + workspace: { + id: "wksp_cmmxlp7ae1251zyfs8mdpnavm", + name: "Sandpit", + }, + credential: { + type: "oauth", + id: null, + name: null, + }, + }, + }, + }; + } + + throw new Error(`Unexpected path ${pathName}`); + }), + }); + + vi.doMock("../src/adapters/token-storage", () => ({ + FileTokenStorage: vi.fn().mockImplementation(() => ({ + getTokens, + })), + })); + vi.doMock("../src/lib/auth/guard", () => ({ + requireComputeAuth, + })); + + const { readAuthState } = await import("../src/lib/auth/auth-ops"); + + await expect(readAuthState({} as NodeJS.ProcessEnv)).resolves.toEqual({ + authenticated: true, + provider: null, + user: { + id: "usr_123", + email: "luan@example.com", + name: "Luan", + }, + workspace: { + id: "wksp_cmmxlp7ae1251zyfs8mdpnavm", + name: "Sandpit", + }, + credential: { + type: "oauth", + id: null, + name: null, + }, + }); + }); + it("normalizes the workspace id to the canonical API id and returns the user email", async () => { const getTokens = vi.fn().mockResolvedValue({ workspaceId: "cmmxlp7ae1251zyfs8mdpnavm", @@ -58,6 +124,7 @@ describe("readAuthState", () => { id: "wksp_cmmxlp7ae1251zyfs8mdpnavm", name: "Sandpit", }, + credential: null, }); }); @@ -139,6 +206,25 @@ describe("readAuthState", () => { const getTokens = vi.fn(); const requireComputeAuth = vi.fn().mockResolvedValue({ GET: vi.fn().mockImplementation((pathName: string, request?: { params?: { path?: { id?: string } } }) => { + if (pathName === "/v1/me") { + return { + data: { + data: { + user: null, + workspace: { + id: "wksp_clitq5hfg0000qv0gtg9nv9fy", + name: "Prisma Platform", + }, + credential: { + type: "service_token", + id: "itgr_ci", + name: "ci-deploys-prod", + }, + }, + }, + }; + } + if (pathName === "/v1/workspaces/{id}" && request?.params?.path?.id === "clitq5hfg0000qv0gtg9nv9fy") { return { data: { @@ -171,11 +257,16 @@ describe("readAuthState", () => { ).resolves.toEqual({ authenticated: true, provider: null, - user: { email: "service@example.com" }, + user: null, workspace: { id: "wksp_clitq5hfg0000qv0gtg9nv9fy", name: "Prisma Platform", }, + credential: { + type: "service_token", + id: "itgr_ci", + name: "ci-deploys-prod", + }, }); expect(getTokens).not.toHaveBeenCalled(); @@ -246,6 +337,7 @@ describe("readAuthState", () => { provider: null, user: null, workspace: null, + credential: null, }); }); @@ -282,6 +374,7 @@ describe("readAuthState", () => { id: "clitq5hfg0000qv0gtg9nv9fy", name: "clitq5hfg0000qv0gtg9nv9fy", }, + credential: null, }); }); @@ -310,6 +403,7 @@ describe("readAuthState", () => { id: "clitq5hfg0000qv0gtg9nv9fy", name: "clitq5hfg0000qv0gtg9nv9fy", }, + credential: null, }); }); @@ -332,6 +426,7 @@ describe("readAuthState", () => { provider: null, user: null, workspace: null, + credential: null, }); expect(getTokens).not.toHaveBeenCalled(); }); diff --git a/packages/cli/tests/auth-real-mode.test.ts b/packages/cli/tests/auth-real-mode.test.ts index e651c32..aa193e8 100644 --- a/packages/cli/tests/auth-real-mode.test.ts +++ b/packages/cli/tests/auth-real-mode.test.ts @@ -120,6 +120,66 @@ describe("real auth mode", () => { ); }); + it("returns service-token identity in real auth JSON output", async () => { + const readAuthState = vi.fn().mockResolvedValue({ + authenticated: true, + provider: null, + user: null, + workspace: { + id: "wksp_real", + name: "Real Workspace", + }, + credential: { + type: "service_token", + id: "itgr_ci", + name: "ci-deploys-prod", + }, + }); + + vi.doMock("../src/lib/auth/auth-ops", () => ({ + performLogin: vi.fn(), + readAuthState, + performLogout: vi.fn(), + })); + + const { createTempCwd, executeCli } = await import("./helpers"); + const cwd = await createTempCwd(); + const stateDir = path.join(cwd, ".state"); + + const result = await executeCli({ + argv: ["auth", "whoami", "--json"], + cwd, + stateDir, + env: { + ...process.env, + PRISMA_CLI_MOCK_FIXTURE_PATH: undefined, + }, + }); + + expect(result.exitCode).toBe(0); + expect(result.stderr).toBe(""); + expect(JSON.parse(result.stdout)).toEqual({ + ok: true, + command: "auth.whoami", + result: { + authenticated: true, + provider: null, + user: null, + workspace: { + id: "wksp_real", + name: "Real Workspace", + }, + credential: { + type: "service_token", + id: "itgr_ci", + name: "ci-deploys-prod", + }, + }, + warnings: [], + nextSteps: [], + }); + }); + it("omits empty provider and workspace rows in auth output", async () => { const { createTempCwd, createTestCommandContext } = await import("./helpers"); const cwd = await createTempCwd(); @@ -182,4 +242,41 @@ describe("real auth mode", () => { expect(plain).not.toContain("user:"); expect(plain).not.toContain("<>"); }); + + it("shows service-token identity when no human user is present", async () => { + const { createTempCwd, createTestCommandContext } = await import("./helpers"); + const cwd = await createTempCwd(); + const stateDir = path.join(cwd, ".state"); + const { context } = await createTestCommandContext({ + cwd, + stateDir, + fixturePath, + }); + + const output = renderAuthSuccess( + context, + getCommandDescriptor("auth.whoami"), + "auth.whoami", + { + authenticated: true, + provider: null, + user: null, + workspace: { + id: "wksp_real", + name: "Real Workspace", + }, + credential: { + type: "service_token", + id: "itgr_ci", + name: "ci-deploys-prod", + }, + }, + ).join(""); + + const plain = stripAnsi(output); + + expect(plain).toContain("status: signed in"); + expect(plain).toContain("user: "); + expect(plain).toContain("workspace: Real Workspace"); + }); }); diff --git a/packages/cli/tests/auth-usecases.test.ts b/packages/cli/tests/auth-usecases.test.ts index a7f30d9..6577da7 100644 --- a/packages/cli/tests/auth-usecases.test.ts +++ b/packages/cli/tests/auth-usecases.test.ts @@ -13,6 +13,7 @@ describe("auth use cases", () => { provider: null, user: null, workspace: null, + credential: null, }); }); @@ -30,12 +31,19 @@ describe("auth use cases", () => { authenticated: true, provider: "github", user: { + id: "usr_456", email: "bob@example.com", + name: "Bob Example", }, workspace: { id: "ws_123", name: "Acme Inc", }, + credential: { + type: "oauth", + id: null, + name: null, + }, }); expect(readState().authSession).toEqual({ @@ -60,6 +68,7 @@ describe("auth use cases", () => { provider: null, user: null, workspace: null, + credential: null, }); expect(readState().authSession).toBeNull(); diff --git a/packages/cli/tests/auth.test.ts b/packages/cli/tests/auth.test.ts index f6dcb60..563719f 100644 --- a/packages/cli/tests/auth.test.ts +++ b/packages/cli/tests/auth.test.ts @@ -70,12 +70,19 @@ describe("auth commands", () => { authenticated: true, provider: "github", user: { + id: "usr_456", email: "bob@example.com", + name: "Bob Example", }, workspace: { id: "ws_123", name: "Acme Inc", }, + credential: { + type: "oauth", + id: null, + name: null, + }, }, warnings: [], nextSteps: [], From 305db4e7da32ea33810bb4916ef7e108a1d766ae Mon Sep 17 00:00:00 2001 From: Luan van der Westhuizen Date: Wed, 27 May 2026 12:04:21 +0200 Subject: [PATCH 2/3] Tighten auth identity result contract --- packages/cli/src/presenters/auth.ts | 27 ++++++++++----------- packages/cli/src/types/auth.ts | 2 +- packages/cli/tests/auth-real-mode.test.ts | 2 ++ packages/cli/tests/project-usecases.test.ts | 1 + 4 files changed, 17 insertions(+), 15 deletions(-) diff --git a/packages/cli/src/presenters/auth.ts b/packages/cli/src/presenters/auth.ts index f3a1676..d6b45b3 100644 --- a/packages/cli/src/presenters/auth.ts +++ b/packages/cli/src/presenters/auth.ts @@ -16,13 +16,9 @@ export function renderAuthSuccess( rows.push({ key: "provider", value: providerLabel(result.provider) }); } - if (result.user) { - rows.push({ key: "user", value: result.user.email }); - } else { - const credentialLabel = credentialUserLabel(result); - if (credentialLabel) { - rows.push({ key: "user", value: credentialLabel }); - } + const userLabel = authUserLabel(result); + if (userLabel) { + rows.push({ key: "user", value: userLabel }); } if (result.workspace?.name) { @@ -63,13 +59,7 @@ export function renderAuthSuccess( fields: result.authenticated ? [ { key: "status", value: "signed in", tone: "success" as const }, - ...(() => { - if (result.user) { - return [{ key: "user", value: result.user.email }]; - } - const credentialLabel = credentialUserLabel(result); - return credentialLabel ? [{ key: "user", value: credentialLabel }] : []; - })(), + ...authUserRows(result), ...(result.provider ? [{ key: "provider", value: providerLabel(result.provider) }] : []), @@ -95,6 +85,15 @@ function providerLabel(provider: AuthProviderId | null): string { return ""; } +function authUserLabel(result: AuthStateResult): string | null { + return result.user?.email ?? credentialUserLabel(result); +} + +function authUserRows(result: AuthStateResult): Parameters[0]["fields"] { + const userLabel = authUserLabel(result); + return userLabel ? [{ key: "user", value: userLabel }] : []; +} + function credentialUserLabel(result: AuthStateResult): string | null { if (result.credential?.type === "service_token") { return result.credential.name diff --git a/packages/cli/src/types/auth.ts b/packages/cli/src/types/auth.ts index fe1e86e..ac64227 100644 --- a/packages/cli/src/types/auth.ts +++ b/packages/cli/src/types/auth.ts @@ -22,5 +22,5 @@ export interface AuthStateResult { provider: AuthProviderId | null; user: AuthUser | null; workspace: AuthWorkspace | null; - credential?: AuthCredential | null; + credential: AuthCredential | null; } diff --git a/packages/cli/tests/auth-real-mode.test.ts b/packages/cli/tests/auth-real-mode.test.ts index aa193e8..e48359f 100644 --- a/packages/cli/tests/auth-real-mode.test.ts +++ b/packages/cli/tests/auth-real-mode.test.ts @@ -201,6 +201,7 @@ describe("real auth mode", () => { email: "real@example.com", }, workspace: null, + credential: null, }, ).join(""); @@ -233,6 +234,7 @@ describe("real auth mode", () => { id: "ws_real", name: "Real Workspace", }, + credential: null, }, ).join(""); diff --git a/packages/cli/tests/project-usecases.test.ts b/packages/cli/tests/project-usecases.test.ts index dd5d306..9cb09c8 100644 --- a/packages/cli/tests/project-usecases.test.ts +++ b/packages/cli/tests/project-usecases.test.ts @@ -19,6 +19,7 @@ describe("project use cases", () => { id: "ws_123", name: "Acme Inc", }, + credential: null, }), ).resolves.toEqual({ workspace: { From 1725f7f89117b63b8397bae4f7a46df2b3d3d9f3 Mon Sep 17 00:00:00 2001 From: Luan van der Westhuizen Date: Thu, 28 May 2026 10:03:50 +0200 Subject: [PATCH 3/3] Use generated current principal SDK types --- packages/cli/package.json | 2 +- packages/cli/src/lib/auth/auth-ops.ts | 27 ++------------------------- pnpm-lock.yaml | 16 ++++++++-------- 3 files changed, 11 insertions(+), 34 deletions(-) diff --git a/packages/cli/package.json b/packages/cli/package.json index b4afdf0..4ece9a4 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -44,7 +44,7 @@ "@prisma/compute-sdk": "^0.19.0", "c12": "4.0.0-beta.4", "@prisma/credentials-store": "^7.7.0", - "@prisma/management-api-sdk": "^1.33.0", + "@prisma/management-api-sdk": "^1.34.0", "colorette": "^2.0.20", "commander": "^12.1.0", "magicast": "^0.3.5", diff --git a/packages/cli/src/lib/auth/auth-ops.ts b/packages/cli/src/lib/auth/auth-ops.ts index 79ef374..c45178d 100644 --- a/packages/cli/src/lib/auth/auth-ops.ts +++ b/packages/cli/src/lib/auth/auth-ops.ts @@ -1,11 +1,6 @@ import type { ManagementApiClient } from "@prisma/management-api-sdk"; import { FileTokenStorage } from "../../adapters/token-storage"; -import type { - AuthCredential, - AuthStateResult, - AuthUser, - AuthWorkspace, -} from "../../types/auth"; +import type { AuthStateResult } from "../../types/auth"; import { SERVICE_TOKEN_ENV_VAR } from "./client"; import { requireComputeAuth } from "./guard"; import { login } from "./login"; @@ -183,31 +178,13 @@ async function buildAuthState({ }; } -type CurrentPrincipalResponse = { - data?: { - user: (AuthUser & { id: string; name: string | null }) | null; - workspace: AuthWorkspace | null; - credential: AuthCredential; - }; -}; - -type CurrentPrincipalClient = ManagementApiClient & { - GET( - path: "/v1/me", - ): Promise<{ - data?: CurrentPrincipalResponse; - error?: unknown; - response?: { status: number }; - }>; -}; - async function readCurrentPrincipalAuthState( client: ManagementApiClient | null, ): Promise { if (!client) return null; try { - const { data, response } = await (client as CurrentPrincipalClient).GET("/v1/me"); + const { data, response } = await client.GET("/v1/me"); if (response?.status === 401) { return { diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 465cde4..655fd1e 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -19,13 +19,13 @@ importers: version: 1.2.0 '@prisma/compute-sdk': specifier: ^0.19.0 - version: 0.19.0(@prisma/management-api-sdk@1.33.0) + version: 0.19.0(@prisma/management-api-sdk@1.34.0) '@prisma/credentials-store': specifier: ^7.7.0 version: 7.7.0 '@prisma/management-api-sdk': - specifier: ^1.33.0 - version: 1.33.0 + specifier: ^1.34.0 + version: 1.34.0 c12: specifier: 4.0.0-beta.4 version: 4.0.0-beta.4(jiti@2.6.1)(magicast@0.3.5) @@ -292,8 +292,8 @@ packages: '@prisma/credentials-store@7.7.0': resolution: {integrity: sha512-SVaMCL1Q8rFPKQB5W9B7HDuRdD/KyBfKjCgZfnlN+sqrAXIrUGU/m/whcRgkuvygB5GFPAeeZ/4QgvvH0vPSWg==} - '@prisma/management-api-sdk@1.33.0': - resolution: {integrity: sha512-o6AEjRti1hjh1FXM7/PsndUS149FnzIYO9wLMr7QBt9ZdgPQDoxKDrUb9IV4N/rl/rTu5NsqMVwrb/UtuPkcnA==} + '@prisma/management-api-sdk@1.34.0': + resolution: {integrity: sha512-l0UE58T/6rS9/tIe7Qv/ffQr3XUeUMGZwPhVig8VIoMKvidhtg8/UO84emUqAzQBQDG52GQP+VRtv3xFchrnjw==} '@quansync/fs@1.0.0': resolution: {integrity: sha512-4TJ3DFtlf1L5LDMaM6CanJ/0lckGNtJcMjQ1NAV6zDmA0tEHKZtxNKin8EgPaVX1YzljbxckyT2tJrpQKAtngQ==} @@ -1312,9 +1312,9 @@ snapshots: '@oxc-project/types@0.124.0': {} - '@prisma/compute-sdk@0.19.0(@prisma/management-api-sdk@1.33.0)': + '@prisma/compute-sdk@0.19.0(@prisma/management-api-sdk@1.34.0)': dependencies: - '@prisma/management-api-sdk': 1.33.0 + '@prisma/management-api-sdk': 1.34.0 better-result: 2.8.2 tar-stream: 3.1.8 tiny-invariant: 1.3.3 @@ -1330,7 +1330,7 @@ snapshots: dependencies: xdg-app-paths: 8.3.0 - '@prisma/management-api-sdk@1.33.0': + '@prisma/management-api-sdk@1.34.0': dependencies: openapi-fetch: 0.14.0