UNPKG

@salesforce/agents

Version:

Client side APIs for working with Salesforce agents

125 lines (124 loc) 4.84 kB
import { Connection } from '@salesforce/core'; /** * Result of JWT validation */ export type JwtValidationResult = { isValid: boolean; hasRequiredFields: boolean; missingFields: string[]; expiresAt?: Date; issuedAt?: Date; isExpired: boolean; subject?: string; issuer?: string; appId?: string; scopes?: string[]; }; /** * Manages JWT and standard connections for agent operations. * * This class provides: * - Automatic JWT creation and validation * - Separation of JWT connection (for SFAP) and standard connection (for org operations) * - Guard installation to prevent JWT token clobbering * - JWT validation utilities for debugging * * @example * ```typescript * const manager = await ConnectionManager.create(connection); * * // Get JWT connection for SFAP calls * const jwtConn = manager.getJwtConnection(); * await jwtConn.request({ method: 'POST', url: '/authoring/scripts', ... }); * * // Get standard connection for org queries * const standardConn = manager.getStandardConnection(); * await standardConn.query('SELECT Id FROM User LIMIT 1'); * ``` */ export declare class ConnectionManager { private jwtConnection; private standardConnection; /** * Private constructor. Use ConnectionManager.create() instead. */ private constructor(); /** * Creates a new ConnectionManager instance. * * Builds two separate Connection objects derived from the username on the supplied * connection: a standard connection for org-instance operations (SOQL, tooling, * metadata) and a JWT-upgraded connection for SFAP API calls. The supplied * connection is read-only — it is never mutated. * * @param connection - The connection whose username is used to derive the new connections * @returns A new ConnectionManager instance * @throws {SfError} If JWT creation or validation fails, or if the connection has no username */ static create(connection: Connection): Promise<ConnectionManager>; /** * Creates a fresh Connection from a username. Used for both the standard and JWT * connections so the caller's original Connection object is never mutated. */ private static createConnectionFromUsername; /** * Upgrades a connection to a JWT connection for SFAP operations and validates the result. * The connection passed in is mutated (its accessToken is replaced with the JWT) — callers * must pass a fresh, isolated Connection rather than a connection they care about. */ private static createAndValidateJwtConnection; /** * Validates that a token is a proper org JWT with required fields. * * @param token - The JWT token to validate * @returns Validation result with diagnostic information */ private static validateJwt; /** * Gets the standard (non-JWT) connection for org-instance operations. * Use this for SOQL queries, metadata operations, tooling API, etc. * * @returns The standard connection */ getStandardConnection(): Connection; /** * Gets the JWT connection for SFAP API calls. * Use this for all requests to api.salesforce.com/einstein/ai-agent endpoints. * * @returns The JWT connection */ getJwtConnection(): Connection; /** * Inspects the current JWT and provides diagnostic information. * Useful for debugging and troubleshooting JWT-related issues. * * @returns JWT validation result with detailed diagnostic information */ inspectJwt(): JwtValidationResult; /** * Refreshes the standard connection by clearing the access token and requesting a new one. * This is useful after agent operations to ensure subsequent org operations work correctly. * * @throws {SfError} If the refresh fails */ refreshStandardConnection(): Promise<void>; } /** * Returns the ConnectionManager associated with the supplied Connection, creating one on * the first call. Subsequent calls with the same Connection return the cached manager. * * Different Connection objects — even for the same username — get distinct managers, * which is the desired behavior: the caller's connection identity is the unit of trust. * * @param connection The caller-supplied Connection used as the cache key * @returns A promise resolving to the manager for this connection */ export declare const managerFor: (connection: Connection) => Promise<ConnectionManager>; /** * Test-only helper: pre-populate the cache so tests can substitute a fake manager * without exercising the real JWT bootstrap. Callers in production code should use * managerFor() instead. * * @internal */ export declare const setManagerForTesting: (connection: Connection, manager: ConnectionManager) => void;