// Dragonflight API client — v2.1.4 // UXP fetch() notes: // • redirect:'manual' is NOT a supported option — UXP auto-follows redirects // • Authorization is stripped by UXP on cross-origin redirects (security fix) // • For same-origin API calls: add Bearer header // • For off-origin URLs (S3 presigned): do NOT add Bearer (function () { const API = {}; const LS_URL = 'df.uxp.serverUrl'; const LS_TOKEN = 'df.uxp.apiToken'; API.state = { serverUrl: localStorage.getItem(LS_URL) || '', apiToken: localStorage.getItem(LS_TOKEN) || '', connected: false, }; API.save = function () { localStorage.setItem(LS_URL, API.state.serverUrl); localStorage.setItem(LS_TOKEN, API.state.apiToken); }; API.clear = function () { API.state.serverUrl = ''; API.state.apiToken = ''; API.state.connected = false; localStorage.removeItem(LS_URL); localStorage.removeItem(LS_TOKEN); }; function trimUrl(u) { return String(u || '').replace(/\/+$/, ''); } // Core request — adds Bearer only for same-server URLs. // No redirect option — UXP handles redirects automatically. API.request = async function (urlOrPath, opts) { opts = opts || {}; const isAbs = /^https?:\/\//i.test(urlOrPath); const base = trimUrl(API.state.serverUrl); const url = isAbs ? urlOrPath : (base + urlOrPath); const headers = Object.assign({}, opts.headers || {}); if (!isAbs || url.startsWith(base)) { if (API.state.apiToken) headers['Authorization'] = 'Bearer ' + API.state.apiToken; } return fetch(url, Object.assign({}, opts, { headers })); }; // Fetch an off-origin URL (e.g. presigned S3) — no auth header. API.requestExternal = async function (url) { return fetch(url); }; API.json = async function (pathOrUrl, opts) { const r = await API.request(pathOrUrl, opts); if (!r.ok) { const text = await r.text().catch(() => ''); throw new Error('HTTP ' + r.status + (text ? ' — ' + text.slice(0, 200) : '')); } return r.json(); }; // ── Auth ───────────────────────────────────────────────────────── API.connect = async function (serverUrl, apiToken) { API.state.serverUrl = trimUrl(serverUrl); API.state.apiToken = String(apiToken || '').trim(); if (!API.state.serverUrl || !API.state.apiToken) { throw new Error('Server URL and API token required'); } const me = await API.json('/api/v1/auth/me'); API.state.connected = true; API.save(); return me; }; API.disconnect = function () { API.clear(); }; // ── Assets ─────────────────────────────────────────────────────── API.listAssets = async function (query, projectId) { const p = new URLSearchParams({ limit: '60' }); if (query) p.set('q', query); if (projectId && projectId !== 'all') p.set('project_id', projectId); return API.json('/api/v1/assets?' + p.toString()); }; API.getAsset = async function (assetId) { return API.json('/api/v1/assets/' + assetId); }; // /stream → { url, type, source } (same-origin proxy video URL) API.getProxyUrl = async function (assetId) { const data = await API.json('/api/v1/assets/' + assetId + '/stream'); if (!data || !data.url) throw new Error('Asset has no proxy'); const u = data.url; const abs = /^https?:\/\//i.test(u) ? u : trimUrl(API.state.serverUrl) + u; return { url: abs, source: data.source || 'proxy' }; }; // /hires → { url, filename, ext, file_size, type } (presigned S3 URL) API.getHiresInfo = async function (assetId) { const data = await API.json('/api/v1/assets/' + assetId + '/hires'); if (!data || !data.url) throw new Error('Asset has no hi-res source'); return data; }; // /live-path → { win_path, posix_path, display_name } API.getLivePath = async function (assetId) { return API.json('/api/v1/assets/' + assetId + '/live-path'); }; // ── Projects ───────────────────────────────────────────────────── API.listProjects = async function () { const data = await API.json('/api/v1/projects'); return Array.isArray(data) ? data : []; }; // ── Sequences ──────────────────────────────────────────────────── API.listSequences = async function (projectId) { const p = new URLSearchParams(); if (projectId) p.set('project_id', projectId); const data = await API.json('/api/v1/sequences?' + p.toString()); return Array.isArray(data) ? data : []; }; API.createSequence = async function (projectId, name, frameRate, width, height) { return API.json('/api/v1/sequences', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ project_id: projectId, name, frame_rate: frameRate, width, height }), }); }; API.updateSequence = async function (seqId, fields) { return API.json('/api/v1/sequences/' + seqId, { method: 'PUT', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(fields), }); }; API.pushClips = async function (seqId, clips) { const r = await API.request('/api/v1/sequences/' + seqId + '/clips', { method: 'PUT', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(clips), }); if (!r.ok) throw new Error('Clip push HTTP ' + r.status); return r.json(); }; API.startConform = async function (seqId, opts) { return API.json('/api/v1/sequences/' + seqId + '/conform', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(opts), }); }; API.getJob = async function (jobId) { return API.json('/api/v1/jobs/' + jobId); }; API.batchTrim = async function (clips) { return API.json('/api/v1/assets/batch-trim', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ clips }), }); }; window.API = API; })();