@01.software/sdk 0.17.0 → 0.19.0

package/dist/index.js

@@ -418,7 +418,7 @@ async function parseErrorBody(response) {
   };
   try {
     const body = await response.json();
-    const reason = typeof body.reason === "string" ? body.reason : void 0;
+    const reason = typeof body.reason === "string" ? body.reason : typeof body.code === "string" ? body.code : void 0;
     if (body.errors && Array.isArray(body.errors)) {
       const fieldErrors = [];
       for (const e of body.errors) {
@@ -441,6 +441,7 @@ async function parseErrorBody(response) {
           errorMessage: `HTTP ${response.status}: ${details}`,
           userMessage: details,
           reason,
+          body,
           errors: fieldErrors.length > 0 ? fieldErrors : body.errors
         };
       }
@@ -449,17 +450,19 @@ async function parseErrorBody(response) {
       return {
         errorMessage: `HTTP ${response.status}: ${body.error}`,
         userMessage: body.error,
-        reason
+        reason,
+        body
       };
     }
     if (body.message) {
       return {
         errorMessage: `HTTP ${response.status}: ${body.message}`,
         userMessage: body.message,
-        reason
+        reason,
+        body
       };
     }
-    return { ...fallback, reason };
+    return { ...fallback, reason, body };
   } catch {
     return fallback;
   }
@@ -476,7 +479,6 @@ async function httpFetch(url, options) {
     publishableKey,
     secretKey,
     customerToken,
-    tenantId,
     timeout = DEFAULT_TIMEOUT,
     debug,
     retry,
@@ -506,9 +508,6 @@ async function httpFetch(url, options) {
       if (authToken) {
         headers.set("Authorization", `Bearer ${authToken}`);
       }
-      if (tenantId) {
-        headers.set("X-Tenant-Id", tenantId);
-      }
       if (!headers.has("Content-Type") && requestInit.body && !(requestInit.body instanceof FormData)) {
         headers.set("Content-Type", "application/json");
       }
@@ -675,10 +674,9 @@ async function httpFetch(url, options) {
 
 // src/core/collection/http-client.ts
 var HttpClient = class {
-  constructor(publishableKey, secretKey, getCustomerToken, onUnauthorized, onRequestId, tenantId) {
+  constructor(publishableKey, secretKey, getCustomerToken, onUnauthorized, onRequestId) {
     this.publishableKey = publishableKey;
     this.secretKey = secretKey;
-    this.tenantId = tenantId;
     this.getCustomerToken = getCustomerToken;
     this.onUnauthorized = onUnauthorized;
     this.onRequestId = onRequestId;
@@ -688,9 +686,6 @@ var HttpClient = class {
       publishableKey: this.publishableKey,
       secretKey: this.secretKey
     };
-    if (this.secretKey?.startsWith("pat01_") && this.tenantId) {
-      opts.tenantId = this.tenantId;
-    }
     const token = this.getCustomerToken?.();
     if (token) {
       opts.customerToken = token;
@@ -966,8 +961,6 @@ var INTERNAL_COLLECTIONS = [
   "track-assets",
   "audiences",
   "email-logs",
-  "tenant-auth-settings",
-  "tenant-community-settings",
   "api-usage",
   "tenant-analytics-daily",
   "analytics-event-schemas",
@@ -981,7 +974,8 @@ var INTERNAL_COLLECTIONS = [
   "webhook-deliveries",
   "audit-logs",
   "plans",
-  "webhooks"
+  "webhooks",
+  "event-registrations"
 ];
 var COLLECTIONS = [
   "tenants",
@@ -1015,10 +1009,10 @@ var COLLECTIONS = [
   "documents",
   "document-categories",
   "document-types",
-  "posts",
-  "post-authors",
-  "post-categories",
-  "post-tags",
+  "articles",
+  "article-authors",
+  "article-categories",
+  "article-tags",
   "playlists",
   "playlist-categories",
   "playlist-tags",
@@ -1047,14 +1041,19 @@ var COLLECTIONS = [
   "forms",
   "form-submissions",
   // Community
-  "threads",
+  "posts",
   "comments",
   "reactions",
   "reaction-types",
   "bookmarks",
-  "thread-categories",
+  "post-categories",
   "reports",
-  "community-bans"
+  "community-bans",
+  // Events
+  "event-calendars",
+  "events",
+  "event-occurrences",
+  "event-tags"
 ];
 
 // src/core/api/parse-response.ts
@@ -1108,7 +1107,6 @@ var CommunityClient = class {
   constructor(options) {
     this.publishableKey = options.publishableKey ?? "";
     this.secretKey = options.secretKey;
-    this.tenantId = options.tenantId;
     this.customerToken = options.customerToken;
     this.onUnauthorized = options.onUnauthorized;
     this.onRequestId = options.onRequestId;
@@ -1120,13 +1118,11 @@ var CommunityClient = class {
   }
   async execute(endpoint, method, body) {
     const token = typeof this.customerToken === "function" ? this.customerToken() : this.customerToken;
-    const tenantId = this.secretKey?.startsWith("pat01_") && this.tenantId ? this.tenantId : void 0;
     try {
       const response = await httpFetch(endpoint, {
         method,
         publishableKey: this.publishableKey,
         secretKey: this.secretKey,
-        tenantId,
         customerToken: token ?? void 0,
         ...token && this.onUnauthorized && { onUnauthorized: this.onUnauthorized },
         ...body !== void 0 && { body: JSON.stringify(body) }
@@ -1139,49 +1135,48 @@ var CommunityClient = class {
       throw err;
     }
   }
-  // Threads
-  createThread(params) {
-    return this.execute("/api/threads", "POST", params);
+  createPost(params) {
+    return this.execute("/api/posts", "POST", params);
   }
-  getMyThreads(params) {
+  getMyPosts(params) {
     return this.execute(
-      `/api/threads/my${this.buildQuery(params)}`,
+      `/api/posts/my${this.buildQuery(params)}`,
       "GET"
     );
   }
   getTrending(params) {
     return this.execute(
-      `/api/threads/trending${this.buildQuery(params)}`,
+      `/api/posts/trending${this.buildQuery(params)}`,
       "GET"
     );
   }
   incrementView(params) {
     return this.execute(
-      `/api/threads/${params.threadId}/view`,
+      `/api/posts/${params.postId}/view`,
       "POST"
     );
   }
-  reportThread(params) {
-    const { threadId, ...body } = params;
+  reportPost(params) {
+    const { postId, ...body } = params;
     return this.execute(
-      `/api/threads/${threadId}/report`,
+      `/api/posts/${postId}/report`,
       "POST",
       body
     );
   }
   // Comments
   createComment(params) {
-    const { threadId, parentId, body: commentBody } = params;
-    const body = { thread: threadId, body: commentBody };
+    const { postId, parentId, body: commentBody } = params;
+    const body = { post: postId, body: commentBody };
     if (parentId !== void 0) {
       body.parent = parentId;
     }
     return this.execute("/api/comments", "POST", body);
   }
   listComments(params) {
-    const { threadId, page, limit, rootComment } = params;
+    const { postId, page, limit, rootComment } = params;
     const urlParams = new URLSearchParams();
-    urlParams.set("where[thread][equals]", threadId);
+    urlParams.set("where[post][equals]", postId);
     urlParams.set("sort", "-createdAt");
     if (limit !== void 0) urlParams.set("limit", String(limit));
     if (page !== void 0) urlParams.set("page", String(page));
@@ -1215,16 +1210,16 @@ var CommunityClient = class {
   }
   // Reactions
   addReaction(params) {
-    const { threadId, type } = params;
+    const { postId, type } = params;
     return this.execute("/api/reactions", "POST", {
-      thread: threadId,
+      post: postId,
       type
     });
   }
   removeReaction(params) {
-    const { threadId, type } = params;
+    const { postId, type } = params;
     return this.execute(
-      `/api/threads/${threadId}/react?type=${encodeURIComponent(type)}`,
+      `/api/posts/${postId}/react?type=${encodeURIComponent(type)}`,
       "DELETE"
     );
   }
@@ -1244,7 +1239,7 @@ var CommunityClient = class {
   }
   getReactionSummary(params) {
     return this.execute(
-      `/api/threads/${params.threadId}/reactions`,
+      `/api/posts/${params.postId}/reactions`,
       "GET"
     );
   }
@@ -1257,12 +1252,12 @@ var CommunityClient = class {
   // Bookmarks
   addBookmark(params) {
     return this.execute("/api/bookmarks", "POST", {
-      thread: params.threadId
+      post: params.postId
     });
   }
   removeBookmark(params) {
     return this.execute(
-      `/api/threads/${params.threadId}/bookmark`,
+      `/api/posts/${params.postId}/bookmark`,
       "DELETE"
     );
   }
@@ -1282,18 +1277,15 @@ var BaseApi = class {
     }
     this.publishableKey = options.publishableKey ?? "";
     this.secretKey = options.secretKey;
-    this.tenantId = options.tenantId;
     this.onRequestId = options.onRequestId;
   }
   async request(endpoint, body, options) {
     const method = options?.method ?? "POST";
-    const tenantId = this.secretKey.startsWith("pat01_") && this.tenantId ? this.tenantId : void 0;
     try {
       const response = await httpFetch(endpoint, {
         method,
         publishableKey: this.publishableKey,
         secretKey: this.secretKey,
-        tenantId,
         ...body !== void 0 && { body: JSON.stringify(body) },
         ...options?.headers && { headers: options.headers }
       });
@@ -1470,15 +1462,6 @@ var CustomerAuth = class {
       body: JSON.stringify({ currentPassword, newPassword })
     });
   }
-  /**
-   * Verify email using the verification token
-   */
-  async verifyEmail(token) {
-    await this.requestJson("/api/customers/verify-email", {
-      method: "POST",
-      body: JSON.stringify({ token })
-    });
-  }
   /**
    * Get the authenticated customer's orders with pagination and optional status filter
    */
@@ -1588,20 +1571,17 @@ var CartApi = class {
     }
     this.publishableKey = options.publishableKey ?? "";
     this.secretKey = options.secretKey;
-    this.tenantId = options.tenantId;
     this.customerToken = options.customerToken;
     this.onUnauthorized = options.onUnauthorized;
     this.onRequestId = options.onRequestId;
   }
   async execute(endpoint, method, body) {
     const token = typeof this.customerToken === "function" ? this.customerToken() : this.customerToken;
-    const tenantId = this.secretKey?.startsWith("pat01_") && this.tenantId ? this.tenantId : void 0;
     try {
       const response = await httpFetch(endpoint, {
         method,
         publishableKey: this.publishableKey,
         secretKey: this.secretKey,
-        tenantId,
         customerToken: token ?? void 0,
         ...token && this.onUnauthorized && { onUnauthorized: this.onUnauthorized },
         ...body !== void 0 && { body: JSON.stringify(body) }
@@ -1788,7 +1768,6 @@ var ServerCommerceClient = class {
     const serverOptions = {
       publishableKey: options.publishableKey,
       secretKey: options.secretKey,
-      tenantId: options.tenantId,
       onRequestId: options.onRequestId
     };
     const productApi = new ProductApi(serverOptions);
@@ -2216,14 +2195,6 @@ var CustomerHooks = class {
       options
     );
   }
-  useCustomerVerifyEmail(options) {
-    return createMutation(
-      (token) => this.ensureCustomerAuth().verifyEmail(token).then(() => {
-      }),
-      options,
-      this.invalidateMe
-    );
-  }
   useCustomerRefreshToken(options) {
     return createMutation(
       () => this.ensureCustomerAuth().refreshToken(),
@@ -2268,7 +2239,6 @@ var QueryHooks = class extends CollectionHooks {
     this.useCustomerLogout = (...args) => this._customer.useCustomerLogout(...args);
     this.useCustomerForgotPassword = (...args) => this._customer.useCustomerForgotPassword(...args);
     this.useCustomerResetPassword = (...args) => this._customer.useCustomerResetPassword(...args);
-    this.useCustomerVerifyEmail = (...args) => this._customer.useCustomerVerifyEmail(...args);
     this.useCustomerRefreshToken = (...args) => this._customer.useCustomerRefreshToken(...args);
     this.useCustomerUpdateProfile = (...args) => this._customer.useCustomerUpdateProfile(...args);
     this.useCustomerChangePassword = (...args) => this._customer.useCustomerChangePassword(...args);
@@ -2468,7 +2438,6 @@ var ServerClient = class {
     const serverOptions = {
       publishableKey: this.config.publishableKey,
       secretKey: this.config.secretKey,
-      tenantId: this.config.tenantId,
       onRequestId
     };
     this.commerce = new ServerCommerceClient(serverOptions);
@@ -2485,8 +2454,7 @@ var ServerClient = class {
       this.config.secretKey,
       void 0,
       void 0,
-      onRequestId,
-      this.config.tenantId
+      onRequestId
     );
     this.queryClient = getQueryClient();
     this.query = new QueryHooks(this.queryClient, this.collections);
@@ -2652,9 +2620,34 @@ var RealtimeConnection = class {
 function isValidWebhookEvent(data) {
   if (typeof data !== "object" || data === null) return false;
   const obj = data;
-  return typeof obj.collection === "string" && (obj.operation === "create" || obj.operation === "update") && typeof obj.data === "object" && obj.data !== null;
+  return typeof obj.collection === "string" && typeof obj.operation === "string" && obj.operation.length > 0 && typeof obj.data === "object" && obj.data !== null;
+}
+var CUSTOMER_PASSWORD_RESET_OPERATION = "password-reset";
+function isRecord(value) {
+  return typeof value === "object" && value !== null;
+}
+function hasString(value, key) {
+  return typeof value[key] === "string";
+}
+function hasStringOrNumber(value, key) {
+  return typeof value[key] === "string" || typeof value[key] === "number";
+}
+function isCustomerPasswordResetWebhookEvent(event) {
+  if (event.collection !== "customers" || event.operation !== CUSTOMER_PASSWORD_RESET_OPERATION || !isRecord(event.data)) {
+    return false;
+  }
+  return hasStringOrNumber(event.data, "customerId") && hasString(event.data, "email") && hasString(event.data, "name") && hasString(event.data, "resetPasswordToken") && hasString(event.data, "resetPasswordExpiresAt");
 }
-async function verifySignature(payload, secret, signature) {
+function createCustomerAuthWebhookHandler(handlers) {
+  return async (event) => {
+    if (isCustomerPasswordResetWebhookEvent(event) && handlers.passwordReset) {
+      await handlers.passwordReset(event.data, event);
+      return;
+    }
+    await handlers.unhandled?.(event);
+  };
+}
+async function verifySignature(payload, secret, signature, timestamp, deliveryId) {
   const encoder = new TextEncoder();
   const key = await crypto.subtle.importKey(
     "raw",
@@ -2669,14 +2662,35 @@ async function verifySignature(payload, secret, signature) {
   const sigBytes = new Uint8Array(
     (signature.match(/.{2}/g) ?? []).map((byte) => parseInt(byte, 16))
   );
-  return crypto.subtle.verify("HMAC", key, sigBytes, encoder.encode(payload));
+  return crypto.subtle.verify(
+    "HMAC",
+    key,
+    sigBytes,
+    encoder.encode(`${timestamp}.${deliveryId}.${payload}`)
+  );
+}
+function timestampIsFresh(timestamp, toleranceSeconds) {
+  if (!/^\d+$/.test(timestamp)) return false;
+  const timestampMs = Number(timestamp);
+  if (!Number.isFinite(timestampMs)) return false;
+  const skewMs = Math.abs(Date.now() - timestampMs);
+  return skewMs <= toleranceSeconds * 1e3;
 }
 async function handleWebhook(request, handler, options) {
   try {
     const rawBody = await request.text();
     if (options?.secret) {
       const signature = request.headers.get("x-webhook-signature") || "";
-      const valid = await verifySignature(rawBody, options.secret, signature);
+      const timestamp = request.headers.get("x-webhook-timestamp") || "";
+      const deliveryId = request.headers.get("x-webhook-delivery-id") || "";
+      const toleranceSeconds = options.toleranceSeconds ?? 300;
+      const valid = Boolean(timestamp && deliveryId) && timestampIsFresh(timestamp, toleranceSeconds) && await verifySignature(
+        rawBody,
+        options.secret,
+        signature,
+        timestamp,
+        deliveryId
+      );
       if (!valid) {
         return new Response(
           JSON.stringify({ error: "Invalid webhook signature" }),
@@ -3244,6 +3258,7 @@ export {
   AuthError,
   BaseApi,
   COLLECTIONS,
+  CUSTOMER_PASSWORD_RESET_OPERATION,
   CartApi,
   Client,
   CollectionClient,
@@ -3285,6 +3300,7 @@ export {
   createAuthError,
   createClient,
   createConflictError,
+  createCustomerAuthWebhookHandler,
   createNotFoundError,
   createPermissionError,
   createRateLimitError,
@@ -3311,6 +3327,7 @@ export {
   isAuthError,
   isConfigError,
   isConflictError,
+  isCustomerPasswordResetWebhookEvent,
   isGoneError,
   isNetworkError,
   isNotFoundError,