@adobe/acc-js-sdk 1.0.3 → 1.0.7

package/.github/workflows/codeql-analysis.yml

@@ -0,0 +1,70 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '34 13 * * 4'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://git.io/codeql-language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

package/.vscode/launch.json

@@ -4,7 +4,6 @@
     // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
     "version": "0.2.0",
     "configurations": [
-
         {
             "type": "node",
             "request": "launch",

package/CHANGELOG.md

@@ -3,7 +3,43 @@
 This is a node.js SDK for Campaign API. It exposes the Campaign API exactly like it is used inside Campaign using the NLWS notation.
 
 
-# Changelog
+# Changelog 
+
+## Version 1.0.7
+_2022_01_24_
+* Added a hook `refreshClient` on connection parameters. This is a callback called when an authentication token expires. It can be used to implement reconnection logic
+* New attributes on the schema API (application.getSchema)
+  * The `enum` attribute of a schema node returns the corresponding enum attribute, i.e. the enumeration name
+  * The `target` attribute of a schema node (of type link) returns the target (schema id) of the link
+  * The `integrity` attribute of a schema node (of type link) returns the link integrity ("define", "own", etc.)
+* Added a github workflow for code analysis (CodeQL) to detect more potential issues before release
+* Upgrade dependencies to fix some vulnerabilities
+* Add new conversion functions in XtkCaster to support for int, timespan, uuid, html and blob
+
+## Version 1.0.6
+_2021/11/03_
+* New ofBearerToken authentication for IMS access token
+* Fix a small issue in the compile script which did not create the dist folder if it was missing
+* Fix an intermittent bug when running the SDK in the browser and when using local storage cache. The schema cache and method cache 
+  should contain XML representation of Campaign schemas and methods. Before it is put in local storage, data needs to be serialized
+  as text. This was only working of JavaScript objects, but DOM elements were not being serialied causing various errors when
+  using the cache later
+
+## Version 1.0.5
+_2021/10/09_
+* Fix an issue in the logon() function which was not always returning a promise. Some authentication methods such as SessionToken we returning synchronously. Made it so that logon always returns a promise. This should not be a breaking change as logon does not actually return a value
+* Refactor caches (Options cache, Schemas cache, and Methods cache) to use a generic cache class
+* Make sure options parameter of ConnectionParameters constructor is not modified
+* Added a persistent cache for schemas, methods, and options using the browser localStorage by default
+* Make sure X-Security-Token header is hidden as well as session token cookies
+* Added jshint configuration and fixed warnings reported by jshint
+* Fixed vulnerability in ansi-regex; upgrade jest-junit to version 13 to fix
+* Small jsdoc improvements
+
+## Version 1.0.4
+_2021/10/07_
+* Fix a bug which caused XML text and cdata elements to be skipped during SimpleJson transformation
+* Make sure passwords are not logged (replace with "***") when activating traces
 
 ## Version 1.0.3
 _2021/10/06_

package/README.md

@@ -14,6 +14,11 @@ See the [Change log](./CHANGELOG.md) for more information about the different ve
 
 The API is fully asynchronous using promises and works as well on the server side than on the client side in the browser.
 
+Install
+```js
+npm install --save @adobe/acc-js-sdk
+```
+
 The SDK entrypoint is the `sdk` object from which everything else can be created.
 
 ```js
@@ -115,6 +120,14 @@ Attribute|Default|Description
 ---|---|---
 representation|"SimpleJson"| See below. Will determine if the SDK works with xml of json object. Default is JSON
 rememberMe|false| The Campaign `rememberMe` attribute which can be used to extend the lifetime of session tokens
+entityCacheTTL|300000| The TTL (in milliseconds) for the xtk entity cache
+methodCacheTTL|300000| The TTL (in milliseconds) for the xtk method cache
+optionCacheTTL|300000| The TTL (in milliseconds) for the xtk option cache
+traceAPICalls|false| Activates tracing of API calls or not
+transport|axios|Overrides the transport layer
+noStorage|false|De-activate using of local storage
+storage|localStorage|Overrides the local storage for caches
+refreshClient|undefined|Async callback to run when the session token is expired
 
 ```js
 const connectionParameters = sdk.ConnectionParameters.ofUserAndPassword(
@@ -133,6 +146,13 @@ const connectionParameters = sdk.ConnectionParameters.ofUserAndPassword(
                                     "https://myInstance.campaign.adobe.com", 
                                     "admin", "==ims_service_token_here");
 ```
+## Login with IMS access token
+The SDK supports IMS access token of an IMS user with the `ofBearerToken` function. Pass it a bearer token.
+```js
+const connectionParameters = sdk.ConnectionParameters.ofBearerToken(
+                                    "https://myInstance.campaign.adobe.com", 
+                                    "ims_bearer_token");
+````
 
 ## Login with Session token
 
@@ -200,6 +220,19 @@ await client.logon();
 await client.logoff();
 ```
 
+## refreshClient callback
+The refreshClient is an async callback function with the SDK client as parameter, it is called when the ACC session is expired.
+The callback must refresh the client session and return it. if a SOAP query fails with session expiration error then it will be retried when the callback is defined.
+
+```js
+const connectionParameters = sdk.ConnectionParameters.ofUserAndPassword(
+                                    url, "admin", "admin",
+                                    { refreshClient: async (client) => {
+                                        await client.logon();
+                                        return client;
+                                    }});
+```
+
 ## IP Whitelisting
 
 Campaign includes an IP whitelisting component which prevents connections from unauthorized IP addresses. This is a common source of authentication errors. 
@@ -560,7 +593,7 @@ It's also noteworthy that all the data returned in a CampaignException is trimme
 
 ## Caches
 
-The following caches are manage by the SDK
+The following caches are managed by the SDK and active by default. They are in-memory caches.
 
 * Options cache. Stores typed option values, by option name.
 * Entity cache. Caches schemas and other entities
@@ -578,6 +611,21 @@ or
 client.clearAllCaches();
 ```
 
+Caches have a TTL of 5 minutes by default. The TTL can be changed at connection time using connection options `entityCacheTTL`, `methodCacheTTL`, and `optionCacheTTL`.
+
+Caches can be de-activated by setting a TTL of -1 which will have the effect of making all cached data always invalid.
+
+
+
+## Persistent caches
+In addition to memory caches, it is possible to use persistent caches as well. This was introduced in version 1.0.5 and is active by default as well when using the SDK in a browser. The browser local storage is used (if allowed).
+
+Cached data is stored in local storage with keys prefixed with  `acc.js.sdk.{{version}}.{{server}}.cache.` where `version` is the SDK version and `server` is the Campaign server name. This means that the cached data is lost when upgrading the SDK.
+
+It's possible to disable persistent caches using the `noStorage` connection option.
+
+It is also possible to setup one's own persistent cache, by passing a `storage` object as a connection option. This object should implement 3 methods: `getItem`, `setItem`, and `removeItem` (synchronous)
+
 
 ## Passwords
 
@@ -1412,9 +1460,20 @@ If you need to access entity attributes (or child elements) in a generic way, yo
 
 To build this project, you need node and npm
 
-````
+```sh
 npm install
-````
+```
+
+## Check and resolve any security issues
+```sh
+npm audit
+npm audit fix --force
+```
+
+## Check if there are any code warnings
+```sh
+node_modules/jshint/bin/jshint src/
+```
 
 ## Run tests
 ```sh
@@ -1424,6 +1483,7 @@ npm run unit-tests
 ## Build JavaScript documentation
 ```sh
 npm run jsdoc
+open ./docs/jsdoc/index.html
 ```
 
 The HTML doc will be generated in the docs/ folder

package/compile.js

@@ -31,6 +31,7 @@ var resources = [
     { name: "./transport.js" },
     { name: "./xtkCaster.js" },
     { name: "./domUtil.js" },
+    { name: "./cache.js" },
     { name: "./entityAccessor.js" },
     { name: "./xtkEntityCache.js" },
     { name: "./methodCache.js" },
@@ -44,6 +45,7 @@ var resources = [
 
 
 const outFileName = "./dist/bundle.js";
+if (!fs.existsSync("./dist")) fs.mkdirSync("./dist"); 
 const rootPath = "./src";