@adobe/aio-commerce-lib-auth 0.1.0 → 0.3.0

package/CHANGELOG.md

@@ -1,5 +1,35 @@
 # @adobe/aio-commerce-lib-auth
 
+## 0.3.0
+
+### Minor Changes
+
+- [#22](https://github.com/adobe/aio-commerce-sdk/pull/22) [`9885eee`](https://github.com/adobe/aio-commerce-sdk/commit/9885eee5849ba7939b2067d3357e677beced3774) Thanks [@iivvaannxx](https://github.com/iivvaannxx)! - Changes include:
+  - Removed `try*` methods from public interface
+  - Added `assert` methods that throw if required configuration is not provided
+  - Cleaned up unused types to reduce bundle size
+
+### Patch Changes
+
+- Updated dependencies [[`9885eee`](https://github.com/adobe/aio-commerce-sdk/commit/9885eee5849ba7939b2067d3357e677beced3774)]:
+  - @adobe/aio-commerce-lib-core@0.3.0
+
+## 0.2.0
+
+### Minor Changes
+
+- [#18](https://github.com/adobe/aio-commerce-sdk/pull/18) [`aadbff1`](https://github.com/adobe/aio-commerce-sdk/commit/aadbff1acd08120f9d5cb8db4e3c849f552d8c79) Thanks [@jnatherley](https://github.com/jnatherley)! - Introduces the `aio-commerce-lib-core` package, which contains core utilities for the AIO Commerce SDK. It includes:
+  - A `Result` type based on Rust's `Result` type, to do better error handling.
+  - A set of validation utilities, including pretty printing of validation errors, and custom validation error types.
+  - Refactor aio-commerce-lib-auth to use aio-commerce-lib-core
+
+  Implements validation for the `aio-commerce-lib-auth` operations via `valibot`.
+
+### Patch Changes
+
+- Updated dependencies [[`aadbff1`](https://github.com/adobe/aio-commerce-sdk/commit/aadbff1acd08120f9d5cb8db4e3c849f552d8c79)]:
+  - @adobe/aio-commerce-lib-core@0.2.0
+
 ## 0.1.0
 
 ### Minor Changes

package/README.md

@@ -28,39 +28,111 @@ In your App Builder application, you can use the library to authenticate users o
 
 ### IMS Provider
 
-In the runtime action you can generate an access token using the IMS Provider:
-
 ```typescript
-import { getImsAuthProvider } from "@adobe/aio-commerce-lib-auth";
+import {
+  assertImsAuthParams,
+  getImsAuthProvider,
+} from "@adobe/aio-commerce-lib-auth";
 
-export const main = async function (params: Record<string, unknown>) {
-  // Generate the needed headers for API requests
-  const imsAuth = getImsAuthProvider(params);
-  const headers = await imsAuth.getHeaders();
+import { CommerceSdkValidationError } from "@adobe/aio-commerce-lib-core";
 
-  return { statusCode: 200 };
+export const main = async function (params: Record<string, unknown>) {
+  try {
+    // Validate parameters and get the IMS auth provider
+    assertImsAuthParams(params);
+    const imsAuthProvider = getImsAuthProvider(params);
+
+    const token = await imsAuthProvider.getAccessToken();
+    const headers = await imsAuthProvider.getHeaders();
+
+    // Use headers in your API calls
+    // business logic e.g requesting orders
+    return { statusCode: 200 };
+  } catch (error) {
+    if (error instanceof CommerceSdkValidationError) {
+      return {
+        statusCode: 400,
+        body: {
+          error: `Invalid IMS configuration: ${error.message}`,
+        },
+      };
+    }
+    throw error;
+  }
 };
 ```
 
 ### Integrations Provider
 
-In the runtime action you can generate an access token using the Integrations Provider:
-
 ```typescript
-import { getIntegrationsAuthProvider } from "@adobe/aio-commerce-lib-auth";
+import {
+  assertIntegrationAuthParams,
+  getIntegrationAuthProvider,
+} from "@adobe/aio-commerce-lib-auth";
+
+import { CommerceSdkValidationError } from "@adobe/aio-commerce-lib-core";
 
 export const main = async function (params: Record<string, unknown>) {
-  // Generate the needed headers for API requests
-  const integrationsAuth = getIntegrationsAuthProvider(params);
-  const headers = integrationsAuth.getHeaders(
-    "GET",
-    "http://localhost/rest/V1/orders",
-  );
-
-  return { statusCode: 200 };
+  try {
+    // Validate parameters and get the integration auth provider
+    assertIntegrationAuthParams(params);
+    const integrationsAuth = getIntegrationAuthProvider(params);
+
+    // Get OAuth headers for API requests
+    const headers = integrationsAuth.getHeaders(
+      "GET",
+      "http://localhost/rest/V1/orders",
+    );
+
+    // Use headers in your API calls
+    // business logic e.g requesting orders
+    return { statusCode: 200 };
+  } catch (error) {
+    if (error instanceof CommerceSdkValidationError) {
+      return {
+        statusCode: 400,
+        body: {
+          error: `Invalid Integration configuration: ${error.message}`,
+        },
+      };
+    }
+    throw error;
+  }
 };
 ```
 
+## Error Handling
+
+The library uses validation to ensure all required parameters are provided and correctly formatted. When validation fails, a `CommerceSdkValidationError` is thrown with detailed information about what went wrong.
+
+```typescript
+import { CommerceSdkValidationError } from "@adobe/aio-commerce-lib-core/error";
+
+try {
+  assertImsAuthParams({
+    clientId: "valid-id",
+    // Missing required fields
+  });
+} catch (error) {
+  if (error instanceof CommerceSdkValidationError) {
+    console.error(error.display());
+    // Output:
+    // Invalid ImsAuthProvider configuration
+    // ├── Schema validation error at clientSecrets → Expected at least one client secret for IMS auth
+    // ├── Schema validation error at technicalAccountId → Expected a non-empty string value for the IMS auth parameter technicalAccountId
+    // └── Schema validation error at technicalAccountEmail → Expected a valid email format for technicalAccountEmail
+  }
+}
+```
+
+## Best Practices
+
+1. **Always validate parameters** - Use the `assert*` functions before creating providers
+2. **Handle errors gracefully** - Catch and properly handle validation and authentication errors
+3. **Store credentials securely** - Use environment variables or secure configuration management
+4. **Cache tokens when possible** - The IMS provider handles token lifecycle internally
+5. **Use TypeScript** - Leverage the full type safety provided by the library
+
 ## Contributing
 
-This package is part of the Adobe Commerce SDK monorepo. See the [Contributing Guide](../../.github/CONTRIBUTING.md) and [Development Guide](../../.github/DEVELOPMENT.md) for development setup and guidelines.
+This package is part of the Adobe Commerce SDK monorepo. See the [Contributing Guide](https://github.com/adobe/aio-commerce-sdk/blob/main/.github/CONTRIBUTING.md) and [Development Guide](https://github.com/adobe/aio-commerce-sdk/blob/main/.github/DEVELOPMENT.md) for development setup and guidelines.

package/dist/cjs/index.cjs

@@ -21,115 +21,272 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
 }) : target, mod));
 
 //#endregion
+const __adobe_aio_commerce_lib_core_error = __toESM(require("@adobe/aio-commerce-lib-core/error"));
 const __adobe_aio_lib_ims = __toESM(require("@adobe/aio-lib-ims"));
+const valibot = __toESM(require("valibot"));
 const node_crypto = __toESM(require("node:crypto"));
 const oauth_1_0a = __toESM(require("oauth-1.0a"));
 
-//#region source/lib/params.ts
+//#region source/lib/ims-auth/schema.ts
 /**
-* Checks if the given value is non-empty.
-*
-* @param name of the parameter. Required because of `aio app dev` compatibility: inputs mapped to undefined env vars come as $<input_name> in dev mode, but as '' in prod mode.
-* @param value of the parameter.
+* Creates a validation schema for a required IMS auth string parameter.
+* @param name The name of the parameter for error messages.
+* @returns A validation pipeline that ensures the parameter is a non-empty string.
 */
-function nonEmpty(name, value) {
-	const v = value?.trim();
-	return v !== void 0 && v !== `$${name}`;
-}
+const imsAuthParameter = (name) => (0, valibot.pipe)((0, valibot.string)(`Expected a string value for the IMS auth parameter ${name}`), (0, valibot.nonEmpty)(`Expected a non-empty string value for the IMS auth parameter ${name}`));
 /**
-* Checks if all required parameters are non-empty.
-* @param params action input parameters.
-* @param required list of required parameter names.
+* Creates a validation schema for an IMS auth string array parameter.
+* @param name The name of the parameter for error messages.
+* @returns A validation pipeline that ensures the parameter is an array of strings.
 */
-function allNonEmpty(params, required) {
-	return required.every((name) => nonEmpty(name, params[name]));
-}
+const stringArray = (name) => {
+	return (0, valibot.pipe)((0, valibot.array)((0, valibot.string)(), `Expected a stringified JSON array value for the IMS auth parameter ${name}`));
+};
+/** The environments accepted by the IMS auth service. */
+const IMS_AUTH_ENV = {
+	PROD: "prod",
+	STAGE: "stage"
+};
+/** Validation schema for IMS auth environment values. */
+const ImsAuthEnvSchema = (0, valibot.enum)(IMS_AUTH_ENV);
+/** Defines the schema to validate the necessary parameters for the IMS auth service. */
+const ImsAuthParamsSchema = (0, valibot.object)({
+	clientId: imsAuthParameter("clientId"),
+	clientSecrets: (0, valibot.pipe)(stringArray("clientSecrets"), (0, valibot.minLength)(1, "Expected at least one client secret for IMS auth")),
+	technicalAccountId: imsAuthParameter("technicalAccountId"),
+	technicalAccountEmail: (0, valibot.pipe)((0, valibot.string)("Expected a string value for the IMS auth parameter technicalAccountEmail"), (0, valibot.email)("Expected a valid email format for technicalAccountEmail")),
+	imsOrgId: imsAuthParameter("imsOrgId"),
+	environment: (0, valibot.pipe)((0, valibot.optional)(ImsAuthEnvSchema, IMS_AUTH_ENV.PROD)),
+	context: (0, valibot.pipe)((0, valibot.optional)((0, valibot.string)(), "aio-commerce-sdk-creds")),
+	scopes: (0, valibot.pipe)(stringArray("scopes"), (0, valibot.minLength)(1, "Expected at least one scope for IMS auth"))
+});
 
 //#endregion
-//#region source/lib/ims-auth.ts
+//#region source/lib/ims-auth/provider.ts
+/**
+* Converts IMS auth configuration properties to snake_case format.
+* @param config The IMS auth configuration with camelCase properties.
+* @returns The configuration with snake_case properties.
+*/
+function toImsAuthConfig(config) {
+	return {
+		scopes: config.scopes,
+		env: config?.environment ?? "prod",
+		context: config.context,
+		client_id: config.clientId,
+		client_secrets: config.clientSecrets,
+		technical_account_id: config.technicalAccountId,
+		technical_account_email: config.technicalAccountEmail,
+		ims_org_id: config.imsOrgId
+	};
+}
 /**
-* If the required IMS parameters are present, this function returns an {@link ImsAuthProvider}.
-* @param params includes IMS parameters
+* Asserts the provided configuration for an Adobe IMS authentication provider. {@link ImsAuthParams}
+* {@link ImsAuthProvider}
+* @param config {Record<PropertyKey, unknown>} The configuration to validate.
+* @throws {CommerceSdkValidationError} If the configuration is invalid.
+* @example
+* ```typescript
+* const config = {
+*   clientId: "your-client-id",
+*   clientSecrets: ["your-client-secret"],
+*   technicalAccountId: "your-technical-account-id",
+*   technicalAccountEmail: "your-account@example.com",
+*   imsOrgId: "your-ims-org-id@AdobeOrg",
+*   scopes: ["AdobeID", "openid"],
+*   environment: "prod", // or "stage"
+*   context: "my-app-context"
+* };
+*
+* // This will validate the config and throw if invalid
+* assertImsAuthParams(config);
+*```
+* @example
+* ```typescript
+* // Example of a failing assert:
+* try {
+*   assertImsAuthParams({
+*     clientId: "valid-client-id",
+*     // Missing required fields like clientSecrets, technicalAccountId, etc.
+*   });
+* } catch (error) {
+*   console.error(error.message); // "Invalid ImsAuthProvider configuration"
+*   console.error(error.issues); // Array of validation issues
+* }
+* ```
 */
-async function getImsAuthProvider(params) {
-	const config = resolveImsConfig(params);
-	if (config) {
-		const contextName = params.AIO_COMMERCE_IMS_CTX ?? "aio-commerce-sdk-creds";
-		await __adobe_aio_lib_ims.context.set(contextName, config);
+function assertImsAuthParams(config) {
+	const result = (0, valibot.safeParse)(ImsAuthParamsSchema, config);
+	if (!result.success) throw new __adobe_aio_commerce_lib_core_error.CommerceSdkValidationError("Invalid ImsAuthProvider configuration", { issues: result.issues });
+}
+/**
+* Creates an {@link ImsAuthProvider} based on the provided configuration.
+* @param config An {@link ImsAuthParams} parameter that contains the configuration for the IMS auth provider.
+* @returns An {@link ImsAuthProvider} instance that can be used to get access token and auth headers.
+* @example
+* ```typescript
+* const config = {
+*   clientId: "your-client-id",
+*   clientSecrets: ["your-client-secret"],
+*   technicalAccountId: "your-technical-account-id",
+*   technicalAccountEmail: "your-account@example.com",
+*   imsOrgId: "your-ims-org-id@AdobeOrg",
+*   scopes: ["AdobeID", "openid"],
+*   environment: "prod",
+*   context: "my-app-context"
+* };
+*
+* const authProvider = getImsAuthProvider(config);
+*
+* // Get access token
+* const token = await authProvider.getAccessToken();
+* console.log(token); // "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9..."
+*
+* // Get headers for API requests
+* const headers = await authProvider.getHeaders();
+* console.log(headers);
+* // {
+* //   Authorization: "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9...",
+* //   "x-api-key": "your-client-id"
+* // }
+*
+* // Use headers in API calls
+* const response = await fetch('https://api.adobe.io/some-endpoint', {
+*   headers: await authProvider.getHeaders()
+* });
+* ```
+*/
+function getImsAuthProvider(authParams) {
+	const getAccessToken = async () => {
+		const imsAuthConfig = toImsAuthConfig(authParams);
+		await __adobe_aio_lib_ims.context.set(authParams.context, imsAuthConfig);
+		return (0, __adobe_aio_lib_ims.getToken)(authParams.context, {});
+	};
+	const getHeaders = async () => {
+		const accessToken = await getAccessToken();
 		return {
-			getAccessToken: async () => (0, __adobe_aio_lib_ims.getToken)(contextName, {}),
-			getHeaders: async () => {
-				const accessToken = await (0, __adobe_aio_lib_ims.getToken)(contextName, {});
-				return {
-					Authorization: `Bearer ${accessToken}`,
-					"x-api-key": config.client_id
-				};
-			}
+			Authorization: `Bearer ${accessToken}`,
+			"x-api-key": authParams.clientId
 		};
-	}
-}
-function resolveImsConfig(params) {
-	if (allNonEmpty(params, [
-		"AIO_COMMERCE_IMS_CLIENT_ID",
-		"AIO_COMMERCE_IMS_CLIENT_SECRETS",
-		"AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_ID",
-		"AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_EMAIL",
-		"AIO_COMMERCE_IMS_IMS_ORG_ID",
-		"AIO_COMMERCE_IMS_SCOPES"
-	])) return {
-		client_id: params.AIO_COMMERCE_IMS_CLIENT_ID,
-		client_secrets: JSON.parse(params.AIO_COMMERCE_IMS_CLIENT_SECRETS ?? "[]"),
-		technical_account_id: params.AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_ID,
-		technical_account_email: params.AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_EMAIL,
-		ims_org_id: params.AIO_COMMERCE_IMS_IMS_ORG_ID,
-		scopes: JSON.parse(params.AIO_COMMERCE_IMS_SCOPES ?? "[]"),
-		environment: params.AIO_COMMERCE_IMS_ENV ?? "prod"
+	};
+	return {
+		getAccessToken,
+		getHeaders
 	};
 }
 
 //#endregion
-//#region source/lib/integration-auth.ts
+//#region source/lib/integration-auth/schema.ts
 /**
-* If the required integration parameters are present, this function returns an {@link IntegrationAuthProvider}.
-* @param params includes integration parameters
+* Creates a validation schema for a required Commerce Integration string parameter.
+* @param name The name of the parameter for error messages.
+* @returns A validation pipeline that ensures the parameter is a non-empty string.
 */
-function getIntegrationAuthProvider(params) {
-	const config = resolveIntegrationConfig(params);
-	if (config) {
-		const oauth = new oauth_1_0a.default({
-			consumer: {
-				key: config.consumerKey,
-				secret: config.consumerSecret
-			},
-			signature_method: "HMAC-SHA256",
-			hash_function: (baseString, key) => node_crypto.default.createHmac("sha256", key).update(baseString).digest("base64")
-		});
-		const oauthToken = {
-			key: config.accessToken,
-			secret: config.accessTokenSecret
-		};
-		return { getHeaders(method, url) {
-			return oauth.toHeader(oauth.authorize({
-				url,
-				method
-			}, oauthToken));
-		} };
-	}
+const integrationAuthParameter = (name) => (0, valibot.pipe)((0, valibot.string)(`Expected a string value for the Commerce Integration parameter ${name}`), (0, valibot.nonEmpty)(`Expected a non-empty string value for the Commerce Integration parameter ${name}`));
+/** Validation schema for the Adobe Commerce endpoint base URL. */
+const BaseUrlSchema = (0, valibot.pipe)((0, valibot.string)("Expected a string for the Adobe Commerce endpoint"), (0, valibot.nonEmpty)("Expected a non-empty string for the Adobe Commerce endpoint"), (0, valibot.url)("Expected a valid url for the Adobe Commerce endpoint"));
+/** Validation schema that accepts either a URL string or URL instance and normalizes to string. */
+const UrlSchema = (0, valibot.pipe)((0, valibot.union)([BaseUrlSchema, (0, valibot.instance)(URL)]), (0, valibot.transform)((url) => {
+	if (url instanceof URL) return url.toString();
+	return url;
+}));
+/**
+* The schema for the Commerce Integration parameters.
+* This is used to validate the parameters passed to the Commerce Integration provider.
+*/
+const IntegrationAuthParamsSchema = (0, valibot.nonOptional)((0, valibot.object)({
+	consumerKey: integrationAuthParameter("consumerKey"),
+	consumerSecret: integrationAuthParameter("consumerSecret"),
+	accessToken: integrationAuthParameter("accessToken"),
+	accessTokenSecret: integrationAuthParameter("accessTokenSecret")
+}));
+
+//#endregion
+//#region source/lib/integration-auth/provider.ts
+/**
+* Asserts the provided configuration for an Adobe Commerce integration authentication provider. {@link IntegrationAuthParams}
+* {@link IntegrationAuthProvider}
+* @param config {Record<PropertyKey, unknown>} The configuration to validate.
+* @throws {CommerceSdkValidationError} If the configuration is invalid.
+* @example
+* ```typescript
+* const config = {
+*   consumerKey: "your-consumer-key",
+*   consumerSecret: "your-consumer-secret",
+*   accessToken: "your-access-token",
+*   accessTokenSecret: "your-access-token-secret"
+* };
+*
+* // This will validate the config and throw if invalid
+* assertIntegrationAuthParams(config);
+* ```
+* @example
+* ```typescript
+* // Example of a failing assert:
+* try {
+*   assertIntegrationAuthParams({
+*     consumerKey: "valid-consumer-key",
+*     // Missing required fields like consumerSecret, accessToken, accessTokenSecret
+*   });
+* } catch (error) {
+*   console.error(error.message); // "Invalid IntegrationAuthProvider configuration"
+*   console.error(error.issues); // Array of validation issues
+* }
+* ```
+*/
+function assertIntegrationAuthParams(config) {
+	const result = (0, valibot.safeParse)(IntegrationAuthParamsSchema, config);
+	if (!result.success) throw new __adobe_aio_commerce_lib_core_error.CommerceSdkValidationError("Invalid IntegrationAuthProvider configuration", { issues: result.issues });
 }
-function resolveIntegrationConfig(params) {
-	if (allNonEmpty(params, [
-		"AIO_COMMERCE_INTEGRATIONS_CONSUMER_KEY",
-		"AIO_COMMERCE_INTEGRATIONS_CONSUMER_SECRET",
-		"AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN",
-		"AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN_SECRET"
-	])) return {
-		consumerKey: params.AIO_COMMERCE_INTEGRATIONS_CONSUMER_KEY,
-		consumerSecret: params.AIO_COMMERCE_INTEGRATIONS_CONSUMER_SECRET,
-		accessToken: params.AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN,
-		accessTokenSecret: params.AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN_SECRET
+/**
+* Creates an {@link IntegrationAuthProvider} based on the provided configuration.
+* @param config {IntegrationAuthParams} The configuration for the integration.
+* @returns An {@link IntegrationAuthProvider} instance that can be used to get auth headers.
+* @example
+* ```typescript
+* const config = {
+*   consumerKey: "your-consumer-key",
+*   consumerSecret: "your-consumer-secret",
+*   accessToken: "your-access-token",
+*   accessTokenSecret: "your-access-token-secret"
+* };
+*
+* const authProvider = getIntegrationAuthProvider(config);
+*
+* // Get OAuth headers for a REST API call
+* const headers = authProvider.getHeaders("GET", "https://your-store.com/rest/V1/products");
+* console.log(headers); // { Authorization: "OAuth oauth_consumer_key=..., oauth_signature=..." }
+*
+* // Can also be used with URL objects
+* const url = new URL("https://your-store.com/rest/V1/customers");
+* const postHeaders = authProvider.getHeaders("POST", url);
+* ```
+*/
+function getIntegrationAuthProvider(authParams) {
+	const oauth = new oauth_1_0a.default({
+		consumer: {
+			key: authParams.consumerKey,
+			secret: authParams.consumerSecret
+		},
+		signature_method: "HMAC-SHA256",
+		hash_function: (baseString, key) => node_crypto.default.createHmac("sha256", key).update(baseString).digest("base64")
+	});
+	const oauthToken = {
+		key: authParams.accessToken,
+		secret: authParams.accessTokenSecret
 	};
+	return { getHeaders: (method, url) => {
+		const urlString = url instanceof URL ? url.toString() : url;
+		return oauth.toHeader(oauth.authorize({
+			url: urlString,
+			method
+		}, oauthToken));
+	} };
 }
 
 //#endregion
+exports.IMS_AUTH_ENV = IMS_AUTH_ENV;
+exports.assertImsAuthParams = assertImsAuthParams;
+exports.assertIntegrationAuthParams = assertIntegrationAuthParams;
 exports.getImsAuthProvider = getImsAuthProvider;
 exports.getIntegrationAuthProvider = getIntegrationAuthProvider;

package/dist/cjs/index.d.cts

@@ -1,39 +1,65 @@
-import OAuth1a from "oauth-1.0a";
+import * as valibot24 from "valibot";
+import { InferOutput } from "valibot";
 
-//#region source/lib/ims-auth.d.ts
-declare const IMS_AUTH_HEADERS: readonly ["Authorization", "x-api-key"];
-declare const IMS_AUTH_PARAMS: readonly ["AIO_COMMERCE_IMS_CLIENT_ID", "AIO_COMMERCE_IMS_CLIENT_SECRETS", "AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_ID", "AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_EMAIL", "AIO_COMMERCE_IMS_IMS_ORG_ID", "AIO_COMMERCE_IMS_SCOPES", "AIO_COMMERCE_IMS_ENV", "AIO_COMMERCE_IMS_CTX"];
-type ImsAuthParam = (typeof IMS_AUTH_PARAMS)[number];
-type ImsAuthParams = Partial<Record<ImsAuthParam, string>>;
-type ImsAuthHeader = (typeof IMS_AUTH_HEADERS)[number];
+//#region source/lib/ims-auth/schema.d.ts
+declare const IMS_AUTH_ENV: {
+  readonly PROD: "prod";
+  readonly STAGE: "stage";
+};
+declare const ImsAuthEnvSchema: valibot24.EnumSchema<{
+  readonly PROD: "prod";
+  readonly STAGE: "stage";
+}, undefined>;
+declare const ImsAuthParamsSchema: valibot24.ObjectSchema<{
+  readonly clientId: valibot24.SchemaWithPipe<readonly [valibot24.StringSchema<`Expected a string value for the IMS auth parameter ${string}`>, valibot24.NonEmptyAction<string, `Expected a non-empty string value for the IMS auth parameter ${string}`>]>;
+  readonly clientSecrets: valibot24.SchemaWithPipe<readonly [valibot24.SchemaWithPipe<readonly [valibot24.ArraySchema<valibot24.StringSchema<undefined>, `Expected a stringified JSON array value for the IMS auth parameter ${string}`>]>, valibot24.MinLengthAction<string[], 1, "Expected at least one client secret for IMS auth">]>;
+  readonly technicalAccountId: valibot24.SchemaWithPipe<readonly [valibot24.StringSchema<`Expected a string value for the IMS auth parameter ${string}`>, valibot24.NonEmptyAction<string, `Expected a non-empty string value for the IMS auth parameter ${string}`>]>;
+  readonly technicalAccountEmail: valibot24.SchemaWithPipe<readonly [valibot24.StringSchema<"Expected a string value for the IMS auth parameter technicalAccountEmail">, valibot24.EmailAction<string, "Expected a valid email format for technicalAccountEmail">]>;
+  readonly imsOrgId: valibot24.SchemaWithPipe<readonly [valibot24.StringSchema<`Expected a string value for the IMS auth parameter ${string}`>, valibot24.NonEmptyAction<string, `Expected a non-empty string value for the IMS auth parameter ${string}`>]>;
+  readonly environment: valibot24.SchemaWithPipe<readonly [valibot24.OptionalSchema<valibot24.EnumSchema<{
+    readonly PROD: "prod";
+    readonly STAGE: "stage";
+  }, undefined>, "prod">]>;
+  readonly context: valibot24.SchemaWithPipe<readonly [valibot24.OptionalSchema<valibot24.StringSchema<undefined>, "aio-commerce-sdk-creds">]>;
+  readonly scopes: valibot24.SchemaWithPipe<readonly [valibot24.SchemaWithPipe<readonly [valibot24.ArraySchema<valibot24.StringSchema<undefined>, `Expected a stringified JSON array value for the IMS auth parameter ${string}`>]>, valibot24.MinLengthAction<string[], 1, "Expected at least one scope for IMS auth">]>;
+}, undefined>;
+type ImsAuthParams = InferOutput<typeof ImsAuthParamsSchema>;
+type ImsAuthEnv = InferOutput<typeof ImsAuthEnvSchema>;
+//#endregion
+//#region source/lib/ims-auth/provider.d.ts
+type ImsAuthHeader = "Authorization" | "x-api-key";
 type ImsAuthHeaders = Record<ImsAuthHeader, string>;
-type ImsAccessToken = string;
 interface ImsAuthProvider {
+  getAccessToken: () => Promise<string>;
   getHeaders: () => Promise<ImsAuthHeaders>;
-  getAccessToken: () => Promise<ImsAccessToken>;
 }
-declare function getImsAuthProvider(params: ImsAuthParams): Promise<{
+declare function assertImsAuthParams(config: Record<PropertyKey, unknown>): asserts config is ImsAuthParams;
+declare function getImsAuthProvider(authParams: ImsAuthParams): {
   getAccessToken: () => Promise<string>;
   getHeaders: () => Promise<{
     Authorization: string;
     "x-api-key": string;
   }>;
-} | undefined>;
+};
+//#endregion
+//#region source/lib/integration-auth/schema.d.ts
+type HttpMethodInput = "GET" | "POST" | "PUT" | "PATCH" | "DELETE";
+declare const IntegrationAuthParamsSchema: valibot24.NonOptionalSchema<valibot24.ObjectSchema<{
+  readonly consumerKey: valibot24.SchemaWithPipe<readonly [valibot24.StringSchema<`Expected a string value for the Commerce Integration parameter ${string}`>, valibot24.NonEmptyAction<string, `Expected a non-empty string value for the Commerce Integration parameter ${string}`>]>;
+  readonly consumerSecret: valibot24.SchemaWithPipe<readonly [valibot24.StringSchema<`Expected a string value for the Commerce Integration parameter ${string}`>, valibot24.NonEmptyAction<string, `Expected a non-empty string value for the Commerce Integration parameter ${string}`>]>;
+  readonly accessToken: valibot24.SchemaWithPipe<readonly [valibot24.StringSchema<`Expected a string value for the Commerce Integration parameter ${string}`>, valibot24.NonEmptyAction<string, `Expected a non-empty string value for the Commerce Integration parameter ${string}`>]>;
+  readonly accessTokenSecret: valibot24.SchemaWithPipe<readonly [valibot24.StringSchema<`Expected a string value for the Commerce Integration parameter ${string}`>, valibot24.NonEmptyAction<string, `Expected a non-empty string value for the Commerce Integration parameter ${string}`>]>;
+}, undefined>, undefined>;
+type IntegrationAuthParams = InferOutput<typeof IntegrationAuthParamsSchema>;
 //#endregion
-//#region source/lib/integration-auth.d.ts
-declare const HTTP_METHODS: readonly ["GET", "POST", "PUT", "PATCH", "DELETE"];
-declare const INTEGRATION_AUTH_HEADERS: readonly ["Authorization"];
-declare const INTEGRATION_AUTH_PARAMS: readonly ["AIO_COMMERCE_INTEGRATIONS_CONSUMER_KEY", "AIO_COMMERCE_INTEGRATIONS_CONSUMER_SECRET", "AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN", "AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN_SECRET"];
-type IntegrationAuthParam = (typeof INTEGRATION_AUTH_PARAMS)[number];
-type IntegrationAuthParams = Partial<Record<IntegrationAuthParam, string>>;
-type IntegrationAuthHeader = (typeof INTEGRATION_AUTH_HEADERS)[number];
+//#region source/lib/integration-auth/provider.d.ts
+type IntegrationAuthHeader = "Authorization";
 type IntegrationAuthHeaders = Record<IntegrationAuthHeader, string>;
-type HttpMethod = (typeof HTTP_METHODS)[number];
+type AdobeCommerceUrl = string | URL;
 interface IntegrationAuthProvider {
-  getHeaders: (method: HttpMethod, url: string) => IntegrationAuthHeaders;
+  getHeaders: (method: HttpMethodInput, url: AdobeCommerceUrl) => IntegrationAuthHeaders;
 }
-declare function getIntegrationAuthProvider(params: IntegrationAuthParams): {
-  getHeaders(method: HttpMethod, url: string): OAuth1a.Header;
-} | undefined;
+declare function assertIntegrationAuthParams(config: Record<PropertyKey, unknown>): asserts config is IntegrationAuthParams;
+declare function getIntegrationAuthProvider(authParams: IntegrationAuthParams): IntegrationAuthProvider;
 //#endregion
-export { ImsAuthHeader, ImsAuthHeaders, ImsAuthParam, ImsAuthParams, ImsAuthProvider, IntegrationAuthHeader, IntegrationAuthHeaders, IntegrationAuthParam, IntegrationAuthParams, IntegrationAuthProvider, getImsAuthProvider, getIntegrationAuthProvider };
+export { IMS_AUTH_ENV, ImsAuthEnv, ImsAuthParams, ImsAuthProvider, IntegrationAuthParams, IntegrationAuthProvider, assertImsAuthParams, assertIntegrationAuthParams, getImsAuthProvider, getIntegrationAuthProvider };