@adobe/aio-commerce-lib-auth 0.1.0 → 0.3.0

package/dist/es/index.d.ts

@@ -1,39 +1,65 @@
-import OAuth1a from "oauth-1.0a";
+import * as valibot0 from "valibot";
+import { InferOutput } from "valibot";
 
-//#region source/lib/ims-auth.d.ts
-declare const IMS_AUTH_HEADERS: readonly ["Authorization", "x-api-key"];
-declare const IMS_AUTH_PARAMS: readonly ["AIO_COMMERCE_IMS_CLIENT_ID", "AIO_COMMERCE_IMS_CLIENT_SECRETS", "AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_ID", "AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_EMAIL", "AIO_COMMERCE_IMS_IMS_ORG_ID", "AIO_COMMERCE_IMS_SCOPES", "AIO_COMMERCE_IMS_ENV", "AIO_COMMERCE_IMS_CTX"];
-type ImsAuthParam = (typeof IMS_AUTH_PARAMS)[number];
-type ImsAuthParams = Partial<Record<ImsAuthParam, string>>;
-type ImsAuthHeader = (typeof IMS_AUTH_HEADERS)[number];
+//#region source/lib/ims-auth/schema.d.ts
+declare const IMS_AUTH_ENV: {
+  readonly PROD: "prod";
+  readonly STAGE: "stage";
+};
+declare const ImsAuthEnvSchema: valibot0.EnumSchema<{
+  readonly PROD: "prod";
+  readonly STAGE: "stage";
+}, undefined>;
+declare const ImsAuthParamsSchema: valibot0.ObjectSchema<{
+  readonly clientId: valibot0.SchemaWithPipe<readonly [valibot0.StringSchema<`Expected a string value for the IMS auth parameter ${string}`>, valibot0.NonEmptyAction<string, `Expected a non-empty string value for the IMS auth parameter ${string}`>]>;
+  readonly clientSecrets: valibot0.SchemaWithPipe<readonly [valibot0.SchemaWithPipe<readonly [valibot0.ArraySchema<valibot0.StringSchema<undefined>, `Expected a stringified JSON array value for the IMS auth parameter ${string}`>]>, valibot0.MinLengthAction<string[], 1, "Expected at least one client secret for IMS auth">]>;
+  readonly technicalAccountId: valibot0.SchemaWithPipe<readonly [valibot0.StringSchema<`Expected a string value for the IMS auth parameter ${string}`>, valibot0.NonEmptyAction<string, `Expected a non-empty string value for the IMS auth parameter ${string}`>]>;
+  readonly technicalAccountEmail: valibot0.SchemaWithPipe<readonly [valibot0.StringSchema<"Expected a string value for the IMS auth parameter technicalAccountEmail">, valibot0.EmailAction<string, "Expected a valid email format for technicalAccountEmail">]>;
+  readonly imsOrgId: valibot0.SchemaWithPipe<readonly [valibot0.StringSchema<`Expected a string value for the IMS auth parameter ${string}`>, valibot0.NonEmptyAction<string, `Expected a non-empty string value for the IMS auth parameter ${string}`>]>;
+  readonly environment: valibot0.SchemaWithPipe<readonly [valibot0.OptionalSchema<valibot0.EnumSchema<{
+    readonly PROD: "prod";
+    readonly STAGE: "stage";
+  }, undefined>, "prod">]>;
+  readonly context: valibot0.SchemaWithPipe<readonly [valibot0.OptionalSchema<valibot0.StringSchema<undefined>, "aio-commerce-sdk-creds">]>;
+  readonly scopes: valibot0.SchemaWithPipe<readonly [valibot0.SchemaWithPipe<readonly [valibot0.ArraySchema<valibot0.StringSchema<undefined>, `Expected a stringified JSON array value for the IMS auth parameter ${string}`>]>, valibot0.MinLengthAction<string[], 1, "Expected at least one scope for IMS auth">]>;
+}, undefined>;
+type ImsAuthParams = InferOutput<typeof ImsAuthParamsSchema>;
+type ImsAuthEnv = InferOutput<typeof ImsAuthEnvSchema>;
+//#endregion
+//#region source/lib/ims-auth/provider.d.ts
+type ImsAuthHeader = "Authorization" | "x-api-key";
 type ImsAuthHeaders = Record<ImsAuthHeader, string>;
-type ImsAccessToken = string;
 interface ImsAuthProvider {
+  getAccessToken: () => Promise<string>;
   getHeaders: () => Promise<ImsAuthHeaders>;
-  getAccessToken: () => Promise<ImsAccessToken>;
 }
-declare function getImsAuthProvider(params: ImsAuthParams): Promise<{
+declare function assertImsAuthParams(config: Record<PropertyKey, unknown>): asserts config is ImsAuthParams;
+declare function getImsAuthProvider(authParams: ImsAuthParams): {
   getAccessToken: () => Promise<string>;
   getHeaders: () => Promise<{
     Authorization: string;
     "x-api-key": string;
   }>;
-} | undefined>;
+};
+//#endregion
+//#region source/lib/integration-auth/schema.d.ts
+type HttpMethodInput = "GET" | "POST" | "PUT" | "PATCH" | "DELETE";
+declare const IntegrationAuthParamsSchema: valibot0.NonOptionalSchema<valibot0.ObjectSchema<{
+  readonly consumerKey: valibot0.SchemaWithPipe<readonly [valibot0.StringSchema<`Expected a string value for the Commerce Integration parameter ${string}`>, valibot0.NonEmptyAction<string, `Expected a non-empty string value for the Commerce Integration parameter ${string}`>]>;
+  readonly consumerSecret: valibot0.SchemaWithPipe<readonly [valibot0.StringSchema<`Expected a string value for the Commerce Integration parameter ${string}`>, valibot0.NonEmptyAction<string, `Expected a non-empty string value for the Commerce Integration parameter ${string}`>]>;
+  readonly accessToken: valibot0.SchemaWithPipe<readonly [valibot0.StringSchema<`Expected a string value for the Commerce Integration parameter ${string}`>, valibot0.NonEmptyAction<string, `Expected a non-empty string value for the Commerce Integration parameter ${string}`>]>;
+  readonly accessTokenSecret: valibot0.SchemaWithPipe<readonly [valibot0.StringSchema<`Expected a string value for the Commerce Integration parameter ${string}`>, valibot0.NonEmptyAction<string, `Expected a non-empty string value for the Commerce Integration parameter ${string}`>]>;
+}, undefined>, undefined>;
+type IntegrationAuthParams = InferOutput<typeof IntegrationAuthParamsSchema>;
 //#endregion
-//#region source/lib/integration-auth.d.ts
-declare const HTTP_METHODS: readonly ["GET", "POST", "PUT", "PATCH", "DELETE"];
-declare const INTEGRATION_AUTH_HEADERS: readonly ["Authorization"];
-declare const INTEGRATION_AUTH_PARAMS: readonly ["AIO_COMMERCE_INTEGRATIONS_CONSUMER_KEY", "AIO_COMMERCE_INTEGRATIONS_CONSUMER_SECRET", "AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN", "AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN_SECRET"];
-type IntegrationAuthParam = (typeof INTEGRATION_AUTH_PARAMS)[number];
-type IntegrationAuthParams = Partial<Record<IntegrationAuthParam, string>>;
-type IntegrationAuthHeader = (typeof INTEGRATION_AUTH_HEADERS)[number];
+//#region source/lib/integration-auth/provider.d.ts
+type IntegrationAuthHeader = "Authorization";
 type IntegrationAuthHeaders = Record<IntegrationAuthHeader, string>;
-type HttpMethod = (typeof HTTP_METHODS)[number];
+type AdobeCommerceUrl = string | URL;
 interface IntegrationAuthProvider {
-  getHeaders: (method: HttpMethod, url: string) => IntegrationAuthHeaders;
+  getHeaders: (method: HttpMethodInput, url: AdobeCommerceUrl) => IntegrationAuthHeaders;
 }
-declare function getIntegrationAuthProvider(params: IntegrationAuthParams): {
-  getHeaders(method: HttpMethod, url: string): OAuth1a.Header;
-} | undefined;
+declare function assertIntegrationAuthParams(config: Record<PropertyKey, unknown>): asserts config is IntegrationAuthParams;
+declare function getIntegrationAuthProvider(authParams: IntegrationAuthParams): IntegrationAuthProvider;
 //#endregion
-export { ImsAuthHeader, ImsAuthHeaders, ImsAuthParam, ImsAuthParams, ImsAuthProvider, IntegrationAuthHeader, IntegrationAuthHeaders, IntegrationAuthParam, IntegrationAuthParams, IntegrationAuthProvider, getImsAuthProvider, getIntegrationAuthProvider };
+export { IMS_AUTH_ENV, ImsAuthEnv, ImsAuthParams, ImsAuthProvider, IntegrationAuthParams, IntegrationAuthProvider, assertImsAuthParams, assertIntegrationAuthParams, getImsAuthProvider, getIntegrationAuthProvider };

package/dist/es/index.js

@@ -1,111 +1,265 @@
+import { CommerceSdkValidationError } from "@adobe/aio-commerce-lib-core/error";
 import { context, getToken } from "@adobe/aio-lib-ims";
+import { array, email, enum as enum$1, instance, minLength, nonEmpty, nonOptional, object, optional, pipe, safeParse, string, transform, union, url } from "valibot";
 import crypto from "node:crypto";
 import OAuth1a from "oauth-1.0a";
 
-//#region source/lib/params.ts
+//#region source/lib/ims-auth/schema.ts
 /**
-* Checks if the given value is non-empty.
-*
-* @param name of the parameter. Required because of `aio app dev` compatibility: inputs mapped to undefined env vars come as $<input_name> in dev mode, but as '' in prod mode.
-* @param value of the parameter.
+* Creates a validation schema for a required IMS auth string parameter.
+* @param name The name of the parameter for error messages.
+* @returns A validation pipeline that ensures the parameter is a non-empty string.
 */
-function nonEmpty(name, value) {
-	const v = value?.trim();
-	return v !== void 0 && v !== `$${name}`;
-}
+const imsAuthParameter = (name) => pipe(string(`Expected a string value for the IMS auth parameter ${name}`), nonEmpty(`Expected a non-empty string value for the IMS auth parameter ${name}`));
 /**
-* Checks if all required parameters are non-empty.
-* @param params action input parameters.
-* @param required list of required parameter names.
+* Creates a validation schema for an IMS auth string array parameter.
+* @param name The name of the parameter for error messages.
+* @returns A validation pipeline that ensures the parameter is an array of strings.
 */
-function allNonEmpty(params, required) {
-	return required.every((name) => nonEmpty(name, params[name]));
-}
+const stringArray = (name) => {
+	return pipe(array(string(), `Expected a stringified JSON array value for the IMS auth parameter ${name}`));
+};
+/** The environments accepted by the IMS auth service. */
+const IMS_AUTH_ENV = {
+	PROD: "prod",
+	STAGE: "stage"
+};
+/** Validation schema for IMS auth environment values. */
+const ImsAuthEnvSchema = enum$1(IMS_AUTH_ENV);
+/** Defines the schema to validate the necessary parameters for the IMS auth service. */
+const ImsAuthParamsSchema = object({
+	clientId: imsAuthParameter("clientId"),
+	clientSecrets: pipe(stringArray("clientSecrets"), minLength(1, "Expected at least one client secret for IMS auth")),
+	technicalAccountId: imsAuthParameter("technicalAccountId"),
+	technicalAccountEmail: pipe(string("Expected a string value for the IMS auth parameter technicalAccountEmail"), email("Expected a valid email format for technicalAccountEmail")),
+	imsOrgId: imsAuthParameter("imsOrgId"),
+	environment: pipe(optional(ImsAuthEnvSchema, IMS_AUTH_ENV.PROD)),
+	context: pipe(optional(string(), "aio-commerce-sdk-creds")),
+	scopes: pipe(stringArray("scopes"), minLength(1, "Expected at least one scope for IMS auth"))
+});
 
 //#endregion
-//#region source/lib/ims-auth.ts
+//#region source/lib/ims-auth/provider.ts
+/**
+* Converts IMS auth configuration properties to snake_case format.
+* @param config The IMS auth configuration with camelCase properties.
+* @returns The configuration with snake_case properties.
+*/
+function toImsAuthConfig(config) {
+	return {
+		scopes: config.scopes,
+		env: config?.environment ?? "prod",
+		context: config.context,
+		client_id: config.clientId,
+		client_secrets: config.clientSecrets,
+		technical_account_id: config.technicalAccountId,
+		technical_account_email: config.technicalAccountEmail,
+		ims_org_id: config.imsOrgId
+	};
+}
+/**
+* Asserts the provided configuration for an Adobe IMS authentication provider. {@link ImsAuthParams}
+* {@link ImsAuthProvider}
+* @param config {Record<PropertyKey, unknown>} The configuration to validate.
+* @throws {CommerceSdkValidationError} If the configuration is invalid.
+* @example
+* ```typescript
+* const config = {
+*   clientId: "your-client-id",
+*   clientSecrets: ["your-client-secret"],
+*   technicalAccountId: "your-technical-account-id",
+*   technicalAccountEmail: "your-account@example.com",
+*   imsOrgId: "your-ims-org-id@AdobeOrg",
+*   scopes: ["AdobeID", "openid"],
+*   environment: "prod", // or "stage"
+*   context: "my-app-context"
+* };
+*
+* // This will validate the config and throw if invalid
+* assertImsAuthParams(config);
+*```
+* @example
+* ```typescript
+* // Example of a failing assert:
+* try {
+*   assertImsAuthParams({
+*     clientId: "valid-client-id",
+*     // Missing required fields like clientSecrets, technicalAccountId, etc.
+*   });
+* } catch (error) {
+*   console.error(error.message); // "Invalid ImsAuthProvider configuration"
+*   console.error(error.issues); // Array of validation issues
+* }
+* ```
+*/
+function assertImsAuthParams(config) {
+	const result = safeParse(ImsAuthParamsSchema, config);
+	if (!result.success) throw new CommerceSdkValidationError("Invalid ImsAuthProvider configuration", { issues: result.issues });
+}
 /**
-* If the required IMS parameters are present, this function returns an {@link ImsAuthProvider}.
-* @param params includes IMS parameters
+* Creates an {@link ImsAuthProvider} based on the provided configuration.
+* @param config An {@link ImsAuthParams} parameter that contains the configuration for the IMS auth provider.
+* @returns An {@link ImsAuthProvider} instance that can be used to get access token and auth headers.
+* @example
+* ```typescript
+* const config = {
+*   clientId: "your-client-id",
+*   clientSecrets: ["your-client-secret"],
+*   technicalAccountId: "your-technical-account-id",
+*   technicalAccountEmail: "your-account@example.com",
+*   imsOrgId: "your-ims-org-id@AdobeOrg",
+*   scopes: ["AdobeID", "openid"],
+*   environment: "prod",
+*   context: "my-app-context"
+* };
+*
+* const authProvider = getImsAuthProvider(config);
+*
+* // Get access token
+* const token = await authProvider.getAccessToken();
+* console.log(token); // "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9..."
+*
+* // Get headers for API requests
+* const headers = await authProvider.getHeaders();
+* console.log(headers);
+* // {
+* //   Authorization: "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9...",
+* //   "x-api-key": "your-client-id"
+* // }
+*
+* // Use headers in API calls
+* const response = await fetch('https://api.adobe.io/some-endpoint', {
+*   headers: await authProvider.getHeaders()
+* });
+* ```
 */
-async function getImsAuthProvider(params) {
-	const config = resolveImsConfig(params);
-	if (config) {
-		const contextName = params.AIO_COMMERCE_IMS_CTX ?? "aio-commerce-sdk-creds";
-		await context.set(contextName, config);
+function getImsAuthProvider(authParams) {
+	const getAccessToken = async () => {
+		const imsAuthConfig = toImsAuthConfig(authParams);
+		await context.set(authParams.context, imsAuthConfig);
+		return getToken(authParams.context, {});
+	};
+	const getHeaders = async () => {
+		const accessToken = await getAccessToken();
 		return {
-			getAccessToken: async () => getToken(contextName, {}),
-			getHeaders: async () => {
-				const accessToken = await getToken(contextName, {});
-				return {
-					Authorization: `Bearer ${accessToken}`,
-					"x-api-key": config.client_id
-				};
-			}
+			Authorization: `Bearer ${accessToken}`,
+			"x-api-key": authParams.clientId
 		};
-	}
-}
-function resolveImsConfig(params) {
-	if (allNonEmpty(params, [
-		"AIO_COMMERCE_IMS_CLIENT_ID",
-		"AIO_COMMERCE_IMS_CLIENT_SECRETS",
-		"AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_ID",
-		"AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_EMAIL",
-		"AIO_COMMERCE_IMS_IMS_ORG_ID",
-		"AIO_COMMERCE_IMS_SCOPES"
-	])) return {
-		client_id: params.AIO_COMMERCE_IMS_CLIENT_ID,
-		client_secrets: JSON.parse(params.AIO_COMMERCE_IMS_CLIENT_SECRETS ?? "[]"),
-		technical_account_id: params.AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_ID,
-		technical_account_email: params.AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_EMAIL,
-		ims_org_id: params.AIO_COMMERCE_IMS_IMS_ORG_ID,
-		scopes: JSON.parse(params.AIO_COMMERCE_IMS_SCOPES ?? "[]"),
-		environment: params.AIO_COMMERCE_IMS_ENV ?? "prod"
+	};
+	return {
+		getAccessToken,
+		getHeaders
 	};
 }
 
 //#endregion
-//#region source/lib/integration-auth.ts
+//#region source/lib/integration-auth/schema.ts
 /**
-* If the required integration parameters are present, this function returns an {@link IntegrationAuthProvider}.
-* @param params includes integration parameters
+* Creates a validation schema for a required Commerce Integration string parameter.
+* @param name The name of the parameter for error messages.
+* @returns A validation pipeline that ensures the parameter is a non-empty string.
 */
-function getIntegrationAuthProvider(params) {
-	const config = resolveIntegrationConfig(params);
-	if (config) {
-		const oauth = new OAuth1a({
-			consumer: {
-				key: config.consumerKey,
-				secret: config.consumerSecret
-			},
-			signature_method: "HMAC-SHA256",
-			hash_function: (baseString, key) => crypto.createHmac("sha256", key).update(baseString).digest("base64")
-		});
-		const oauthToken = {
-			key: config.accessToken,
-			secret: config.accessTokenSecret
-		};
-		return { getHeaders(method, url) {
-			return oauth.toHeader(oauth.authorize({
-				url,
-				method
-			}, oauthToken));
-		} };
-	}
+const integrationAuthParameter = (name) => pipe(string(`Expected a string value for the Commerce Integration parameter ${name}`), nonEmpty(`Expected a non-empty string value for the Commerce Integration parameter ${name}`));
+/** Validation schema for the Adobe Commerce endpoint base URL. */
+const BaseUrlSchema = pipe(string("Expected a string for the Adobe Commerce endpoint"), nonEmpty("Expected a non-empty string for the Adobe Commerce endpoint"), url("Expected a valid url for the Adobe Commerce endpoint"));
+/** Validation schema that accepts either a URL string or URL instance and normalizes to string. */
+const UrlSchema = pipe(union([BaseUrlSchema, instance(URL)]), transform((url$1) => {
+	if (url$1 instanceof URL) return url$1.toString();
+	return url$1;
+}));
+/**
+* The schema for the Commerce Integration parameters.
+* This is used to validate the parameters passed to the Commerce Integration provider.
+*/
+const IntegrationAuthParamsSchema = nonOptional(object({
+	consumerKey: integrationAuthParameter("consumerKey"),
+	consumerSecret: integrationAuthParameter("consumerSecret"),
+	accessToken: integrationAuthParameter("accessToken"),
+	accessTokenSecret: integrationAuthParameter("accessTokenSecret")
+}));
+
+//#endregion
+//#region source/lib/integration-auth/provider.ts
+/**
+* Asserts the provided configuration for an Adobe Commerce integration authentication provider. {@link IntegrationAuthParams}
+* {@link IntegrationAuthProvider}
+* @param config {Record<PropertyKey, unknown>} The configuration to validate.
+* @throws {CommerceSdkValidationError} If the configuration is invalid.
+* @example
+* ```typescript
+* const config = {
+*   consumerKey: "your-consumer-key",
+*   consumerSecret: "your-consumer-secret",
+*   accessToken: "your-access-token",
+*   accessTokenSecret: "your-access-token-secret"
+* };
+*
+* // This will validate the config and throw if invalid
+* assertIntegrationAuthParams(config);
+* ```
+* @example
+* ```typescript
+* // Example of a failing assert:
+* try {
+*   assertIntegrationAuthParams({
+*     consumerKey: "valid-consumer-key",
+*     // Missing required fields like consumerSecret, accessToken, accessTokenSecret
+*   });
+* } catch (error) {
+*   console.error(error.message); // "Invalid IntegrationAuthProvider configuration"
+*   console.error(error.issues); // Array of validation issues
+* }
+* ```
+*/
+function assertIntegrationAuthParams(config) {
+	const result = safeParse(IntegrationAuthParamsSchema, config);
+	if (!result.success) throw new CommerceSdkValidationError("Invalid IntegrationAuthProvider configuration", { issues: result.issues });
 }
-function resolveIntegrationConfig(params) {
-	if (allNonEmpty(params, [
-		"AIO_COMMERCE_INTEGRATIONS_CONSUMER_KEY",
-		"AIO_COMMERCE_INTEGRATIONS_CONSUMER_SECRET",
-		"AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN",
-		"AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN_SECRET"
-	])) return {
-		consumerKey: params.AIO_COMMERCE_INTEGRATIONS_CONSUMER_KEY,
-		consumerSecret: params.AIO_COMMERCE_INTEGRATIONS_CONSUMER_SECRET,
-		accessToken: params.AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN,
-		accessTokenSecret: params.AIO_COMMERCE_INTEGRATIONS_ACCESS_TOKEN_SECRET
+/**
+* Creates an {@link IntegrationAuthProvider} based on the provided configuration.
+* @param config {IntegrationAuthParams} The configuration for the integration.
+* @returns An {@link IntegrationAuthProvider} instance that can be used to get auth headers.
+* @example
+* ```typescript
+* const config = {
+*   consumerKey: "your-consumer-key",
+*   consumerSecret: "your-consumer-secret",
+*   accessToken: "your-access-token",
+*   accessTokenSecret: "your-access-token-secret"
+* };
+*
+* const authProvider = getIntegrationAuthProvider(config);
+*
+* // Get OAuth headers for a REST API call
+* const headers = authProvider.getHeaders("GET", "https://your-store.com/rest/V1/products");
+* console.log(headers); // { Authorization: "OAuth oauth_consumer_key=..., oauth_signature=..." }
+*
+* // Can also be used with URL objects
+* const url = new URL("https://your-store.com/rest/V1/customers");
+* const postHeaders = authProvider.getHeaders("POST", url);
+* ```
+*/
+function getIntegrationAuthProvider(authParams) {
+	const oauth = new OAuth1a({
+		consumer: {
+			key: authParams.consumerKey,
+			secret: authParams.consumerSecret
+		},
+		signature_method: "HMAC-SHA256",
+		hash_function: (baseString, key) => crypto.createHmac("sha256", key).update(baseString).digest("base64")
+	});
+	const oauthToken = {
+		key: authParams.accessToken,
+		secret: authParams.accessTokenSecret
 	};
+	return { getHeaders: (method, url$1) => {
+		const urlString = url$1 instanceof URL ? url$1.toString() : url$1;
+		return oauth.toHeader(oauth.authorize({
+			url: urlString,
+			method
+		}, oauthToken));
+	} };
 }
 
 //#endregion
-export { getImsAuthProvider, getIntegrationAuthProvider };
+export { IMS_AUTH_ENV, assertImsAuthParams, assertIntegrationAuthParams, getImsAuthProvider, getIntegrationAuthProvider };

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@adobe/aio-commerce-lib-auth",
   "type": "module",
-  "version": "0.1.0",
+  "version": "0.3.0",
   "private": false,
   "author": "Adobe Inc.",
   "engines": {
@@ -26,7 +26,7 @@
   },
   "main": "./dist/cjs/index.cjs",
   "module": "./dist/es/index.js",
-  "types": "./dist/es/index.d.ts",
+  "types": "./dist/cjs/index.d.cts",
   "exports": {
     ".": {
       "import": {
@@ -40,9 +40,18 @@
     },
     "./package.json": "./package.json"
   },
+  "files": [
+    "dist",
+    "package.json",
+    "CHANGELOG.md",
+    "README.md"
+  ],
   "dependencies": {
     "@adobe/aio-lib-ims": "^8.1.0",
-    "oauth-1.0a": "^2.2.6"
+    "ansis": "^4.1.0",
+    "oauth-1.0a": "^2.2.6",
+    "valibot": "^1.1.0",
+    "@adobe/aio-commerce-lib-core": "0.3.0"
   },
   "devDependencies": {
     "vitest": "^3.2.4",

package/.turbo/turbo-build.log

@@ -1,18 +0,0 @@
-
-> @adobe/aio-commerce-lib-auth@0.1.0 build /home/runner/work/aio-commerce-sdk/aio-commerce-sdk/packages/aio-commerce-lib-auth
-> tsdown
-
-ℹ tsdown v0.12.9 powered by rolldown v1.0.0-beta.21
-ℹ Using tsdown config: /home/runner/work/aio-commerce-sdk/aio-commerce-sdk/packages/aio-commerce-lib-auth/tsdown.config.ts
-ℹ entry: source/index.ts
-ℹ target: node22.0.0
-ℹ tsconfig: tsconfig.json
-ℹ Build start
-ℹ [CJS] dist/cjs/index.cjs  4.81 kB │ gzip: 1.71 kB
-ℹ [CJS] 1 files, total: 4.81 kB
-ℹ [CJS] dist/index.d.cts  2.33 kB │ gzip: 0.69 kB
-ℹ [CJS] 1 files, total: 2.33 kB
-ℹ [ESM] dist/es/index.js    3.63 kB │ gzip: 1.27 kB
-ℹ [ESM] dist/es/index.d.ts  2.33 kB │ gzip: 0.69 kB
-ℹ [ESM] 2 files, total: 5.97 kB
-✔ Build complete in 1768ms

package/source/index.ts

@@ -1,14 +0,0 @@
-/*
- * Copyright 2025 Adobe. All rights reserved.
- * This file is licensed to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License. You may obtain a copy
- * of the License at http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under
- * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
- * OF ANY KIND, either express or implied. See the License for the specific language
- * governing permissions and limitations under the License.
- */
-
-export * from "./lib/ims-auth";
-export * from "./lib/integration-auth";

package/source/lib/ims-auth.ts

@@ -1,95 +0,0 @@
-/*
- * Copyright 2025 Adobe. All rights reserved.
- * This file is licensed to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License. You may obtain a copy
- * of the License at http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under
- * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
- * OF ANY KIND, either express or implied. See the License for the specific language
- * governing permissions and limitations under the License.
- */
-
-import { context, getToken } from "@adobe/aio-lib-ims";
-import { allNonEmpty } from "./params";
-
-const IMS_AUTH_HEADERS = ["Authorization", "x-api-key"] as const;
-const IMS_AUTH_PARAMS = [
-  "AIO_COMMERCE_IMS_CLIENT_ID",
-  "AIO_COMMERCE_IMS_CLIENT_SECRETS",
-  "AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_ID",
-  "AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_EMAIL",
-  "AIO_COMMERCE_IMS_IMS_ORG_ID",
-  "AIO_COMMERCE_IMS_SCOPES",
-  "AIO_COMMERCE_IMS_ENV",
-  "AIO_COMMERCE_IMS_CTX",
-] as const;
-
-/** Defines a union of allowed IMS authentication parameters. */
-export type ImsAuthParam = (typeof IMS_AUTH_PARAMS)[number];
-
-/** Defines a key-value map of IMS authentication parameters. */
-export type ImsAuthParams = Partial<Record<ImsAuthParam, string>>;
-
-/** Defines a union of allowed IMS authentication headers. */
-export type ImsAuthHeader = (typeof IMS_AUTH_HEADERS)[number];
-
-/** Defines a key-value map of IMS authentication headers. */
-export type ImsAuthHeaders = Record<ImsAuthHeader, string>;
-
-type ImsAccessToken = string;
-
-/** Defines an authentication provider for Adobe IMS. */
-export interface ImsAuthProvider {
-  getHeaders: () => Promise<ImsAuthHeaders>;
-  getAccessToken: () => Promise<ImsAccessToken>;
-}
-
-/**
- * If the required IMS parameters are present, this function returns an {@link ImsAuthProvider}.
- * @param params includes IMS parameters
- */
-export async function getImsAuthProvider(params: ImsAuthParams) {
-  const config = resolveImsConfig(params);
-
-  if (config) {
-    const contextName = params.AIO_COMMERCE_IMS_CTX ?? "aio-commerce-sdk-creds";
-    await context.set(contextName, config);
-
-    return {
-      getAccessToken: async () => getToken(contextName, {}),
-      getHeaders: async () => {
-        const accessToken = await getToken(contextName, {});
-        return {
-          Authorization: `Bearer ${accessToken}`,
-          "x-api-key": config.client_id,
-        };
-      },
-    } satisfies ImsAuthProvider;
-  }
-}
-
-function resolveImsConfig(params: ImsAuthParams) {
-  if (
-    allNonEmpty(params, [
-      "AIO_COMMERCE_IMS_CLIENT_ID",
-      "AIO_COMMERCE_IMS_CLIENT_SECRETS",
-      "AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_ID",
-      "AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_EMAIL",
-      "AIO_COMMERCE_IMS_IMS_ORG_ID",
-      "AIO_COMMERCE_IMS_SCOPES",
-    ])
-  ) {
-    return {
-      client_id: params.AIO_COMMERCE_IMS_CLIENT_ID,
-      client_secrets: JSON.parse(
-        params.AIO_COMMERCE_IMS_CLIENT_SECRETS ?? "[]",
-      ) as string[],
-      technical_account_id: params.AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_ID,
-      technical_account_email: params.AIO_COMMERCE_IMS_TECHNICAL_ACCOUNT_EMAIL,
-      ims_org_id: params.AIO_COMMERCE_IMS_IMS_ORG_ID,
-      scopes: JSON.parse(params.AIO_COMMERCE_IMS_SCOPES ?? "[]") as string[],
-      environment: params.AIO_COMMERCE_IMS_ENV ?? "prod",
-    };
-  }
-}