@authly/sdk 1.2.3 → 1.2.5

package/dist/globals/clients/AuthlyClient.d.ts

@@ -20,25 +20,21 @@ declare class AuthlyClient {
      */
     private readonly serviceId;
     /**
-     * @summary The issuer of the client (for validation).
+     * @summary The issuer of the client.
      */
     private readonly issuer;
     /**
-     * @summary The base URL for API requests.
+     * @summary The resolved authorize endpoint URL.
      */
-    private readonly baseUrl;
+    private readonly authorizeEndpoint;
     /**
-     * @summary The authorize path.
+     * @summary The resolved token endpoint URL.
      */
-    private readonly authorizePath;
+    private readonly tokenEndpoint;
     /**
-     * @summary The token path.
+     * @summary The resolved user info endpoint URL.
      */
-    private readonly tokenPath;
-    /**
-     * @summary The user info path.
-     */
-    private readonly userInfoPath;
+    private readonly userInfoEndpoint;
     /**
      * @summary The redirect URI for the client.
      */
@@ -56,6 +52,12 @@ declare class AuthlyClient {
      * @param options - The options for the client.
      */
     constructor(options: IAuthlyClientOptions);
+    /**
+     * @summary Resolves a path or full URL.
+     * @param pathOrUrl - The relative path or absolute URL.
+     * @returns The full URL.
+     */
+    private resolveUrl;
     /**
      * @summary Prepares the authorization request, stores PKCE state, and returns the URL.
      * @param options - Optional overrides for the authorization request.

package/dist/globals/clients/AuthlyClient.js

@@ -23,25 +23,21 @@ class AuthlyClient {
      */
     serviceId;
     /**
-     * @summary The issuer of the client (for validation).
+     * @summary The issuer of the client.
      */
     issuer;
     /**
-     * @summary The base URL for API requests.
+     * @summary The resolved authorize endpoint URL.
      */
-    baseUrl;
+    authorizeEndpoint;
     /**
-     * @summary The authorize path.
+     * @summary The resolved token endpoint URL.
      */
-    authorizePath;
+    tokenEndpoint;
     /**
-     * @summary The token path.
+     * @summary The resolved user info endpoint URL.
      */
-    tokenPath;
-    /**
-     * @summary The user info path.
-     */
-    userInfoPath;
+    userInfoEndpoint;
     /**
      * @summary The redirect URI for the client.
      */
@@ -60,24 +56,34 @@ class AuthlyClient {
      */
     constructor(options) {
         this.issuer = options.issuer.replace(/\/$/, "");
-        // Use baseUrl if provided, otherwise fallback to issuer
-        this.baseUrl = (options.baseUrl || this.issuer).replace(/\/$/, "");
         this.serviceId = options.serviceId;
-        this.authorizePath = options.authorizePath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_AUTHORIZE_PATH;
-        this.tokenPath = options.tokenPath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_TOKEN_PATH;
-        this.userInfoPath = options.userInfoPath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_USER_INFO_PATH;
         this.redirectUri = options.redirectUri;
         this.storage = options.storage;
         if (!this.storage && typeof window !== "undefined" && window.sessionStorage) {
             this.storage = window.sessionStorage;
         }
+        this.authorizeEndpoint = this.resolveUrl(options.authorizePath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_AUTHORIZE_PATH);
+        this.tokenEndpoint = this.resolveUrl(options.tokenPath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_TOKEN_PATH);
+        this.userInfoEndpoint = this.resolveUrl(options.userInfoPath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_USER_INFO_PATH);
+        const jwksUrl = this.resolveUrl(options.jwksPath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_JWKS_PATH);
         this.verifier = new JWTVerifier_1.JWTVerifier({
             issuer: this.issuer,
             audience: options.audience,
-            jwksUrl: `${this.baseUrl}${options.jwksPath || AuthlyConfiguration_1.AuthlyConfiguration.DEFAULT_JWKS_PATH}`,
+            jwksUrl: jwksUrl,
             algorithms: options.algorithms,
         });
     }
+    /**
+     * @summary Resolves a path or full URL.
+     * @param pathOrUrl - The relative path or absolute URL.
+     * @returns The full URL.
+     */
+    resolveUrl(pathOrUrl) {
+        if (pathOrUrl.startsWith("http://") || pathOrUrl.startsWith("https://")) {
+            return pathOrUrl;
+        }
+        return `${this.issuer}${pathOrUrl}`;
+    }
     /**
      * @summary Prepares the authorization request, stores PKCE state, and returns the URL.
      * @param options - Optional overrides for the authorization request.
@@ -109,7 +115,7 @@ class AuthlyClient {
      * @returns The full authorization URL.
      */
     getAuthorizeUrl(options) {
-        const url = new URL(`${this.baseUrl}${this.authorizePath}`);
+        const url = new URL(this.authorizeEndpoint);
         url.searchParams.set("client_id", this.serviceId);
         url.searchParams.set("redirect_uri", options.redirectUri);
         url.searchParams.set("response_type", options.responseType || "code");
@@ -180,7 +186,7 @@ class AuthlyClient {
      * @returns A promise that resolves to the new access token.
      */
     async refreshToken(refreshToken) {
-        const url = `${this.baseUrl}${this.tokenPath}`;
+        const url = this.tokenEndpoint;
         const body = {
             grant_type: "refresh_token",
             client_id: this.serviceId,
@@ -193,6 +199,7 @@ class AuthlyClient {
                 "Content-Type": "application/x-www-form-urlencoded",
             },
             body: new URLSearchParams(body).toString(),
+            credentials: "include",
         });
         if (!response.success) {
             return null;
@@ -210,10 +217,11 @@ class AuthlyClient {
         if (!token)
             return null;
         const fetchInfo = async (currentBuffer) => {
-            return HttpClient_1.HttpClient.get(`${this.baseUrl}${this.userInfoPath}`, {
+            return HttpClient_1.HttpClient.get(this.userInfoEndpoint, {
                 headers: {
                     Authorization: `Bearer ${currentBuffer}`,
                 },
+                credentials: "include",
             });
         };
         let response = await fetchInfo(token);
@@ -270,7 +278,7 @@ class AuthlyClient {
      * @returns A promise that resolves to the token response.
      */
     async exchangeCodeForToken(code, redirectUri, codeVerifier) {
-        const url = `${this.baseUrl}${this.tokenPath}`;
+        const url = this.tokenEndpoint;
         const body = {
             grant_type: "authorization_code",
             client_id: this.serviceId,
@@ -285,6 +293,7 @@ class AuthlyClient {
                 "Content-Type": "application/x-www-form-urlencoded",
             },
             body: new URLSearchParams(body).toString(),
+            credentials: "include",
         });
         if (!response.success) {
             throw new Error(response.error?.message || "Failed to exchange code for token");

package/dist/models/globals/clients/interfaces/IAuthlyClientOptions.d.ts

@@ -5,13 +5,13 @@ import type { IAuthlyStorage } from "./IAuthlyStorage";
 interface IAuthlyClientOptions {
     /**
      * @summary The base URL of the identity provider.
-     * @description Used for token validation (iss claim). If baseUrl is not provided, it is also used for API requests.
+     * @description Used for token validation (iss claim). If paths are relative, they are appended to this URL (or baseUrl if provided).
      * @example "https://auth.example.com"
      */
     readonly issuer: string;
     /**
      * @summary The base URL for API requests (optional).
-     * @description Use this if your API is hosted on a different URL than the issuer (e.g. localhost vs production domain).
+     * @description Use this if your API is hosted on a different URL than the issuer.
      * @example "http://localhost:8000"
      */
     readonly baseUrl?: string;
@@ -36,26 +36,26 @@ interface IAuthlyClientOptions {
      */
     readonly storage?: IAuthlyStorage;
     /**
-     * @summary The path to the JWKS endpoint relative to the baseUrl.
-     * @example "/.well-known/jwks.json"
+     * @summary The path or full URL to the JWKS endpoint.
+     * @example "/.well-known/jwks.json" or "http://localhost:8000/.well-known/jwks.json"
      * @default "/.well-known/jwks.json"
      */
     readonly jwksPath?: string;
     /**
-     * @summary The path to the authorize endpoint relative to the baseUrl.
-     * @example "/v1/oauth/authorize"
-     * @default "/v1/oauth/authorize"
+     * @summary The path or full URL to the authorize endpoint.
+     * @example "/authorize" or "http://localhost:3000/login"
+     * @default "/authorize"
      */
     readonly authorizePath?: string;
     /**
-     * @summary The path to the token endpoint relative to the baseUrl.
-     * @example "/v1/oauth/token"
-     * @default "/v1/oauth/token"
+     * @summary The path or full URL to the token endpoint.
+     * @example "/oauth/token" or "http://localhost:8000/oauth/token"
+     * @default "/oauth2/token"
      */
     readonly tokenPath?: string;
     /**
-     * @summary The path to the user info endpoint relative to the baseUrl.
-     * @example "/v1/oauth/userinfo"
+     * @summary The path or full URL to the user info endpoint.
+     * @example "/v1/oauth/userinfo" or "http://localhost:8000/v1/oauth/userinfo"
      * @default "/v1/oauth/userinfo"
      */
     readonly userInfoPath?: string;

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@authly/sdk",
     "description": "A library for building authentication systems using Authly.",
-    "version": "1.2.3",
+    "version": "1.2.5",
     "author": {
         "name": "Anvoria",
         "url": "https://github.com/Anvoria"