@base44/sdk 0.8.18 → 0.8.20

package/dist/modules/auth.js

@@ -20,7 +20,6 @@ export function createAuthModule(axios, functionsAxiosClient, appId, options) {
         },
         // Redirects the user to the app's login page
         redirectToLogin(nextUrl) {
-            var _a;
             // This function only works in a browser environment
             if (typeof window === "undefined") {
                 throw new Error("Login method can only be used in a browser environment");
@@ -30,7 +29,7 @@ export function createAuthModule(axios, functionsAxiosClient, appId, options) {
                 ? new URL(nextUrl, window.location.origin).toString()
                 : window.location.href;
             // Build the login URL
-            const loginUrl = `${(_a = options.appBaseUrl) !== null && _a !== void 0 ? _a : ""}/login?from_url=${encodeURIComponent(redirectUrl)}`;
+            const loginUrl = `${options.appBaseUrl}/login?from_url=${encodeURIComponent(redirectUrl)}`;
             // Redirect to the login page
             window.location.href = loginUrl;
         },
@@ -38,36 +37,43 @@ export function createAuthModule(axios, functionsAxiosClient, appId, options) {
         loginWithProvider(provider, fromUrl = "/") {
             // Build the full redirect URL
             const redirectUrl = new URL(fromUrl, window.location.origin).toString();
-            // Build the provider login URL (google is the default, so no provider path needed)
-            const providerPath = provider === "google" ? "" : `/${provider}`;
-            const loginUrl = `${options.serverUrl}/api/apps/auth${providerPath}/login?app_id=${appId}&from_url=${encodeURIComponent(redirectUrl)}`;
+            const queryParams = `app_id=${appId}&from_url=${encodeURIComponent(redirectUrl)}`;
+            // SSO uses a different URL structure with appId in the path
+            let authPath;
+            if (provider === "sso") {
+                authPath = `/apps/${appId}/auth/sso/login`;
+            }
+            else {
+                // Google is the default provider, so no provider path segment needed
+                const providerPath = provider === "google" ? "" : `/${provider}`;
+                authPath = `/apps/auth${providerPath}/login`;
+            }
+            const loginUrl = `${options.appBaseUrl}/api${authPath}?${queryParams}`;
             // Redirect to the provider login page
             window.location.href = loginUrl;
         },
         // Logout the current user
-        // Removes the token from localStorage and optionally redirects to a URL or reloads the page
         logout(redirectUrl) {
-            // Remove token from axios headers
+            // Remove token from axios headers (always do this)
             delete axios.defaults.headers.common["Authorization"];
-            // Remove token from localStorage
-            if (typeof window !== "undefined" && window.localStorage) {
-                try {
-                    window.localStorage.removeItem("base44_access_token");
-                    // Remove "token" that is set by the built-in SDK of platform version 2
-                    window.localStorage.removeItem("token");
-                }
-                catch (e) {
-                    console.error("Failed to remove token from localStorage:", e);
-                }
-            }
-            // Redirect if a URL is provided
+            // Only do the rest if in a browser environment
             if (typeof window !== "undefined") {
-                if (redirectUrl) {
-                    window.location.href = redirectUrl;
-                }
-                else {
-                    window.location.reload();
+                // Remove token from localStorage
+                if (window.localStorage) {
+                    try {
+                        window.localStorage.removeItem("base44_access_token");
+                        // Remove "token" that is set by the built-in SDK of platform version 2
+                        window.localStorage.removeItem("token");
+                    }
+                    catch (e) {
+                        console.error("Failed to remove token from localStorage:", e);
+                    }
                 }
+                // Determine the from_url parameter
+                const fromUrl = redirectUrl || window.location.href;
+                // Redirect to server-side logout endpoint to clear HTTP-only cookies
+                const logoutUrl = `${options.appBaseUrl}/api/apps/auth/logout?from_url=${encodeURIComponent(fromUrl)}`;
+                window.location.href = logoutUrl;
             }
         },
         // Set authentication token

package/dist/modules/auth.types.d.ts

@@ -90,12 +90,14 @@ export interface ResetPasswordParams {
 export interface AuthModuleOptions {
     /** Server URL for API requests. */
     serverUrl: string;
-    /** Optional base URL for the app (used for login redirects). */
-    appBaseUrl?: string;
+    /** Base URL for the app (used for login redirects). */
+    appBaseUrl: string;
 }
 /**
  * Authentication module for managing user authentication and authorization. The module automatically stores tokens in local storage when available and manages authorization headers for API requests.
  *
+ * ## Features
+ *
  * This module provides comprehensive authentication functionality including:
  * - Email/password login and registration
  * - Token management
@@ -104,6 +106,8 @@ export interface AuthModuleOptions {
  * - OTP verification
  * - User invitations
  *
+ * ## Authentication Modes
+ *
  * The auth module is only available in user authentication mode (`base44.auth`).
  */
 export interface AuthModule {
@@ -174,22 +178,41 @@ export interface AuthModule {
     /**
      * Redirects the user to a third-party authentication provider's login page.
      *
-     * Initiates OAuth/SSO login flow with providers like Google, Microsoft, etc. Requires a browser environment and can't be used in the backend.
+     * Initiates an OAuth login flow with one of the built-in providers. Requires a browser environment and can't be used in the backend.
+     *
+     * Supported providers:
+     * - `'google'` - {@link https://developers.google.com/identity/protocols/oauth2 | Google OAuth}. Enabled by default.
+     * - `'microsoft'` - {@link https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow | Microsoft OAuth}. Enable Microsoft in your app's authentication settings before specifying this provider.
+     * - `'facebook'` - {@link https://developers.facebook.com/docs/facebook-login | Facebook Login}. Enable Facebook in your app's authentication settings before using.
+     * - `'apple'` - {@link https://developer.apple.com/sign-in-with-apple/ | Sign in with Apple}. Enable Apple in your app's authentication settings before using this provider.
+     * - `'sso'` - Enterprise SSO. Enable SSO in your app's authentication settings before using this provider.
      *
-     * @param provider - Name of the supported authentication provider (e.g., 'google', 'microsoft').
-     * @param fromUrl - URL to redirect to after successful authentication. Defaults to '/'.
+     * @param provider - The authentication provider to use: `'google'`, `'microsoft'`, `'facebook'`, `'apple'`, or `'sso'`.
+     * @param fromUrl - URL to redirect to after successful authentication. Defaults to `'/'`.
      *
      * @example
      * ```typescript
-     * // Login with Google and return to current page
+     * // Google
      * base44.auth.loginWithProvider('google', window.location.pathname);
      * ```
      *
      * @example
      * ```typescript
-     * // Login with GitHub and redirect to dashboard
+     * // Microsoft
      * base44.auth.loginWithProvider('microsoft', '/dashboard');
      * ```
+     *
+     * @example
+     * ```typescript
+     * // Apple
+     * base44.auth.loginWithProvider('apple', '/dashboard');
+     * ```
+     *
+     * @example
+     * ```typescript
+     * // SSO
+     * base44.auth.loginWithProvider('sso', '/dashboard');
+     * ```
      */
     loginWithProvider(provider: string, fromUrl?: string): void;
     /**

package/dist/modules/connectors.js

@@ -8,8 +8,11 @@
  */
 export function createConnectorsModule(axios, appId) {
     return {
-        // Retrieve an OAuth access token for a specific external integration type
-        // @ts-expect-error Return type mismatch with interface - implementation returns object, interface expects string
+        /**
+         * Retrieve an OAuth access token for a specific external integration type.
+         * @deprecated Use getConnection(integrationType) and use the returned accessToken (and connectionConfig when needed) instead.
+         */
+        // @ts-expect-error Return type mismatch with interface - implementation returns string, interface expects string but implementation is typed as ConnectorAccessTokenResponse
         async getAccessToken(integrationType) {
             if (!integrationType || typeof integrationType !== "string") {
                 throw new Error("Integration type is required and must be a string");
@@ -18,5 +21,17 @@ export function createConnectorsModule(axios, appId) {
             // @ts-expect-error
             return response.access_token;
         },
+        async getConnection(integrationType) {
+            var _a;
+            if (!integrationType || typeof integrationType !== "string") {
+                throw new Error("Integration type is required and must be a string");
+            }
+            const response = await axios.get(`/apps/${appId}/external-auth/tokens/${integrationType}`);
+            const data = response;
+            return {
+                accessToken: data.access_token,
+                connectionConfig: (_a = data.connection_config) !== null && _a !== void 0 ? _a : null,
+            };
+        },
     };
 }

package/dist/modules/connectors.types.d.ts

@@ -1,34 +1,64 @@
 /**
- * The type of external integration/connector, such as `'googlecalendar'`, `'slack'`, or `'github'`.
+ * Registry of connector integration type names. The [`types generate`](/developers/references/cli/commands/types-generate) command fills this registry, then [`ConnectorIntegrationType`](#connectorintegrationtype) resolves to a union of the keys.
  */
-export type ConnectorIntegrationType = string;
+export interface ConnectorIntegrationTypeRegistry {
+}
+/**
+ * Union of all connector integration type names from the [`ConnectorIntegrationTypeRegistry`](#connectorintegrationtyperegistry). Defaults to `string` when no types have been generated.
+ *
+ * @example
+ * ```typescript
+ * // Using generated connector type names
+ * // With generated types, you get autocomplete on integration types
+ * const connection = await base44.asServiceRole.connectors.getConnection('googlecalendar');
+ * const token = connection.accessToken;
+ * ```
+ */
+export type ConnectorIntegrationType = keyof ConnectorIntegrationTypeRegistry extends never ? string : keyof ConnectorIntegrationTypeRegistry;
 /**
  * Response from the connectors access token endpoint.
  */
 export interface ConnectorAccessTokenResponse {
     access_token: string;
+    integration_type: string;
+    connection_config: Record<string, string> | null;
+}
+/**
+ * Camel-cased connection details returned by {@linkcode ConnectorsModule.getConnection | getConnection()}.
+ */
+export interface ConnectorConnectionResponse {
+    /** The OAuth access token for the external service. */
+    accessToken: string;
+    /** Key-value configuration for the connection, or `null` if the connector does not provide one. */
+    connectionConfig: Record<string, string> | null;
 }
 /**
  * Connectors module for managing OAuth tokens for external services.
  *
- * This module allows you to retrieve OAuth access tokens for external services
- * that the app has connected to. Use these tokens to make API
- * calls to external services.
+ * This module allows you to retrieve OAuth access tokens for external services that the app has connected to. Connectors are app-scoped. When an app builder connects an integration like Google Calendar or Slack, all users of the app share that same connection.
  *
  * Unlike the integrations module that provides pre-built functions, connectors give you
  * raw OAuth tokens so you can call external service APIs directly with full control over
  * the API calls you make. This is useful when you need custom API interactions that aren't
  * covered by Base44's pre-built integrations.
  *
+ * ## Authentication Modes
+ *
  * This module is only available to use with a client in service role authentication mode, which means it can only be used in backend environments.
+ *
+ * ## Dynamic Types
+ *
+ * If you're working in a TypeScript project, you can generate types from your app's connector configurations to get autocomplete on integration type names when calling `getConnection()`. See the [Dynamic Types](/developers/references/sdk/getting-started/dynamic-types) guide to get started.
  */
 export interface ConnectorsModule {
     /**
      * Retrieves an OAuth access token for a specific external integration type.
      *
-     * Returns the OAuth token string for an external service that the app
-     * has connected to. You can then use this token to make authenticated API calls
-     * to that external service.
+     * @deprecated Use {@link getConnection} and use the returned `accessToken` (and `connectionConfig` when needed) instead.
+     *
+     * Returns the OAuth token string for an external service that an app builder
+     * has connected to. This token represents the connected app builder's account
+     * and can be used to make authenticated API calls to that external service on behalf of the app.
      *
      * @param integrationType - The type of integration, such as `'googlecalendar'`, `'slack'`, or `'github'`.
      * @returns Promise resolving to the access token string.
@@ -67,4 +97,41 @@ export interface ConnectorsModule {
      * ```
      */
     getAccessToken(integrationType: ConnectorIntegrationType): Promise<string>;
+    /**
+     * Retrieves the OAuth access token and connection configuration for a specific external integration type.
+     *
+     * Returns both the OAuth token and any additional connection configuration
+     * that the connector provides. This is useful when the external service requires
+     * extra parameters beyond the access token (e.g., a shop domain, account ID, or API base URL).
+     *
+     * @param integrationType - The type of integration, such as `'googlecalendar'`, `'slack'`, or `'github'`.
+     * @returns Promise resolving to a {@link ConnectorConnectionResponse} with `accessToken` and `connectionConfig`.
+     *
+     * @example
+     * ```typescript
+     * // Basic usage
+     * const connection = await base44.asServiceRole.connectors.getConnection('googlecalendar');
+     * console.log(connection.accessToken);
+     * console.log(connection.connectionConfig);
+     * ```
+     *
+     * @example
+     * ```typescript
+     * // Shopify: connectionConfig has subdomain (e.g. "my-store" for my-store.myshopify.com)
+     * const connection = await base44.asServiceRole.connectors.getConnection('shopify');
+     * const { accessToken, connectionConfig } = connection;
+     * const shop = connectionConfig?.subdomain
+     *   ? `https://${connectionConfig.subdomain}.myshopify.com`
+     *   : null;
+     *
+     * if (shop) {
+     *   const response = await fetch(
+     *     `${shop}/admin/api/2024-01/products.json?limit=10`,
+     *     { headers: { 'X-Shopify-Access-Token': accessToken } }
+     *   );
+     *   const { products } = await response.json();
+     * }
+     * ```
+     */
+    getConnection(integrationType: ConnectorIntegrationType): Promise<ConnectorConnectionResponse>;
 }

package/dist/modules/custom-integrations.types.d.ts

@@ -1,5 +1,6 @@
 /**
  * Parameters for calling a custom integration endpoint.
+ * @internal
  */
 export interface CustomIntegrationCallParams {
     /**
@@ -7,21 +8,17 @@ export interface CustomIntegrationCallParams {
      */
     payload?: Record<string, any>;
     /**
-     * Path parameters to substitute in the URL (e.g., `{ owner: "user", repo: "repo" }`).
+     * Path parameters to substitute in the URL. For example, `{ owner: "user", repo: "repo" }`.
      */
     pathParams?: Record<string, string>;
     /**
      * Query string parameters to append to the URL.
      */
     queryParams?: Record<string, any>;
-    /**
-     * Additional headers to send with this specific request.
-     * These are merged with the integration's configured headers.
-     */
-    headers?: Record<string, string>;
 }
 /**
  * Response from a custom integration call.
+ * @internal
  */
 export interface CustomIntegrationCallResponse {
     /**
@@ -39,60 +36,17 @@ export interface CustomIntegrationCallResponse {
     data: any;
 }
 /**
- * Module for calling custom workspace-level API integrations.
- *
- * Custom integrations allow workspace administrators to connect any external API
- * by importing an OpenAPI specification. Apps in the workspace can then call
- * these integrations using this module.
- *
- * Unlike the built-in integrations (like `Core`), custom integrations:
- * - Are defined per-workspace by importing OpenAPI specs
- * - Use a slug-based identifier instead of package names
- * - Proxy requests through Base44's backend (credentials never exposed to frontend)
- *
- * @example
- * ```typescript
- * // Call a custom GitHub integration
- * const response = await base44.integrations.custom.call(
- *   "github",        // integration slug (defined by workspace admin)
- *   "listIssues",    // operation ID from the OpenAPI spec
- *   {
- *     pathParams: { owner: "myorg", repo: "myrepo" },
- *     queryParams: { state: "open", per_page: 100 }
- *   }
- * );
+ * Module for calling custom pre-configured API integrations.
  *
- * if (response.success) {
- *   console.log("Issues:", response.data);
- * } else {
- *   console.error("API returned error:", response.status_code);
- * }
- * ```
- *
- * @example
- * ```typescript
- * // Call with request body payload
- * const response = await base44.integrations.custom.call(
- *   "github",
- *   "createIssue",
- *   {
- *     pathParams: { owner: "myorg", repo: "myrepo" },
- *     payload: {
- *       title: "Bug report",
- *       body: "Something is broken",
- *       labels: ["bug"]
- *     }
- *   }
- * );
- * ```
+ * Custom integrations allow workspace administrators to connect any external API by importing an OpenAPI specification. Apps in the workspace can then call these integrations using this module.
  */
 export interface CustomIntegrationsModule {
     /**
      * Call a custom integration endpoint.
      *
-     * @param slug - The integration's unique identifier (slug), as defined by the workspace admin.
-     * @param operationId - The operation ID from the OpenAPI spec (e.g., "listIssues", "getUser").
-     * @param params - Optional parameters including payload, pathParams, queryParams, and headers.
+     * @param slug - The integration's unique identifier, as defined by the workspace admin.
+     * @param operationId - The endpoint in `method:path` format. For example, `"get:/contacts"`, or `"post:/users/{id}"`. The method is the HTTP verb in lowercase and the path matches the OpenAPI specification.
+     * @param params - Optional parameters including payload, pathParams, and queryParams.
      * @returns Promise resolving to the integration call response.
      *
      * @throws {Error} If slug is not provided.
@@ -100,6 +54,36 @@ export interface CustomIntegrationsModule {
      * @throws {Base44Error} If the integration or operation is not found (404).
      * @throws {Base44Error} If the external API call fails (502).
      * @throws {Base44Error} If the request times out (504).
+     *
+     * @example
+     * ```typescript
+     * // Call a custom CRM integration
+     * const response = await base44.integrations.custom.call(
+     *   "my-crm",
+     *   "get:/contacts",
+     *   { queryParams: { limit: 10 } }
+     * );
+     *
+     * if (response.success) {
+     *   console.log("Contacts:", response.data);
+     * }
+     * ```
+     *
+     * @example
+     * ```typescript
+     * // Call with path params and request body
+     * const response = await base44.integrations.custom.call(
+     *   "github",
+     *   "post:/repos/{owner}/{repo}/issues",
+     *   {
+     *     pathParams: { owner: "myorg", repo: "myrepo" },
+     *     payload: {
+     *       title: "Bug report",
+     *       body: "Something is broken"
+     *     }
+     *   }
+     * );
+     * ```
      */
     call(slug: string, operationId: string, params?: CustomIntegrationCallParams): Promise<CustomIntegrationCallResponse>;
 }