@commercengine/storefront-sdk 0.3.1 → 0.3.3

package/dist/index.d.ts

@@ -6,7 +6,7 @@ import { OrderClient } from "./lib/order";
 import { ShippingClient } from "./lib/shipping";
 import { HelpersClient } from "./lib/helper";
 import { CustomerClient } from "./lib/customer";
-import { TokenStorage, MemoryTokenStorage, BrowserTokenStorage, createDefaultAuthMiddleware, createAuthMiddleware, type AuthMiddlewareConfig } from "./lib/middleware";
+import { TokenStorage, MemoryTokenStorage, BrowserTokenStorage } from "./lib/middleware";
 import { type UserInfo } from "./lib/jwt-utils";
 /**
  * SDK initialization options
@@ -25,9 +25,17 @@ export interface StorefrontSDKOptions {
      */
     baseUrl?: string;
     /**
-     * Optional authentication token (for manual token management)
+     * Optional initial access token
+     * - If tokenStorage is provided: Used as initial token value, then managed automatically
+     * - If tokenStorage is not provided: Used for manual token management
      */
-    token?: string;
+    accessToken?: string;
+    /**
+     * Optional initial refresh token
+     * - Only used when tokenStorage is provided
+     * - Allows initialization with both access and refresh tokens
+     */
+    refreshToken?: string;
     /**
      * X-Api-Key for anonymous authentication endpoints
      * Required for initial authentication
@@ -90,13 +98,24 @@ export declare class StorefrontSDK {
      */
     constructor(options: StorefrontSDKOptions);
     /**
-     * Set the authentication token for all clients
+     * Set authentication tokens for all clients
+     *
+     * @param accessToken - The access token (required)
+     * @param refreshToken - The refresh token (optional)
+     *
+     * Behavior:
+     * - If tokenStorage is provided: Stores tokens for automatic management
+     * - If tokenStorage is not provided: Only stores access token for manual management
      */
-    setToken(token: string): Promise<void>;
+    setTokens(accessToken: string, refreshToken?: string): Promise<void>;
     /**
-     * Clear the authentication token from all clients
+     * Clear all authentication tokens from all clients
+     *
+     * Behavior:
+     * - If tokenStorage is provided: Clears both access and refresh tokens from storage
+     * - If tokenStorage is not provided: Clears the manual access token
      */
-    clearToken(): Promise<void>;
+    clearTokens(): Promise<void>;
     /**
      * Set the API key for all clients
      *
@@ -151,7 +170,7 @@ export declare class StorefrontSDK {
 export default StorefrontSDK;
 export { StorefrontAPIClient, AuthClient, CartClient, CatalogClient, CustomerClient, HelpersClient, ShippingClient, OrderClient };
 export { Environment };
-export { TokenStorage, MemoryTokenStorage, BrowserTokenStorage, createDefaultAuthMiddleware, createAuthMiddleware, type AuthMiddlewareConfig };
-export { extractUserInfoFromToken, getUserIdFromToken, isUserLoggedIn, isUserAnonymous, isTokenExpired, type UserInfo, type JwtPayload } from "./lib/jwt-utils";
+export { TokenStorage, MemoryTokenStorage, BrowserTokenStorage };
+export type { UserInfo } from "./lib/jwt-utils";
 export type { components, operations, paths } from "./types/storefront";
 export type * from "./types/storefront-api-types";

package/dist/index.js

@@ -6,8 +6,8 @@ import { OrderClient } from "./lib/order";
 import { ShippingClient } from "./lib/shipping";
 import { HelpersClient } from "./lib/helper";
 import { CustomerClient } from "./lib/customer";
-import { MemoryTokenStorage, BrowserTokenStorage, createDefaultAuthMiddleware, createAuthMiddleware } from "./lib/middleware";
-import { extractUserInfoFromToken, getUserIdFromToken, isUserLoggedIn, isUserAnonymous } from "./lib/jwt-utils";
+import { MemoryTokenStorage, BrowserTokenStorage, } from "./lib/middleware";
+import { extractUserInfoFromToken, getUserIdFromToken, isUserLoggedIn, isUserAnonymous, } from "./lib/jwt-utils";
 /**
  * Main SDK class for the Storefront API
  */
@@ -51,7 +51,8 @@ export class StorefrontSDK {
             storeId: options.storeId,
             environment: options.environment,
             baseUrl: options.baseUrl,
-            token: options.token,
+            accessToken: options.accessToken,
+            refreshToken: options.refreshToken,
             apiKey: options.apiKey,
             timeout: options.timeout,
             tokenStorage: options.tokenStorage,
@@ -67,28 +68,39 @@ export class StorefrontSDK {
         this.order = new OrderClient(config);
     }
     /**
-     * Set the authentication token for all clients
-     */
-    async setToken(token) {
-        await this.catalog.setToken(token);
-        await this.cart.setToken(token);
-        await this.auth.setToken(token);
-        await this.customer.setToken(token);
-        await this.helpers.setToken(token);
-        await this.shipping.setToken(token);
-        await this.order.setToken(token);
+     * Set authentication tokens for all clients
+     *
+     * @param accessToken - The access token (required)
+     * @param refreshToken - The refresh token (optional)
+     *
+     * Behavior:
+     * - If tokenStorage is provided: Stores tokens for automatic management
+     * - If tokenStorage is not provided: Only stores access token for manual management
+     */
+    async setTokens(accessToken, refreshToken) {
+        await this.catalog.setTokens(accessToken, refreshToken);
+        await this.cart.setTokens(accessToken, refreshToken);
+        await this.auth.setTokens(accessToken, refreshToken);
+        await this.customer.setTokens(accessToken, refreshToken);
+        await this.helpers.setTokens(accessToken, refreshToken);
+        await this.shipping.setTokens(accessToken, refreshToken);
+        await this.order.setTokens(accessToken, refreshToken);
     }
     /**
-     * Clear the authentication token from all clients
-     */
-    async clearToken() {
-        await this.catalog.clearToken();
-        await this.cart.clearToken();
-        await this.auth.clearToken();
-        await this.customer.clearToken();
-        await this.helpers.clearToken();
-        await this.shipping.clearToken();
-        await this.order.clearToken();
+     * Clear all authentication tokens from all clients
+     *
+     * Behavior:
+     * - If tokenStorage is provided: Clears both access and refresh tokens from storage
+     * - If tokenStorage is not provided: Clears the manual access token
+     */
+    async clearTokens() {
+        await this.catalog.clearTokens();
+        await this.cart.clearTokens();
+        await this.auth.clearTokens();
+        await this.customer.clearTokens();
+        await this.helpers.clearTokens();
+        await this.shipping.clearTokens();
+        await this.order.clearTokens();
     }
     /**
      * Set the API key for all clients
@@ -191,7 +203,5 @@ export default StorefrontSDK;
 export { StorefrontAPIClient, AuthClient, CartClient, CatalogClient, CustomerClient, HelpersClient, ShippingClient, OrderClient };
 // Export environment enum
 export { Environment };
-// Export token storage types and middleware
-export { MemoryTokenStorage, BrowserTokenStorage, createDefaultAuthMiddleware, createAuthMiddleware };
-// Export JWT utilities
-export { extractUserInfoFromToken, getUserIdFromToken, isUserLoggedIn, isUserAnonymous, isTokenExpired } from "./lib/jwt-utils";
+// Export token storage types
+export { MemoryTokenStorage, BrowserTokenStorage };

package/dist/lib/auth-utils.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Extract pathname from URL
+ */
+export declare function getPathnameFromUrl(url: string): string;
+/**
+ * Check if a URL path is an auth endpoint that should use API key
+ */
+export declare function isAnonymousAuthEndpoint(pathname: string): boolean;
+/**
+ * Check if a URL path is a login/register endpoint that returns tokens
+ */
+export declare function isTokenReturningEndpoint(pathname: string): boolean;
+/**
+ * Check if a URL path is the logout endpoint
+ */
+export declare function isLogoutEndpoint(pathname: string): boolean;

package/dist/lib/auth-utils.js

@@ -0,0 +1,38 @@
+/**
+ * Extract pathname from URL
+ */
+export function getPathnameFromUrl(url) {
+    try {
+        const urlObj = new URL(url);
+        return urlObj.pathname;
+    }
+    catch {
+        // If URL parsing fails, assume it's a relative path
+        return url.split('?')[0];
+    }
+}
+/**
+ * Check if a URL path is an auth endpoint that should use API key
+ */
+export function isAnonymousAuthEndpoint(pathname) {
+    return pathname.endsWith("/auth/anonymous");
+}
+/**
+ * Check if a URL path is a login/register endpoint that returns tokens
+ */
+export function isTokenReturningEndpoint(pathname) {
+    const tokenEndpoints = [
+        "/auth/login/password",
+        "/auth/register/phone",
+        "/auth/register/email",
+        "/auth/verify-otp",
+        "/auth/refresh-token"
+    ];
+    return tokenEndpoints.some(endpoint => pathname.endsWith(endpoint));
+}
+/**
+ * Check if a URL path is the logout endpoint
+ */
+export function isLogoutEndpoint(pathname) {
+    return pathname.endsWith("/auth/logout");
+}

package/dist/lib/auth.d.ts

@@ -1,10 +1,9 @@
-import { StorefrontAPIClient, StorefrontAPIConfig } from "./client";
-import { AddProfileImageContent, AddProfileImageFormData, AddProfileImagePathParams, ApiResult, ChangePasswordBody, ChangePasswordContent, CheckVerificationStatusBody, CheckVerificationStatusContent, CreateNotificationPreferencesBody, CreateNotificationPreferencesContent, CreateNotificationPreferencesPathParams, DeactivateUserPathParams, DeactivateUserResponse, ForgotPasswordBody, ForgotPasswordContent, GenerateOtpBody, GenerateOtpContent, GetAnonymousTokenContent, GetNotificationPreferencesContent, GetNotificationPreferencesPathParams, GetProfileImageContent, GetProfileImagePathParams, GetUserDetailContent, GetUserDetailPathParams, LoginWithEmailBody, LoginWithEmailContent, LoginWithPasswordBody, LoginWithPasswordContent, LoginWithPhoneBody, LoginWithPhoneContent, LoginWithWhatsappBody, LoginWithWhatsappContent, LogoutContent, RefreshTokenBody, RefreshTokenContent, RegisterWithEmailBody, RegisterWithEmailContent, RegisterWithPhoneBody, RegisterWithPhoneContent, RemoveProfileImagePathParams, RemoveProfileImageResponse, ResetPasswordBody, ResetPasswordContent, UpdateNotificationPreferencesBody, UpdateNotificationPreferencesContent, UpdateNotificationPreferencesPathParams, UpdateProfileImageContent, UpdateProfileImageFormData, UpdateProfileImagePathParams, UpdateUserBody, UpdateUserContent, UpdateUserPathParams, VerifyOtpBody, VerifyOtpContent } from "../types/storefront-api-types";
+import { StorefrontAPIClient } from "./client";
+import type { AddProfileImageContent, AddProfileImageFormData, AddProfileImagePathParams, ApiResult, ChangePasswordBody, ChangePasswordContent, CheckVerificationStatusBody, CheckVerificationStatusContent, CreateNotificationPreferencesBody, CreateNotificationPreferencesContent, CreateNotificationPreferencesPathParams, DeactivateUserPathParams, DeactivateUserResponse, ForgotPasswordBody, ForgotPasswordContent, GenerateOtpBody, GenerateOtpContent, GetAnonymousTokenContent, GetNotificationPreferencesContent, GetNotificationPreferencesPathParams, GetProfileImageContent, GetProfileImagePathParams, GetUserDetailContent, GetUserDetailPathParams, LoginWithEmailBody, LoginWithEmailContent, LoginWithPasswordBody, LoginWithPasswordContent, LoginWithPhoneBody, LoginWithPhoneContent, LoginWithWhatsappBody, LoginWithWhatsappContent, LogoutContent, RefreshTokenBody, RefreshTokenContent, RegisterWithEmailBody, RegisterWithEmailContent, RegisterWithPhoneBody, RegisterWithPhoneContent, RemoveProfileImagePathParams, RemoveProfileImageResponse, ResetPasswordBody, ResetPasswordContent, UpdateNotificationPreferencesBody, UpdateNotificationPreferencesContent, UpdateNotificationPreferencesPathParams, UpdateProfileImageContent, UpdateProfileImageFormData, UpdateProfileImagePathParams, UpdateUserBody, UpdateUserContent, UpdateUserPathParams, VerifyOtpBody, VerifyOtpContent } from "../types/storefront-api-types";
 /**
  * Client for interacting with authentication endpoints
  */
 export declare class AuthClient extends StorefrontAPIClient {
-    constructor(config: StorefrontAPIConfig);
     /**
      * Get anonymous token for guest users
      */

package/dist/lib/auth.js

@@ -3,9 +3,6 @@ import { StorefrontAPIClient } from "./client";
  * Client for interacting with authentication endpoints
  */
 export class AuthClient extends StorefrontAPIClient {
-    constructor(config) {
-        super(config);
-    }
     /**
      * Get anonymous token for guest users
      */

package/dist/lib/cart.d.ts

@@ -1,6 +1,5 @@
 import { StorefrontAPIClient } from "./client";
-import { AddToWishlistBody, AddToWishlistContent, AddToWishlistPathParams, ApiResult, ApplyCouponBody, ApplyCouponContent, ApplyCouponPathParams, CreateCartAddressBody, CreateCartAddressContent, CreateCartAddressPathParams, CreateCartBody, DeleteCartPathParams, DeleteCartResponse, DeleteFromWishlistBody, DeleteFromWishlistContent, DeleteFromWishlistPathParams, DeleteUserCartPathParams, DeleteUserCartResponse, GetCartContent, GetCartPathParams, GetUserCartContent, GetUserCartPathParams, GetWishlistContent, GetWishlistPathParams, RedeemCreditBalanceBody, RedeemCreditBalanceContent, RedeemCreditBalancePathParams, RedeemGiftCardBody, RedeemGiftCardContent, RedeemGiftCardPathParams, RedeemLoyaltyPointsBody, RedeemLoyaltyPointsContent, RedeemLoyaltyPointsPathParams, RemoveCouponContent, RemoveCouponPathParams, RemoveCreditBalanceContent, RemoveCreditBalancePathParams, RemoveGiftCardContent, RemoveGiftCardPathParams, RemoveLoyaltyPointsContent, RemoveLoyaltyPointsPathParams, UpdateCartBody, UpdateCartContent, UpdateCartPathParams, UpdateShippingMethodBody, UpdateShippingMethodContent, UpdateShippingMethodPathParams } from "../types/storefront-api-types";
-import { CreateCartContent } from "../types/storefront-api-types";
+import type { AddToWishlistBody, AddToWishlistContent, AddToWishlistPathParams, ApiResult, ApplyCouponBody, ApplyCouponContent, ApplyCouponPathParams, CreateCartContent, CreateCartAddressBody, CreateCartAddressContent, CreateCartAddressPathParams, CreateCartBody, DeleteCartPathParams, DeleteCartResponse, DeleteFromWishlistBody, DeleteFromWishlistContent, DeleteFromWishlistPathParams, DeleteUserCartPathParams, DeleteUserCartResponse, GetCartContent, GetCartPathParams, GetUserCartContent, GetUserCartPathParams, GetWishlistContent, GetWishlistPathParams, RedeemCreditBalanceBody, RedeemCreditBalanceContent, RedeemCreditBalancePathParams, RedeemGiftCardBody, RedeemGiftCardContent, RedeemGiftCardPathParams, RedeemLoyaltyPointsBody, RedeemLoyaltyPointsContent, RedeemLoyaltyPointsPathParams, RemoveCouponContent, RemoveCouponPathParams, RemoveCreditBalanceContent, RemoveCreditBalancePathParams, RemoveGiftCardContent, RemoveGiftCardPathParams, RemoveLoyaltyPointsContent, RemoveLoyaltyPointsPathParams, UpdateCartBody, UpdateCartContent, UpdateCartPathParams, UpdateShippingMethodBody, UpdateShippingMethodContent, UpdateShippingMethodPathParams } from "../types/storefront-api-types";
 /**
  * Client for interacting with cart endpoints
  */

package/dist/lib/client.d.ts

@@ -1,7 +1,7 @@
 import createClient from "openapi-fetch";
 import type { paths } from "../types/storefront";
 import { ApiErrorResponse, ApiResult } from "../types/storefront-api-types";
-import { type TokenStorage } from "./middleware";
+import type { StorefrontSDKOptions } from "../index";
 /**
  * Available API environments
  */
@@ -15,62 +15,19 @@ export declare enum Environment {
      */
     Production = "production"
 }
-/**
- * Configuration options for the StorefrontAPI client
- */
-export interface StorefrontAPIConfig {
-    /**
-     * The store ID to use for API requests
-     */
-    storeId: string;
-    /**
-     * The environment to use (staging or production)
-     */
-    environment?: Environment;
-    /**
-     * Custom base URL (overrides environment-based URL if provided)
-     */
-    baseUrl?: string;
-    /**
-     * Optional authentication token (for manual token management)
-     */
-    token?: string;
-    /**
-     * X-Api-Key for anonymous authentication endpoints
-     * Required for initial authentication
-     */
-    apiKey?: string;
-    /**
-     * Optional timeout in milliseconds
-     */
-    timeout?: number;
-    /**
-     * Optional token storage for automatic token management
-     * If provided, enables automatic token refresh and management via middleware
-     */
-    tokenStorage?: TokenStorage;
-    /**
-     * Callback when tokens are updated (login/refresh)
-     */
-    onTokensUpdated?: (accessToken: string, refreshToken: string) => void;
-    /**
-     * Callback when tokens are cleared (logout/error)
-     */
-    onTokensCleared?: () => void;
-}
 /**
  * Base API client for Storefront API
  */
 export declare class StorefrontAPIClient {
     protected client: ReturnType<typeof createClient<paths>>;
-    protected config: StorefrontAPIConfig;
+    protected config: StorefrontSDKOptions;
     private readonly baseUrl;
     /**
      * Create a new StorefrontAPIClient
      *
      * @param config - Configuration for the API client
      */
-    constructor(config: StorefrontAPIConfig);
+    constructor(config: StorefrontSDKOptions);
     /**
      * Set up timeout middleware
      */
@@ -97,16 +54,24 @@ export declare class StorefrontAPIClient {
      */
     getAuthorizationHeader(): Promise<string>;
     /**
-     * Set the authentication token
-     * If using token storage, stores the token; otherwise sets manual token
+     * Set authentication tokens
+     *
+     * @param accessToken - The access token (required)
+     * @param refreshToken - The refresh token (optional)
      *
-     * @param token - The authentication token
+     * Behavior:
+     * - If tokenStorage is provided: Stores tokens for automatic management
+     * - If tokenStorage is not provided: Only stores access token for manual management
      */
-    setToken(token: string): Promise<void>;
+    setTokens(accessToken: string, refreshToken?: string): Promise<void>;
     /**
-     * Clear the authentication token
+     * Clear all authentication tokens
+     *
+     * Behavior:
+     * - If tokenStorage is provided: Clears both access and refresh tokens from storage
+     * - If tokenStorage is not provided: Clears the manual access token
      */
-    clearToken(): Promise<void>;
+    clearTokens(): Promise<void>;
     /**
      * Set the X-Api-Key header
      *
@@ -117,13 +82,6 @@ export declare class StorefrontAPIClient {
      * Clear the X-Api-Key header
      */
     clearApiKey(): void;
-    /**
-     * Handle API errors
-     *
-     * @param error - Error object from OpenAPI-Fetch
-     * @throws Rethrows the error with additional context
-     */
-    protected handleError(error: any): Promise<never>;
     /**
      * Execute a request and handle the response
      *

package/dist/lib/client.js

@@ -1,5 +1,6 @@
 import createClient from "openapi-fetch";
 import { createDefaultAuthMiddleware } from "./middleware";
+import { getPathnameFromUrl, isAnonymousAuthEndpoint } from "./auth-utils";
 /**
  * Available API environments
  */
@@ -43,6 +44,45 @@ export class StorefrontAPIClient {
                 onTokensCleared: this.config.onTokensCleared,
             });
             this.client.use(authMiddleware);
+            // If initial tokens were provided, store them in tokenStorage
+            if (this.config.accessToken) {
+                this.config.tokenStorage.setAccessToken(this.config.accessToken).catch(error => {
+                    console.warn('Failed to set initial access token in storage:', error);
+                });
+                // Clear the manual token since we're using storage
+                this.config.accessToken = undefined;
+            }
+            if (this.config.refreshToken) {
+                this.config.tokenStorage.setRefreshToken(this.config.refreshToken).catch(error => {
+                    console.warn('Failed to set initial refresh token in storage:', error);
+                });
+                // Clear the manual refresh token since we're using storage
+                this.config.refreshToken = undefined;
+            }
+        }
+        else {
+            // For manual token management, add simple header injection middleware
+            this.client.use({
+                onRequest: async ({ request }) => {
+                    const pathname = getPathnameFromUrl(request.url);
+                    // Handle anonymous auth endpoint - use API key
+                    if (isAnonymousAuthEndpoint(pathname)) {
+                        if (this.config.apiKey) {
+                            request.headers.set("X-Api-Key", this.config.apiKey);
+                        }
+                        // Also send existing access token if available for continuity
+                        if (this.config.accessToken) {
+                            request.headers.set("Authorization", `Bearer ${this.config.accessToken}`);
+                        }
+                        return request;
+                    }
+                    // For all other endpoints, use access token
+                    if (this.config.accessToken) {
+                        request.headers.set("Authorization", `Bearer ${this.config.accessToken}`);
+                    }
+                    return request;
+                },
+            });
         }
         // Set up timeout middleware if configured
         if (this.config.timeout) {
@@ -113,31 +153,47 @@ export class StorefrontAPIClient {
             const token = await this.config.tokenStorage.getAccessToken();
             return token ? `Bearer ${token}` : "";
         }
-        return this.config.token ? `Bearer ${this.config.token}` : "";
+        return this.config.accessToken ? `Bearer ${this.config.accessToken}` : "";
     }
     /**
-     * Set the authentication token
-     * If using token storage, stores the token; otherwise sets manual token
+     * Set authentication tokens
+     *
+     * @param accessToken - The access token (required)
+     * @param refreshToken - The refresh token (optional)
      *
-     * @param token - The authentication token
+     * Behavior:
+     * - If tokenStorage is provided: Stores tokens for automatic management
+     * - If tokenStorage is not provided: Only stores access token for manual management
      */
-    async setToken(token) {
+    async setTokens(accessToken, refreshToken) {
         if (this.config.tokenStorage) {
-            await this.config.tokenStorage.setAccessToken(token);
+            // Automatic token management
+            await this.config.tokenStorage.setAccessToken(accessToken);
+            if (refreshToken) {
+                await this.config.tokenStorage.setRefreshToken(refreshToken);
+            }
         }
         else {
-            this.config.token = token;
+            // Manual token management - only access token
+            this.config.accessToken = accessToken;
+            if (refreshToken) {
+                console.warn("Refresh token provided but ignored in manual token management mode. Use tokenStorage for automatic management.");
+            }
         }
     }
     /**
-     * Clear the authentication token
+     * Clear all authentication tokens
+     *
+     * Behavior:
+     * - If tokenStorage is provided: Clears both access and refresh tokens from storage
+     * - If tokenStorage is not provided: Clears the manual access token
      */
-    async clearToken() {
+    async clearTokens() {
         if (this.config.tokenStorage) {
             await this.config.tokenStorage.clearTokens();
         }
         else {
-            this.config.token = undefined;
+            this.config.accessToken = undefined;
         }
     }
     /**
@@ -154,30 +210,6 @@ export class StorefrontAPIClient {
     clearApiKey() {
         this.config.apiKey = undefined;
     }
-    /**
-     * Handle API errors
-     *
-     * @param error - Error object from OpenAPI-Fetch
-     * @throws Rethrows the error with additional context
-     */
-    async handleError(error) {
-        // Extract status code and error data from OpenAPI-Fetch error response
-        const statusCode = error.status || (error.response?.status ? error.response.status : 500);
-        const errorData = error.data ||
-            error.response?.data || { message: error.message || "Unknown error" };
-        if (statusCode === 401) {
-            throw new Error("Unauthorized: Please check your authentication token");
-        }
-        else if (statusCode === 404) {
-            throw new Error("Resource not found");
-        }
-        else if (errorData?.message) {
-            throw new Error(`API Error (${statusCode}): ${errorData.message}`);
-        }
-        else {
-            throw new Error(`API Error (${statusCode})`);
-        }
-    }
     /**
      * Execute a request and handle the response
      *

package/dist/lib/customer.d.ts

@@ -1,13 +1,9 @@
-import { CreateAddressBody, CreateAddressContent, CreateAddressPathParams, CreateCustomerContent, DeleteAddressPathParams, DeleteAddressResponse, GetAddressDetailContent, GetAddressDetailPathParams, GetCustomerDetailContent, GetCustomerDetailPathParams, GetLoyaltyDetailsContent, GetLoyaltyDetailsPathParams, ListAddressesContent, ListAddressesPathParams, ListLoyaltyActivitiesContent, ListLoyaltyActivitiesPathParams, ListUserReviewsContent, ListUserReviewsPathParams, UpdateAddressDetailBody, UpdateAddressDetailContent, UpdateAddressDetailPathParams, UpdateCustomerBody, UpdateCustomerContent, UpdateCustomerPathParams } from "../types/storefront-api-types";
-import { CreateCustomerBody } from "../types/storefront-api-types";
-import { ApiResult } from "../types/storefront-api-types";
+import type { ApiResult, CreateCustomerBody, CreateAddressBody, CreateAddressContent, CreateAddressPathParams, CreateCustomerContent, DeleteAddressPathParams, DeleteAddressResponse, GetAddressDetailContent, GetAddressDetailPathParams, GetCustomerDetailContent, GetCustomerDetailPathParams, GetLoyaltyDetailsContent, GetLoyaltyDetailsPathParams, ListAddressesContent, ListAddressesPathParams, ListLoyaltyActivitiesContent, ListLoyaltyActivitiesPathParams, ListUserReviewsContent, ListUserReviewsPathParams, UpdateAddressDetailBody, UpdateAddressDetailContent, UpdateAddressDetailPathParams, UpdateCustomerBody, UpdateCustomerContent, UpdateCustomerPathParams } from "../types/storefront-api-types";
 import { StorefrontAPIClient } from "./client";
-import { StorefrontAPIConfig } from "./client";
 /**
  * Client for interacting with customer endpoints
  */
 export declare class CustomerClient extends StorefrontAPIClient {
-    constructor(config: StorefrontAPIConfig);
     /**
      * Create a customer
      *

package/dist/lib/customer.js

@@ -3,9 +3,6 @@ import { StorefrontAPIClient } from "./client";
  * Client for interacting with customer endpoints
  */
 export class CustomerClient extends StorefrontAPIClient {
-    constructor(config) {
-        super(config);
-    }
     /**
      * Create a customer
      *

package/dist/lib/helper.d.ts

@@ -1,10 +1,9 @@
-import { ApiResult, ListCountriesContent, ListCountryPincodesContent, ListCountryPincodesPathParams, ListCountryStatesContent, ListCountryStatesPathParams } from "../types/storefront-api-types";
-import { StorefrontAPIClient, StorefrontAPIConfig } from "./client";
+import type { ApiResult, ListCountriesContent, ListCountryPincodesContent, ListCountryPincodesPathParams, ListCountryStatesContent, ListCountryStatesPathParams } from "../types/storefront-api-types";
+import { StorefrontAPIClient } from "./client";
 /**
  * Client for interacting with helper endpoints
  */
 export declare class HelpersClient extends StorefrontAPIClient {
-    constructor(config: StorefrontAPIConfig);
     /**
      * Get a list of countries
      *

package/dist/lib/helper.js

@@ -3,9 +3,6 @@ import { StorefrontAPIClient } from "./client";
  * Client for interacting with helper endpoints
  */
 export class HelpersClient extends StorefrontAPIClient {
-    constructor(config) {
-        super(config);
-    }
     /**
      * Get a list of countries
      *

package/dist/lib/middleware.js

@@ -1,4 +1,5 @@
 import { isTokenExpired } from "./jwt-utils";
+import { getPathnameFromUrl, isAnonymousAuthEndpoint, isTokenReturningEndpoint, isLogoutEndpoint } from "./auth-utils";
 /**
  * Simple in-memory token storage implementation
  */
@@ -59,44 +60,6 @@ export class BrowserTokenStorage {
         }
     }
 }
-/**
- * Check if a URL path is an auth endpoint that should use API key
- */
-function isAnonymousAuthEndpoint(pathname) {
-    return pathname.endsWith("/auth/anonymous");
-}
-/**
- * Check if a URL path is a login/register endpoint that returns tokens
- */
-function isTokenReturningEndpoint(pathname) {
-    const tokenEndpoints = [
-        "/auth/login/password",
-        "/auth/register/phone",
-        "/auth/register/email",
-        "/auth/verify-otp",
-        "/auth/refresh-token"
-    ];
-    return tokenEndpoints.some(endpoint => pathname.endsWith(endpoint));
-}
-/**
- * Check if a URL path is the logout endpoint
- */
-function isLogoutEndpoint(pathname) {
-    return pathname.endsWith("/auth/logout");
-}
-/**
- * Extract pathname from URL
- */
-function getPathnameFromUrl(url) {
-    try {
-        const urlObj = new URL(url);
-        return urlObj.pathname;
-    }
-    catch {
-        // If URL parsing fails, assume it's a relative path
-        return url.split('?')[0];
-    }
-}
 /**
  * Create authentication middleware for openapi-fetch
  */
@@ -111,28 +74,56 @@ export function createAuthMiddleware(config) {
         refreshPromise = (async () => {
             try {
                 const refreshToken = await config.tokenStorage.getRefreshToken();
-                if (!refreshToken) {
-                    throw new Error("No refresh token available");
-                }
                 let newTokens;
-                if (config.refreshTokenFn) {
-                    // Use provided refresh function
-                    newTokens = await config.refreshTokenFn(refreshToken);
+                if (refreshToken && !isTokenExpired(refreshToken)) {
+                    // Try normal refresh token flow first (only if refresh token is not expired)
+                    if (config.refreshTokenFn) {
+                        // Use provided refresh function
+                        newTokens = await config.refreshTokenFn(refreshToken);
+                    }
+                    else {
+                        // Default refresh implementation
+                        const response = await fetch(`${config.baseUrl}/auth/refresh-token`, {
+                            method: "POST",
+                            headers: {
+                                "Content-Type": "application/json",
+                            },
+                            body: JSON.stringify({ refresh_token: refreshToken }),
+                        });
+                        if (!response.ok) {
+                            throw new Error(`Token refresh failed: ${response.status}`);
+                        }
+                        const data = await response.json();
+                        newTokens = data.content;
+                    }
                 }
                 else {
-                    // Default refresh implementation
-                    const response = await fetch(`${config.baseUrl}/auth/refresh-token`, {
+                    // No refresh token available OR refresh token is expired - try anonymous token fallback
+                    // This handles cases where:
+                    // 1. SDK was initialized with just an access token
+                    // 2. Refresh token has expired
+                    const currentAccessToken = await config.tokenStorage.getAccessToken();
+                    if (!currentAccessToken) {
+                        throw new Error("No tokens available for refresh");
+                    }
+                    const reason = refreshToken
+                        ? "refresh token expired"
+                        : "no refresh token available";
+                    // Get new anonymous tokens while preserving user_id
+                    const response = await fetch(`${config.baseUrl}/auth/anonymous`, {
                         method: "POST",
                         headers: {
                             "Content-Type": "application/json",
+                            ...(config.apiKey && { "X-Api-Key": config.apiKey }),
+                            "Authorization": `Bearer ${currentAccessToken}`, // For user_id continuity
                         },
-                        body: JSON.stringify({ refresh_token: refreshToken }),
                     });
                     if (!response.ok) {
-                        throw new Error(`Token refresh failed: ${response.status}`);
+                        throw new Error(`Anonymous token fallback failed: ${response.status}`);
                     }
                     const data = await response.json();
                     newTokens = data.content;
+                    console.info(`Token refreshed via anonymous fallback (${reason}) - user may need to re-authenticate for privileged operations`);
                 }
                 // Store new tokens
                 await config.tokenStorage.setAccessToken(newTokens.access_token);

package/dist/lib/order.d.ts

@@ -1,10 +1,9 @@
-import { ApiResult, CancelOrderBody, CancelOrderContent, CancelOrderPathParams, CreateOrderBody, CreateOrderContent, GetOrderDetailContent, GetOrderDetailPathParams, GetPaymentStatusContent, ListOrderPaymentsContent, ListOrderPaymentsPathParams, ListOrderRefundsContent, ListOrderRefundsPathParams, ListOrdersContent, ListOrderShipmentsContent, ListOrderShipmentsPathParams, ListOrdersQuery, RetryOrderPaymentBody, RetryOrderPaymentContent, RetryOrderPaymentPathParams } from "../types/storefront-api-types";
-import { StorefrontAPIClient, StorefrontAPIConfig } from "./client";
+import type { ApiResult, CancelOrderBody, CancelOrderContent, CancelOrderPathParams, CreateOrderBody, CreateOrderContent, GetOrderDetailContent, GetOrderDetailPathParams, GetPaymentStatusContent, ListOrderPaymentsContent, ListOrderPaymentsPathParams, ListOrderRefundsContent, ListOrderRefundsPathParams, ListOrdersContent, ListOrderShipmentsContent, ListOrderShipmentsPathParams, ListOrdersQuery, RetryOrderPaymentBody, RetryOrderPaymentContent, RetryOrderPaymentPathParams } from "../types/storefront-api-types";
+import { StorefrontAPIClient } from "./client";
 /**
  * Client for interacting with order endpoints
  */
 export declare class OrderClient extends StorefrontAPIClient {
-    constructor(config: StorefrontAPIConfig);
     /**
      * Get order details
      *

package/dist/lib/order.js

@@ -3,9 +3,6 @@ import { StorefrontAPIClient } from "./client";
  * Client for interacting with order endpoints
  */
 export class OrderClient extends StorefrontAPIClient {
-    constructor(config) {
-        super(config);
-    }
     /**
      * Get order details
      *

package/dist/lib/shipping.d.ts

@@ -1,10 +1,9 @@
-import { ApiResult, ShippingMethodsBody, ShippingMethodsContent } from "../types/storefront-api-types";
-import { StorefrontAPIClient, StorefrontAPIConfig } from "./client";
+import type { ApiResult, CheckDeliveryAvailabilityPathParams, CheckDeliveryAvailabilityResponse, ShippingMethodsBody, ShippingMethodsContent } from "../types/storefront-api-types";
+import { StorefrontAPIClient } from "./client";
 /**
  * Client for interacting with shipping endpoints
  */
 export declare class ShippingClient extends StorefrontAPIClient {
-    constructor(config: StorefrontAPIConfig);
     /**
      * Get shipping options for an order
      *
@@ -12,4 +11,11 @@ export declare class ShippingClient extends StorefrontAPIClient {
      * @returns Promise with shipping options
      */
     getShippingMethods(body: ShippingMethodsBody): Promise<ApiResult<ShippingMethodsContent>>;
+    /**
+     * Check pincode deliverability
+     *
+     * @param pathParams - Path parameters
+     * @returns Promise with pincode deliverability result
+     */
+    checkPincodeDeliverability(pathParams: CheckDeliveryAvailabilityPathParams): Promise<ApiResult<CheckDeliveryAvailabilityResponse>>;
 }

package/dist/lib/shipping.js

@@ -3,9 +3,6 @@ import { StorefrontAPIClient } from "./client";
  * Client for interacting with shipping endpoints
  */
 export class ShippingClient extends StorefrontAPIClient {
-    constructor(config) {
-        super(config);
-    }
     /**
      * Get shipping options for an order
      *
@@ -17,4 +14,17 @@ export class ShippingClient extends StorefrontAPIClient {
             body: body,
         }));
     }
+    /**
+     * Check pincode deliverability
+     *
+     * @param pathParams - Path parameters
+     * @returns Promise with pincode deliverability result
+     */
+    async checkPincodeDeliverability(pathParams) {
+        return this.executeRequest(() => this.client.GET("/shipment/pincode-serviceability/{pincode}", {
+            params: {
+                path: pathParams,
+            },
+        }));
+    }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@commercengine/storefront-sdk",
-  "version": "0.3.1",
+  "version": "0.3.3",
   "description": "TypeScript SDK for the Storefront API",
   "type": "module",
   "main": "dist/index.js",