npm - @flexbe/sdk - Versions diffs - 0.2.29 → 0.2.31 - Mend

@flexbe/sdk 0.2.29 → 0.2.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/dist/browser/client/api-client.js +28 -5
package/dist/browser/client/client.js +6 -5
package/dist/browser/client/token-manager.js +73 -180
package/dist/cjs/client/api-client.js +25 -4
package/dist/cjs/client/client.js +8 -4
package/dist/cjs/client/token-manager.js +68 -179
package/dist/esm/client/api-client.js +26 -5
package/dist/esm/client/client.js +8 -4
package/dist/esm/client/token-manager.js +68 -179
package/dist/types/client/api-client.d.ts +2 -1
package/dist/types/client/token-manager.d.ts +5 -16
package/dist/types/types/index.d.ts +3 -0
package/package.json +2 -4

package/dist/browser/client/api-client.js CHANGED Viewed

@@ -7,12 +7,32 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-import { NotFoundException, ForbiddenException, BadRequestException, UnauthorizedException, ServerException, TimeoutException } from '../types';
-import { FlexbeAuth } from './auth';
+import { NotFoundException, ForbiddenException, BadRequestException, UnauthorizedException, ServerException, TimeoutException, FlexbeAuthType } from '../types';
+import { TokenManager } from './token-manager';
 export class ApiClient {
     constructor(config) {
         this.config = config;
-        this.auth = new FlexbeAuth(config);
+        this.tokenManager = TokenManager.getInstance();
+        if (this.config.authType === FlexbeAuthType.BEARER) {
+            // Start initialization but don't wait for it
+            void this.tokenManager.getToken(); // just warm up the token manager before any request
+        }
+    }
+    getAuthHeaders() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const headers = {};
+            if (this.config.authType === FlexbeAuthType.API_KEY) {
+                headers['x-api-key'] = this.config.apiKey;
+            }
+            else if (this.config.authType === FlexbeAuthType.BEARER) {
+                const token = yield this.tokenManager.getToken();
+                if (!token) {
+                    throw new Error('No valid bearer token available');
+                }
+                headers['Authorization'] = `Bearer ${token}`;
+            }
+            return headers;
+        });
     }
     buildUrl(path, params) {
         const searchParams = new URLSearchParams();
@@ -27,12 +47,12 @@ export class ApiClient {
     }
     request(config) {
         return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b;
             try {
-                yield this.auth.ensureInitialized();
                 const controller = new AbortController();
                 const timeoutId = setTimeout(() => controller.abort(), this.config.timeout);
                 const url = this.buildUrl(config.url, config.params);
-                const headers = Object.assign(Object.assign({}, (yield this.auth.getAuthHeaders())), config.headers);
+                const headers = Object.assign(Object.assign({ 'Content-Type': 'application/json' }, (yield this.getAuthHeaders())), config.headers);
                 const response = yield fetch(this.config.baseUrl + url, Object.assign(Object.assign({}, config), { headers, signal: controller.signal }));
                 clearTimeout(timeoutId);
                 if (!response.ok) {
@@ -81,6 +101,9 @@ export class ApiClient {
                 };
             }
             catch (error) {
+                if (error instanceof UnauthorizedException) {
+                    (_b = (_a = this.config.hooks) === null || _a === void 0 ? void 0 : _a.onUnauthorized) === null || _b === void 0 ? void 0 : _b.call(_a);
+                }
                 if (error instanceof Error && error.name === 'AbortError') {
                     throw new TimeoutException('Request timeout');
                 }

package/dist/browser/client/client.js CHANGED Viewed

@@ -21,12 +21,13 @@ export class FlexbeClient {
             }
             return undefined;
         };
-        this.config = {
-            baseUrl: (config === null || config === void 0 ? void 0 : config.baseUrl) || getEnvVar('FLEXBE_API_URL') || 'https://api.flexbe.com',
-            timeout: (config === null || config === void 0 ? void 0 : config.timeout) || 30000,
-            apiKey: (config === null || config === void 0 ? void 0 : config.apiKey) || getEnvVar('FLEXBE_API_KEY') || '',
-            authType: (config === null || config === void 0 ? void 0 : config.authType) || FlexbeAuthType.API_KEY,
+        const defaultConfig = {
+            baseUrl: getEnvVar('FLEXBE_API_URL') || 'https://api.flexbe.com',
+            timeout: 30000,
+            apiKey: getEnvVar('FLEXBE_API_KEY') || '',
+            authType: FlexbeAuthType.API_KEY,
         };
+        this.config = Object.assign(Object.assign({}, defaultConfig), config);
         if (this.config.authType === 'apiKey' && !this.config.apiKey) {
             throw new Error('API key is required when using apiKey authentication. Please provide it either through config or FLEXBE_API_KEY environment variable.');
         }

package/dist/browser/client/token-manager.js CHANGED Viewed

@@ -7,105 +7,84 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-const TOKEN_STORAGE_KEY = 'flexbe_jwt_token';
-const REFRESH_THRESHOLD = 0.8; // Refresh when 80% of token lifetime has passed
-const REFRESH_CHECK_INTERVAL = 30 * 1000; // Check every 30 seconds
-const MAX_REFRESH_DELAY = 10000; // Maximum random delay of 10 seconds
+import { UnauthorizedException } from '../types';
+const TOKEN_STORAGE_KEY = 'flexbe_jwt';
+const TOKEN_REFRESH_THRESHOLD = 5 * 60 * 1000; // update token 5 minutes before expiration
 export class TokenManager {
     constructor() {
-        this.token = null;
-        this.refreshInterval = null;
-        this.refreshTimeout = null;
         this.tokenPromise = null;
-        this.debug = false;
-        this.initializeFromStorage();
-        this.setupStorageListener();
     }
     static getInstance() {
         if (!TokenManager.instance) {
             TokenManager.instance = new TokenManager();
         }
+        if (typeof window !== 'undefined') {
+            // Clean up old token storage place
+            // TODO remove this after June 1, 2025
+            localStorage.removeItem('flexbe_jwt_token');
+            ;
+        }
         return TokenManager.instance;
     }
-    initializeFromStorage() {
-        if (typeof window === 'undefined')
-            return;
-        const storedToken = localStorage.getItem(TOKEN_STORAGE_KEY);
-        if (!storedToken)
-            return;
-        try {
-            this.token = JSON.parse(storedToken);
-            if (this.token.expiresAt > Date.now()) {
-                this.logTokenStatus('Token loaded from storage');
-                this.startRefreshInterval();
-            }
-            else {
-                this.clearToken();
+    getToken() {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            const token = this.getStoredToken();
+            if (token && token.expiresAt > Date.now()) {
+                // TODO check if token expire less that 1 minute
+                // if so, retrieve a new token
+                if (token.expiresAt - Date.now() < TOKEN_REFRESH_THRESHOLD) {
+                    void this.retrieveToken();
+                }
+                return token.accessToken;
             }
-        }
-        catch (error) {
-            console.error('Failed to parse stored token:', error);
-            this.clearToken();
-        }
+            yield this.retrieveToken();
+            const retrievedToken = this.getStoredToken();
+            return (_a = retrievedToken === null || retrievedToken === void 0 ? void 0 : retrievedToken.accessToken) !== null && _a !== void 0 ? _a : null;
+        });
     }
-    setupStorageListener() {
-        if (typeof window === 'undefined')
-            return;
-        window.addEventListener('storage', (event) => {
-            if (event.key !== TOKEN_STORAGE_KEY)
-                return;
-            if (!event.newValue) {
-                this.clearToken();
-                // void this.retrieveToken();
+    revokeToken() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const token = this.getStoredToken();
+            this.clearToken();
+            if (!token)
                 return;
-            }
             try {
-                const newToken = JSON.parse(event.newValue);
-                // Skip if the new token is exactly the same as current token
-                if (this.token &&
-                    this.token.accessToken === newToken.accessToken &&
-                    this.token.expiresAt === newToken.expiresAt) {
-                    return;
-                }
-                if (newToken.expiresAt > Date.now()) {
-                    this.token = newToken;
-                    this.logTokenStatus('Token updated from storage');
-                    this.startRefreshInterval();
-                }
-                else {
-                    this.clearToken();
-                    void this.retrieveToken();
-                }
+                const controller = new AbortController();
+                const timeoutId = setTimeout(() => controller.abort(), 30000);
+                yield fetch('/oauth/revoke', {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/json',
+                        'Authorization': `Bearer ${token.accessToken}`
+                    },
+                    body: JSON.stringify({ token: token.accessToken }),
+                    credentials: 'include',
+                    signal: controller.signal,
+                });
+                clearTimeout(timeoutId);
             }
             catch (error) {
-                console.error('Failed to parse token from storage event:', error);
-                this.clearToken();
-                void this.retrieveToken();
+                console.error('Failed to revoke token:', error);
             }
         });
     }
-    getExpirationFromToken(token) {
+    getStoredToken() {
+        if (typeof window === 'undefined')
+            return null;
+        const storedToken = localStorage.getItem(TOKEN_STORAGE_KEY);
+        if (!storedToken) {
+            return null;
+        }
         try {
-            const [, payload] = token.split('.');
-            const decodedPayload = JSON.parse(atob(payload));
-            return decodedPayload.exp * 1000; // Convert to milliseconds
+            const token = JSON.parse(storedToken);
+            return token;
         }
         catch (error) {
-            console.error('Failed to parse token expiration:', error);
-            return Date.now() + (4 * 60 * 1000); // Default to 4 minutes if parsing fails
+            console.error('getStoredToken: Failed to parse stored token:', error);
+            return null;
         }
     }
-    getToken() {
-        return __awaiter(this, void 0, void 0, function* () {
-            var _a, _b;
-            const token = this.token;
-            if (token && token.expiresAt && token.expiresAt > Date.now()) {
-                return token.accessToken;
-            }
-            yield this.retrieveToken();
-            return (_b = (_a = this.token) === null || _a === void 0 ? void 0 : _a.accessToken) !== null && _b !== void 0 ? _b : null;
-        });
-    }
     retrieveToken() {
         return __awaiter(this, void 0, void 0, function* () {
             if (this.tokenPromise) {
@@ -136,130 +115,44 @@ export class TokenManager {
                 clearTimeout(timeoutId);
                 if (!response.ok) {
                     const errorData = yield response.json().catch(() => ({ message: response.statusText }));
+                    if (response.status === 401) {
+                        throw new UnauthorizedException(errorData.message || response.statusText);
+                    }
                     throw new Error(errorData.message || response.statusText);
                 }
                 const data = yield response.json();
                 this.setToken(data);
             }
             catch (error) {
-                console.error('Failed to retrieve token:', error);
-                this.clearToken();
-                // Schedule a retry after REFRESH_CHECK_INTERVAL
-                setTimeout(() => {
-                    void this.retrieveToken();
-                }, REFRESH_CHECK_INTERVAL);
                 throw error;
             }
         });
     }
-    startRefreshInterval() {
-        this.clearRefreshTimers();
-        if (!this.token)
-            return;
-        const tokenLifetime = this.token.expiresAt - Date.now();
-        const refreshThreshold = Math.round(tokenLifetime * REFRESH_THRESHOLD);
-        const timeUntilRefresh = refreshThreshold - (Math.random() * MAX_REFRESH_DELAY);
-        this.logTokenStatus('Starting refresh interval', {
-            tokenLifetime: `${Math.round(tokenLifetime / 1000)} seconds`,
-            refreshThreshold: `${Math.round(refreshThreshold / 1000)} seconds`,
-            timeUntilRefresh: `${Math.round(timeUntilRefresh / 1000)} seconds`,
-        });
-        this.scheduleRefresh(timeUntilRefresh);
-        this.refreshInterval = window.setInterval(() => {
-            if (!this.token)
-                return;
-            const timeUntilExpiry = this.token.expiresAt - Date.now();
-            if (timeUntilExpiry <= 0) {
-                this.logTokenStatus('Token expired');
-                this.clearToken();
-                void this.retrieveToken();
-                return;
-            }
-            const refreshThreshold = Math.round(timeUntilExpiry * REFRESH_THRESHOLD);
-            if (timeUntilExpiry <= refreshThreshold) {
-                this.logTokenStatus('Refreshing token', {
-                    timeUntilExpiry: `${Math.round(timeUntilExpiry / 1000)} seconds`,
-                    refreshThreshold: `${Math.round(refreshThreshold / 1000)} seconds`,
-                });
-                this.scheduleRefresh(refreshThreshold - (Math.random() * MAX_REFRESH_DELAY));
-            }
-        }, REFRESH_CHECK_INTERVAL);
-    }
-    scheduleRefresh(delay) {
-        if (this.refreshTimeout) {
-            window.clearTimeout(this.refreshTimeout);
-        }
-        this.refreshTimeout = window.setTimeout(() => {
-            const token = this.token;
-            if (token && token.expiresAt - Date.now() <= token.expiresAt * REFRESH_THRESHOLD) {
-                void this.retrieveToken();
-            }
-        }, delay);
-    }
-    clearRefreshTimers() {
-        if (this.refreshInterval) {
-            clearInterval(this.refreshInterval);
-            this.refreshInterval = null;
-        }
-        if (this.refreshTimeout) {
-            window.clearTimeout(this.refreshTimeout);
-            this.refreshTimeout = null;
-        }
-    }
-    logTokenStatus(message, additionalInfo = {}) {
-        if (!this.debug)
-            return;
-        const token = this.token;
-        if (!token)
-            return;
-        console.log(message, Object.assign({ expiresIn: `${Math.round((token.expiresAt - Date.now()) / 1000)} seconds`, expiresAt: new Date(token.expiresAt).toISOString() }, additionalInfo));
-    }
     setToken(tokenResponse) {
         const expiresAt = this.getExpirationFromToken(tokenResponse.accessToken);
-        this.token = {
+        const token = {
             accessToken: tokenResponse.accessToken,
             expiresAt,
         };
-        this.logTokenStatus('Token set', {
-            expiresAt: new Date(expiresAt).toISOString(),
-        });
         if (typeof window !== 'undefined') {
-            localStorage.setItem(TOKEN_STORAGE_KEY, JSON.stringify(this.token));
+            localStorage.setItem(TOKEN_STORAGE_KEY, JSON.stringify(token));
         }
-        this.startRefreshInterval();
     }
-    clearToken() {
-        this.token = null;
-        this.clearRefreshTimers();
-        if (typeof window !== 'undefined') {
-            localStorage.removeItem(TOKEN_STORAGE_KEY);
+    getExpirationFromToken(token) {
+        try {
+            const [, payload] = token.split('.');
+            const decodedPayload = JSON.parse(atob(payload));
+            return decodedPayload.exp * 1000; // Convert to milliseconds
+        }
+        catch (error) {
+            console.error('getExpirationFromToken: Failed to parse token expiration:', error);
+            return Date.now() + (4 * 60 * 1000); // Default to 4 minutes if parsing fails
         }
     }
-    revokeToken() {
-        return __awaiter(this, void 0, void 0, function* () {
-            const token = this.token;
-            this.clearToken();
-            if (!token)
-                return;
-            try {
-                const controller = new AbortController();
-                const timeoutId = setTimeout(() => controller.abort(), 30000);
-                yield fetch('/oauth/revoke', {
-                    method: 'POST',
-                    headers: {
-                        'Content-Type': 'application/json',
-                        'Authorization': `Bearer ${token.accessToken}`
-                    },
-                    body: JSON.stringify({ token: token.accessToken }),
-                    credentials: 'include',
-                    signal: controller.signal,
-                });
-                clearTimeout(timeoutId);
-            }
-            catch (error) {
-                console.error('Failed to revoke token:', error);
-                // Even if revocation fails, we still want to clear the local token
-            }
-        });
+    clearToken() {
+        if (typeof window === 'undefined') {
+            return;
+        }
+        localStorage.removeItem(TOKEN_STORAGE_KEY);
     }
 }

package/dist/cjs/client/api-client.js CHANGED Viewed

@@ -2,11 +2,29 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ApiClient = void 0;
 const types_1 = require("../types");
-const auth_1 = require("./auth");
+const token_manager_1 = require("./token-manager");
 class ApiClient {
     constructor(config) {
         this.config = config;
-        this.auth = new auth_1.FlexbeAuth(config);
+        this.tokenManager = token_manager_1.TokenManager.getInstance();
+        if (this.config.authType === types_1.FlexbeAuthType.BEARER) {
+            // Start initialization but don't wait for it
+            void this.tokenManager.getToken(); // just warm up the token manager before any request
+        }
+    }
+    async getAuthHeaders() {
+        const headers = {};
+        if (this.config.authType === types_1.FlexbeAuthType.API_KEY) {
+            headers['x-api-key'] = this.config.apiKey;
+        }
+        else if (this.config.authType === types_1.FlexbeAuthType.BEARER) {
+            const token = await this.tokenManager.getToken();
+            if (!token) {
+                throw new Error('No valid bearer token available');
+            }
+            headers['Authorization'] = `Bearer ${token}`;
+        }
+        return headers;
     }
     buildUrl(path, params) {
         const searchParams = new URLSearchParams();
@@ -21,12 +39,12 @@ class ApiClient {
     }
     async request(config) {
         try {
-            await this.auth.ensureInitialized();
             const controller = new AbortController();
             const timeoutId = setTimeout(() => controller.abort(), this.config.timeout);
             const url = this.buildUrl(config.url, config.params);
             const headers = {
-                ...(await this.auth.getAuthHeaders()),
+                'Content-Type': 'application/json',
+                ...(await this.getAuthHeaders()),
                 ...config.headers,
             };
             const response = await fetch(this.config.baseUrl + url, {
@@ -81,6 +99,9 @@ class ApiClient {
             };
         }
         catch (error) {
+            if (error instanceof types_1.UnauthorizedException) {
+                this.config.hooks?.onUnauthorized?.();
+            }
             if (error instanceof Error && error.name === 'AbortError') {
                 throw new types_1.TimeoutException('Request timeout');
             }

package/dist/cjs/client/client.js CHANGED Viewed

@@ -15,11 +15,15 @@ class FlexbeClient {
             }
             return undefined;
         };
+        const defaultConfig = {
+            baseUrl: getEnvVar('FLEXBE_API_URL') || 'https://api.flexbe.com',
+            timeout: 30000,
+            apiKey: getEnvVar('FLEXBE_API_KEY') || '',
+            authType: types_1.FlexbeAuthType.API_KEY,
+        };
         this.config = {
-            baseUrl: config?.baseUrl || getEnvVar('FLEXBE_API_URL') || 'https://api.flexbe.com',
-            timeout: config?.timeout || 30000,
-            apiKey: config?.apiKey || getEnvVar('FLEXBE_API_KEY') || '',
-            authType: config?.authType || types_1.FlexbeAuthType.API_KEY,
+            ...defaultConfig,
+            ...config,
         };
         if (this.config.authType === 'apiKey' && !this.config.apiKey) {
             throw new Error('API key is required when using apiKey authentication. Please provide it either through config or FLEXBE_API_KEY environment variable.');

package/dist/cjs/client/token-manager.js CHANGED Viewed

@@ -1,102 +1,79 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.TokenManager = void 0;
-const TOKEN_STORAGE_KEY = 'flexbe_jwt_token';
-const REFRESH_THRESHOLD = 0.8; // Refresh when 80% of token lifetime has passed
-const REFRESH_CHECK_INTERVAL = 30 * 1000; // Check every 30 seconds
-const MAX_REFRESH_DELAY = 10000; // Maximum random delay of 10 seconds
+const types_1 = require("../types");
+const TOKEN_STORAGE_KEY = 'flexbe_jwt';
+const TOKEN_REFRESH_THRESHOLD = 5 * 60 * 1000; // update token 5 minutes before expiration
 class TokenManager {
     constructor() {
-        this.token = null;
-        this.refreshInterval = null;
-        this.refreshTimeout = null;
         this.tokenPromise = null;
-        this.debug = false;
-        this.initializeFromStorage();
-        this.setupStorageListener();
     }
     static getInstance() {
         if (!TokenManager.instance) {
             TokenManager.instance = new TokenManager();
         }
+        if (typeof window !== 'undefined') {
+            // Clean up old token storage place
+            // TODO remove this after June 1, 2025
+            localStorage.removeItem('flexbe_jwt_token');
+            ;
+        }
         return TokenManager.instance;
     }
-    initializeFromStorage() {
-        if (typeof window === 'undefined')
-            return;
-        const storedToken = localStorage.getItem(TOKEN_STORAGE_KEY);
-        if (!storedToken)
+    async getToken() {
+        const token = this.getStoredToken();
+        if (token && token.expiresAt > Date.now()) {
+            // TODO check if token expire less that 1 minute
+            // if so, retrieve a new token
+            if (token.expiresAt - Date.now() < TOKEN_REFRESH_THRESHOLD) {
+                void this.retrieveToken();
+            }
+            return token.accessToken;
+        }
+        await this.retrieveToken();
+        const retrievedToken = this.getStoredToken();
+        return retrievedToken?.accessToken ?? null;
+    }
+    async revokeToken() {
+        const token = this.getStoredToken();
+        this.clearToken();
+        if (!token)
             return;
         try {
-            this.token = JSON.parse(storedToken);
-            if (this.token.expiresAt > Date.now()) {
-                this.logTokenStatus('Token loaded from storage');
-                this.startRefreshInterval();
-            }
-            else {
-                this.clearToken();
-            }
+            const controller = new AbortController();
+            const timeoutId = setTimeout(() => controller.abort(), 30000);
+            await fetch('/oauth/revoke', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${token.accessToken}`
+                },
+                body: JSON.stringify({ token: token.accessToken }),
+                credentials: 'include',
+                signal: controller.signal,
+            });
+            clearTimeout(timeoutId);
         }
         catch (error) {
-            console.error('Failed to parse stored token:', error);
-            this.clearToken();
+            console.error('Failed to revoke token:', error);
         }
     }
-    setupStorageListener() {
+    getStoredToken() {
         if (typeof window === 'undefined')
-            return;
-        window.addEventListener('storage', (event) => {
-            if (event.key !== TOKEN_STORAGE_KEY)
-                return;
-            if (!event.newValue) {
-                this.clearToken();
-                // void this.retrieveToken();
-                return;
-            }
-            try {
-                const newToken = JSON.parse(event.newValue);
-                // Skip if the new token is exactly the same as current token
-                if (this.token &&
-                    this.token.accessToken === newToken.accessToken &&
-                    this.token.expiresAt === newToken.expiresAt) {
-                    return;
-                }
-                if (newToken.expiresAt > Date.now()) {
-                    this.token = newToken;
-                    this.logTokenStatus('Token updated from storage');
-                    this.startRefreshInterval();
-                }
-                else {
-                    this.clearToken();
-                    void this.retrieveToken();
-                }
-            }
-            catch (error) {
-                console.error('Failed to parse token from storage event:', error);
-                this.clearToken();
-                void this.retrieveToken();
-            }
-        });
-    }
-    getExpirationFromToken(token) {
+            return null;
+        const storedToken = localStorage.getItem(TOKEN_STORAGE_KEY);
+        if (!storedToken) {
+            return null;
+        }
         try {
-            const [, payload] = token.split('.');
-            const decodedPayload = JSON.parse(atob(payload));
-            return decodedPayload.exp * 1000; // Convert to milliseconds
+            const token = JSON.parse(storedToken);
+            return token;
         }
         catch (error) {
-            console.error('Failed to parse token expiration:', error);
-            return Date.now() + (4 * 60 * 1000); // Default to 4 minutes if parsing fails
+            console.error('getStoredToken: Failed to parse stored token:', error);
+            return null;
         }
     }
-    async getToken() {
-        const token = this.token;
-        if (token && token.expiresAt && token.expiresAt > Date.now()) {
-            return token.accessToken;
-        }
-        await this.retrieveToken();
-        return this.token?.accessToken ?? null;
-    }
     async retrieveToken() {
         if (this.tokenPromise) {
             await this.tokenPromise;
@@ -124,132 +101,44 @@ class TokenManager {
             clearTimeout(timeoutId);
             if (!response.ok) {
                 const errorData = await response.json().catch(() => ({ message: response.statusText }));
+                if (response.status === 401) {
+                    throw new types_1.UnauthorizedException(errorData.message || response.statusText);
+                }
                 throw new Error(errorData.message || response.statusText);
             }
             const data = await response.json();
             this.setToken(data);
         }
         catch (error) {
-            console.error('Failed to retrieve token:', error);
-            this.clearToken();
-            // Schedule a retry after REFRESH_CHECK_INTERVAL
-            setTimeout(() => {
-                void this.retrieveToken();
-            }, REFRESH_CHECK_INTERVAL);
             throw error;
         }
     }
-    startRefreshInterval() {
-        this.clearRefreshTimers();
-        if (!this.token)
-            return;
-        const tokenLifetime = this.token.expiresAt - Date.now();
-        const refreshThreshold = Math.round(tokenLifetime * REFRESH_THRESHOLD);
-        const timeUntilRefresh = refreshThreshold - (Math.random() * MAX_REFRESH_DELAY);
-        this.logTokenStatus('Starting refresh interval', {
-            tokenLifetime: `${Math.round(tokenLifetime / 1000)} seconds`,
-            refreshThreshold: `${Math.round(refreshThreshold / 1000)} seconds`,
-            timeUntilRefresh: `${Math.round(timeUntilRefresh / 1000)} seconds`,
-        });
-        this.scheduleRefresh(timeUntilRefresh);
-        this.refreshInterval = window.setInterval(() => {
-            if (!this.token)
-                return;
-            const timeUntilExpiry = this.token.expiresAt - Date.now();
-            if (timeUntilExpiry <= 0) {
-                this.logTokenStatus('Token expired');
-                this.clearToken();
-                void this.retrieveToken();
-                return;
-            }
-            const refreshThreshold = Math.round(timeUntilExpiry * REFRESH_THRESHOLD);
-            if (timeUntilExpiry <= refreshThreshold) {
-                this.logTokenStatus('Refreshing token', {
-                    timeUntilExpiry: `${Math.round(timeUntilExpiry / 1000)} seconds`,
-                    refreshThreshold: `${Math.round(refreshThreshold / 1000)} seconds`,
-                });
-                this.scheduleRefresh(refreshThreshold - (Math.random() * MAX_REFRESH_DELAY));
-            }
-        }, REFRESH_CHECK_INTERVAL);
-    }
-    scheduleRefresh(delay) {
-        if (this.refreshTimeout) {
-            window.clearTimeout(this.refreshTimeout);
-        }
-        this.refreshTimeout = window.setTimeout(() => {
-            const token = this.token;
-            if (token && token.expiresAt - Date.now() <= token.expiresAt * REFRESH_THRESHOLD) {
-                void this.retrieveToken();
-            }
-        }, delay);
-    }
-    clearRefreshTimers() {
-        if (this.refreshInterval) {
-            clearInterval(this.refreshInterval);
-            this.refreshInterval = null;
-        }
-        if (this.refreshTimeout) {
-            window.clearTimeout(this.refreshTimeout);
-            this.refreshTimeout = null;
-        }
-    }
-    logTokenStatus(message, additionalInfo = {}) {
-        if (!this.debug)
-            return;
-        const token = this.token;
-        if (!token)
-            return;
-        console.log(message, {
-            expiresIn: `${Math.round((token.expiresAt - Date.now()) / 1000)} seconds`,
-            expiresAt: new Date(token.expiresAt).toISOString(),
-            ...additionalInfo,
-        });
-    }
     setToken(tokenResponse) {
         const expiresAt = this.getExpirationFromToken(tokenResponse.accessToken);
-        this.token = {
+        const token = {
             accessToken: tokenResponse.accessToken,
             expiresAt,
         };
-        this.logTokenStatus('Token set', {
-            expiresAt: new Date(expiresAt).toISOString(),
-        });
         if (typeof window !== 'undefined') {
-            localStorage.setItem(TOKEN_STORAGE_KEY, JSON.stringify(this.token));
+            localStorage.setItem(TOKEN_STORAGE_KEY, JSON.stringify(token));
         }
-        this.startRefreshInterval();
     }
-    clearToken() {
-        this.token = null;
-        this.clearRefreshTimers();
-        if (typeof window !== 'undefined') {
-            localStorage.removeItem(TOKEN_STORAGE_KEY);
-        }
-    }
-    async revokeToken() {
-        const token = this.token;
-        this.clearToken();
-        if (!token)
-            return;
+    getExpirationFromToken(token) {
         try {
-            const controller = new AbortController();
-            const timeoutId = setTimeout(() => controller.abort(), 30000);
-            await fetch('/oauth/revoke', {
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                    'Authorization': `Bearer ${token.accessToken}`
-                },
-                body: JSON.stringify({ token: token.accessToken }),
-                credentials: 'include',
-                signal: controller.signal,
-            });
-            clearTimeout(timeoutId);
+            const [, payload] = token.split('.');
+            const decodedPayload = JSON.parse(atob(payload));
+            return decodedPayload.exp * 1000; // Convert to milliseconds
         }
         catch (error) {
-            console.error('Failed to revoke token:', error);
-            // Even if revocation fails, we still want to clear the local token
+            console.error('getExpirationFromToken: Failed to parse token expiration:', error);
+            return Date.now() + (4 * 60 * 1000); // Default to 4 minutes if parsing fails
+        }
+    }
+    clearToken() {
+        if (typeof window === 'undefined') {
+            return;
         }
+        localStorage.removeItem(TOKEN_STORAGE_KEY);
     }
 }
 exports.TokenManager = TokenManager;

package/dist/esm/client/api-client.js CHANGED Viewed

@@ -1,9 +1,27 @@
-import { NotFoundException, ForbiddenException, BadRequestException, UnauthorizedException, ServerException, TimeoutException } from '../types';
-import { FlexbeAuth } from './auth';
+import { NotFoundException, ForbiddenException, BadRequestException, UnauthorizedException, ServerException, TimeoutException, FlexbeAuthType } from '../types';
+import { TokenManager } from './token-manager';
 export class ApiClient {
     constructor(config) {
         this.config = config;
-        this.auth = new FlexbeAuth(config);
+        this.tokenManager = TokenManager.getInstance();
+        if (this.config.authType === FlexbeAuthType.BEARER) {
+            // Start initialization but don't wait for it
+            void this.tokenManager.getToken(); // just warm up the token manager before any request
+        }
+    }
+    async getAuthHeaders() {
+        const headers = {};
+        if (this.config.authType === FlexbeAuthType.API_KEY) {
+            headers['x-api-key'] = this.config.apiKey;
+        }
+        else if (this.config.authType === FlexbeAuthType.BEARER) {
+            const token = await this.tokenManager.getToken();
+            if (!token) {
+                throw new Error('No valid bearer token available');
+            }
+            headers['Authorization'] = `Bearer ${token}`;
+        }
+        return headers;
     }
     buildUrl(path, params) {
         const searchParams = new URLSearchParams();
@@ -18,12 +36,12 @@ export class ApiClient {
     }
     async request(config) {
         try {
-            await this.auth.ensureInitialized();
             const controller = new AbortController();
             const timeoutId = setTimeout(() => controller.abort(), this.config.timeout);
             const url = this.buildUrl(config.url, config.params);
             const headers = {
-                ...(await this.auth.getAuthHeaders()),
+                'Content-Type': 'application/json',
+                ...(await this.getAuthHeaders()),
                 ...config.headers,
             };
             const response = await fetch(this.config.baseUrl + url, {
@@ -78,6 +96,9 @@ export class ApiClient {
             };
         }
         catch (error) {
+            if (error instanceof UnauthorizedException) {
+                this.config.hooks?.onUnauthorized?.();
+            }
             if (error instanceof Error && error.name === 'AbortError') {
                 throw new TimeoutException('Request timeout');
             }

package/dist/esm/client/client.js CHANGED Viewed

@@ -12,11 +12,15 @@ export class FlexbeClient {
             }
             return undefined;
         };
+        const defaultConfig = {
+            baseUrl: getEnvVar('FLEXBE_API_URL') || 'https://api.flexbe.com',
+            timeout: 30000,
+            apiKey: getEnvVar('FLEXBE_API_KEY') || '',
+            authType: FlexbeAuthType.API_KEY,
+        };
         this.config = {
-            baseUrl: config?.baseUrl || getEnvVar('FLEXBE_API_URL') || 'https://api.flexbe.com',
-            timeout: config?.timeout || 30000,
-            apiKey: config?.apiKey || getEnvVar('FLEXBE_API_KEY') || '',
-            authType: config?.authType || FlexbeAuthType.API_KEY,
+            ...defaultConfig,
+            ...config,
         };
         if (this.config.authType === 'apiKey' && !this.config.apiKey) {
             throw new Error('API key is required when using apiKey authentication. Please provide it either through config or FLEXBE_API_KEY environment variable.');

package/dist/esm/client/token-manager.js CHANGED Viewed

@@ -1,99 +1,76 @@
-const TOKEN_STORAGE_KEY = 'flexbe_jwt_token';
-const REFRESH_THRESHOLD = 0.8; // Refresh when 80% of token lifetime has passed
-const REFRESH_CHECK_INTERVAL = 30 * 1000; // Check every 30 seconds
-const MAX_REFRESH_DELAY = 10000; // Maximum random delay of 10 seconds
+import { UnauthorizedException } from '../types';
+const TOKEN_STORAGE_KEY = 'flexbe_jwt';
+const TOKEN_REFRESH_THRESHOLD = 5 * 60 * 1000; // update token 5 minutes before expiration
 export class TokenManager {
     constructor() {
-        this.token = null;
-        this.refreshInterval = null;
-        this.refreshTimeout = null;
         this.tokenPromise = null;
-        this.debug = false;
-        this.initializeFromStorage();
-        this.setupStorageListener();
     }
     static getInstance() {
         if (!TokenManager.instance) {
             TokenManager.instance = new TokenManager();
         }
+        if (typeof window !== 'undefined') {
+            // Clean up old token storage place
+            // TODO remove this after June 1, 2025
+            localStorage.removeItem('flexbe_jwt_token');
+            ;
+        }
         return TokenManager.instance;
     }
-    initializeFromStorage() {
-        if (typeof window === 'undefined')
-            return;
-        const storedToken = localStorage.getItem(TOKEN_STORAGE_KEY);
-        if (!storedToken)
+    async getToken() {
+        const token = this.getStoredToken();
+        if (token && token.expiresAt > Date.now()) {
+            // TODO check if token expire less that 1 minute
+            // if so, retrieve a new token
+            if (token.expiresAt - Date.now() < TOKEN_REFRESH_THRESHOLD) {
+                void this.retrieveToken();
+            }
+            return token.accessToken;
+        }
+        await this.retrieveToken();
+        const retrievedToken = this.getStoredToken();
+        return retrievedToken?.accessToken ?? null;
+    }
+    async revokeToken() {
+        const token = this.getStoredToken();
+        this.clearToken();
+        if (!token)
             return;
         try {
-            this.token = JSON.parse(storedToken);
-            if (this.token.expiresAt > Date.now()) {
-                this.logTokenStatus('Token loaded from storage');
-                this.startRefreshInterval();
-            }
-            else {
-                this.clearToken();
-            }
+            const controller = new AbortController();
+            const timeoutId = setTimeout(() => controller.abort(), 30000);
+            await fetch('/oauth/revoke', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${token.accessToken}`
+                },
+                body: JSON.stringify({ token: token.accessToken }),
+                credentials: 'include',
+                signal: controller.signal,
+            });
+            clearTimeout(timeoutId);
         }
         catch (error) {
-            console.error('Failed to parse stored token:', error);
-            this.clearToken();
+            console.error('Failed to revoke token:', error);
         }
     }
-    setupStorageListener() {
+    getStoredToken() {
         if (typeof window === 'undefined')
-            return;
-        window.addEventListener('storage', (event) => {
-            if (event.key !== TOKEN_STORAGE_KEY)
-                return;
-            if (!event.newValue) {
-                this.clearToken();
-                // void this.retrieveToken();
-                return;
-            }
-            try {
-                const newToken = JSON.parse(event.newValue);
-                // Skip if the new token is exactly the same as current token
-                if (this.token &&
-                    this.token.accessToken === newToken.accessToken &&
-                    this.token.expiresAt === newToken.expiresAt) {
-                    return;
-                }
-                if (newToken.expiresAt > Date.now()) {
-                    this.token = newToken;
-                    this.logTokenStatus('Token updated from storage');
-                    this.startRefreshInterval();
-                }
-                else {
-                    this.clearToken();
-                    void this.retrieveToken();
-                }
-            }
-            catch (error) {
-                console.error('Failed to parse token from storage event:', error);
-                this.clearToken();
-                void this.retrieveToken();
-            }
-        });
-    }
-    getExpirationFromToken(token) {
+            return null;
+        const storedToken = localStorage.getItem(TOKEN_STORAGE_KEY);
+        if (!storedToken) {
+            return null;
+        }
         try {
-            const [, payload] = token.split('.');
-            const decodedPayload = JSON.parse(atob(payload));
-            return decodedPayload.exp * 1000; // Convert to milliseconds
+            const token = JSON.parse(storedToken);
+            return token;
         }
         catch (error) {
-            console.error('Failed to parse token expiration:', error);
-            return Date.now() + (4 * 60 * 1000); // Default to 4 minutes if parsing fails
+            console.error('getStoredToken: Failed to parse stored token:', error);
+            return null;
         }
     }
-    async getToken() {
-        const token = this.token;
-        if (token && token.expiresAt && token.expiresAt > Date.now()) {
-            return token.accessToken;
-        }
-        await this.retrieveToken();
-        return this.token?.accessToken ?? null;
-    }
     async retrieveToken() {
         if (this.tokenPromise) {
             await this.tokenPromise;
@@ -121,131 +98,43 @@ export class TokenManager {
             clearTimeout(timeoutId);
             if (!response.ok) {
                 const errorData = await response.json().catch(() => ({ message: response.statusText }));
+                if (response.status === 401) {
+                    throw new UnauthorizedException(errorData.message || response.statusText);
+                }
                 throw new Error(errorData.message || response.statusText);
             }
             const data = await response.json();
             this.setToken(data);
         }
         catch (error) {
-            console.error('Failed to retrieve token:', error);
-            this.clearToken();
-            // Schedule a retry after REFRESH_CHECK_INTERVAL
-            setTimeout(() => {
-                void this.retrieveToken();
-            }, REFRESH_CHECK_INTERVAL);
             throw error;
         }
     }
-    startRefreshInterval() {
-        this.clearRefreshTimers();
-        if (!this.token)
-            return;
-        const tokenLifetime = this.token.expiresAt - Date.now();
-        const refreshThreshold = Math.round(tokenLifetime * REFRESH_THRESHOLD);
-        const timeUntilRefresh = refreshThreshold - (Math.random() * MAX_REFRESH_DELAY);
-        this.logTokenStatus('Starting refresh interval', {
-            tokenLifetime: `${Math.round(tokenLifetime / 1000)} seconds`,
-            refreshThreshold: `${Math.round(refreshThreshold / 1000)} seconds`,
-            timeUntilRefresh: `${Math.round(timeUntilRefresh / 1000)} seconds`,
-        });
-        this.scheduleRefresh(timeUntilRefresh);
-        this.refreshInterval = window.setInterval(() => {
-            if (!this.token)
-                return;
-            const timeUntilExpiry = this.token.expiresAt - Date.now();
-            if (timeUntilExpiry <= 0) {
-                this.logTokenStatus('Token expired');
-                this.clearToken();
-                void this.retrieveToken();
-                return;
-            }
-            const refreshThreshold = Math.round(timeUntilExpiry * REFRESH_THRESHOLD);
-            if (timeUntilExpiry <= refreshThreshold) {
-                this.logTokenStatus('Refreshing token', {
-                    timeUntilExpiry: `${Math.round(timeUntilExpiry / 1000)} seconds`,
-                    refreshThreshold: `${Math.round(refreshThreshold / 1000)} seconds`,
-                });
-                this.scheduleRefresh(refreshThreshold - (Math.random() * MAX_REFRESH_DELAY));
-            }
-        }, REFRESH_CHECK_INTERVAL);
-    }
-    scheduleRefresh(delay) {
-        if (this.refreshTimeout) {
-            window.clearTimeout(this.refreshTimeout);
-        }
-        this.refreshTimeout = window.setTimeout(() => {
-            const token = this.token;
-            if (token && token.expiresAt - Date.now() <= token.expiresAt * REFRESH_THRESHOLD) {
-                void this.retrieveToken();
-            }
-        }, delay);
-    }
-    clearRefreshTimers() {
-        if (this.refreshInterval) {
-            clearInterval(this.refreshInterval);
-            this.refreshInterval = null;
-        }
-        if (this.refreshTimeout) {
-            window.clearTimeout(this.refreshTimeout);
-            this.refreshTimeout = null;
-        }
-    }
-    logTokenStatus(message, additionalInfo = {}) {
-        if (!this.debug)
-            return;
-        const token = this.token;
-        if (!token)
-            return;
-        console.log(message, {
-            expiresIn: `${Math.round((token.expiresAt - Date.now()) / 1000)} seconds`,
-            expiresAt: new Date(token.expiresAt).toISOString(),
-            ...additionalInfo,
-        });
-    }
     setToken(tokenResponse) {
         const expiresAt = this.getExpirationFromToken(tokenResponse.accessToken);
-        this.token = {
+        const token = {
             accessToken: tokenResponse.accessToken,
             expiresAt,
         };
-        this.logTokenStatus('Token set', {
-            expiresAt: new Date(expiresAt).toISOString(),
-        });
         if (typeof window !== 'undefined') {
-            localStorage.setItem(TOKEN_STORAGE_KEY, JSON.stringify(this.token));
+            localStorage.setItem(TOKEN_STORAGE_KEY, JSON.stringify(token));
         }
-        this.startRefreshInterval();
     }
-    clearToken() {
-        this.token = null;
-        this.clearRefreshTimers();
-        if (typeof window !== 'undefined') {
-            localStorage.removeItem(TOKEN_STORAGE_KEY);
-        }
-    }
-    async revokeToken() {
-        const token = this.token;
-        this.clearToken();
-        if (!token)
-            return;
+    getExpirationFromToken(token) {
         try {
-            const controller = new AbortController();
-            const timeoutId = setTimeout(() => controller.abort(), 30000);
-            await fetch('/oauth/revoke', {
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                    'Authorization': `Bearer ${token.accessToken}`
-                },
-                body: JSON.stringify({ token: token.accessToken }),
-                credentials: 'include',
-                signal: controller.signal,
-            });
-            clearTimeout(timeoutId);
+            const [, payload] = token.split('.');
+            const decodedPayload = JSON.parse(atob(payload));
+            return decodedPayload.exp * 1000; // Convert to milliseconds
         }
         catch (error) {
-            console.error('Failed to revoke token:', error);
-            // Even if revocation fails, we still want to clear the local token
+            console.error('getExpirationFromToken: Failed to parse token expiration:', error);
+            return Date.now() + (4 * 60 * 1000); // Default to 4 minutes if parsing fails
+        }
+    }
+    clearToken() {
+        if (typeof window === 'undefined') {
+            return;
         }
+        localStorage.removeItem(TOKEN_STORAGE_KEY);
     }
 }

package/dist/types/client/api-client.d.ts CHANGED Viewed

@@ -1,8 +1,9 @@
 import { FlexbeConfig, FlexbeResponse } from '../types';
 export declare class ApiClient {
     private readonly config;
-    private readonly auth;
+    private readonly tokenManager;
     constructor(config: FlexbeConfig);
+    private getAuthHeaders;
     private buildUrl;
     private request;
     get<T>(url: string, config?: RequestInit & {

package/dist/types/client/token-manager.d.ts CHANGED Viewed

@@ -1,24 +1,13 @@
-import { TokenResponse } from '../types';
 export declare class TokenManager {
     private static instance;
-    private token;
-    private refreshInterval;
-    private refreshTimeout;
     private tokenPromise;
-    private debug;
-    private constructor();
     static getInstance(): TokenManager;
-    private initializeFromStorage;
-    private setupStorageListener;
-    private getExpirationFromToken;
     getToken(): Promise<string | null>;
+    revokeToken(): Promise<void>;
+    private getStoredToken;
     private retrieveToken;
     private doRetrieveToken;
-    private startRefreshInterval;
-    private scheduleRefresh;
-    private clearRefreshTimers;
-    private logTokenStatus;
-    setToken(tokenResponse: TokenResponse): void;
-    clearToken(): void;
-    revokeToken(): Promise<void>;
+    private setToken;
+    private getExpirationFromToken;
+    private clearToken;
 }

package/dist/types/types/index.d.ts CHANGED Viewed

@@ -8,6 +8,9 @@ export interface FlexbeConfig {
     timeout?: number;
     siteId?: string;
     authType?: FlexbeAuthType;
+    hooks?: {
+        onUnauthorized?: () => void;
+    };
 }
 export interface FlexbeResponse<T> {
     data: T;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@flexbe/sdk",
-    "version": "0.2.29",
+    "version": "0.2.31",
     "description": "TypeScript SDK for Flexbe API",
     "main": "dist/cjs/index.js",
     "module": "dist/esm/index.js",
@@ -23,9 +23,7 @@
         "lint": "eslint src --ext .ts",
         "format": "prettier --write \"src/**/*.ts\"",
         "prepare": "npm run build",
-        "prepublishOnly": "npm test && npm run lint",
-        "version": "npm version",
-        "publish": "npm publish --access public"
+        "prepublishOnly": "npm test && npm run lint"
     },
     "keywords": [
         "flexbe",