@globus/sdk 6.0.0-rc.1 → 6.0.0-rc.11

package/README.md

@@ -9,37 +9,29 @@ The Globus SDK for JavaScript provides first class TypeScript support and makes
 - [@globus/sdk API Documentation](https://globus.github.io/globus-sdk-javascript/)
 - [Examples](https://github.com/globus/globus-sdk-javascript/blob/main/examples/README.md)
 - [Upgrading](https://github.com/globus/globus-sdk-javascript/blob/main/UPGRADING.md)
+  - [Migrating from `v5` to `v6`](https://github.com/globus/globus-sdk-javascript/blob/main/UPGRADING.md#migrating-from-v5-to-v6)
   - [Migrating from `v4` to `v5`](https://github.com/globus/globus-sdk-javascript/blob/main/UPGRADING.md#migrating-from-v4-to-v5)
   - [Migrating from `v3` to `v4`](https://github.com/globus/globus-sdk-javascript/blob/main/UPGRADING.md#migrating-from-v3-to-v4)
 
 ## Installation
 
-If you are not using Typescript, you can install the SDK with the following command:
+You can install the SDK with the following command:
 
 ```sh
 npm install @globus/sdk
 ```
 
-### Typescript
-
-`@globus/sdk` is written in Typescript and includes type definitions for its internal types, Globus platform types (i.e., API responses) are provided by the `@globus/types` package and must be installed separately.
-
-```sh
-npm install @globus/sdk @globus/types
-```
-
 ## Supported Platforms
 
 ### Node.js
 
 We aim to support all Active LTS [Node.js releases](https://nodejs.org/en/about/previous-releases). We intend to support all Maintenance LTS versions until their official end-of-life. Removal of support for a Node.js version will be considered a breaking change and result in a major version bump of the SDK.
 
-| Version                     |                                                                                                                                                                                                                 |
-| --------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| ⚠️ Node.js 18 (END-OF-LIFE) | [![lts/hydrogen](https://img.shields.io/github/actions/workflow/status/globus/globus-sdk-javascript/ci.yml?style=flat-square&label=)](https://github.com/globus/globus-sdk-javascript/actions/workflows/ci.yml) |
-| Node.js 20                  | [![lts/iron](https://img.shields.io/github/actions/workflow/status/globus/globus-sdk-javascript/ci.yml?style=flat-square&label=)](https://github.com/globus/globus-sdk-javascript/actions/workflows/ci.yml)     |
-| Node.js 22                  | [![lts/jod](https://img.shields.io/github/actions/workflow/status/globus/globus-sdk-javascript/ci.yml?style=flat-square&label=)](https://github.com/globus/globus-sdk-javascript/actions/workflows/ci.yml)      |
-| Node.js 24                  | [![24.x](https://img.shields.io/github/actions/workflow/status/globus/globus-sdk-javascript/ci.yml?style=flat-square&label=)](https://github.com/globus/globus-sdk-javascript/actions/workflows/ci.yml)         |
+| Version    |                                                                                                                                                                                                             |
+| ---------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| Node.js 20 | [![lts/iron](https://img.shields.io/github/actions/workflow/status/globus/globus-sdk-javascript/ci.yml?style=flat-square&label=)](https://github.com/globus/globus-sdk-javascript/actions/workflows/ci.yml) |
+| Node.js 22 | [![lts/jod](https://img.shields.io/github/actions/workflow/status/globus/globus-sdk-javascript/ci.yml?style=flat-square&label=)](https://github.com/globus/globus-sdk-javascript/actions/workflows/ci.yml)  |
+| Node.js 24 | [![24.x](https://img.shields.io/github/actions/workflow/status/globus/globus-sdk-javascript/ci.yml?style=flat-square&label=)](https://github.com/globus/globus-sdk-javascript/actions/workflows/ci.yml)     |
 
 ### Browser Support
 

package/dist/cjs/core/authorization/index.js

@@ -68,8 +68,8 @@ var HOSTS2 = {
   preview: "preview.flows.automate.globus.org"
 };
 
-// src/services/timer/config.ts
-var ID3 = "TIMER";
+// src/services/timers/config.ts
+var ID3 = "TIMERS";
 var HOSTS3 = {
   sandbox: "sandbox.timer.automate.globus.org",
   production: "timer.automate.globus.org",
@@ -647,16 +647,23 @@ async function generateCodeChallenge(verifier) {
 function generateState() {
   return Array.from(getCrypto().getRandomValues(new Uint8Array(16))).map((v) => CHARSET[v % CHARSET.length]).join("");
 }
-
-// src/core/authorization/RedirectTransport.ts
 var KEYS = {
   PKCE_STATE: "pkce_state",
   PKCE_CODE_VERIFIER: "pkce_code_verifier"
 };
-function resetPKCE() {
-  sessionStorage.removeItem(KEYS.PKCE_STATE);
-  sessionStorage.removeItem(KEYS.PKCE_CODE_VERIFIER);
-}
+var store = {
+  getKey(key) {
+    return key === "state" ? KEYS.PKCE_STATE : KEYS.PKCE_CODE_VERIFIER;
+  },
+  get: (entry) => sessionStorage.getItem(store.getKey(entry)),
+  set: (entry, value) => sessionStorage.setItem(store.getKey(entry), value),
+  reset: () => {
+    sessionStorage.removeItem(KEYS.PKCE_STATE);
+    sessionStorage.removeItem(KEYS.PKCE_CODE_VERIFIER);
+  }
+};
+
+// src/core/authorization/RedirectTransport.ts
 var RedirectTransport = class _RedirectTransport {
   #options;
   constructor(options) {
@@ -673,8 +680,8 @@ var RedirectTransport = class _RedirectTransport {
     const verifier = generateCodeVerifier();
     const challenge = await generateCodeChallenge(verifier);
     const state = this.#options.params?.["state"] ?? generateState();
-    sessionStorage.setItem(KEYS.PKCE_CODE_VERIFIER, verifier);
-    sessionStorage.setItem(KEYS.PKCE_STATE, state);
+    store.set("code_verifier", verifier);
+    store.set("state", state);
     const params = {
       response_type: "code",
       client_id: this.#options.client,
@@ -703,9 +710,9 @@ var RedirectTransport = class _RedirectTransport {
     }
     const code = params.get("code");
     if (!code) return void 0;
-    const state = sessionStorage.getItem(KEYS.PKCE_STATE);
-    const verifier = sessionStorage.getItem(KEYS.PKCE_CODE_VERIFIER);
-    resetPKCE();
+    const state = store.get("state");
+    const verifier = store.get("code_verifier");
+    store.reset();
     if (params.get("state") !== state) {
       throw new Error(
         'Invalid State. The received "state" parameter does not match the expected state.'
@@ -784,7 +791,7 @@ var TokenManager = class {
     return this.#getTokenForService(SERVICES.SEARCH);
   }
   get timer() {
-    return this.#getTokenForService(SERVICES.TIMER);
+    return this.#getTokenForService(SERVICES.TIMERS);
   }
   get compute() {
     return this.#getTokenForService(SERVICES.COMPUTE);
@@ -870,10 +877,119 @@ var MemoryStorage = class {
   }
 };
 
+// src/core/authorization/PopupTransport.ts
+var MESSAGE_SOURCE = "globus-sdk";
+var PopupTransport = class _PopupTransport {
+  #options;
+  #window = null;
+  constructor(options) {
+    this.#options = options;
+    if (_PopupTransport.supported === false) {
+      throw new Error("PopupTransport is not supported in this environment.");
+    }
+  }
+  /**
+   * The `PopupTransport` is supported in environments where the `window` object is available.
+   */
+  static supported = isSupported() && "window" in globalThis && typeof globalThis.window.open === "function";
+  /**
+   * For the redirect transport, sending the request will redirect the user to the authorization endpoint, initiating the OAuth flow.
+   */
+  async send() {
+    const verifier = generateCodeVerifier();
+    const challenge = await generateCodeChallenge(verifier);
+    const state = this.#options.params?.["state"] ?? generateState();
+    store.set("code_verifier", verifier);
+    store.set("state", state);
+    const params = {
+      response_type: "code",
+      client_id: this.#options.client,
+      scope: this.#options.scopes || "",
+      redirect_uri: this.#options.redirect,
+      state,
+      code_challenge: challenge,
+      code_challenge_method: "S256",
+      ...this.#options.params || {}
+    };
+    const url = new URL(getAuthorizationEndpoint());
+    url.search = new URLSearchParams(params).toString();
+    const promise = new Promise((resolve) => {
+      window.addEventListener(
+        "message",
+        async (e) => {
+          const { data } = e;
+          if (e.origin !== window.location.origin || data?.source !== MESSAGE_SOURCE) {
+            return;
+          }
+          this.#window?.close();
+          const response = await this.#getToken(data.url);
+          resolve(response);
+        },
+        false
+      );
+    });
+    this.#window = window.open(url.toString(), "_blank", "width=800,height=600");
+    if (!this.#window) {
+      throw new Error("Unable to open window for PopupTransport.");
+    }
+    this.#window.focus();
+    return promise;
+  }
+  async #getToken(href) {
+    const url = new URL(href);
+    const params = new URLSearchParams(url.search);
+    if (params.get("error")) {
+      throw new Error(
+        params.get("error_description") || "An error occurred during the authorization process."
+      );
+    }
+    const code = params.get("code");
+    if (!code) return void 0;
+    const state = store.get("state");
+    const verifier = store.get("code_verifier");
+    store.reset();
+    if (params.get("state") !== state) {
+      throw new Error(
+        'Invalid State. The received "state" parameter does not match the expected state.'
+      );
+    }
+    if (!verifier) {
+      throw new Error("Invalid Code Verifier");
+    }
+    const payload = {
+      code,
+      client_id: this.#options.client,
+      /**
+       * Retrieve the code verifier from session storage.
+       */
+      code_verifier: verifier,
+      redirect_uri: this.#options.redirect,
+      grant_type: "authorization_code"
+    };
+    const response = await (await oauth2_exports.token.exchange({
+      payload
+    })).json();
+    return response;
+  }
+  // eslint-disable-next-line class-methods-use-this
+  getToken() {
+    if (!window.opener) {
+      return;
+    }
+    window.opener.postMessage(
+      {
+        source: MESSAGE_SOURCE,
+        url: window.location.href
+      },
+      window.location.origin
+    );
+  }
+};
+
 // src/core/authorization/AuthorizationManager.ts
 var TRANSPORTS = {
-  redirect: RedirectTransport
-  // popup: PopupTransport,
+  redirect: RedirectTransport,
+  popup: PopupTransport
 };
 var DEFAULT_CONFIGURATION = {
   useRefreshTokens: false,
@@ -1085,7 +1201,11 @@ var AuthorizationManager = class {
     log("debug", "AuthorizationManager.login");
     this.reset();
     const transport = this.#buildTransport({ params: options?.additionalParams });
-    await transport.send();
+    const result = await transport.send();
+    if (isGlobusAuthTokenResponse(result)) {
+      this.addTokenResponse(result);
+    }
+    return result;
   }
   /**
    * Prompt the user to authenticate with Globus Auth.
@@ -1093,7 +1213,11 @@ var AuthorizationManager = class {
   async prompt(options) {
     log("debug", "AuthorizationManager.prompt");
     const transport = this.#buildTransport(options);
-    await transport.send();
+    const result = await transport.send();
+    if (isGlobusAuthTokenResponse(result)) {
+      this.addTokenResponse(result);
+    }
+    return result;
   }
   /**
    * This method will attempt to complete the PKCE protocol flow.