npm - @joonweb/joonweb-sdk - Versions diffs - 1.0.0 - Mend

@joonweb/joonweb-sdk 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/index.js +8 -0
package/package.json +60 -0
package/src/Auth/Auth.js +193 -0
package/src/Auth/OAuth.js +135 -0
package/src/Auth/SessionManager.js +145 -0
package/src/Auth/session/Session.js +46 -0
package/src/Auth/session/StorageInterface.js +48 -0
package/src/Auth/session/storage/MemoryStorage.js +34 -0
package/src/Auth/session/storage/MongoDBStorage.js +107 -0
package/src/Auth/session/storage/MySQLStorage.js +281 -0
package/src/Auth/session/storage/PostgreSQLStorage.js +372 -0
package/src/Auth/session/storage/RedisStorage.js +133 -0
package/src/Auth/session/storage/SQLiteStorage.js +133 -0
package/src/Auth/session/storage/index.js +46 -0
package/src/Clients/BaseClient.js +66 -0
package/src/Context.js +82 -0
package/src/Helper.js +92 -0
package/src/JoonWebAPI.js +81 -0
package/src/Resources/BaseResource.js +32 -0
package/src/Resources/Customer.js +34 -0
package/src/Resources/Order.js +18 -0
package/src/Resources/Product.js +30 -0
package/src/Resources/Site.js +11 -0
package/src/Resources/Theme.js +7 -0
package/src/Resources/Webhook.js +30 -0

package/index.js ADDED Viewed

@@ -0,0 +1,8 @@
+// Main SDK entry point
+module.exports = {
+    JoonWebAPI: require('./src/JoonWebAPI'),
+    Context: require('./src/Context'),
+    Helper: require('./src/Helper'),
+    OAuth: require('./src/Auth/OAuth'),
+    SessionManager: require('./src/Auth/SessionManager')
+};

package/package.json ADDED Viewed

@@ -0,0 +1,60 @@
+{
+  "name": "@joonweb/joonweb-sdk",
+  "version": "1.0.0",
+  "description": "Official Node.js SDK for JoonWeb API",
+  "main": "index.js",
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "test": "jest",
+    "test:watch": "jest --watch",
+    "lint": "eslint src/",
+    "format": "prettier --write \"src/**/*.js\"",
+    "example": "node examples/express-app.js",
+    "prepare": "npm run build",
+    "build": "echo 'No build step required for JavaScript SDK'"
+  },
+  "keywords": [
+    "joonweb",
+    "api",
+    "sdk",
+    "ecommerce",
+    "oauth",
+    "rest-api"
+  ],
+  "author": "Joonweb <business@jooncorporation.com>",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/JoonWebdotcom/joonweb-node-sdk.git"
+  },
+  "bugs": {
+    "url": "https://github.com/JoonWebdotcom/joonweb-node-sdk/issues"
+  },
+  "homepage": "https://github.com/JoonWebdotcom/joonweb-node-sdk#readme",
+  "engines": {
+    "node": ">=14.0.0"
+  },
+  "dependencies": {
+    "axios": "^1.6.0"
+  },
+  "devDependencies": {
+    "jest": "^29.7.0",
+    "eslint": "^8.53.0",
+    "prettier": "^3.0.3",
+    "dotenv": "^16.3.0",
+    "express": "^4.18.2",
+    "express-session": "^1.17.3"
+  },
+  "optionalDependencies": {
+    "sqlite3": "^5.1.7",
+    "mongodb": "^6.3.0",
+    "redis": "^4.6.13"
+  },
+  "files": [
+    "src/",
+    "LICENSE",
+    "README.md"
+  ]
+}

package/src/Auth/Auth.js ADDED Viewed

@@ -0,0 +1,193 @@
+const Helper = require('../Helper');
+const Context = require('../Context');
+const crypto = require('crypto');
+class Auth {
+    static STATE_COOKIE_NAME = 'joonweb_oauth_state';
+    static STATE_SIG_COOKIE_NAME = 'joonweb_oauth_state_sig';
+    static SESSION_COOKIE_NAME = 'joonweb_session_id';
+    static SESSION_SIG_COOKIE_NAME = 'joonweb_session_id_sig';
+    /**
+     * Begin OAuth flow
+     */
+    static beginAuth(site, redirectUri, scopes, isOnline = true) {
+        Context.throwIfUninitialized();
+        const state = crypto.randomBytes(16).toString('hex');
+        const scope = Array.isArray(scopes) ? scopes.join(',') : scopes;
+        // Generate authorization URL
+        const authUrl = `https://${site}/admin/oauth/authorize?` + new URLSearchParams({
+            client_id: Context.API_KEY,
+            scope: scope,
+            redirect_uri: redirectUri,
+            state: state,
+            'grant_options[]': isOnline ? 'per-user' : ''
+        }).toString();
+        return {
+            url: authUrl,
+            state: state
+        };
+    }
+    /**
+     * Validate OAuth callback
+     */
+    static async validateAuthCallback(query, cookies, setCookieFunction = null) {
+        Context.throwIfUninitialized();
+        const { site, code, state, hmac, timestamp } = query;
+        // Validate HMAC
+        if (!Helper.verifyHmac(query, Context.API_SECRET_KEY)) {
+            throw new Error('Invalid HMAC');
+        }
+        // Validate state from cookies
+        const stateCookie = this._getCookie(cookies, this.STATE_COOKIE_NAME, this.STATE_SIG_COOKIE_NAME);
+        if (!stateCookie || stateCookie !== state) {
+            throw new Error('Invalid OAuth state');
+        }
+        // Exchange code for token
+        const tokenData = await this._exchangeCodeForToken(code, site);
+        // Create session
+        const session = {
+            site: site,
+            accessToken: tokenData.access_token,
+            scope: tokenData.scope,
+            expiresAt: tokenData.expires_in ? Date.now() + (tokenData.expires_in * 1000) : null,
+            isOnline: !!tokenData.associated_user,
+            user: tokenData.associated_user || null
+        };
+        // Store session if storage is configured
+        if (Context.SESSION_STORAGE) {
+            await Context.SESSION_STORAGE.storeSession(session);
+        }
+        // Set session cookie for non-embedded apps
+        if (!Context.IS_EMBEDDED_APP && setCookieFunction) {
+            this._setSessionCookie(session, setCookieFunction);
+        }
+        return session;
+    }
+    /**
+     * Get current session from request
+     */
+    static async getCurrentSession(headers, cookies) {
+        Context.throwIfUninitialized();
+        if (Context.IS_EMBEDDED_APP) {
+            // Get session from JWT (embedded app)
+            const authHeader = headers['authorization'];
+            if (!authHeader || !authHeader.startsWith('Bearer ')) {
+                return null;
+            }
+            const jwt = authHeader.split(' ')[1];
+            const payload = Helper.decodeSessionToken(jwt);
+            if (!payload) {
+                return null;
+            }
+            // Extract site from JWT
+            const site = payload.dest ? payload.dest.replace('https://', '') : null;
+            if (!site) {
+                return null;
+            }
+            // Load session from storage
+            if (Context.SESSION_STORAGE) {
+                return await Context.SESSION_STORAGE.loadSession(site);
+            }
+        } else {
+            // Get session from cookies (non-embedded)
+            const sessionId = this._getCookie(cookies, this.SESSION_COOKIE_NAME, this.SESSION_SIG_COOKIE_NAME);
+            if (!sessionId || !Context.SESSION_STORAGE) {
+                return null;
+            }
+            return await Context.SESSION_STORAGE.loadSessionById(sessionId);
+        }
+        return null;
+    }
+    /**
+     * Exchange authorization code for access token
+     */
+    static async _exchangeCodeForToken(code, site) {
+        const url = `https://${site}/admin/oauth/access_token`;
+        const response = await fetch(url, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'Accept': 'application/json'
+            },
+            body: JSON.stringify({
+                client_id: Context.API_KEY,
+                client_secret: Context.API_SECRET_KEY,
+                code: code
+            })
+        });
+        if (!response.ok) {
+            throw new Error(`Token exchange failed: ${response.status}`);
+        }
+        return await response.json();
+    }
+    /**
+     * Get and validate cookie
+     */
+    static _getCookie(cookies, name, sigName) {
+        const cookieValue = cookies[name];
+        const signature = cookies[sigName];
+        if (!cookieValue || !signature) {
+            return null;
+        }
+        // Validate signature
+        const expectedSig = crypto
+            .createHmac('sha256', Context.API_SECRET_KEY)
+            .update(cookieValue)
+            .digest('hex');
+        if (signature !== expectedSig) {
+            return null;
+        }
+        return cookieValue;
+    }
+    /**
+     * Set session cookie with signature
+     */
+    static _setSessionCookie(session, setCookieFunction) {
+        const sessionId = session.id || crypto.randomBytes(16).toString('hex');
+        const signature = crypto
+            .createHmac('sha256', Context.API_SECRET_KEY)
+            .update(sessionId)
+            .digest('hex');
+        const expires = session.expiresAt ? new Date(session.expiresAt) : undefined;
+        if (setCookieFunction) {
+            setCookieFunction(this.SESSION_COOKIE_NAME, sessionId, { expires, httpOnly: true });
+            setCookieFunction(this.SESSION_SIG_COOKIE_NAME, signature, { expires, httpOnly: true });
+        }
+    }
+}
+module.exports = Auth;

package/src/Auth/OAuth.js ADDED Viewed

@@ -0,0 +1,135 @@
+const Helper = require('../Helper');
+const SessionManager = require('./SessionManager');
+const crypto = require('crypto');
+class OAuth {
+    constructor(config = {}) {
+        this.clientId = config.clientId || process.env.JOONWEB_CLIENT_ID || 'test_client';
+        this.clientSecret = config.clientSecret || process.env.JOONWEB_CLIENT_SECRET || 'test_secret';
+        this.redirectUri = config.redirectUri || process.env.JOONWEB_REDIRECT_URI || 'http://localhost:3000/auth/callback';
+        this.scopes = config.scopes || ['read_products', 'write_products'];
+        this.sessionManager = config.sessionManager || new SessionManager();
+        this.appSlug = config.appSlug || process.env.JOONWEB_CLIENT_ID || 'test-app';
+    }
+    /**
+     * Generate OAuth URL
+     */
+    beginAuth(siteDomain) {
+        const state = crypto.randomBytes(16).toString('hex');
+        const params = new URLSearchParams({
+            client_id: this.clientId,
+            scope: this.scopes.join(','),
+            redirect_uri: this.redirectUri,
+            state: state,
+            site: siteDomain
+        });
+        return {
+            url: `https://accounts.joonweb.com/oauth/authorize?${params.toString()}`,
+            state: state
+        };
+    }
+    async exchangeCodeForToken(code, siteDomain) {
+        const JoonWebAPI = require('../JoonWebAPI');
+        const api = new JoonWebAPI();
+        const tokenData = await api.exchangeCodeForToken(code, siteDomain, {
+            client_id: this.clientId,
+            client_secret: this.clientSecret,
+            redirect_uri: this.redirectUri
+        });
+        return tokenData;
+    }
+    /**
+     * Validate OAuth callback
+     */
+    async validateAuthCallback(query, sessionState) {
+        // For testing, skip HMAC verification
+        if (!this.verifyHmac(query)) {
+            throw new Error('Invalid HMAC signature');
+        }
+        const { code, site } = query;
+        // Create API instance
+        const JoonWebAPI = require('../JoonWebAPI');
+        const api = new JoonWebAPI();
+        // Exchange code for token
+        const tokenData = await api.exchangeCodeForToken(code, site);
+        // Start session
+        await this.sessionManager.startSession(site, tokenData);
+        // Set API credentials
+        api.setAccessToken(tokenData.access_token)
+           .setSiteDomain(site);
+        // Get site info
+        const siteInfo = await api.site.get();
+        // Save data
+        await this.sessionManager.saveAppData(site, 'site_info', siteInfo.site);
+        await this.sessionManager.trackAnalytics(site, 'installation_completed', {
+            site_name: siteInfo.site.name,
+            email: siteInfo.site.email
+        });
+        return {
+            site: site,
+            accessToken: tokenData.access_token,
+            scope: tokenData.scope,
+            expiresAt: tokenData.expires_in ? Date.now() + (tokenData.expires_in * 1000) : null,
+            user: tokenData.associated_user || null,
+            siteInfo: siteInfo.site
+        };
+    }
+    verifyHmac(params) {
+        // For testing, always return true
+        return true;
+        // Real implementation would verify HMAC here
+    }
+    getEmbedUrl(siteDomain, siteHash = '', app_slug = null) {
+        return `https://accounts.joonweb.com/site/?sitehash=${siteHash}&apps&${encodeURIComponent(app_slug)}`;
+    }
+    /**
+     * Complete OAuth flow handler
+     */
+    async handleCallback(req, res) {
+        try {
+            const session = await this.validateAuthCallback(req.query, req.session.oauth_state);
+            // Build embed URL
+            const embedUrl = this.getEmbedUrl(session.site, req.query.site_hash, req.query.app_slug);
+            // Redirect to embedded app
+            res.redirect(embedUrl);
+        } catch (error) {
+            console.error('OAuth Error:', error);
+            if (req.query.site) {
+                await this.sessionManager.trackAnalytics(req.query.site, 'installation_failed', {
+                    error: error.message
+                });
+            }
+            res.status(400).send(`
+                <h1>❌ Installation Failed</h1>
+                <p>Error: ${error.message}</p>
+                <p><a href="/auth?site=${req.query.site || ''}">Try Again</a></p>
+            `);
+        }
+    }
+}
+module.exports = OAuth;

package/src/Auth/SessionManager.js ADDED Viewed

@@ -0,0 +1,145 @@
+// src/Auth/SessionManager.js
+const crypto = require('crypto');
+class SessionManager {
+    constructor(storageAdapter = null) {
+        // Use provided adapter or default to MemoryStorage
+        if (storageAdapter) {
+            this.storage = storageAdapter;
+        } else {
+            const { MemoryStorage } = require('./session/storage');
+            this.storage = new MemoryStorage();
+        }
+    }
+    async startSession(siteDomain, tokenData, additionalData = {}) {
+        const session = {
+            site_domain: siteDomain,
+            access_token: tokenData.access_token,
+            scope: tokenData.scope,
+            expires_at: tokenData.expires_in ? Date.now() + (tokenData.expires_in * 1000) : null,
+            user: tokenData.associated_user || null,
+            authenticated_at: Date.now(),
+            ...additionalData
+        };
+        await this.storage.store(siteDomain, session);
+        return session;
+    }
+    async isAuthenticated(siteDomain) {
+        const session = await this.storage.load(siteDomain);
+        if (!session) return false;
+        if (session.expires_at && session.expires_at < Date.now()) {
+            await this.destroySession(siteDomain);
+            return false;
+        }
+        return true;
+    }
+    async getAccessToken(siteDomain) {
+        const session = await this.storage.load(siteDomain);
+        return session ? session.access_token : null;
+    }
+    async getSessionData(siteDomain) {
+        return await this.storage.load(siteDomain);
+    }
+    getSiteDomain(siteDomain) {
+        return siteDomain; // This method seems redundant
+    }
+    async saveAppData(siteDomain, key, data) {
+        // Load existing session
+        const session = await this.getSessionData(siteDomain);
+        if (!session) return false;
+        // Add metadata
+        session.metadata = session.metadata || {};
+        session.metadata[key] = data;
+        // Save back
+        await this.storage.store(siteDomain, session);
+        console.log(`✅ Saved ${key} for ${siteDomain}`);
+        return true;
+    }
+    async trackAnalytics(siteDomain, event, data = {}) {
+        // Load existing session
+        const session = await this.getSessionData(siteDomain);
+        if (!session) return false;
+        // Add analytics data
+        session.metadata = session.metadata || {};
+        session.metadata.analytics = session.metadata.analytics || [];
+        session.metadata.analytics.push({
+            event,
+            data,
+            timestamp: Date.now()
+        });
+        // Save back
+        await this.storage.store(siteDomain, session);
+        console.log(`📊 Tracked ${event} for ${siteDomain}`);
+        return true;
+    }
+    isEmbeddedRequest(headers) {
+        return (
+            (headers['sec-fetch-dest'] === 'iframe') ||
+            (headers.referer && headers.referer.includes('joonweb.com'))
+        );
+    }
+    async destroySession(siteDomain) {
+        return await this.storage.delete(siteDomain);
+    }
+    // New methods for better session management
+    async refreshSession(siteDomain, newTokenData) {
+        const existingSession = await this.getSessionData(siteDomain);
+        if (!existingSession) return null;
+        const updatedSession = {
+            ...existingSession,
+            access_token: newTokenData.access_token,
+            expires_at: newTokenData.expires_in ? Date.now() + (newTokenData.expires_in * 1000) : null,
+            updated_at: Date.now()
+        };
+        await this.storage.store(siteDomain, updatedSession);
+        return updatedSession;
+    }
+    async listAllSessions() {
+        return await this.storage.list();
+    }
+    async clearAllSessions() {
+        return await this.storage.clear();
+    }
+    async getSessionCount() {
+        const sessions = await this.listAllSessions();
+        return sessions.length;
+    }
+    // Utility method to get active sessions
+    async getActiveSessions() {
+        const allSessions = await this.listAllSessions();
+        const activeSessions = [];
+        for (const session of allSessions) {
+            if (await this.isAuthenticated(session.site_domain)) {
+                activeSessions.push(session);
+            }
+        }
+        return activeSessions;
+    }
+}
+module.exports = SessionManager;

package/src/Auth/session/Session.js ADDED Viewed

@@ -0,0 +1,46 @@
+class Session {
+  constructor(id, siteDomain, accessToken) {
+    this.id = id;
+    this.site_domain = siteDomain;
+    this.access_token = accessToken;
+    this.scope = '';
+    this.user = null;
+    this.expires_at = null;
+    this.created_at = Date.now();
+    this.updated_at = Date.now();
+    this.is_online = false;
+    this.online_access_info = {};
+    this.state = '';
+    this.metadata = {};
+  }
+  isValid() {
+    if (!this.expires_at) return true;
+    return this.expires_at > Date.now();
+  }
+  toJSON() {
+    return {
+      id: this.id,
+      site_domain: this.site_domain,
+      access_token: this.access_token,
+      scope: this.scope,
+      user: this.user,
+      expires_at: this.expires_at,
+      created_at: this.created_at,
+      updated_at: this.updated_at,
+      is_online: this.is_online,
+      online_access_info: this.online_access_info,
+      state: this.state,
+      metadata: this.metadata
+    };
+  }
+  static fromJSON(data) {
+    const session = new Session(data.id, data.site_domain, data.access_token);
+    Object.assign(session, data);
+    return session;
+  }
+}
+module.exports = Session;

package/src/Auth/session/StorageInterface.js ADDED Viewed

@@ -0,0 +1,48 @@
+class StorageInterface {
+  /**
+   * Store a JoonWeb session
+   * @param {Session} session
+   * @returns {Promise<boolean>}
+   */
+  async store(session) {
+    throw new Error('Method not implemented: store');
+  }
+  /**
+   * Load a session by ID
+   * @param {string} sessionId
+   * @returns {Promise<Session|null>}
+   */
+  async load(sessionId) {
+    throw new Error('Method not implemented: load');
+  }
+  /**
+   * Delete a session
+   * @param {string} sessionId
+   * @returns {Promise<boolean>}
+   */
+  async delete(sessionId) {
+    throw new Error('Method not implemented: delete');
+  }
+  /**
+   * Find sessions by site domain
+   * @param {string} siteDomain
+   * @returns {Promise<Session[]>}
+   */
+  async findBySiteDomain(siteDomain) {
+    throw new Error('Method not implemented: findBySiteDomain');
+  }
+  /**
+   * Find sessions by query
+   * @param {Object} query
+   * @returns {Promise<Session[]>}
+   */
+  async findByQuery(query) {
+    throw new Error('Method not implemented: findByQuery');
+  }
+}
+module.exports = StorageInterface;

package/src/Auth/session/storage/MemoryStorage.js ADDED Viewed

@@ -0,0 +1,34 @@
+// src/session/storage/MemoryStorage.js
+class MemoryStorage {
+    constructor() {
+        this.sessions = new Map();
+    }
+    async store(siteDomain, session) {
+        this.sessions.set(siteDomain, session);
+        return true;
+    }
+    async load(siteDomain) {
+        return this.sessions.get(siteDomain) || null;
+    }
+    async delete(siteDomain) {
+        return this.sessions.delete(siteDomain);
+    }
+    async list() {
+        return Array.from(this.sessions.values());
+    }
+    async clear() {
+        this.sessions.clear();
+        return true;
+    }
+    async count() {
+        return this.sessions.size;
+    }
+}
+module.exports = MemoryStorage;