@qlik/api 1.16.0 → 1.18.0

package/chunks/{3XRP5N4L.js → YEHZGXQV.js}

@@ -188,23 +188,33 @@ var InvalidAuthTypeError = class extends Error {
     this.name = "InvalidAuthTypeError";
   }
 };
+function errorToString({ title, detail, code, status }) {
+  if (detail) {
+    return `${title} - ${detail} (Status: ${status}, Code: ${code})`;
+  }
+  return `${title} (Status: ${status}, Code: ${code})`;
+}
 var AuthorizationError = class extends Error {
+  errors;
   constructor(errors) {
+    if (typeof errors !== "object") {
+      super("Unknown error");
+      return;
+    }
     const errorArray = Array.isArray(errors) ? errors : [errors];
-    super(
-      errorArray.map(
-        (error) => `
-Code: ${error.code}
-Status: ${error.status}
-${error.title}:
-${error.detail}
-`
-      ).join(",\n")
-    );
+    super(errorArray.map(errorToString).join(", "));
+    this.errors = errorArray;
   }
 };
 
 // src/auth/auth-functions.ts
+var lastErrorMessage = "";
+function logToConsole({ message }) {
+  if (message !== lastErrorMessage) {
+    lastErrorMessage = message;
+    console.error(message);
+  }
+}
 function isHostCrossOrigin(hostConfig) {
   if (!globalThis.location?.origin) {
     return true;
@@ -265,31 +275,57 @@ function toValidWebsocketLocationUrl(hostConfig) {
 }
 async function getWebSocketAuthParams(props) {
   const hostConfigToUse = withDefaultHostConfig(props.hostConfig);
-  return (await getAuthModule(hostConfigToUse)).getWebSocketAuthParams({
-    ...props,
-    hostConfig: hostConfigToUse
-  });
+  try {
+    const authModule = await getAuthModule(hostConfigToUse);
+    return await authModule.getWebSocketAuthParams({
+      ...props,
+      hostConfig: hostConfigToUse
+    });
+  } catch (err) {
+    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
+    throw err;
+  }
 }
 async function getWebResourceAuthParams(props) {
   const hostConfigToUse = withDefaultHostConfig(props.hostConfig);
-  return (await getAuthModule(hostConfigToUse)).getWebResourceAuthParams?.({
-    ...props,
-    hostConfig: hostConfigToUse
-  }) || { queryParams: {} };
+  try {
+    const authModule = await getAuthModule(hostConfigToUse);
+    return await authModule.getWebResourceAuthParams?.({
+      ...props,
+      hostConfig: hostConfigToUse
+    }) || { queryParams: {} };
+  } catch (err) {
+    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
+    throw err;
+  }
 }
 async function handleAuthenticationError(props) {
   const hostConfigToUse = withDefaultHostConfig(props.hostConfig);
-  return (await getAuthModule(hostConfigToUse)).handleAuthenticationError({
+  const authModule = await getAuthModule(hostConfigToUse);
+  const result2 = await authModule.handleAuthenticationError({
     ...props,
     hostConfig: hostConfigToUse
   });
+  const willRetry = props.canRetry && result2.retry;
+  const willHangUntilANewPageIsLoaded = result2.preventDefault;
+  if (!willRetry && !willHangUntilANewPageIsLoaded) {
+    const { status, errorBody } = props;
+    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeInbandAuthError({ status, errorBody }));
+  }
+  return result2;
 }
 async function getRestCallAuthParams(props) {
   const hostConfigToUse = withDefaultHostConfig(props.hostConfig);
-  return (await getAuthModule(hostConfigToUse)).getRestCallAuthParams({
-    ...props,
-    hostConfig: hostConfigToUse
-  });
+  try {
+    const authModule = await getAuthModule(hostConfigToUse);
+    return await authModule.getRestCallAuthParams({
+      ...props,
+      hostConfig: hostConfigToUse
+    });
+  } catch (err) {
+    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
+    throw err;
+  }
 }
 async function getAccessToken(props) {
   const res = await getRestCallAuthParams({ method: "GET", ...props });
@@ -321,6 +357,17 @@ var logout = () => {
   globalThis.location.href = "/logout";
 };
 var leadingHttp = /^http/;
+function normalizeInbandAuthError({ errorBody, status }) {
+  const authError = errorBody;
+  if (typeof authError?.errors === "object") {
+    const err = new AuthorizationError(authError?.errors);
+    return { message: err.message };
+  }
+  return { message: `HTTP ${status}` };
+}
+function normalizeAuthModuleError(err) {
+  return { message: err.message || "Unknown error" };
+}
 
 // src/random/random.ts
 import { customAlphabet, nanoid } from "nanoid";
@@ -359,6 +406,7 @@ function internalValidateHostConfig(hostConfig, options) {
     "authRedirectUserConfirmation",
     "embedRuntimeUrl",
     "host",
+    "onAuthFailed",
     ...options.requiredProps,
     ...options.optionalProps
   ];
@@ -652,7 +700,7 @@ async function getOauthTokensWithRefreshToken(baseUrl, refreshToken, clientSecre
   };
 }
 async function getAnonymousOauthAccessToken(baseUrl, accessCode, clientId, trackingCode) {
-  const result2 = await fetch(`${baseUrl}/oauth/token`, {
+  const result2 = await fetch(`${baseUrl}/oauth/token/anonymous-embed`, {
     method: "POST",
     mode: "cors",
     headers: { "content-type": "application/json" },
@@ -792,7 +840,61 @@ async function refreshAccessToken(hostConfig) {
   }
 }
 
+// src/auth/internal/default-auth-modules/oauth/temporary-token.ts
+async function exchangeAccessTokenForTemporaryToken(hostConfig, accessToken, purpose) {
+  const response = await fetch(`${toValidLocationUrl(hostConfig)}/oauth/token`, {
+    method: "POST",
+    credentials: "include",
+    mode: "cors",
+    headers: { "content-type": "application/json" },
+    redirect: "follow",
+    body: JSON.stringify({
+      subject_token: accessToken,
+      subject_token_type: "urn:ietf:params:oauth:token-type:access_token",
+      grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
+      purpose,
+      redirect_uri: globalThis.location?.href,
+      client_id: hostConfig.clientId
+    })
+  });
+  if (response.status !== 200) {
+    throw await toError(response);
+  }
+  const data = await response.json();
+  return data.access_token;
+}
+async function toError(response) {
+  const body = await response.text();
+  try {
+    const data = JSON.parse(body);
+    return new AuthorizationError(data.errors);
+  } catch (err) {
+    return new AuthorizationError([
+      {
+        code: "unknown",
+        status: response.status,
+        detail: body,
+        title: "Unknown authentication error"
+      }
+    ]);
+  }
+}
+
 // src/auth/internal/default-auth-modules/anonymous.ts
+async function handlePotentialAuthenticationErrorAndRetry(hostConfig, fn) {
+  try {
+    return await fn();
+  } catch (err) {
+    const { retry } = await handleAuthenticationError2({
+      hostConfig,
+      canRetry: true
+    });
+    if (retry) {
+      return fn();
+    }
+    throw err;
+  }
+}
 async function getOrCreateTrackingCode(hostConfig) {
   let trackingCode;
   if (isBrowser()) {
@@ -809,7 +911,7 @@ async function getOrCreateTrackingCode(hostConfig) {
 }
 function createTrackingCode() {
   const timeStamp = Math.floor(Date.now() / 1e3).toString(16);
-  const randomString = generateRandomHexString(20);
+  const randomString = generateRandomHexString(40 - timeStamp.length);
   return `${timeStamp}${randomString}`;
 }
 async function getAnonymousAccessToken(hostConfig) {
@@ -849,20 +951,26 @@ async function getRestCallAuthParams2({
 async function getWebSocketAuthParams2({
   hostConfig
 }) {
-  const accessToken = await getAnonymousAccessToken(hostConfig);
+  const websocketAccessToken = await handlePotentialAuthenticationErrorAndRetry(hostConfig, async () => {
+    const accessToken = await getAnonymousAccessToken(hostConfig);
+    return exchangeAccessTokenForTemporaryToken(hostConfig, accessToken, "websocket");
+  });
   return {
     queryParams: {
-      accessToken
+      accessToken: websocketAccessToken
     }
   };
 }
 async function getWebResourceAuthParams2({
   hostConfig
 }) {
-  const accessToken = await getAnonymousAccessToken(hostConfig);
+  const websocketResourceAccessToken = await handlePotentialAuthenticationErrorAndRetry(hostConfig, async () => {
+    const accessToken = await getAnonymousAccessToken(hostConfig);
+    return exchangeAccessTokenForTemporaryToken(hostConfig, accessToken, "websocket");
+  });
   return {
     queryParams: {
-      accessToken
+      accessToken: websocketResourceAccessToken
     }
   };
 }
@@ -1009,7 +1117,7 @@ var cookie_default = {
   handleAuthenticationError: handleAuthenticationError4,
   validateHostConfig: (hostConfig) => internalValidateHostConfig(hostConfig, {
     requiredProps: [],
-    optionalProps: ["webIntegrationId", "crossSiteCookies"]
+    optionalProps: ["webIntegrationId", "crossSiteCookies", "anonymousMode"]
   })
 };
 
@@ -1059,51 +1167,11 @@ function handleOAuthCallback() {
   }
 }
 
-// src/auth/internal/default-auth-modules/oauth/temporary-token.ts
-async function exchangeAccessTokenForTemporaryToken(hostConfig, accessToken, purpose) {
-  const response = await fetch(`${toValidLocationUrl(hostConfig)}/oauth/token`, {
-    method: "POST",
-    credentials: "include",
-    mode: "cors",
-    headers: { "content-type": "application/json" },
-    redirect: "follow",
-    body: JSON.stringify({
-      subject_token: accessToken,
-      subject_token_type: "urn:ietf:params:oauth:token-type:access_token",
-      grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
-      purpose,
-      redirect_uri: globalThis.location?.href,
-      client_id: hostConfig.clientId
-    })
-  });
-  if (response.status !== 200) {
-    throw await toError(response);
-  }
-  const data = await response.json();
-  return data.access_token;
-}
-async function toError(response) {
-  const body = await response.text();
-  try {
-    const data = JSON.parse(body);
-    return new AuthorizationError(data.errors);
-  } catch (err) {
-    return new AuthorizationError([
-      {
-        code: "unknown",
-        status: response.status,
-        detail: body,
-        title: "Unknown authentication error"
-      }
-    ]);
-  }
-}
-
 // src/auth/internal/default-auth-modules/oauth.ts
 if (isBrowser()) {
   handleOAuthCallback();
 }
-async function handlePotentialAuthenticationErrorAndRetry(hostConfig, fn) {
+async function handlePotentialAuthenticationErrorAndRetry2(hostConfig, fn) {
   try {
     return await fn();
   } catch (err) {
@@ -1131,7 +1199,7 @@ async function getRestCallAuthParams6({
 async function getWebSocketAuthParams6({
   hostConfig
 }) {
-  const websocketAccessToken = await handlePotentialAuthenticationErrorAndRetry(hostConfig, async () => {
+  const websocketAccessToken = await handlePotentialAuthenticationErrorAndRetry2(hostConfig, async () => {
     const accessToken = await getOAuthAccessToken(hostConfig);
     return exchangeAccessTokenForTemporaryToken(hostConfig, accessToken, "websocket");
   });
@@ -1144,7 +1212,7 @@ async function getWebSocketAuthParams6({
 async function getWebResourceAuthParams3({
   hostConfig
 }) {
-  const webResourceAccessToken = await handlePotentialAuthenticationErrorAndRetry(hostConfig, async () => {
+  const webResourceAccessToken = await handlePotentialAuthenticationErrorAndRetry2(hostConfig, async () => {
     const accessToken = await getOAuthAccessToken(hostConfig);
     return exchangeAccessTokenForTemporaryToken(hostConfig, accessToken, "webresource");
   });

package/chunks/{7IMOYFWE.js → ZLPAS7FC.js}

@@ -1,21 +1,21 @@
 // src/public/public-runtime-modules.ts
 function getAuthRuntimeModule(hostConfig) {
   const isNode = !!globalThis.process?.argv;
-  return isNode ? import("./PESPSFQN.js") : import("./TBHMVTOT.js").then(
+  return isNode ? import("./2B3EPESP.js") : import("./GLS4DAZ4.js").then(
     (mod) => mod.importRuntimeModule("auth@v1", hostConfig)
   );
 }
 async function getQixRuntimeModule(hostConfig) {
   await getAuthRuntimeModule(hostConfig);
   const isNode = !!globalThis.process?.argv;
-  return isNode ? import("./YHKRUQRS.js") : import("./TBHMVTOT.js").then(
+  return isNode ? import("./QLFOH4GP.js") : import("./GLS4DAZ4.js").then(
     (mod) => mod.importRuntimeModule("qix@v1", hostConfig)
   );
 }
 async function getInvokeFetchRuntimeModule(hostConfig) {
   await getAuthRuntimeModule(hostConfig);
   const isNode = !!globalThis.process?.argv;
-  return isNode ? import("./ECWQX4IH.js") : import("./TBHMVTOT.js").then(
+  return isNode ? import("./URFSYYRS.js") : import("./GLS4DAZ4.js").then(
     (mod) => mod.importRuntimeModule("invoke-fetch@v1", hostConfig)
   );
 }

package/collections.d.ts

@@ -1,5 +1,5 @@
-import { A as ApiCallOptions } from './global.types-z1p6A9D-.js';
-import './auth-types-BU5EGt_9.js';
+import { A as ApiCallOptions } from './global.types--37uwGji.js';
+import './auth-types-PkN9CAF_.js';
 
 type CollectionByIdPatch = {
     /** The operation to be performed. */
@@ -19,6 +19,7 @@ type CollectionsAddCollectionItemRequestBody = {
 };
 type CollectionsCreateCollectionRequestBody = {
     description?: string;
+    /** For `public` collections (tags), if name already exists in the tenant as a `public` collection, this call will fail with a `409` response. */
     name: string;
     type: CollectionTypes;
 };
@@ -233,7 +234,7 @@ type Meta = {
     timeout?: boolean;
 };
 /**
- * Finds and returns the collections that the user can access. This endpoint does not return the user's favorites collection.
+ * Retrieves the collections that the user has access to. This endpoint does not return the user's favorites collection, which can be retrieved with `/v1/collections/favorites`.
  *
  * @param query an object with query parameters
  * @throws GetCollectionsHttpError
@@ -261,7 +262,7 @@ declare const getCollections: (query: {
      * must be prefixed by + or - to indicate ascending or descending sort order
      * respectively. */
     sort?: "+createdAt" | "-createdAt" | "+name" | "-name" | "+updatedAt" | "-updatedAt";
-    /** The case-sensitive string used to filter for a collection by type. */
+    /** The case-sensitive string used to filter for a collection by type. Retrieve private collections with `private`, public collections with `publicgoverned`, and tags with `public`. */
     type?: CollectionTypes;
     /** A commaseparated case-sensitive string used to filter by multiple types. */
     types?: CollectionTypes[];
@@ -279,7 +280,7 @@ type GetCollectionsHttpError = {
     status: number;
 };
 /**
- * Creates and returns a new collection. Collections can have the same name.
+ * Creates and returns a new collection. Collections of type `public` (shown as tags in the user interface) must have unique names. Other collection types can reuse names.
  *
  * @param body an object with the body content
  * @throws CreateCollectionHttpError
@@ -296,7 +297,7 @@ type CreateCollectionHttpError = {
     status: number;
 };
 /**
- * Finds and returns the user's favorites collection.
+ * Lists the user's favorites collection.
  *
  * @throws GetFavoritesCollectionHttpError
  */
@@ -346,7 +347,7 @@ type GetCollectionHttpError = {
     status: number;
 };
 /**
- * Updates the collection fields provided in the patch body.
+ * Updates the name, description, or type fields provided in the patch body. Can be used to publish a `private` collection as a `publicgoverned` collection by patching `/type` with `publicgoverned` once the collection contains at least 1 item. Can also be used to return a `publicgoverned` collection to `private`. Cannot be used to change between `public` (tag) and `private / publicgoverned` (collection).
  *
  * @param collectionId The collection's unique identifier.
  * @param body an object with the body content
@@ -364,7 +365,7 @@ type PatchCollectionHttpError = {
     status: number;
 };
 /**
- * Updates a collection and returns the new collection. Omitted and unsupported fields are ignored. To unset a field, provide the field's zero value.
+ * Updates a collection's name and description and returns the updated collection. Omitted and unsupported fields are ignored. To unset a field, provide the field's zero value.
  *
  * @param collectionId The collection's unique identifier.
  * @param body an object with the body content
@@ -382,7 +383,7 @@ type UpdateCollectionHttpError = {
     status: number;
 };
 /**
- * Finds and returns items from a collection that the user has access to.
+ * Retrieves items from a collection that the user has access to.
  *
  * @param collectionId The collection's unique identifier. (This query also supports 'favorites' as the collectionID).
 
@@ -463,7 +464,7 @@ type DeleteCollectionItemHttpError = {
     status: number;
 };
 /**
- * Finds and returns an item. See GET /items/{id}
+ * Finds and returns an item in a specific collection. See GET `/items/{id}`.
  *
  * @param collectionId The collection's unique identifier.
  * @param itemId The item's unique identifier.
@@ -486,21 +487,21 @@ type GetCollectionItemHttpError = {
 declare function clearCache(): void;
 interface CollectionsAPI {
     /**
-     * Finds and returns the collections that the user can access. This endpoint does not return the user's favorites collection.
+     * Retrieves the collections that the user has access to. This endpoint does not return the user's favorites collection, which can be retrieved with `/v1/collections/favorites`.
      *
      * @param query an object with query parameters
      * @throws GetCollectionsHttpError
      */
     getCollections: typeof getCollections;
     /**
-     * Creates and returns a new collection. Collections can have the same name.
+     * Creates and returns a new collection. Collections of type `public` (shown as tags in the user interface) must have unique names. Other collection types can reuse names.
      *
      * @param body an object with the body content
      * @throws CreateCollectionHttpError
      */
     createCollection: typeof createCollection;
     /**
-     * Finds and returns the user's favorites collection.
+     * Lists the user's favorites collection.
      *
      * @throws GetFavoritesCollectionHttpError
      */
@@ -520,7 +521,7 @@ interface CollectionsAPI {
      */
     getCollection: typeof getCollection;
     /**
-     * Updates the collection fields provided in the patch body.
+     * Updates the name, description, or type fields provided in the patch body. Can be used to publish a `private` collection as a `publicgoverned` collection by patching `/type` with `publicgoverned` once the collection contains at least 1 item. Can also be used to return a `publicgoverned` collection to `private`. Cannot be used to change between `public` (tag) and `private / publicgoverned` (collection).
      *
      * @param collectionId The collection's unique identifier.
      * @param body an object with the body content
@@ -528,7 +529,7 @@ interface CollectionsAPI {
      */
     patchCollection: typeof patchCollection;
     /**
-     * Updates a collection and returns the new collection. Omitted and unsupported fields are ignored. To unset a field, provide the field's zero value.
+     * Updates a collection's name and description and returns the updated collection. Omitted and unsupported fields are ignored. To unset a field, provide the field's zero value.
      *
      * @param collectionId The collection's unique identifier.
      * @param body an object with the body content
@@ -536,7 +537,7 @@ interface CollectionsAPI {
      */
     updateCollection: typeof updateCollection;
     /**
-     * Finds and returns items from a collection that the user has access to.
+     * Retrieves items from a collection that the user has access to.
      *
      * @param collectionId The collection's unique identifier. (This query also supports 'favorites' as the collectionID).
   
@@ -561,7 +562,7 @@ interface CollectionsAPI {
      */
     deleteCollectionItem: typeof deleteCollectionItem;
     /**
-     * Finds and returns an item. See GET /items/{id}
+     * Finds and returns an item in a specific collection. See GET `/items/{id}`.
      *
      * @param collectionId The collection's unique identifier.
      * @param itemId The item's unique identifier.

package/collections.js

@@ -1,8 +1,8 @@
 import {
   clearApiCache,
   invokeFetch
-} from "./chunks/MFNOHOWH.js";
-import "./chunks/7IMOYFWE.js";
+} from "./chunks/2NXPFUPZ.js";
+import "./chunks/ZLPAS7FC.js";
 import "./chunks/2ZQ3ZX7F.js";
 
 // src/public/rest/collections.ts

package/csp-origins.d.ts

@@ -1,5 +1,5 @@
-import { A as ApiCallOptions } from './global.types-z1p6A9D-.js';
-import './auth-types-BU5EGt_9.js';
+import { A as ApiCallOptions } from './global.types--37uwGji.js';
+import './auth-types-PkN9CAF_.js';
 
 type CSPEntry = {
     /** The CSP entry's unique identifier. */

package/csp-origins.js

@@ -1,8 +1,8 @@
 import {
   clearApiCache,
   invokeFetch
-} from "./chunks/MFNOHOWH.js";
-import "./chunks/7IMOYFWE.js";
+} from "./chunks/2NXPFUPZ.js";
+import "./chunks/ZLPAS7FC.js";
 import "./chunks/2ZQ3ZX7F.js";
 
 // src/public/rest/csp-origins.ts

package/data-assets.d.ts

@@ -1,5 +1,5 @@
-import { A as ApiCallOptions } from './global.types-z1p6A9D-.js';
-import './auth-types-BU5EGt_9.js';
+import { A as ApiCallOptions } from './global.types--37uwGji.js';
+import './auth-types-PkN9CAF_.js';
 
 type BatchIdDto = {
     ids?: string[];

package/data-assets.js

@@ -1,8 +1,8 @@
 import {
   clearApiCache,
   invokeFetch
-} from "./chunks/MFNOHOWH.js";
-import "./chunks/7IMOYFWE.js";
+} from "./chunks/2NXPFUPZ.js";
+import "./chunks/ZLPAS7FC.js";
 import "./chunks/2ZQ3ZX7F.js";
 
 // src/public/rest/data-assets.ts

package/data-connections.d.ts

@@ -1,5 +1,5 @@
-import { A as ApiCallOptions } from './global.types-z1p6A9D-.js';
-import './auth-types-BU5EGt_9.js';
+import { A as ApiCallOptions } from './global.types--37uwGji.js';
+import './auth-types-PkN9CAF_.js';
 
 type ActionDeleteRequest = {
     connections: {

package/data-connections.js

@@ -1,8 +1,8 @@
 import {
   clearApiCache,
   invokeFetch
-} from "./chunks/MFNOHOWH.js";
-import "./chunks/7IMOYFWE.js";
+} from "./chunks/2NXPFUPZ.js";
+import "./chunks/ZLPAS7FC.js";
 import "./chunks/2ZQ3ZX7F.js";
 
 // src/public/rest/data-connections.ts

package/data-credentials.d.ts

@@ -1,5 +1,5 @@
-import { A as ApiCallOptions } from './global.types-z1p6A9D-.js';
-import './auth-types-BU5EGt_9.js';
+import { A as ApiCallOptions } from './global.types--37uwGji.js';
+import './auth-types-PkN9CAF_.js';
 
 type Credential = {
     /** ID datasource that the credential is created for */

package/data-credentials.js

@@ -1,8 +1,8 @@
 import {
   clearApiCache,
   invokeFetch
-} from "./chunks/MFNOHOWH.js";
-import "./chunks/7IMOYFWE.js";
+} from "./chunks/2NXPFUPZ.js";
+import "./chunks/ZLPAS7FC.js";
 import "./chunks/2ZQ3ZX7F.js";
 
 // src/public/rest/data-credentials.ts