@qlik/api 1.50.0 → 2.0.0

package/chunks/{auth-functions-BZN9dCw1.js → auth-functions-C27LB1gE.js}

@@ -1,6 +1,6 @@
-import { a as sortKeys, i as isNode, r as isBrowser, t as cleanFalsyValues } from "./utils-DI6bFnHB.js";
-import { i as getInterceptors } from "./interceptors-CT9deBo6.js";
-import { n as hostConfigCommonProperties, t as authTypesThatCanBeOmitted } from "./auth-types-BuIzsuoh.js";
+import { a as sortKeys, i as isNode, r as isBrowser, t as cleanFalsyValues } from "./utils-UaAiVTcc.js";
+import { i as getInterceptors } from "./interceptors-DoQ44M-n.js";
+import { n as hostConfigCommonProperties, t as authTypesThatCanBeOmitted } from "./auth-types-BEj8JjOA.js";
 import { customAlphabet, nanoid } from "nanoid";
 
 //#region src/platform/platform-functions.ts
@@ -8,63 +8,46 @@ const getPlatform = async (options = {}) => {
 	const hc = withResolvedHostConfig(options.hostConfig);
 	if (hc.authType === "mock-backend-rest-recorder") return hc.recordGetPlatform();
 	if (hc?.authType === "mock-backend") return hc.mockGetPlatform();
-	const isAnonymous = hc?.authType === "anonymous" || !!hc.accessCode;
-	if (typeof window === "undefined") return result({
-		isNodeEnv: true,
-		isAnonymous
-	});
-	if (hc?.authType === "noauth") return result({
-		isUnknown: true,
-		isAnonymous: false
-	});
-	const { data: productInfo, status } = await getProductInfo(options);
-	if (status === 404) return result({
-		isUnknown: true,
-		isAnonymous
-	});
-	if (!productInfo || status <= 399 && status >= 300) return result({
-		isQSE: true,
-		isWindows: true,
-		isAnonymous
-	});
+	if (hc?.authType === "noauth") return result({ isUnknown: true });
+	let productInfo = isBrowser() ? window.QlikMain?.productInfo?.() : void 0;
+	if (!productInfo) {
+		const { data, status } = await getProductInfo(options);
+		productInfo = data;
+		if (status === 404) return result({ isUnknown: true });
+		if (!productInfo || status <= 399 && status >= 300) return result({
+			isQSE: true,
+			isWindows: true
+		});
+	}
 	const deploymentType = (productInfo.composition?.deploymentType || "").toLowerCase();
-	const isControlCenter = deploymentType === "controlcenter";
 	if (deploymentType === "qliksenseserver") return result({
 		isQSE: true,
 		isWindows: true,
-		isAnonymous,
 		meta: extractMeta(productInfo)
 	});
 	if (deploymentType === "qliksensedesktop") return result({
 		isQSD: true,
 		isWindows: true,
-		isAnonymous,
 		meta: extractMeta(productInfo)
 	});
 	if (deploymentType === "qliksensemobile") return result({
 		isQSE: true,
 		isWindows: true,
-		isAnonymous,
 		meta: extractMeta(productInfo)
 	});
 	if (deploymentType === "cloud-console") return result({
 		isCloud: true,
 		isCloudConsole: true,
-		isAnonymous,
 		meta: extractMeta(productInfo)
 	});
 	if (productInfo.composition?.provider === "fedramp") return result({
 		isCloud: true,
 		isQCG: true,
-		isControlCenter,
-		isAnonymous,
 		meta: extractMeta(productInfo)
 	});
 	return result({
 		isCloud: true,
 		isQCS: true,
-		isControlCenter,
-		isAnonymous,
 		meta: extractMeta(productInfo)
 	});
 };
@@ -134,17 +117,14 @@ const extractMeta = (data) => {
 	};
 };
 const result = (data) => ({
-	isNodeEnv: false,
 	isCloud: false,
 	isQCS: false,
 	isQCG: false,
 	isCloudConsole: false,
-	isControlCenter: false,
 	isWindows: false,
 	isQSE: false,
 	isQSD: false,
 	isUnknown: false,
-	isAnonymous: false,
 	...data
 });
 
@@ -645,7 +625,7 @@ async function handlePotentialAuthenticationErrorAndRetry$1(hostConfig, fn) {
 	try {
 		return await fn();
 	} catch (err) {
-		const { retry } = await handleAuthenticationError$8({
+		const { retry } = await handleAuthenticationError$9({
 			hostConfig,
 			canRetry: true
 		});
@@ -678,14 +658,15 @@ async function getAnonymousAccessToken(hostConfig) {
 	if (tokens.accessToken) return tokens.accessToken;
 	return "";
 }
-async function getRestCallAuthParams$8({ hostConfig }) {
+async function getRestCallAuthParams$9({ hostConfig }) {
 	return {
 		headers: { Authorization: `Bearer ${await getAnonymousAccessToken(hostConfig)}` },
 		queryParams: {},
 		credentials: "omit"
 	};
 }
-async function getWebSocketAuthParams$8({ hostConfig }) {
+async function getWebSocketAuthParams$9({ hostConfig }) {
+	if (isNode()) return { headers: { Authorization: `Bearer ${await getAnonymousAccessToken(hostConfig)}` } };
 	return { queryParams: { accessToken: await handlePotentialAuthenticationErrorAndRetry$1(hostConfig, async () => {
 		return exchangeAccessTokenForTemporaryToken(hostConfig, await getAnonymousAccessToken(hostConfig), "websocket");
 	}) } };
@@ -695,7 +676,7 @@ async function getWebResourceAuthParams$2({ hostConfig }) {
 		return exchangeAccessTokenForTemporaryToken(hostConfig, await getAnonymousAccessToken(hostConfig), "websocket");
 	}) } };
 }
-async function handleAuthenticationError$8({ hostConfig }) {
+async function handleAuthenticationError$9({ hostConfig }) {
 	clearStoredAnonymousTokens(hostConfig);
 	return {
 		preventDefault: false,
@@ -705,33 +686,34 @@ async function handleAuthenticationError$8({ hostConfig }) {
 var anonymous_default = {
 	requiredProps: ["clientId", "accessCode"],
 	optionalProps: [],
-	getRestCallAuthParams: getRestCallAuthParams$8,
-	getWebSocketAuthParams: getWebSocketAuthParams$8,
+	getRestCallAuthParams: getRestCallAuthParams$9,
+	getWebSocketAuthParams: getWebSocketAuthParams$9,
 	getWebResourceAuthParams: getWebResourceAuthParams$2,
-	handleAuthenticationError: handleAuthenticationError$8
+	handleAuthenticationError: handleAuthenticationError$9
 };
 
 //#endregion
 //#region src/auth/internal/default-auth-modules/apikey.ts
-function getRestCallAuthParams$7({ hostConfig }) {
+function getRestCallAuthParams$8({ hostConfig }) {
 	return Promise.resolve({
 		headers: { Authorization: `Bearer ${hostConfig?.apiKey}` },
 		queryParams: {},
 		credentials: "omit"
 	});
 }
-async function getWebSocketAuthParams$7() {
-	return { queryParams: {} };
+async function getWebSocketAuthParams$8({ hostConfig }) {
+	if (isBrowser()) throw new Error("Not supported in browser environment");
+	return Promise.resolve({ headers: { Authorization: `Bearer ${hostConfig?.apiKey}` } });
 }
-function handleAuthenticationError$7() {
+function handleAuthenticationError$8() {
 	return Promise.resolve({});
 }
 var apikey_default = {
 	requiredProps: ["apiKey"],
 	optionalProps: [],
-	getRestCallAuthParams: getRestCallAuthParams$7,
-	getWebSocketAuthParams: getWebSocketAuthParams$7,
-	handleAuthenticationError: handleAuthenticationError$7
+	getRestCallAuthParams: getRestCallAuthParams$8,
+	getWebSocketAuthParams: getWebSocketAuthParams$8,
+	handleAuthenticationError: handleAuthenticationError$8
 };
 
 //#endregion
@@ -823,20 +805,6 @@ function applyPathVariables(pathTemplate, pathVariables) {
 	return result$1;
 }
 /**
-* Builds a unique cache key from the parameters.
-* The key is based on the url of a request (host? + path), query, headers and the hostconfig.
-* Hostconfig is part of the key to ensure that two different hostconfigs don't share the same
-* cache.
-* @private
-*/
-function toCacheKey(url, query, serializedHostConfig, headers) {
-	let cacheKey = url;
-	if (query !== "") cacheKey = cacheKey.concat(`?${query}`);
-	if (headers) cacheKey = cacheKey.concat(`+headers=${JSON.stringify(headers)}`);
-	if (serializedHostConfig) cacheKey = cacheKey.concat(`+host-config=${serializedHostConfig}`);
-	return cacheKey;
-}
-/**
 * Join url and query to a complete url
 * @private
 */
@@ -844,90 +812,6 @@ function toCompleteUrl(url, query) {
 	if (query !== "") return `${url}?${query}`;
 	return url;
 }
-/**
-* Returns true if it is ok the to use the cached promise from a previous invocation
-* @private
-*/
-function shouldUseCachedResult(options, cacheEntry, defaultMaxCacheTime) {
-	if (!cacheEntry || typeof cacheEntry.value === "undefined") return false;
-	if (options?.noCache) return false;
-	if (options?.useCacheIfAfter) return options.useCacheIfAfter.getTime() <= cacheEntry.lastPulled;
-	const age = Date.now() - cacheEntry.lastPulled;
-	if (options?.maxCacheAge) return age <= options?.maxCacheAge;
-	return age < defaultMaxCacheTime;
-}
-/**
-* Returns true if it is a cacheable request
-* @private
-*/
-const shouldPopulateCache = (method) => method === "get" || method === "GET";
-/**
-* Clone mutable-objects using JSON.stringify.
-* Strings, Blobs and ReadableStreams are not cloned.
-* @private
-*/
-function clone(value) {
-	if (value && (value instanceof Blob || value instanceof Object && value.toString() === "[object Blob]")) return value;
-	if (value && value instanceof ReadableStream) return value;
-	if (typeof value === "string") return value;
-	return JSON.parse(JSON.stringify(value));
-}
-/**
-* Returns true if the verb might modify things requiring caches to be cleared
-*/
-function isModifyingVerb$1(verb) {
-	return !(verb === "get" || verb === "GET");
-}
-/**
-* Removes query, headers and host-config from the cache key to get a clean URL.
-*/
-function cacheKeyToUrl(cachedUrl) {
-	const queryIdx = cachedUrl.indexOf("?");
-	if (queryIdx >= 0) return cachedUrl.substring(0, queryIdx);
-	const headersIdx = cachedUrl.indexOf("+headers=");
-	if (headersIdx >= 0) return cachedUrl.substring(0, headersIdx);
-	const hostConfigIdx = cachedUrl.indexOf("+host-config=");
-	if (hostConfigIdx >= 0) return cachedUrl.substring(0, hostConfigIdx);
-	return cachedUrl;
-}
-/**
-* Clears all cache entries where the modifying URL starts with the cached URL
-* @param cache
-* @param cacheKey
-*/
-function clearRelatedCacheEntries(cache$1, cacheKey) {
-	const modifyingUrl = cacheKeyToUrl(cacheKey);
-	for (const existingCacheKey in cache$1) {
-		const cleanUrl = cacheKeyToUrl(existingCacheKey);
-		if (modifyingUrl.startsWith(cleanUrl) || cleanUrl.startsWith(modifyingUrl)) delete cache$1[existingCacheKey];
-	}
-}
-/**
-* Clones the result so that no one can tamper with the cache. Note that the headers object is NOT cloned
-* @private
-*/
-function cloneResultPromise(value) {
-	return value.then((resp) => {
-		const result$1 = {
-			data: clone(resp.data),
-			headers: resp.headers,
-			status: resp.status
-		};
-		if (resp.next) result$1.next = resp.next;
-		if (resp.prev) result$1.prev = resp.prev;
-		return result$1;
-	});
-}
-/**
-* if the response is any kind of error clear the cached value for that completeUrl
-* @private
-*/
-function clearCacheOnError(cacheEntry, cacheKey, value) {
-	return value.catch((error) => {
-		delete cacheEntry[cacheKey];
-		return Promise.reject(error);
-	});
-}
 
 //#endregion
 //#region src/invoke-fetch/internal/invoke-xhr.ts
@@ -989,17 +873,197 @@ async function invokeXHR(completeUrl, { method, headers, credentials, keepalive,
 }
 
 //#endregion
-//#region src/invoke-fetch/internal/invoke-fetch-methods.ts
+//#region src/invoke-fetch/internal/response-cache.ts
+const responseCaches = {};
+globalThis.__API_CACHE__DO_NOT_USE_OR_YOU_WILL_BE_FIRED = responseCaches;
 let defaultCacheTime = 1e3 * 60 * 10;
-const cache = {};
-globalThis.__API_CACHE__DO_NOT_USE_OR_YOU_WILL_BE_FIRED = cache;
+/**
+* The global namespace is used as a fallback if an entry is not found in a specific cache.
+* This cache can be used internally, specifically by BFF interceptors,
+* where we cannot reliably map a response to an API-module.
+*/
+const globalCacheNamespace = ".global";
+/**
+* Gets a cached response-promise from the specified API-namespace (or global cache).
+* A promise is returned if options.noCache is not true, the promise exists and is not too
+* old (based on defaults and cache-options).
+*
+* @param api The cache-namespace of the API.
+* @param props CachingContext
+* @returns The cached response (cloned and ready to use) or undefined.
+*/
+function getFromCache(api, props) {
+	if (isForbiddenApiName(api)) throw new Error(`Forbidden api name: ${api}`);
+	if (props?.options?.noCache) return;
+	const { method, completeUrl, cacheKey } = props;
+	const caches = getPossibleCaches(api);
+	if (isModifyingOperation(method, completeUrl)) return;
+	let entry;
+	for (const cache of caches) if (cacheKey in cache) {
+		entry = cache[cacheKey];
+		if (entry && typeof entry.value !== "undefined" && shouldUseCachedResult(props?.options, entry, defaultCacheTime)) break;
+		entry = void 0;
+	}
+	if (!entry) return;
+	entry.lastHit = /* @__PURE__ */ new Date();
+	entry.hitCount += 1;
+	entry.accessedPaths.add(globalThis.location ? globalThis.location.pathname : "node");
+	const value = entry.value;
+	return cloneResultPromise(value);
+}
+/**
+* Updates the cache of 'api' with the response-promise based on the caching-context.
+* If the promise comes from a modifying operation, related cache entries will be removed.
+* The returned promise is either the original promise (if it isn't cached) or a
+* cloned promise that is safe to use.
+*
+* Note: The original response-promise should not be reused directly, use the returned
+* equivalent instead.
+*
+* @private
+* @param api The cache-namespace of the API.
+* @param props CachingContext
+* @param responsePromise Promise<InvokeFetchResponse>, the thing to cache
+* @returns
+*/
+function updateCache(api, props, responsePromise) {
+	if (isForbiddenApiName(api)) throw new Error(`Forbidden api name: ${api}`);
+	if (!responseCaches[api]) responseCaches[api] = {};
+	const { cacheKey } = props;
+	if (isModifyingOperation(props.method, props.completeUrl)) return responsePromise.then((res) => {
+		const caches = getPossibleCaches(api);
+		for (const cache of caches) clearRelatedCacheEntries(cache, cacheKey);
+		return res;
+	});
+	const cacheNamespace = responseCaches[api];
+	const responsePromiseWithCacheClearing = responsePromise.catch((error) => {
+		delete cacheNamespace[cacheKey];
+		return Promise.reject(error);
+	});
+	cacheNamespace[cacheKey] = {
+		lastPulled: Date.now(),
+		value: responsePromiseWithCacheClearing,
+		lastHit: null,
+		hitCount: 0,
+		accessedPaths: /* @__PURE__ */ new Set()
+	};
+	return cloneResultPromise(responsePromiseWithCacheClearing);
+}
+/**
+* Returns true if it is ok the to use the cached promise from a previous invocation
+* @private
+*/
+function shouldUseCachedResult(options, cacheEntry, defaultMaxCacheTime) {
+	if (options?.noCache) return false;
+	if (!cacheEntry || typeof cacheEntry.value === "undefined") return false;
+	if (options?.useCacheIfAfter) return options.useCacheIfAfter.getTime() <= cacheEntry.lastPulled;
+	const age = Date.now() - cacheEntry.lastPulled;
+	if (typeof options?.maxCacheAge === "number") return age <= options?.maxCacheAge;
+	return age < defaultMaxCacheTime;
+}
+/**
+* Builds a key used for caching based on a CachingContext
+* @private
+* @param cachingContext
+* @returns a key used for caching
+*/
+function toCacheKey({ url, query, headers, serializedHostConfig }) {
+	let cacheKey = url;
+	if (query) {
+		const queryString = encodeQueryParams(query);
+		if (url.includes("?")) cacheKey = cacheKey.concat(`&${queryString}`);
+		else cacheKey = cacheKey.concat(`?${queryString}`);
+	}
+	if (headers) cacheKey = cacheKey.concat(`+headers=${JSON.stringify(headers)}`);
+	if (serializedHostConfig && serializedHostConfig !== "{}") cacheKey = cacheKey.concat(`+host-config=${serializedHostConfig}`);
+	return cacheKey;
+}
+/**
+* Convenience function for getting a list of caches that are OK to use
+* in the context of an API-namespace.
+* @param api
+* @returns
+*/
+function getPossibleCaches(api) {
+	const caches = [];
+	if (responseCaches[api]) caches.push(responseCaches[api]);
+	if (responseCaches[globalCacheNamespace]) caches.push(responseCaches[globalCacheNamespace]);
+	return caches;
+}
+/**
+* @private
+* Clears all cache entries where the modifying URL starts with the cached URL
+* @param cache
+* @param cacheKey
+*/
+function clearRelatedCacheEntries(cache, cacheKey) {
+	const modifyingUrl = cacheKeyToUrl(cacheKey);
+	for (const existingCacheKey in cache) {
+		const cleanUrl = cacheKeyToUrl(existingCacheKey);
+		if (modifyingUrl.startsWith(cleanUrl) || cleanUrl.startsWith(modifyingUrl)) delete cache[existingCacheKey];
+	}
+}
+/**
+* Removes query, headers and host-config from the cache key to get a clean URL.
+*/
+function cacheKeyToUrl(cachedUrl) {
+	const queryIdx = cachedUrl.indexOf("?");
+	if (queryIdx >= 0) return cachedUrl.substring(0, queryIdx);
+	const headersIdx = cachedUrl.indexOf("+headers=");
+	if (headersIdx >= 0) return cachedUrl.substring(0, headersIdx);
+	const hostConfigIdx = cachedUrl.indexOf("+host-config=");
+	if (hostConfigIdx >= 0) return cachedUrl.substring(0, hostConfigIdx);
+	return cachedUrl;
+}
+/**
+* Clone mutable-objects using JSON.stringify.
+* Strings, Blobs and ReadableStreams are not cloned.
+* @private
+*/
+function clone(value) {
+	if (typeof value === "undefined" || value === null) return value;
+	if (value && (value instanceof Blob || value instanceof Object && value.toString() === "[object Blob]")) return value;
+	if (value && value instanceof ReadableStream) return value;
+	if (typeof value === "string") return value;
+	return JSON.parse(JSON.stringify(value));
+}
+/**
+* Clones the result so that no one can tamper with the cache. Note that the headers object is NOT cloned
+* @private
+*/
+function cloneResultPromise(value) {
+	return value.then((resp) => {
+		const result$1 = {
+			data: clone(resp.data),
+			headers: resp.headers,
+			status: resp.status
+		};
+		if (resp.next) result$1.next = resp.next;
+		if (resp.prev) result$1.prev = resp.prev;
+		return result$1;
+	});
+}
 /**
 * Clears cached responses
 * @param api the api to clear cache in
 */
 function clearApiCacheInternal(api) {
-	cache[api] = {};
+	responseCaches[api] = {};
+}
+/**
+* Returns true if the method might modify things requiring caches to be cleared
+*/
+function isModifyingOperation(method, url) {
+	if (method === "get" || method === "GET") return false;
+	if (url.endsWith("/api/v1/licenses/allotments") && (method === "post" || method === "POST")) return false;
+	return true;
 }
+function isForbiddenApiName(api) {
+	return api === "__proto__";
+}
+
+//#endregion
+//#region src/invoke-fetch/internal/invoke-fetch-methods.ts
 function getErrorMessage(error) {
 	if (error instanceof Error) {
 		if (error.cause) {
@@ -1126,23 +1190,28 @@ async function getInvokeFetchUrlParams({ method, pathTemplate, pathVariables, qu
 		method
 	});
 	const url = locationUrl + applyPathVariables(pathTemplate, pathVariables);
-	const queryString = encodeQueryParams({
+	const completeUrl = toCompleteUrl(url, encodeQueryParams({
 		...query,
 		...authQueryParams
-	});
+	}));
+	const serializedHostConfig = serializeHostConfig$1(options?.hostConfig);
 	return {
-		completeUrl: toCompleteUrl(url, queryString),
-		cacheKey: toCacheKey(url, queryString, serializeHostConfig$1(options?.hostConfig), options?.headers),
+		completeUrl,
 		authHeaders,
-		credentials
+		credentials,
+		cacheKey: toCacheKey({
+			url,
+			query,
+			headers: options?.headers,
+			serializedHostConfig
+		})
 	};
 }
 function invokeFetchWithUrl(api, props) {
 	return invokeFetchWithUrlAndRetry(api, props, async () => {
-		const { cacheKey, authHeaders, credentials } = await getInvokeFetchUrlParams(props);
+		const { authHeaders, credentials } = await getInvokeFetchUrlParams(props);
 		return invokeFetchWithUrlAndRetry(api, {
 			...props,
-			cacheKey,
 			authHeaders,
 			credentials,
 			options: {
@@ -1152,39 +1221,31 @@ function invokeFetchWithUrl(api, props) {
 		}, void 0);
 	});
 }
-function invokeFetchWithUrlAndRetry(api, { method, completeUrl, cacheKey, body, options, authHeaders, credentials, contentType, userAgent }, performRetry) {
-	if (!cache[api]) cache[api] = {};
-	const cacheEntry = isModifyingVerb$1(method) ? void 0 : cache[api][cacheKey];
-	if (isModifyingVerb$1(method)) clearRelatedCacheEntries(cache[api], cacheKey);
-	if (cacheEntry && shouldUseCachedResult(options, cacheEntry, defaultCacheTime)) {
-		cacheEntry.lastHit = /* @__PURE__ */ new Date();
-		cacheEntry.hitCount += 1;
-		cacheEntry.accessedPaths.add(globalThis.location ? globalThis.location.pathname : "node");
-		return cloneResultPromise(cacheEntry.value);
-	}
+function invokeFetchWithUrlAndRetry(api, props, performRetry) {
+	const { method, completeUrl, body, options, authHeaders, credentials, cacheKey, contentType, userAgent } = props;
+	const cachingContext = {
+		method,
+		completeUrl,
+		cacheKey,
+		options
+	};
+	const cachedResponse = getFromCache(api, cachingContext);
+	if (cachedResponse) return cachedResponse;
 	const resultPromiseFromBackend = performActualHttpFetch(method, completeUrl, body, contentType, options, authHeaders, credentials, userAgent);
-	const resultPromiseAfterPagingAddon = addPagingFunctions(api, interceptAuthenticationErrors(options?.hostConfig, resultPromiseFromBackend, performRetry), method, body, options, authHeaders, credentials);
-	const resultPromiseAfterCacheClearing = clearCacheOnError(cache[api], cacheKey, resultPromiseAfterPagingAddon);
-	if (shouldPopulateCache(method)) {
-		if (Object.hasOwn && !Object.hasOwn(cache, api) || api === "__proto__") throw new Error(`Forbidden api name: ${api}`);
-		cache[api][cacheKey] = {
-			lastPulled: Date.now(),
-			value: resultPromiseAfterCacheClearing,
-			lastHit: null,
-			hitCount: 0,
-			accessedPaths: /* @__PURE__ */ new Set()
-		};
-	}
-	return cloneResultPromise(resultPromiseAfterCacheClearing);
+	const resultAfterAuthenticationCheck = interceptAuthenticationErrors(options?.hostConfig, resultPromiseFromBackend, performRetry);
+	return updateCache(api, cachingContext, addPagingFunctions(api, {
+		...props,
+		value: resultAfterAuthenticationCheck
+	}));
 }
 /**
 * Adds paging functions to the response object if there are paging links present in the response body
 */
-function addPagingFunctions(api, value, method, body, options, authHeaders, credentials) {
-	const serializedHostConfig = serializeHostConfig$1(options?.hostConfig);
+function addPagingFunctions(api, { method, body, options, authHeaders, credentials, value }) {
 	return value.then((resp) => {
 		const dataWithPotentialLinks = resp.data;
 		if (!dataWithPotentialLinks) return resp;
+		const serializedHostConfig = serializeHostConfig$1(options?.hostConfig);
 		const prevUrl = dataWithPotentialLinks.links?.prev?.href;
 		const nextUrl = dataWithPotentialLinks.links?.next?.href;
 		if (prevUrl) resp.prev = (prevOptions) => invokeFetchWithUrl(api, {
@@ -1192,18 +1253,26 @@ function addPagingFunctions(api, value, method, body, options, authHeaders, cred
 			completeUrl: prevUrl,
 			body,
 			options: prevOptions || options,
-			cacheKey: toCacheKey(prevUrl, "", serializedHostConfig, options?.headers),
 			authHeaders,
-			credentials
+			credentials,
+			cacheKey: toCacheKey({
+				url: prevUrl,
+				headers: options?.headers,
+				serializedHostConfig
+			})
 		});
 		if (nextUrl) resp.next = (nextOptions) => invokeFetchWithUrl(api, {
 			method,
 			completeUrl: nextUrl,
 			body,
 			options: nextOptions || options,
-			cacheKey: toCacheKey(nextUrl, "", serializedHostConfig, options?.headers),
 			authHeaders,
-			credentials
+			credentials,
+			cacheKey: toCacheKey({
+				url: nextUrl,
+				headers: options?.headers,
+				serializedHostConfig
+			})
 		});
 		return resp;
 	});
@@ -1293,14 +1362,14 @@ async function invokeFetchIntercepted(api, props) {
 	if (props?.userAgent) userAgent = props.userAgent;
 	else if (isBrowser()) userAgent = `${window.navigator.userAgent} ${defaultUserAgent}`;
 	else userAgent = defaultUserAgent;
-	const { completeUrl, cacheKey, authHeaders, credentials } = await getInvokeFetchUrlParams(props);
+	const { completeUrl, authHeaders, credentials, cacheKey } = await getInvokeFetchUrlParams(props);
 	return invokeFetchWithUrl(api, {
 		...props,
 		method: props.method.toUpperCase(),
 		completeUrl,
-		cacheKey,
 		authHeaders,
 		credentials,
+		cacheKey,
 		userAgent
 	});
 }
@@ -1453,7 +1522,7 @@ function lookupGlobalGetAccessTokenFn(getAccessToken$1) {
 function isModifyingVerb(verb) {
 	return !(verb === "get" || verb === "GET");
 }
-async function getRestCallAuthParams$6({ hostConfig, method }) {
+async function getRestCallAuthParams$7({ hostConfig, method }) {
 	const headers = {};
 	if (isModifyingVerb(method)) headers["qlik-csrf-token"] = await getCsrfToken(hostConfig);
 	if (hostConfig.webIntegrationId) headers["qlik-web-integration-id"] = hostConfig.webIntegrationId;
@@ -1463,12 +1532,18 @@ async function getRestCallAuthParams$6({ hostConfig, method }) {
 		credentials: internalGetCredentialsForCookieAuth(hostConfig)
 	};
 }
-async function getWebSocketAuthParams$6({ hostConfig }) {
+async function getWebSocketAuthParams$7({ hostConfig }) {
+	if (isNode()) {
+		const headers = {};
+		headers["qlik-csrf-token"] = await getCsrfToken(hostConfig);
+		if (hostConfig.webIntegrationId) headers["qlik-web-integration-id"] = hostConfig.webIntegrationId;
+		return { headers };
+	}
 	const params = { "qlik-csrf-token": await getCsrfToken(hostConfig, true) };
 	if (hostConfig.webIntegrationId) params["qlik-web-integration-id"] = hostConfig.webIntegrationId;
 	return { queryParams: params };
 }
-async function handleAuthenticationError$6({ hostConfig, status }) {
+async function handleAuthenticationError$7({ hostConfig, status }) {
 	clearCsrfToken(hostConfig);
 	if (status === 403) return {
 		preventDefault: false,
@@ -1488,57 +1563,57 @@ var cookie_default = {
 		"crossSiteCookies",
 		"anonymousMode"
 	],
-	getRestCallAuthParams: getRestCallAuthParams$6,
-	getWebSocketAuthParams: getWebSocketAuthParams$6,
-	handleAuthenticationError: handleAuthenticationError$6
+	getRestCallAuthParams: getRestCallAuthParams$7,
+	getWebSocketAuthParams: getWebSocketAuthParams$7,
+	handleAuthenticationError: handleAuthenticationError$7
 };
 
 //#endregion
 //#region src/auth/internal/default-auth-modules/noauth.ts
-function getRestCallAuthParams$5(_props) {
+function getRestCallAuthParams$6(_props) {
 	return Promise.resolve({
 		headers: {},
 		queryParams: {},
 		credentials: "same-origin"
 	});
 }
-function getWebSocketAuthParams$5(_props) {
+function getWebSocketAuthParams$6(_props) {
 	return Promise.resolve({ queryParams: {} });
 }
-function handleAuthenticationError$5(_props) {
+function handleAuthenticationError$6(_props) {
 	return Promise.resolve({});
 }
 /** @private */
 var noauth_default = {
 	requiredProps: [],
 	optionalProps: [],
-	getRestCallAuthParams: getRestCallAuthParams$5,
-	getWebSocketAuthParams: getWebSocketAuthParams$5,
-	handleAuthenticationError: handleAuthenticationError$5
+	getRestCallAuthParams: getRestCallAuthParams$6,
+	getWebSocketAuthParams: getWebSocketAuthParams$6,
+	handleAuthenticationError: handleAuthenticationError$6
 };
 
 //#endregion
 //#region src/auth/internal/default-auth-modules/none.ts
-function getRestCallAuthParams$4() {
+function getRestCallAuthParams$5() {
 	return Promise.resolve({
 		headers: {},
 		queryParams: {},
 		credentials: "same-origin"
 	});
 }
-function getWebSocketAuthParams$4() {
+function getWebSocketAuthParams$5() {
 	return Promise.resolve({ queryParams: {} });
 }
-function handleAuthenticationError$4() {
+function handleAuthenticationError$5() {
 	return Promise.resolve({});
 }
 /** @private */
 var none_default = {
 	requiredProps: [],
 	optionalProps: [],
-	getRestCallAuthParams: getRestCallAuthParams$4,
-	getWebSocketAuthParams: getWebSocketAuthParams$4,
-	handleAuthenticationError: handleAuthenticationError$4
+	getRestCallAuthParams: getRestCallAuthParams$5,
+	getWebSocketAuthParams: getWebSocketAuthParams$5,
+	handleAuthenticationError: handleAuthenticationError$5
 };
 
 //#endregion
@@ -1584,7 +1659,7 @@ async function handlePotentialAuthenticationErrorAndRetry(hostConfig, fn) {
 	try {
 		return await fn();
 	} catch (err) {
-		const { retry } = await handleAuthenticationError$3({
+		const { retry } = await handleAuthenticationError$4({
 			hostConfig,
 			canRetry: true
 		});
@@ -1592,14 +1667,15 @@ async function handlePotentialAuthenticationErrorAndRetry(hostConfig, fn) {
 		throw err;
 	}
 }
-async function getRestCallAuthParams$3({ hostConfig }) {
+async function getRestCallAuthParams$4({ hostConfig }) {
 	return {
 		headers: { Authorization: `Bearer ${await getOAuthAccessToken(hostConfig)}` },
 		queryParams: {},
 		credentials: "omit"
 	};
 }
-async function getWebSocketAuthParams$3({ hostConfig }) {
+async function getWebSocketAuthParams$4({ hostConfig }) {
+	if (isNode()) return { headers: { Authorization: `Bearer ${await getOAuthAccessToken(hostConfig)}` } };
 	return { queryParams: { accessToken: await handlePotentialAuthenticationErrorAndRetry(hostConfig, async () => {
 		return exchangeAccessTokenForTemporaryToken(hostConfig, await getOAuthAccessToken(hostConfig), "websocket");
 	}) } };
@@ -1609,7 +1685,7 @@ async function getWebResourceAuthParams$1({ hostConfig }) {
 		return exchangeAccessTokenForTemporaryToken(hostConfig, await getOAuthAccessToken(hostConfig), "webresource");
 	}) } };
 }
-async function handleAuthenticationError$3({ hostConfig }) {
+async function handleAuthenticationError$4({ hostConfig }) {
 	if (hostConfig.getAccessToken) {
 		clearStoredOauthTokens(hostConfig);
 		return {
@@ -1645,21 +1721,21 @@ var oauth_default = {
 		"getAccessToken",
 		"performInteractiveLogin"
 	],
-	getRestCallAuthParams: getRestCallAuthParams$3,
-	getWebSocketAuthParams: getWebSocketAuthParams$3,
+	getRestCallAuthParams: getRestCallAuthParams$4,
+	getWebSocketAuthParams: getWebSocketAuthParams$4,
 	getWebResourceAuthParams: getWebResourceAuthParams$1,
-	handleAuthenticationError: handleAuthenticationError$3
+	handleAuthenticationError: handleAuthenticationError$4
 };
 
 //#endregion
 //#region src/auth/internal/default-auth-modules/reference.ts
-function getRestCallAuthParams$2() {
+function getRestCallAuthParams$3() {
 	throw new Error("getRestCallAuthParams should never be called for reference auth module");
 }
-function getWebSocketAuthParams$2() {
+function getWebSocketAuthParams$3() {
 	throw new Error("getWebSocketAuthParams should never be called for reference auth module");
 }
-function handleAuthenticationError$2() {
+function handleAuthenticationError$3() {
 	throw new Error("handleAuthenticationError should never be called for reference auth module");
 }
 /**
@@ -1668,9 +1744,9 @@ function handleAuthenticationError$2() {
 var reference_default = {
 	requiredProps: ["reference"],
 	optionalProps: [],
-	getRestCallAuthParams: getRestCallAuthParams$2,
-	getWebSocketAuthParams: getWebSocketAuthParams$2,
-	handleAuthenticationError: handleAuthenticationError$2
+	getRestCallAuthParams: getRestCallAuthParams$3,
+	getWebSocketAuthParams: getWebSocketAuthParams$3,
+	handleAuthenticationError: handleAuthenticationError$3
 };
 
 //#endregion
@@ -1697,20 +1773,20 @@ function getXrfKey(hostConfig) {
 
 //#endregion
 //#region src/auth/internal/default-auth-modules/windows-cookie.ts
-async function getRestCallAuthParams$1({ hostConfig }) {
+async function getRestCallAuthParams$2({ hostConfig }) {
 	return {
 		headers: { "X-Qlik-XrfKey": getXrfKey(hostConfig) },
 		queryParams: { xrfkey: getXrfKey(hostConfig) },
 		credentials: internalGetCredentialsForCookieAuth(hostConfig)
 	};
 }
-async function getWebSocketAuthParams$1({ hostConfig }) {
+async function getWebSocketAuthParams$2({ hostConfig }) {
 	return { queryParams: {
 		xrfkey: getXrfKey(hostConfig),
 		"qlik-csrf-token": await getCsrfToken(hostConfig, true)
 	} };
 }
-async function handleAuthenticationError$1({ hostConfig }) {
+async function handleAuthenticationError$2({ hostConfig }) {
 	if (hostConfig.loginUri) {
 		if (hostConfig.authRedirectUserConfirmation) await hostConfig.authRedirectUserConfirmation();
 		globalThis.location.replace(hostConfig.loginUri.replace("{location}", encodeURIComponent(globalThis.location.href)));
@@ -1741,6 +1817,81 @@ var windows_cookie_default = {
 		"crossSiteCookies",
 		"getAccessToken"
 	],
+	getRestCallAuthParams: getRestCallAuthParams$2,
+	getWebSocketAuthParams: getWebSocketAuthParams$2,
+	handleAuthenticationError: handleAuthenticationError$2
+};
+
+//#endregion
+//#region src/auth/internal/default-auth-modules/windows-cookie-node.ts
+const nodeCookieStore = /* @__PURE__ */ new Map();
+function clearCookieInStore(hostConfig) {
+	const key = serializeHostConfig$1(hostConfig);
+	nodeCookieStore.delete(key);
+}
+function setCookieInStore(hostConfig, cookie) {
+	const key = serializeHostConfig$1(hostConfig);
+	nodeCookieStore.set(key, cookie);
+}
+function getCookieInStore(hostConfig) {
+	const key = serializeHostConfig$1(hostConfig);
+	return nodeCookieStore.get(key);
+}
+async function getCookie(hostConfig) {
+	let cookie = getCookieInStore(hostConfig);
+	if (!cookie) {
+		const token = await resolveTokenIfPresent(hostConfig.getAccessToken);
+		if (!token) throw new Error("Failed to acquire access token");
+		cookie = (await fetch(`${toValidLocationUrl(hostConfig)}/qlik-embed/main.js`, {
+			method: "GET",
+			mode: "cors",
+			credentials: "include",
+			headers: {
+				"Content-Type": "application/json",
+				Authorization: `Bearer ${token}`
+			}
+		})).headers.get("Set-Cookie") || void 0;
+		if (cookie) setCookieInStore(hostConfig, cookie);
+	}
+	if (!cookie) throw new Error("Failed to exchange access token for cookie");
+	return cookie;
+}
+async function getRestCallAuthParams$1({ hostConfig }) {
+	return {
+		queryParams: { xrfkey: getXrfKey(hostConfig) },
+		headers: {
+			Cookie: await getCookie(hostConfig),
+			"X-Qlik-XrfKey": getXrfKey(hostConfig)
+		},
+		credentials: internalGetCredentialsForCookieAuth(hostConfig)
+	};
+}
+async function getWebSocketAuthParams$1({ hostConfig }) {
+	return {
+		queryParams: { "qlik-csrf-token": await getCsrfToken(hostConfig, true) },
+		headers: { Cookie: await getCookie(hostConfig) }
+	};
+}
+async function handleAuthenticationError$1({ hostConfig }) {
+	clearCookieInStore(hostConfig);
+	return { retry: true };
+}
+/** @private */
+var windows_cookie_node_default = {
+	requiredProps: [],
+	optionalProps: [
+		"loginUri",
+		"crossSiteCookies",
+		"getAccessToken"
+	],
+	validateHostConfig: (hostConfig) => {
+		if (typeof hostConfig.getAccessToken === "function") return true;
+		if (typeof hostConfig.getAccessToken === "string") {
+			if (!!!globalThis[hostConfig.getAccessToken]) throw new InvalidHostConfigError("The \"getAccessToken\" function name provided does not exist on globalThis.");
+			return true;
+		}
+		throw new InvalidHostConfigError("The \"getAccessToken\" property must be a function or the name of a globally defined function.");
+	},
 	getRestCallAuthParams: getRestCallAuthParams$1,
 	getWebSocketAuthParams: getWebSocketAuthParams$1,
 	handleAuthenticationError: handleAuthenticationError$1
@@ -1765,7 +1916,8 @@ let authModulesRegistered = false;
 		registerAuthModule("noauth", noauth_default);
 		registerAuthModule("oauth2", oauth_default);
 		registerAuthModule("anonymous", anonymous_default);
-		registerAuthModule("windowscookie", windows_cookie_default);
+		if (isBrowser()) registerAuthModule("windowscookie", windows_cookie_default);
+		else registerAuthModule("windowscookie", windows_cookie_node_default);
 		registerAuthModule("reference", reference_default);
 		authModulesRegistered = true;
 	}
@@ -1983,7 +2135,7 @@ function getRegisteredHostConfig(name) {
 	return registeredHostConfigs.get(name);
 }
 /**
-* Sets the default host config that will be used for all api calls that do not inclue a HostConfig
+* Sets the default host config that will be used for all api calls that do not include a HostConfig
 * @private
 * @param hostConfig the default HostConfig to use
 */
@@ -2166,7 +2318,7 @@ function registerAuthModule$1(name, authModule) {
 	registerAuthModule(name, authModule);
 }
 /**
-* Sets the default host config that will be used for all api calls that do not inclue a HostConfig
+* Sets the default host config that will be used for all api calls that do not include a HostConfig
 * @param hostConfig the default HostConfig to use
 */
 function setDefaultHostConfig$1(hostConfig) {