@quiltt/core 5.0.0 → 5.0.2

package/CHANGELOG.md

@@ -1,5 +1,25 @@
 # @quiltt/core
 
+## 5.0.2
+
+### Patch Changes
+
+- [#407](https://github.com/quiltt/quiltt-js/pull/407) [`0262754`](https://github.com/quiltt/quiltt-js/commit/0262754fa680d39cea1426a09796783488a4f4d6) Thanks [@rubendinho](https://github.com/rubendinho)! - Add Institution Prop to QuilttContainer
+
+## 5.0.1
+
+### Patch Changes
+
+- [#403](https://github.com/quiltt/quiltt-js/pull/403) [`b714ff3`](https://github.com/quiltt/quiltt-js/commit/b714ff3b3ee878445ca8e09903153ac0b43d693b) Thanks [@zubairaziz](https://github.com/zubairaziz)! - Prevent Infinite Re-Renders in QuilttProvider
+
+- [#399](https://github.com/quiltt/quiltt-js/pull/399) [`77d11b6`](https://github.com/quiltt/quiltt-js/commit/77d11b69ceb950da9ca500aa73bae7a3abdfb3a2) Thanks [@CarltonHowell](https://github.com/CarltonHowell)! - Output commonJS
+
+- [#402](https://github.com/quiltt/quiltt-js/pull/402) [`97eccbe`](https://github.com/quiltt/quiltt-js/commit/97eccbe6df42843307a11d28a0a8b5a36e43f3d9) Thanks [@zubairaziz](https://github.com/zubairaziz)! - Remove Node.js Dependencies in React Native Builds
+
+- [#401](https://github.com/quiltt/quiltt-js/pull/401) [`2bf07c3`](https://github.com/quiltt/quiltt-js/commit/2bf07c36bf8dc573f01db8f4c69a48e05d313b8b) Thanks [@zubairaziz](https://github.com/zubairaziz)! - Improve expired auth token detection and clearing
+
+- [#404](https://github.com/quiltt/quiltt-js/pull/404) [`45eb8c9`](https://github.com/quiltt/quiltt-js/commit/45eb8c907f51c0c8c5a3c069c35e0f301a4c374f) Thanks [@zubairaziz](https://github.com/zubairaziz)! - Add Subpath Exports and Reorganize Core Modules
+
 ## 5.0.0
 
 ### Major Changes

package/README.md

@@ -49,11 +49,22 @@ await auth.revoke('{SESSION_TOKEN}')
 
 ## Modules
 
-### JsonWebToken
+You can import from the main entry or use subpath imports for better tree-shaking.
+
+```ts
+import { AuthAPI } from '@quiltt/core'
+import { JsonWebTokenParse } from '@quiltt/core/auth'
+import { Observable } from '@quiltt/core/observables'
+import { Timeoutable } from '@quiltt/core/timing'
+import { Storage } from '@quiltt/core/storage'
+import { endpointAuth } from '@quiltt/core/config'
+```
+
+### Auth (JsonWebToken)
 
 The `JsonWebToken` module provides functionality related to JSON Web Tokens (JWT). It includes methods for generating, signing, and verifying JWTs. With this module, you can easily handle authentication and secure communication in your applications.
 
-### Observable
+### Observables
 
 The `Observable` module implements the Observable pattern, allowing you to create and manage observable streams of data. It provides a powerful toolset for working with asynchronous events and data streams, enabling you to build reactive and event-driven applications.
 
@@ -61,7 +72,7 @@ The `Observable` module implements the Observable pattern, allowing you to creat
 
 The `Storage` module offers convenient wrappers and abstractions for working with different types of storage, such as local storage or session storage. It simplifies the process of storing and retrieving data in a secure and efficient manner.
 
-### Timeoutable
+### Timing
 
 The `Timeoutable` module provides utilities for handling timeouts and delays in your application. It allows you to schedule and manage timeouts, ensuring precise control over time-sensitive operations.
 
@@ -76,15 +87,11 @@ The `types` module provides a collection of TypeScript type definitions and inte
 ## Usage
 
 ```javascript
-import { 
-  AuthAPI,
-  JsonWebToken, 
-  Observable, 
-  Storage,
-  Timeoutable, 
-  ConnectorSDK,
-  ConnectorSDKEventType
-} from '@quiltt/core'
+import { AuthAPI } from '@quiltt/core'
+import { JsonWebTokenParse } from '@quiltt/core/auth'
+import { Observable } from '@quiltt/core/observables'
+import { Storage } from '@quiltt/core/storage'
+import { Timeoutable } from '@quiltt/core/timing'
 
 // Example usage of the library modules
 // ...

package/dist/api/browser.cjs

@@ -0,0 +1,14 @@
+Object.defineProperty(exports, '__esModule', { value: true });
+
+/**
+ * Enum representing the different types of events emitted by the Connector.
+ */ var ConnectorSDKEventType = /*#__PURE__*/ function(ConnectorSDKEventType) {
+    /** The Connector modal has been opened */ ConnectorSDKEventType["Open"] = "opened";
+    /** The Connector has loaded successfully */ ConnectorSDKEventType["Load"] = "loaded";
+    /** The end-user successfully completed the flow */ ConnectorSDKEventType["ExitSuccess"] = "exited.successful";
+    /** The end-user exited the Connector before completing the flow */ ConnectorSDKEventType["ExitAbort"] = "exited.aborted";
+    /** The end-user experienced an error during the flow */ ConnectorSDKEventType["ExitError"] = "exited.errored";
+    return ConnectorSDKEventType;
+}({});
+
+exports.ConnectorSDKEventType = ConnectorSDKEventType;

package/dist/api/browser.d.ts

@@ -0,0 +1,128 @@
+interface CallbackManager {
+    onEvent(callback: ConnectorSDKOnEventCallback): void;
+    onOpen(callback: ConnectorSDKOnOpenCallback): void;
+    onLoad(callback: ConnectorSDKOnLoadCallback): void;
+    onExit(callback: ConnectorSDKOnEventExitCallback): void;
+    onExitSuccess(callback: ConnectorSDKOnExitSuccessCallback): void;
+    onExitAbort(callback: ConnectorSDKOnExitAbortCallback): void;
+    onExitError(callback: ConnectorSDKOnExitErrorCallback): void;
+    offEvent(callback: ConnectorSDKOnEventCallback): void;
+    offOpen(callback: ConnectorSDKOnOpenCallback): void;
+    offLoad(callback: ConnectorSDKOnLoadCallback): void;
+    offExit(callback: ConnectorSDKOnEventExitCallback): void;
+    offExitSuccess(callback: ConnectorSDKOnExitSuccessCallback): void;
+    offExitAbort(callback: ConnectorSDKOnExitAbortCallback): void;
+    offExitError(callback: ConnectorSDKOnExitErrorCallback): void;
+}
+interface ConnectorSDK extends CallbackManager {
+    authenticate(token: string | null | undefined): void;
+    connect(connectorId: string, options?: ConnectorSDKConnectOptions): ConnectorSDKConnector;
+    reconnect(connectorId: string, options: ConnectorSDKReconnectOptions): ConnectorSDKConnector;
+    reset(): void;
+    resetConnector: (connectorId: string) => void;
+}
+interface ConnectorSDKConnector extends CallbackManager {
+    open(): void;
+}
+/**
+ * Types for optional callbacks in the ConnectorSDK.
+ *
+ * Leaf event nodes return only metadata.
+ * Internal nodes return both event type and metadata.
+ */
+type ConnectorSDKCallbacks = {
+    onEvent?: ConnectorSDKOnEventCallback;
+    onOpen?: ConnectorSDKOnOpenCallback;
+    onLoad?: ConnectorSDKOnLoadCallback;
+    onExit?: ConnectorSDKOnEventExitCallback;
+    onExitSuccess?: ConnectorSDKOnExitSuccessCallback;
+    onExitAbort?: ConnectorSDKOnExitAbortCallback;
+    onExitError?: ConnectorSDKOnExitErrorCallback;
+};
+/**
+ * Callback function to handle all events from the Connector.
+ * @param type The type of event that was emitted
+ * @param metadata Metadata about the event that was emitted
+ */
+type ConnectorSDKOnEventCallback = (
+/** The type of event that was emitted */
+type: ConnectorSDKEventType, 
+/** The metadata from the event */
+metadata: ConnectorSDKCallbackMetadata) => void;
+/** Callback function to handle the Open event */
+type ConnectorSDKOnOpenCallback = (metadata: ConnectorSDKCallbackMetadata) => void;
+/** Callback function to handle the Load event */
+type ConnectorSDKOnLoadCallback = (metadata: ConnectorSDKCallbackMetadata) => void;
+/** Callback function to handle all Exit events */
+type ConnectorSDKOnEventExitCallback = (type: ConnectorSDKEventType, metadata: ConnectorSDKCallbackMetadata) => void;
+/** Callback function to handle the ExitSuccess event */
+type ConnectorSDKOnExitSuccessCallback = (metadata: ConnectorSDKCallbackMetadata) => void;
+/** Callback function to handle the ExitAbort event */
+type ConnectorSDKOnExitAbortCallback = (metadata: ConnectorSDKCallbackMetadata) => void;
+/** Callback function to handle the ExitError event */
+type ConnectorSDKOnExitErrorCallback = (metadata: ConnectorSDKCallbackMetadata) => void;
+/**
+ * Enum representing the different types of events emitted by the Connector.
+ */
+declare enum ConnectorSDKEventType {
+    /** The Connector modal has been opened */
+    Open = "opened",
+    /** The Connector has loaded successfully */
+    Load = "loaded",
+    /** The end-user successfully completed the flow */
+    ExitSuccess = "exited.successful",
+    /** The end-user exited the Connector before completing the flow */
+    ExitAbort = "exited.aborted",
+    /** The end-user experienced an error during the flow */
+    ExitError = "exited.errored"
+}
+/**
+ * Metadata about a Connector event
+ * @param connectorId The ID of the Connector that emitted the event
+ * @param profileId The ID of the authenticated Profile
+ * @param connectionId The ID of the Connection that was created or reconnected
+ */
+type ConnectorSDKCallbackMetadata = {
+    /** The ID of the Connector that emitted the event */
+    connectorId: string;
+    /** The ID of the authenticated Profile */
+    profileId?: string;
+    /** The ID of the Connection that was created or reconnected */
+    connectionId?: string;
+    /** The Connector Session Object */
+    connectorSession?: {
+        id: string;
+    };
+};
+/**
+  Options for the standard Connect flow
+  @param institution The Institution ID or search term to connect
+*/
+type ConnectorSDKConnectOptions = ConnectorSDKCallbacks & {
+    /** The Institution ID or search term to connect */
+    institution?: string;
+};
+/**
+ * Options for the Reconnect flow
+ * @param connectionId The ID of the Connection to reconnect
+ */
+type ConnectorSDKReconnectOptions = ConnectorSDKCallbacks & {
+    /** The ID of the Connection to reconnect */
+    connectionId: string;
+};
+/** Options to initialize Connector
+ *
+ *  @todo: refactor into a union type - it's either or.
+ *  Union types only allow direct access to properties that exist on all branches, not properties unique to individual branches.
+ */
+type ConnectorSDKConnectorOptions = ConnectorSDKCallbacks & {
+    /** The Institution ID or search term to connect */
+    institution?: string;
+    /** The ID of the Connection to reconnect */
+    connectionId?: string;
+    /** The nonce to use for the script tag */
+    nonce?: string;
+};
+
+export { ConnectorSDKEventType };
+export type { ConnectorSDK, ConnectorSDKCallbackMetadata, ConnectorSDKCallbacks, ConnectorSDKConnectOptions, ConnectorSDKConnector, ConnectorSDKConnectorOptions, ConnectorSDKOnEventCallback, ConnectorSDKOnEventExitCallback, ConnectorSDKOnExitAbortCallback, ConnectorSDKOnExitErrorCallback, ConnectorSDKOnExitSuccessCallback, ConnectorSDKOnLoadCallback, ConnectorSDKOnOpenCallback, ConnectorSDKReconnectOptions };

package/dist/api/browser.js

@@ -0,0 +1,12 @@
+/**
+ * Enum representing the different types of events emitted by the Connector.
+ */ var ConnectorSDKEventType = /*#__PURE__*/ function(ConnectorSDKEventType) {
+    /** The Connector modal has been opened */ ConnectorSDKEventType["Open"] = "opened";
+    /** The Connector has loaded successfully */ ConnectorSDKEventType["Load"] = "loaded";
+    /** The end-user successfully completed the flow */ ConnectorSDKEventType["ExitSuccess"] = "exited.successful";
+    /** The end-user exited the Connector before completing the flow */ ConnectorSDKEventType["ExitAbort"] = "exited.aborted";
+    /** The end-user experienced an error during the flow */ ConnectorSDKEventType["ExitError"] = "exited.errored";
+    return ConnectorSDKEventType;
+}({});
+
+export { ConnectorSDKEventType };

package/dist/api/graphql/SubscriptionLink-12s-ufJBKwu1.js

@@ -0,0 +1,149 @@
+'use client';
+import { ApolloLink } from '@apollo/client/core';
+import { createConsumer } from '@rails/actioncable';
+import { GraphQLError, print } from 'graphql';
+import { Observable } from 'rxjs';
+import { endpointWebsockets } from '../../config/index.js';
+import { GlobalStorage } from '../../storage/index.js';
+
+const MATCHER = /^(?:[\w-]+\.){2}[\w-]+$/;
+const JsonWebTokenParse = (token)=>{
+    if (typeof token === 'undefined' || token === null) return token;
+    if (!MATCHER.test(token)) {
+        console.error(`Invalid Session Token: ${token}`);
+        return;
+    }
+    const [_header, payload, _signature] = token.split('.');
+    try {
+        return {
+            token,
+            claims: JSON.parse(atob(payload))
+        };
+    } catch (error) {
+        console.error(`Invalid Session Token: ${error}`);
+    }
+};
+
+/**
+ * Validates the session token from GlobalStorage.
+ *
+ * This function:
+ * - Checks if a session token exists
+ * - Validates token expiration
+ * - Clears expired tokens from storage (triggers observers and React re-renders)
+ * - Returns appropriate GraphQL errors for authentication failures
+ *
+ * @param errorMessagePrefix - Optional prefix for error messages (e.g., "for subscription")
+ * @returns TokenValidationResult indicating whether the token is valid or providing an error
+ */ function validateSessionToken(errorMessagePrefix = '') {
+    const token = GlobalStorage.get('session');
+    if (!token) {
+        return {
+            valid: false,
+            error: new GraphQLError(`No session token available${errorMessagePrefix ? ` ${errorMessagePrefix}` : ''}`, {
+                extensions: {
+                    code: 'UNAUTHENTICATED',
+                    reason: 'NO_TOKEN',
+                    documentationUrl: 'https://www.quiltt.dev/authentication#session-tokens'
+                }
+            })
+        };
+    }
+    // Check if token is expired
+    const jwt = JsonWebTokenParse(token);
+    if (jwt?.claims.exp) {
+        const nowInSeconds = Math.floor(Date.now() / 1000);
+        if (jwt.claims.exp < nowInSeconds) {
+            // Clear expired token - this triggers observers and React re-renders
+            GlobalStorage.set('session', null);
+            return {
+                valid: false,
+                error: new GraphQLError('Session token has expired', {
+                    extensions: {
+                        code: 'UNAUTHENTICATED',
+                        reason: 'TOKEN_EXPIRED',
+                        expiredAt: jwt.claims.exp,
+                        documentationUrl: 'https://www.quiltt.dev/authentication#session-tokens'
+                    }
+                })
+            };
+        }
+    }
+    return {
+        valid: true,
+        token
+    };
+}
+
+// Adapted from https://github.com/rmosolgo/graphql-ruby/blob/master/javascript_client/src/subscriptions/ActionCableLink.ts
+class ActionCableLink extends ApolloLink {
+    constructor(options){
+        super();
+        this.cables = {};
+        this.channelName = options.channelName || 'GraphqlChannel';
+        this.actionName = options.actionName || 'execute';
+        this.connectionParams = options.connectionParams || {};
+        this.callbacks = options.callbacks || {};
+    }
+    // Interestingly, this link does _not_ call through to `next` because
+    // instead, it sends the request to ActionCable.
+    request(operation, _next) {
+        const validation = validateSessionToken('for subscription');
+        if (!validation.valid) {
+            return new Observable((observer)=>{
+                observer.error(validation.error);
+            });
+        }
+        const { token } = validation;
+        if (!this.cables[token]) {
+            this.cables[token] = createConsumer(endpointWebsockets + (token ? `?token=${token}` : ''));
+        }
+        return new Observable((observer)=>{
+            const channelId = Math.round(Date.now() + Math.random() * 100000).toString(16);
+            const actionName = this.actionName;
+            const connectionParams = typeof this.connectionParams === 'function' ? this.connectionParams(operation) : this.connectionParams;
+            const callbacks = this.callbacks;
+            const channel = this.cables[token].subscriptions.create(Object.assign({}, {
+                channel: this.channelName,
+                channelId: channelId
+            }, connectionParams), {
+                connected: (args)=>{
+                    channel.perform(actionName, {
+                        query: operation.query ? print(operation.query) : null,
+                        variables: operation.variables,
+                        // This is added for persisted operation support:
+                        operationId: operation.operationId,
+                        operationName: operation.operationName
+                    });
+                    callbacks.connected?.(args);
+                },
+                received: (payload)=>{
+                    if (payload?.result?.data || payload?.result?.errors) {
+                        observer.next(payload.result);
+                    }
+                    if (!payload.more) {
+                        observer.complete();
+                    }
+                    callbacks.received?.(payload);
+                },
+                disconnected: ()=>{
+                    callbacks.disconnected?.();
+                }
+            });
+            // Make the ActionCable subscription behave like an Apollo subscription
+            return Object.assign(channel, {
+                closed: false
+            });
+        });
+    }
+}
+
+class SubscriptionLink extends ActionCableLink {
+    constructor(){
+        super({
+            channelName: 'GraphQLChannel'
+        });
+    }
+}
+
+export { SubscriptionLink as S, validateSessionToken as v };

package/dist/api/graphql/SubscriptionLink-12s-wjkChfxO.cjs

@@ -0,0 +1,150 @@
+'use client';
+var core = require('@apollo/client/core');
+var actioncable = require('@rails/actioncable');
+var graphql = require('graphql');
+var rxjs = require('rxjs');
+var index_cjs$1 = require('../../config/index.cjs');
+var index_cjs = require('../../storage/index.cjs');
+
+const MATCHER = /^(?:[\w-]+\.){2}[\w-]+$/;
+const JsonWebTokenParse = (token)=>{
+    if (typeof token === 'undefined' || token === null) return token;
+    if (!MATCHER.test(token)) {
+        console.error(`Invalid Session Token: ${token}`);
+        return;
+    }
+    const [_header, payload, _signature] = token.split('.');
+    try {
+        return {
+            token,
+            claims: JSON.parse(atob(payload))
+        };
+    } catch (error) {
+        console.error(`Invalid Session Token: ${error}`);
+    }
+};
+
+/**
+ * Validates the session token from GlobalStorage.
+ *
+ * This function:
+ * - Checks if a session token exists
+ * - Validates token expiration
+ * - Clears expired tokens from storage (triggers observers and React re-renders)
+ * - Returns appropriate GraphQL errors for authentication failures
+ *
+ * @param errorMessagePrefix - Optional prefix for error messages (e.g., "for subscription")
+ * @returns TokenValidationResult indicating whether the token is valid or providing an error
+ */ function validateSessionToken(errorMessagePrefix = '') {
+    const token = index_cjs.GlobalStorage.get('session');
+    if (!token) {
+        return {
+            valid: false,
+            error: new graphql.GraphQLError(`No session token available${errorMessagePrefix ? ` ${errorMessagePrefix}` : ''}`, {
+                extensions: {
+                    code: 'UNAUTHENTICATED',
+                    reason: 'NO_TOKEN',
+                    documentationUrl: 'https://www.quiltt.dev/authentication#session-tokens'
+                }
+            })
+        };
+    }
+    // Check if token is expired
+    const jwt = JsonWebTokenParse(token);
+    if (jwt?.claims.exp) {
+        const nowInSeconds = Math.floor(Date.now() / 1000);
+        if (jwt.claims.exp < nowInSeconds) {
+            // Clear expired token - this triggers observers and React re-renders
+            index_cjs.GlobalStorage.set('session', null);
+            return {
+                valid: false,
+                error: new graphql.GraphQLError('Session token has expired', {
+                    extensions: {
+                        code: 'UNAUTHENTICATED',
+                        reason: 'TOKEN_EXPIRED',
+                        expiredAt: jwt.claims.exp,
+                        documentationUrl: 'https://www.quiltt.dev/authentication#session-tokens'
+                    }
+                })
+            };
+        }
+    }
+    return {
+        valid: true,
+        token
+    };
+}
+
+// Adapted from https://github.com/rmosolgo/graphql-ruby/blob/master/javascript_client/src/subscriptions/ActionCableLink.ts
+class ActionCableLink extends core.ApolloLink {
+    constructor(options){
+        super();
+        this.cables = {};
+        this.channelName = options.channelName || 'GraphqlChannel';
+        this.actionName = options.actionName || 'execute';
+        this.connectionParams = options.connectionParams || {};
+        this.callbacks = options.callbacks || {};
+    }
+    // Interestingly, this link does _not_ call through to `next` because
+    // instead, it sends the request to ActionCable.
+    request(operation, _next) {
+        const validation = validateSessionToken('for subscription');
+        if (!validation.valid) {
+            return new rxjs.Observable((observer)=>{
+                observer.error(validation.error);
+            });
+        }
+        const { token } = validation;
+        if (!this.cables[token]) {
+            this.cables[token] = actioncable.createConsumer(index_cjs$1.endpointWebsockets + (token ? `?token=${token}` : ''));
+        }
+        return new rxjs.Observable((observer)=>{
+            const channelId = Math.round(Date.now() + Math.random() * 100000).toString(16);
+            const actionName = this.actionName;
+            const connectionParams = typeof this.connectionParams === 'function' ? this.connectionParams(operation) : this.connectionParams;
+            const callbacks = this.callbacks;
+            const channel = this.cables[token].subscriptions.create(Object.assign({}, {
+                channel: this.channelName,
+                channelId: channelId
+            }, connectionParams), {
+                connected: (args)=>{
+                    channel.perform(actionName, {
+                        query: operation.query ? graphql.print(operation.query) : null,
+                        variables: operation.variables,
+                        // This is added for persisted operation support:
+                        operationId: operation.operationId,
+                        operationName: operation.operationName
+                    });
+                    callbacks.connected?.(args);
+                },
+                received: (payload)=>{
+                    if (payload?.result?.data || payload?.result?.errors) {
+                        observer.next(payload.result);
+                    }
+                    if (!payload.more) {
+                        observer.complete();
+                    }
+                    callbacks.received?.(payload);
+                },
+                disconnected: ()=>{
+                    callbacks.disconnected?.();
+                }
+            });
+            // Make the ActionCable subscription behave like an Apollo subscription
+            return Object.assign(channel, {
+                closed: false
+            });
+        });
+    }
+}
+
+class SubscriptionLink extends ActionCableLink {
+    constructor(){
+        super({
+            channelName: 'GraphQLChannel'
+        });
+    }
+}
+
+exports.SubscriptionLink = SubscriptionLink;
+exports.validateSessionToken = validateSessionToken;