@rendomnet/apiservice 1.3.2 → 1.3.3

package/README.md

@@ -2,14 +2,14 @@
 
 A robust TypeScript API service framework for making authenticated API calls with advanced features:
 
-- ✅ Authentication handling with token management
+- ✅ Multiple authentication strategies (token, API key, basic auth, custom)
 - ✅ Request caching with configurable time periods
 - ✅ Advanced retry mechanisms with exponential backoff
 - ✅ Status code-specific hooks for handling errors
 - ✅ Account state tracking
 - ✅ File upload support
 - ✅ Support for multiple accounts or a single default account
-- ✅ Automatic token refresh for 401 errors
+- ✅ Automatic token refresh for 401 errors (if supported by provider)
 
 ## Installation
 
@@ -36,15 +36,28 @@ npm run test:watch
 
 ```typescript
 import ApiService from 'apiservice';
+import { TokenAuthProvider, ApiKeyAuthProvider, BasicAuthProvider } from 'apiservice';
+
+// Token-based (OAuth2, etc.)
+const tokenProvider = new TokenAuthProvider(myTokenService);
+
+// API key in header
+const apiKeyHeaderProvider = new ApiKeyAuthProvider({ apiKey: 'my-key', headerName: 'x-api-key' });
+
+// API key in query param
+const apiKeyQueryProvider = new ApiKeyAuthProvider({ apiKey: 'my-key', queryParamName: 'api_key' });
+
+// Basic Auth
+const basicProvider = new BasicAuthProvider({ username: 'user', password: 'pass' });
 
 // Create and setup the API service
 const api = new ApiService();
 api.setup({
-  provider: 'my-service', // 'google' | 'microsoft' and etc.
-  tokenService: myTokenService,
+  provider: 'my-service',
+  authProvider: tokenProvider, // or apiKeyHeaderProvider, apiKeyQueryProvider, basicProvider
   hooks: {
     // You can define custom hooks here,
-    // or use the default token refresh handler for 401 errors
+    // or use the default token refresh handler for 401 errors (if supported)
   },
   cacheTime: 30000, // 30 seconds
   baseUrl: 'https://api.example.com' // Set default base URL
@@ -74,64 +87,86 @@ const defaultResult = await api.call({
 });
 ```
 
-## Automatic Token Refresh
-
-ApiService includes a built-in handler for 401 (Unauthorized) errors that automatically refreshes OAuth tokens. This feature:
-
-1. Detects 401 errors from the API
-2. Retrieves the current token for the account
-3. Uses the `refresh` method from your tokenService to obtain a new token
-4. Updates the stored token with the new one
-5. Retries the original API request with the new token
+## Authentication Providers
 
-To use this feature:
+ApiService supports multiple authentication strategies via the `AuthProvider` interface. You can use built-in providers or implement your own.
 
-1. Ensure your tokenService implements the `refresh` method
-2. Don't specify a custom 401 hook (the default will be used automatically)
+### TokenAuthProvider (OAuth2, Bearer Token)
 
 ```typescript
-// Example token service with refresh capability
+import { TokenAuthProvider } from 'apiservice';
+
 const tokenService = {
   async get(accountId = 'default') {
     // Get token from storage
     return storedToken;
   },
-  
   async set(token, accountId = 'default') {
     // Save token to storage
   },
-  
   async refresh(refreshToken, accountId = 'default') {
     // Refresh the token with your OAuth provider
-    const response = await fetch('https://api.example.com/oauth/token', {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({
-        grant_type: 'refresh_token',
-        refresh_token: refreshToken,
-        client_id: 'your-client-id'
-      })
-    });
-    
-    if (!response.ok) {
-      throw new Error('Failed to refresh token');
-    }
-    
-    return await response.json();
+    // ...
+    return newToken;
   }
 };
+
+const tokenProvider = new TokenAuthProvider(tokenService);
 ```
 
+### ApiKeyAuthProvider (Header or Query Param)
+
+```typescript
+import { ApiKeyAuthProvider } from 'apiservice';
+
+// API key in header
+const apiKeyHeaderProvider = new ApiKeyAuthProvider({ apiKey: 'my-key', headerName: 'x-api-key' });
+
+// API key in query param
+const apiKeyQueryProvider = new ApiKeyAuthProvider({ apiKey: 'my-key', queryParamName: 'api_key' });
+```
+
+### BasicAuthProvider
+
+```typescript
+import { BasicAuthProvider } from 'apiservice';
+
+const basicProvider = new BasicAuthProvider({ username: 'user', password: 'pass' });
+```
+
+### Custom AuthProvider
+
+You can implement your own provider by implementing the `AuthProvider` interface:
+
+```typescript
+interface AuthProvider {
+  getAuthHeaders(accountId?: string): Promise<Record<string, string>>;
+  refresh?(refreshToken: string, accountId?: string): Promise<any>;
+}
+```
+
+## Automatic Token Refresh
+
+If your provider supports token refresh (like `TokenAuthProvider`), ApiService includes a built-in handler for 401 (Unauthorized) errors that automatically refreshes tokens. This feature:
+
+1. Detects 401 errors from the API
+2. Calls the provider's `refresh` method
+3. Retries the original API request with the new token
+
+To use this feature:
+
+- Use a provider that implements `refresh` (like `TokenAuthProvider`)
+- Don't specify a custom 401 hook (the default will be used automatically)
+
 If you prefer to handle token refresh yourself, you can either:
 
 1. Provide your own handler for 401 errors which will override the default
 2. Disable the default handler by setting `hooks: { 401: null }`
 
 ```typescript
-// Disable default 401 handler without providing a custom one
 api.setup({
   provider: 'my-service',
-  tokenService,
+  authProvider: tokenProvider,
   hooks: {
     401: null // Explicitly disable the default handler
   },
@@ -159,169 +194,44 @@ const result = await api.call({
 
 If no accountId is provided, ApiService automatically uses 'default' as the account ID.
 
-## Token Service
-
-ApiService requires a `tokenService` for authentication. This service manages tokens for different accounts and handles token retrieval, storage, and refresh operations.
-
-### TokenService Interface
+## AuthProvider Interface
 
 ```typescript
-interface TokenService {
-  // Get a token for an account (accountId is optional, defaults to 'default')
-  get: (accountId?: string) => Promise<Token>;
-  
-  // Save a token for an account
-  set: (token: Partial<Token>, accountId?: string) => Promise<void>;
-  
-  // Optional: Refresh an expired token
-  refresh?: (refreshToken: string, accountId?: string) => Promise<OAuthToken>;
-}
-
-// The Token interface
-interface Token {
-  accountId: string;
-  access_token: string;
-  refresh_token: string;
-  provider: string;
-  enabled?: boolean;
-  updatedAt?: string;
-  primary?: boolean;
-}
-
-// OAuth token response
-interface OAuthToken {
-  access_token: string;
-  expires_in: number;
-  id_token: string;
-  refresh_token: string;
-  scope: string;
-  token_type: string;
+interface AuthProvider {
+  getAuthHeaders(accountId?: string): Promise<Record<string, string>>;
+  refresh?(refreshToken: string, accountId?: string): Promise<any>;
 }
 ```
 
-### Example Implementation
-
-Here's a simple `tokenService` implementation using localStorage:
-
-```typescript
-// Simple token service implementation
-const tokenService = {
-  // Get token for an account
-  async get(accountId = 'default'): Promise<Token> {
-    const storedToken = localStorage.getItem(`token-${accountId}`);
-    if (!storedToken) {
-      throw new Error(`No token found for account ${accountId}`);
-    }
-    return JSON.parse(storedToken);
-  },
-  
-  // Save token for an account
-  async set(token: Partial<Token>, accountId = 'default'): Promise<void> {
-    const existingToken = localStorage.getItem(`token-${accountId}`);
-    const currentToken = existingToken ? JSON.parse(existingToken) : { accountId };
-    const updatedToken = { ...currentToken, ...token, updatedAt: new Date().toISOString() };
-    localStorage.setItem(`token-${accountId}`, JSON.stringify(updatedToken));
-  },
-  
-  // Refresh token implementation
-  async refresh(refreshToken: string, accountId = 'default'): Promise<OAuthToken> {
-    // Make a request to your OAuth token endpoint
-    const response = await fetch('https://api.example.com/oauth/token', {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({
-        grant_type: 'refresh_token',
-        refresh_token: refreshToken,
-        client_id: 'your-client-id'
-      })
-    });
-    
-    if (!response.ok) {
-      throw new Error('Failed to refresh token');
-    }
-    
-    const newToken = await response.json();
-    
-    // Update the stored token
-    await this.set({
-      access_token: newToken.access_token,
-      refresh_token: newToken.refresh_token
-    }, accountId);
-    
-    return newToken;
-  }
-};
-```
-
-### Complete Authorization Flow Example
-
-Here's a complete example showing how to use ApiService with automatic token refresh:
+## Example: Complete Authorization Flow (TokenAuthProvider)
 
 ```typescript
 import ApiService from 'apiservice';
+import { TokenAuthProvider } from 'apiservice';
 
-// Create token service with refresh capability
 const tokenService = {
-  // Get token from storage
   async get(accountId = 'default') {
-    const storedToken = localStorage.getItem(`token-${accountId}`);
-    if (!storedToken) {
-      throw new Error(`No token found for account ${accountId}`);
-    }
-    return JSON.parse(storedToken);
+    // ...
   },
-  
-  // Save token to storage
   async set(token, accountId = 'default') {
-    const existingToken = localStorage.getItem(`token-${accountId}`);
-    const currentToken = existingToken ? JSON.parse(existingToken) : { accountId };
-    const updatedToken = { ...currentToken, ...token, updatedAt: new Date().toISOString() };
-    localStorage.setItem(`token-${accountId}`, JSON.stringify(updatedToken));
+    // ...
   },
-  
-  // Refresh token with OAuth provider
   async refresh(refreshToken, accountId = 'default') {
-    // Real implementation would call your OAuth endpoint
-    const response = await fetch('https://api.example.com/oauth/token', {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({
-        grant_type: 'refresh_token',
-        refresh_token: refreshToken,
-        client_id: 'your-client-id'
-      })
-    });
-    
-    if (!response.ok) {
-      throw new Error('Failed to refresh token');
-    }
-    
-    return await response.json();
+    // ...
   }
 };
 
-// Create API service instance
 const api = new ApiService();
-
-// Configure API service with automatic token refresh
 api.setup({
   provider: 'example-api',
-  tokenService,
+  authProvider: new TokenAuthProvider(tokenService),
   cacheTime: 30000,
   baseUrl: 'https://api.example.com',
-  
-  // You can still add custom hooks for other status codes
-  // The default 401 handler will be used automatically
   hooks: {
-    // Handle 403 Forbidden errors - typically for insufficient permissions
     403: {
       shouldRetry: false,
       handler: async (accountId, response) => {
-        console.warn('Permission denied:', response);
-        // You could trigger a permissions UI here
-        window.dispatchEvent(new CustomEvent('permission:required', { 
-          detail: { accountId, resource: response.resource } 
-        }));
+        // ...
         return null;
       }
     }
@@ -330,19 +240,11 @@ api.setup({
 
 // Use the API service
 async function fetchUserData(userId) {
-  try {
-    return await api.call({
-      // No accountId needed - will use 'default' automatically
-      method: 'GET',
-      route: `/users/${userId}`,
-      useAuth: true
-    });
-  } catch (error) {
-    // 401 errors with valid refresh tokens will be automatically handled
-    // This catch will only trigger for other errors or if refresh fails
-    console.error('Failed to fetch user data:', error);
-    throw error;
-  }
+  return await api.call({
+    method: 'GET',
+    route: `/users/${userId}`,
+    useAuth: true
+  });
 }
 ```
 
@@ -353,38 +255,24 @@ Hooks can be configured to handle specific HTTP status codes:
 ```typescript
 const hooks = {
   401: {
-    // Core settings
-    shouldRetry: true,           // Whether to retry the API call when this hook is triggered
-    useRetryDelay: true,         // Whether to apply delay between retries
-    maxRetries: 3,               // Maximum number of retry attempts for this status code (default: 4)
-    
-    // Advanced options
-    preventConcurrentCalls: true, // Wait for an existing hook to complete before starting a new one
-                                  // Useful for avoiding duplicate refresh token calls
-    
-    // Handler functions
+    shouldRetry: true,
+    useRetryDelay: true,
+    maxRetries: 3,
+    preventConcurrentCalls: true,
     handler: async (accountId, response) => {
-      // Main handler function called when this status code is encountered
-      // Return an object to update the API call parameters for the retry
+      // ...
       return { /* updated parameters */ };
     },
-    
     onMaxRetriesExceeded: async (accountId, error) => {
-      // Called when all retry attempts for this status code have failed
+      // ...
     },
-    
     onHandlerError: async (accountId, error) => {
-      // Called when the handler function throws an error
+      // ...
     },
-    
-    // Delay strategy settings
     delayStrategy: {
-      calculate: (attempt, response) => {
-        // Custom strategy for calculating delay between retries
-        return 1000 * Math.pow(2, attempt - 1); // Exponential backoff
-      }
+      calculate: (attempt, response) => 1000 * Math.pow(2, attempt - 1)
     },
-    maxDelay: 30000 // Maximum delay in milliseconds between retries (default: 60000)
+    maxDelay: 30000
   }
 }
 ```
@@ -403,18 +291,23 @@ The codebase is built around a main `ApiService` class that coordinates several
 
 ### Multiple API Providers
 
-```javascript
-// Configure multiple API providers
+```typescript
+import { ApiService, TokenAuthProvider, ApiKeyAuthProvider } from 'apiservice';
+
+const primaryProvider = new TokenAuthProvider(primaryTokenService);
+const secondaryProvider = new ApiKeyAuthProvider({ apiKey: 'secondary-key', headerName: 'x-api-key' });
+
+const api = new ApiService();
 api.setup({
   provider: 'primary-api',
-  tokenService: primaryTokenService,
+  authProvider: primaryProvider,
   cacheTime: 30000,
   baseUrl: 'https://api.primary.com'
 });
 
 api.setup({
   provider: 'secondary-api',
-  tokenService: secondaryTokenService,
+  authProvider: secondaryProvider,
   cacheTime: 60000,
   baseUrl: 'https://api.secondary.com'
 });
@@ -428,15 +321,12 @@ async function fetchCombinedData() {
       route: '/data',
       useAuth: true
     }),
-    
     api.call({
       provider: 'secondary-api',
       method: 'GET',
       route: '/data',
       useAuth: true
     }),
-    
-    // Override baseUrl for a specific API call
     api.call({
       provider: 'primary-api',
       method: 'GET',
@@ -445,7 +335,6 @@ async function fetchCombinedData() {
       base: 'https://special-api.primary.com'
     })
   ]);
-  
   return { primaryData, secondaryData };
 }
 ```

package/dist/ApiKeyAuthProvider.d.ts

@@ -0,0 +1,8 @@
+import { AuthProvider, ApiKeyAuthProviderOptions } from './types';
+export declare class ApiKeyAuthProvider implements AuthProvider {
+    private apiKey;
+    private headerName?;
+    private queryParamName?;
+    constructor(options: ApiKeyAuthProviderOptions);
+    getAuthHeaders(): Promise<Record<string, string>>;
+}

package/dist/ApiKeyAuthProvider.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ApiKeyAuthProvider = void 0;
+class ApiKeyAuthProvider {
+    constructor(options) {
+        this.apiKey = options.apiKey;
+        this.headerName = options.headerName;
+        this.queryParamName = options.queryParamName;
+    }
+    async getAuthHeaders() {
+        if (this.headerName) {
+            return { [this.headerName]: this.apiKey };
+        }
+        // If using query param, return empty headers (handled elsewhere)
+        return {};
+    }
+}
+exports.ApiKeyAuthProvider = ApiKeyAuthProvider;

package/dist/BasicAuthProvider.d.ts

@@ -0,0 +1,7 @@
+import { AuthProvider, BasicAuthProviderOptions } from './types';
+export declare class BasicAuthProvider implements AuthProvider {
+    private username;
+    private password;
+    constructor(options: BasicAuthProviderOptions);
+    getAuthHeaders(): Promise<Record<string, string>>;
+}

package/dist/BasicAuthProvider.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BasicAuthProvider = void 0;
+class BasicAuthProvider {
+    constructor(options) {
+        this.username = options.username;
+        this.password = options.password;
+    }
+    async getAuthHeaders() {
+        const encoded = Buffer.from(`${this.username}:${this.password}`).toString('base64');
+        return { Authorization: `Basic ${encoded}` };
+    }
+}
+exports.BasicAuthProvider = BasicAuthProvider;

package/dist/TokenAuthProvider.d.ts

@@ -0,0 +1,12 @@
+import { AuthProvider, Token, OAuthToken } from './types';
+export type TokenService = {
+    get: (accountId?: string) => Promise<Token>;
+    set: (token: Partial<Token>, accountId?: string) => Promise<void>;
+    refresh?: (refreshToken: string, accountId?: string) => Promise<OAuthToken>;
+};
+export declare class TokenAuthProvider implements AuthProvider {
+    private tokenService;
+    constructor(tokenService: TokenService);
+    getAuthHeaders(accountId?: string): Promise<Record<string, string>>;
+    refresh(refreshToken: string, accountId?: string): Promise<any>;
+}

package/dist/TokenAuthProvider.js

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TokenAuthProvider = void 0;
+class TokenAuthProvider {
+    constructor(tokenService) {
+        this.tokenService = tokenService;
+    }
+    async getAuthHeaders(accountId) {
+        const token = await this.tokenService.get(accountId);
+        if (!(token === null || token === void 0 ? void 0 : token.access_token))
+            return {};
+        return { Authorization: `Bearer ${token.access_token}` };
+    }
+    async refresh(refreshToken, accountId) {
+        if (!this.tokenService.refresh)
+            throw new Error('Refresh not supported');
+        const newToken = await this.tokenService.refresh(refreshToken, accountId);
+        await this.tokenService.set({
+            access_token: newToken.access_token,
+            refresh_token: newToken.refresh_token || refreshToken,
+        }, accountId);
+        return newToken;
+    }
+}
+exports.TokenAuthProvider = TokenAuthProvider;

package/dist/components.d.ts

@@ -6,3 +6,6 @@ export { RetryManager } from './RetryManager';
 export { HookManager } from './HookManager';
 export { HttpClient } from './HttpClient';
 export { AccountManager } from './AccountManager';
+export { TokenAuthProvider } from './TokenAuthProvider';
+export { ApiKeyAuthProvider } from './ApiKeyAuthProvider';
+export { BasicAuthProvider } from './BasicAuthProvider';

package/dist/components.js

@@ -3,7 +3,7 @@
  * Barrel file exporting all ApiService components
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AccountManager = exports.HttpClient = exports.HookManager = exports.RetryManager = exports.CacheManager = void 0;
+exports.BasicAuthProvider = exports.ApiKeyAuthProvider = exports.TokenAuthProvider = exports.AccountManager = exports.HttpClient = exports.HookManager = exports.RetryManager = exports.CacheManager = void 0;
 var CacheManager_1 = require("./CacheManager");
 Object.defineProperty(exports, "CacheManager", { enumerable: true, get: function () { return CacheManager_1.CacheManager; } });
 var RetryManager_1 = require("./RetryManager");
@@ -14,3 +14,9 @@ var HttpClient_1 = require("./HttpClient");
 Object.defineProperty(exports, "HttpClient", { enumerable: true, get: function () { return HttpClient_1.HttpClient; } });
 var AccountManager_1 = require("./AccountManager");
 Object.defineProperty(exports, "AccountManager", { enumerable: true, get: function () { return AccountManager_1.AccountManager; } });
+var TokenAuthProvider_1 = require("./TokenAuthProvider");
+Object.defineProperty(exports, "TokenAuthProvider", { enumerable: true, get: function () { return TokenAuthProvider_1.TokenAuthProvider; } });
+var ApiKeyAuthProvider_1 = require("./ApiKeyAuthProvider");
+Object.defineProperty(exports, "ApiKeyAuthProvider", { enumerable: true, get: function () { return ApiKeyAuthProvider_1.ApiKeyAuthProvider; } });
+var BasicAuthProvider_1 = require("./BasicAuthProvider");
+Object.defineProperty(exports, "BasicAuthProvider", { enumerable: true, get: function () { return BasicAuthProvider_1.BasicAuthProvider; } });

package/dist/index.d.ts

@@ -1,11 +1,11 @@
-import { TokenService, ApiCallParams, HookSettings, StatusCode } from './types';
+import { AuthProvider, ApiCallParams, HookSettings, StatusCode } from './types';
 /**
  * ApiService - Core API service for making authenticated API calls
  * with caching, retry, and hook support.
  */
 declare class ApiService {
     provider: string;
-    private tokenService;
+    private authProvider;
     private baseUrl;
     private cacheManager;
     private retryManager;
@@ -17,18 +17,18 @@ declare class ApiService {
     /**
      * Setup the API service
      */
-    setup({ provider, tokenService, hooks, cacheTime, baseUrl, }: {
+    setup({ provider, authProvider, hooks, cacheTime, baseUrl, }: {
         provider: string;
-        tokenService: TokenService;
+        authProvider: AuthProvider;
         hooks?: Record<StatusCode, HookSettings | null>;
         cacheTime: number;
         baseUrl?: string;
     }): void;
     /**
      * Create a default handler for 401 (Unauthorized) errors
-     * that implements standard token refresh behavior
+     * that implements standard credential refresh behavior
      */
-    private createDefaultTokenRefreshHandler;
+    private createDefaultAuthRefreshHandler;
     /**
      * Set the maximum number of retry attempts
      */

package/dist/index.js

@@ -1,5 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+const ApiKeyAuthProvider_1 = require("./ApiKeyAuthProvider");
 const components_1 = require("./components");
 /**
  * ApiService - Core API service for making authenticated API calls
@@ -11,7 +12,7 @@ class ApiService {
         // Default max attempts for API calls
         this.maxAttempts = 10;
         this.provider = '';
-        this.tokenService = {};
+        this.authProvider = {};
         // Initialize component managers
         this.cacheManager = new components_1.CacheManager();
         this.retryManager = new components_1.RetryManager();
@@ -22,17 +23,17 @@ class ApiService {
     /**
      * Setup the API service
      */
-    setup({ provider, tokenService, hooks = {}, cacheTime, baseUrl = '', }) {
+    setup({ provider, authProvider, hooks = {}, cacheTime, baseUrl = '', }) {
         this.provider = provider;
-        this.tokenService = tokenService;
+        this.authProvider = authProvider;
         this.baseUrl = baseUrl;
         // Create a copy of hooks to avoid modifying the input
         const finalHooks = {};
         // Apply default 401 handler if:
         // 1. No 401 hook is explicitly defined (or is explicitly null)
-        // 2. TokenService has a refresh method
-        if (hooks[401] === undefined && typeof this.tokenService.refresh === 'function') {
-            finalHooks[401] = this.createDefaultTokenRefreshHandler();
+        // 2. AuthProvider has a refresh method
+        if (hooks[401] === undefined && typeof this.authProvider.refresh === 'function') {
+            finalHooks[401] = this.createDefaultAuthRefreshHandler();
         }
         // Add user-defined hooks (skipping null/undefined values)
         for (const [statusCode, hook] of Object.entries(hooks)) {
@@ -50,9 +51,9 @@ class ApiService {
     }
     /**
      * Create a default handler for 401 (Unauthorized) errors
-     * that implements standard token refresh behavior
+     * that implements standard credential refresh behavior
      */
-    createDefaultTokenRefreshHandler() {
+    createDefaultAuthRefreshHandler() {
         return {
             shouldRetry: true,
             useRetryDelay: true,
@@ -60,27 +61,17 @@ class ApiService {
             maxRetries: 1,
             handler: async (accountId) => {
                 try {
-                    console.log(`🔄 Using default token refresh handler for ${accountId}`);
-                    // Get current token to extract refresh token
-                    const currentToken = await this.tokenService.get(accountId);
-                    if (!currentToken.refresh_token) {
-                        throw new Error(`No refresh token available for account ${accountId}`);
+                    console.log(`🔄 Using default auth refresh handler for ${accountId}`);
+                    if (!this.authProvider.refresh) {
+                        throw new Error('No refresh method available on auth provider');
                     }
-                    // Refresh the token
-                    const newToken = await this.tokenService.refresh(currentToken.refresh_token, accountId);
-                    if (!newToken || !newToken.access_token) {
-                        throw new Error('Token refresh returned invalid data');
-                    }
-                    // Update the token in storage
-                    await this.tokenService.set({
-                        access_token: newToken.access_token,
-                        refresh_token: newToken.refresh_token || currentToken.refresh_token
-                    }, accountId);
-                    // Return empty object to retry with same parameters
+                    // You may want to store refresh token in account data or pass it in another way
+                    // For now, assume refresh token is managed internally by the provider
+                    await this.authProvider.refresh('', accountId);
                     return {};
                 }
                 catch (error) {
-                    console.error(`Token refresh failed for ${accountId}:`, error);
+                    console.error(`Auth refresh failed for ${accountId}:`, error);
                     throw error;
                 }
             },
@@ -112,6 +103,15 @@ class ApiService {
             accountId: apiCallParams.accountId || 'default',
             base: apiCallParams.base || this.baseUrl,
         };
+        // If using ApiKeyAuthProvider with queryParamName, add API key to queryParams
+        if (this.authProvider instanceof ApiKeyAuthProvider_1.ApiKeyAuthProvider &&
+            this.authProvider.queryParamName) {
+            const queryParamName = this.authProvider.queryParamName;
+            const apiKey = this.authProvider.apiKey;
+            const urlParams = params.queryParams ? new URLSearchParams(params.queryParams) : new URLSearchParams();
+            urlParams.set(queryParamName, apiKey);
+            params.queryParams = urlParams;
+        }
         console.log('🔄 API call', this.provider, params.accountId, params.method, params.route);
         // Check cache first
         const cachedData = this.cacheManager.getFromCache(params);
@@ -138,22 +138,38 @@ class ApiService {
         const { accountId } = apiCallParams;
         let attempts = 0;
         const statusRetries = {};
-        // Copy the params to avoid mutation issues
         let currentParams = { ...apiCallParams };
+        // If using ApiKeyAuthProvider with queryParamName, add API key to queryParams
+        if (this.authProvider instanceof ApiKeyAuthProvider_1.ApiKeyAuthProvider &&
+            this.authProvider.queryParamName) {
+            const queryParamName = this.authProvider.queryParamName;
+            const apiKey = this.authProvider.apiKey;
+            const urlParams = currentParams.queryParams ? new URLSearchParams(currentParams.queryParams) : new URLSearchParams();
+            urlParams.set(queryParamName, apiKey);
+            currentParams.queryParams = urlParams;
+        }
         // Main retry loop
         while (attempts < this.maxAttempts) {
             attempts++;
             try {
-                // Get authentication token if needed
-                const authToken = apiCallParams.useAuth !== false
-                    ? await this.tokenService.get(accountId)
+                // Get authentication headers if needed
+                const authHeaders = apiCallParams.useAuth !== false
+                    ? await this.authProvider.getAuthHeaders(accountId)
                     : {};
+                // Merge auth headers into params.headers
+                currentParams.headers = {
+                    ...(currentParams.headers || {}),
+                    ...authHeaders,
+                };
                 // Verify we have authentication if required
-                if (apiCallParams.useAuth !== false && !apiCallParams.accessToken && !authToken.access_token) {
+                if (apiCallParams.useAuth !== false &&
+                    Object.keys(authHeaders).length === 0 &&
+                    !(this.authProvider instanceof ApiKeyAuthProvider_1.ApiKeyAuthProvider &&
+                        this.authProvider.queryParamName)) {
                     throw new Error(`${this.provider} credentials not found for account ID ${accountId}`);
                 }
                 // Make the actual API call
-                const response = await this.httpClient.makeRequest(currentParams, authToken);
+                const response = await this.httpClient.makeRequest(currentParams, {});
                 // Success - update account status and return result
                 this.accountManager.setLastRequestFailed(accountId, false);
                 return response;

package/dist/types.d.ts

@@ -80,9 +80,28 @@ interface HookSettings {
     maxDelay?: number;
 }
 type StatusCode = string | number;
+interface AuthProvider {
+    /**
+     * Returns headers or other auth data for a request
+     */
+    getAuthHeaders(accountId?: string): Promise<Record<string, string>>;
+    /**
+     * Optional: refresh credentials if supported (for OAuth, etc.)
+     */
+    refresh?(refreshToken: string, accountId?: string): Promise<any>;
+}
+interface ApiKeyAuthProviderOptions {
+    apiKey: string;
+    headerName?: string;
+    queryParamName?: string;
+}
+interface BasicAuthProviderOptions {
+    username: string;
+    password: string;
+}
 type TokenService = {
     get: (accountId?: string) => Promise<Token>;
     set: (token: Partial<Token>, accountId?: string) => Promise<void>;
     refresh?: (refreshToken: string, accountId?: string) => Promise<OAuthToken>;
 };
-export { OAuthToken, DelayStrategy, Token, AccountData, ApiCallParams, HookSettings, StatusCode, TokenService, };
+export { OAuthToken, DelayStrategy, Token, AccountData, ApiCallParams, HookSettings, StatusCode, AuthProvider, ApiKeyAuthProviderOptions, BasicAuthProviderOptions, TokenService, };

package/package.json

@@ -1,22 +1,12 @@
 {
   "name": "@rendomnet/apiservice",
-  "version": "1.3.2",
+  "version": "1.3.3",
   "description": "A robust TypeScript API service framework for making authenticated API calls",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "files": [
     "dist"
   ],
-  "scripts": {
-    "build": "tsc",
-    "clean": "rimraf dist",
-    "prebuild": "npm run clean",
-    "prepublishOnly": "npm run build",
-    "test": "jest",
-    "test:watch": "jest --watch",
-    "test:coverage": "jest --coverage",
-    "prepare": "npm run build"
-  },
   "keywords": [
     "api",
     "service",
@@ -50,5 +40,13 @@
   },
   "publishConfig": {
     "access": "public"
+  },
+  "scripts": {
+    "build": "tsc",
+    "clean": "rimraf dist",
+    "prebuild": "npm run clean",
+    "test": "jest",
+    "test:watch": "jest --watch",
+    "test:coverage": "jest --coverage"
   }
-}
+}