@salesforce/lds-runtime-aura 1.404.0-dev1 → 1.404.0-dev10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/ldsEngineCreator.js +352 -139
  2. package/dist/types/predictive-loading/request-strategy/get-record-request-strategy.d.ts +5 -0
  3. package/dist/types/request-interceptors/csrf-manager.d.ts +1 -0
  4. package/package.json +39 -37
package/dist/ldsEngineCreator.js CHANGED
@@ -22,8 +22,9 @@ import useCmpDefPredictions from '@salesforce/gate/lds.pdl.useCmpDefPredictions'
22
22
  import applyPredictionRequestLimit from '@salesforce/gate/lds.pdl.applyRequestLimit';
23
23
  import useLocalStorage from '@salesforce/gate/lds.pdl.useLocalStorage';
24
24
  import useOneStoreGraphql from '@salesforce/gate/lds.oneStoreGraphqlEnabled.ltng';
25
+ import canCombineRecordLayoutRequests from '@salesforce/gate/lds.pdl.canCombineRecordLayoutRequests';
25
26
  import { GetApexWireAdapterFactory, registerPrefetcher as registerPrefetcher$1 } from 'force/ldsAdaptersApex';
26
- import { instrument, getRecordAvatarsAdapterFactory, getRecordAdapterFactory, coerceFieldIdArray, getRecordsAdapterFactory, getRecordActionsAdapterFactory, getObjectInfosAdapterFactory, coerceObjectIdArray, getObjectInfoAdapterFactory, coerceObjectId, getRelatedListsActionsAdapterFactory, getRelatedListInfoBatchAdapterFactory, getRelatedListInfoAdapterFactory, getRelatedListRecordsBatchAdapterFactory, getRelatedListRecordsAdapterFactory, getListInfoByNameAdapterFactory, getListInfosByObjectNameAdapterFactory, getListRecordsByNameAdapterFactory, getListObjectInfoAdapterFactory, getRelatedListsInfoAdapterFactory, getRelatedListActionsAdapterFactory, getRecordId18Array, buildRecordRepKeyFromId, configuration, InMemoryRecordRepresentationQueryEvaluator, UiApiNamespace, RecordRepresentationRepresentationType, registerPrefetcher, RecordRepresentationVersion } from 'force/ldsAdaptersUiapi';
27
+ import { instrument, getRecordAvatarsAdapterFactory, getRecordAdapterFactory, coerceFieldIdArray, coerceLayoutTypeArray, coerceLayoutModeArray, getRecordsAdapterFactory, getRecordActionsAdapterFactory, getObjectInfosAdapterFactory, coerceObjectIdArray, getObjectInfoAdapterFactory, coerceObjectId, getRelatedListsActionsAdapterFactory, getRelatedListInfoBatchAdapterFactory, getRelatedListInfoAdapterFactory, getRelatedListRecordsBatchAdapterFactory, getRelatedListRecordsAdapterFactory, getListInfoByNameAdapterFactory, getListInfosByObjectNameAdapterFactory, getListRecordsByNameAdapterFactory, getListObjectInfoAdapterFactory, getRelatedListsInfoAdapterFactory, getRelatedListActionsAdapterFactory, getRecordId18Array, buildRecordRepKeyFromId, configuration, InMemoryRecordRepresentationQueryEvaluator, UiApiNamespace, RecordRepresentationRepresentationType, registerPrefetcher, RecordRepresentationVersion } from 'force/ldsAdaptersUiapi';
27
28
  import { getInstrumentation } from 'o11y/client';
28
29
  import { findExecutableOperation, buildGraphQLInputExtension, addTypenameToDocument } from 'force/luvioGraphqlNormalization';
29
30
  import { print, wrapConfigAndVerify, resolveAst, validateGraphQLOperations } from 'force/luvioOnestoreGraphqlParser';
@@ -41,6 +42,10 @@ import { instrument as instrument$5 } from '@lwc/state';
41
42
  import { withRegistration, register, setDefaultLuvio } from 'force/ldsEngine';
42
43
  import { pageScopedCache } from 'instrumentation/utility';
43
44
  import { createStorage, clearStorages } from 'force/ldsStorage';
45
+ import lightningConnectEnabled from '@salesforce/gate/ui.services.LightningConnect.enabled';
46
+ import bypassAppRestrictionEnabled from '@salesforce/gate/ui.services.LightningConnect.BypassAppRestriction.enabled';
47
+ import csrfValidationEnabled from '@salesforce/gate/ui.services.LightningConnect.CsrfValidation.enabled';
48
+ import sessionApiEnabled from '@salesforce/gate/ui.uisdk.session.api.enabled';
44
49
  import useHotspotLimit from '@salesforce/gate/lds.pdl.useHotspotLimit';
45
50
  import useHttpUiapiOneApp from '@salesforce/gate/lds.useHttpUiapiOneApp';
46
51
  import useHttpUiapiOneRuntime from '@salesforce/gate/lds.useHttpUiapiOneRuntime';
@@ -470,7 +475,12 @@ class AuraNetworkCommand extends NetworkCommand$1 {
470
475
  this.coerceAuraErrors
471
476
  );
472
477
  } else if (this.shouldUseFetch()) {
473
- return this.convertFetchResponseToData(this.services.fetch(...this.fetchParams));
478
+ const params = this.fetchParams;
479
+ try {
480
+ return this.convertFetchResponseToData(this.services.fetch(...params));
481
+ } catch (reason) {
482
+ return resolvedPromiseLike$2(err$1(toError(reason)));
483
+ }
474
484
  }
475
485
  return resolvedPromiseLike$2(err$1(toError("Aura/Fetch network services not found")));
476
486
  }
@@ -1068,7 +1078,12 @@ let AuraCacheControlCommand$1 = class AuraCacheControlCommand extends CacheContr
1068
1078
  (errs) => this.coerceAuraErrors(errs)
1069
1079
  );
1070
1080
  } else if (this.shouldUseFetch()) {
1071
- return this.convertFetchResponseToData(this.services.fetch(...this.fetchParams));
1081
+ const params = this.fetchParams;
1082
+ try {
1083
+ return this.convertFetchResponseToData(this.services.fetch(...params));
1084
+ } catch (reason) {
1085
+ return resolvedPromiseLike$2(err$1(toError(reason)));
1086
+ }
1072
1087
  }
1073
1088
  return resolvedPromiseLike$2(err$1(toError("Aura/Fetch network services not found")));
1074
1089
  }
@@ -1211,7 +1226,12 @@ class AuraCacheControlCommand extends CacheControlCommand {
1211
1226
  (errs) => this.coerceAuraErrors(errs)
1212
1227
  );
1213
1228
  } else if (this.shouldUseFetch()) {
1214
- return this.convertFetchResponseToData(this.services.fetch(...this.fetchParams));
1229
+ const params = this.fetchParams;
1230
+ try {
1231
+ return this.convertFetchResponseToData(this.services.fetch(...params));
1232
+ } catch (reason) {
1233
+ return resolvedPromiseLike$2(err$1(toError(reason)));
1234
+ }
1215
1235
  }
1216
1236
  return resolvedPromiseLike$2(err$1(toError("Aura/Fetch network services not found")));
1217
1237
  }
@@ -1329,7 +1349,11 @@ class HttpCacheControlCommand extends CacheControlCommand {
1329
1349
  return this.fetch();
1330
1350
  }
1331
1351
  fetch() {
1332
- return this.convertFetchResponseToData(this.services.fetch(...this.fetchParams));
1352
+ try {
1353
+ return this.convertFetchResponseToData(this.services.fetch(...this.fetchParams));
1354
+ } catch (reason) {
1355
+ return resolvedPromiseLike$2(err$1(toError(reason)));
1356
+ }
1333
1357
  }
1334
1358
  async coerceError(errorResponse) {
1335
1359
  return toError(errorResponse.statusText);
@@ -1532,7 +1556,11 @@ const _FetchNetworkCommand = class _FetchNetworkCommand extends NetworkCommand {
1532
1556
  this.services = services;
1533
1557
  }
1534
1558
  fetch() {
1535
- return this.convertFetchResponseToData(this.services.fetch(...this.fetchParams));
1559
+ try {
1560
+ return this.convertFetchResponseToData(this.services.fetch(...this.fetchParams));
1561
+ } catch (reason) {
1562
+ return resolvedPromiseLike$2(err$1(toError(reason)));
1563
+ }
1536
1564
  }
1537
1565
  async coerceError(errorResponse) {
1538
1566
  return toError(errorResponse.statusText);
@@ -1588,7 +1616,11 @@ class StreamingCommand extends BaseCommand {
1588
1616
  this.services = services;
1589
1617
  }
1590
1618
  execute() {
1591
- return this.convertFetchStreamResponseToData(this.services.fetch(...this.fetchParams));
1619
+ try {
1620
+ return this.convertFetchStreamResponseToData(this.services.fetch(...this.fetchParams));
1621
+ } catch (reason) {
1622
+ return resolvedPromiseLike$2(err$1(toError(reason)));
1623
+ }
1592
1624
  }
1593
1625
  convertFetchStreamResponseToData(response) {
1594
1626
  return response.then(
@@ -2424,9 +2456,13 @@ class OnlyIfCachedCacheControlStrategy extends CacheControlStrategy {
2424
2456
  }
2425
2457
  get expiredChecks() {
2426
2458
  return [
2427
- (cacheControlMetadata) => cacheControlMetadata.type === "no-store"
2459
+ ...super.expiredChecks,
2460
+ (cacheControlMetadata) => cacheControlMetadata.type === "no-cache"
2428
2461
  ];
2429
2462
  }
2463
+ // Note: If we add support for `stale-while-revalidate` in the future, we may
2464
+ // need to further override expiredChecks to allow stale entries that are within the
2465
+ // stale-while-revalidate window to be returned for only-if-cached requests.
2430
2466
  collectCacheHitInstrumentation(startTime, instrumentationAttributes) {
2431
2467
  if (this.services.instrumentation) {
2432
2468
  const meter = this.services.instrumentation.metrics.getMeter("onestore");
@@ -2666,7 +2702,7 @@ function buildServiceDescriptor$d(luvio) {
2666
2702
  },
2667
2703
  };
2668
2704
  }
2669
- // version: 1.404.0-dev1-9582436c8f
2705
+ // version: 1.404.0-dev10-1e49deeb66
2670
2706
 
2671
2707
  /*!
2672
2708
  * Copyright (c) 2022, Salesforce, Inc.,
@@ -2782,11 +2818,26 @@ class AuraGraphQLNormalizedCacheControlCommand extends AuraNormalizedCacheContro
2782
2818
  return buildSubscribableResult$1(result, this.buildSubscribe(), () => this.refresh());
2783
2819
  });
2784
2820
  } else if (this.shouldUseFetch()) {
2785
- return this.convertFetchResponseToData(
2786
- this.services.fetch(...this.originalFetchParams)
2787
- ).then((result) => {
2788
- return buildSubscribableResult$1(result, this.buildSubscribe(), () => this.refresh());
2789
- });
2821
+ const params = this.originalFetchParams;
2822
+ try {
2823
+ return this.convertFetchResponseToData(this.services.fetch(...params)).then(
2824
+ (result) => {
2825
+ return buildSubscribableResult$1(
2826
+ result,
2827
+ this.buildSubscribe(),
2828
+ () => this.refresh()
2829
+ );
2830
+ }
2831
+ );
2832
+ } catch (reason) {
2833
+ return resolvedPromiseLike$2(
2834
+ buildSubscribableResult$1(
2835
+ err$1(toError(reason)),
2836
+ this.buildSubscribe(),
2837
+ () => this.refresh()
2838
+ )
2839
+ );
2840
+ }
2790
2841
  }
2791
2842
  return resolvedPromiseLike$2(
2792
2843
  buildSubscribableResult$1(
@@ -3004,7 +3055,7 @@ function buildServiceDescriptor$9(notifyRecordUpdateAvailable, getNormalizedLuvi
3004
3055
  },
3005
3056
  };
3006
3057
  }
3007
- // version: 1.404.0-dev1-9582436c8f
3058
+ // version: 1.404.0-dev10-1e49deeb66
3008
3059
 
3009
3060
  /*!
3010
3061
  * Copyright (c) 2022, Salesforce, Inc.,
@@ -4707,7 +4758,7 @@ function getEnvironmentSetting(name) {
4707
4758
  }
4708
4759
  return undefined;
4709
4760
  }
4710
- // version: 1.404.0-dev1-9582436c8f
4761
+ // version: 1.404.0-dev10-1e49deeb66
4711
4762
 
4712
4763
  /**
4713
4764
  * Observability / Critical Availability Program (230+)
@@ -5715,6 +5766,227 @@ function buildLexRuntimeLuvio5xxStatusResponseInterceptor() {
5715
5766
  };
5716
5767
  }
5717
5768
 
5769
+ const CSRF_TOKEN_KEY = 'salesforce_csrf_token';
5770
+ const CSRF_STORAGE_NAME = 'ldsCSRFToken';
5771
+ const BASE_URI = '/services/data/v66.0';
5772
+ const UI_API_BASE_URI = `${BASE_URI}/ui-api`;
5773
+ const CSRF_TOKEN_ENDPOINT = `${UI_API_BASE_URI}/session/csrf`;
5774
+ const CSRF_STORAGE_CONFIG = {
5775
+ name: CSRF_STORAGE_NAME,
5776
+ persistent: true,
5777
+ secure: true,
5778
+ maxSize: 1024,
5779
+ expiration: 24 * 60 * 60,
5780
+ clearOnInit: false,
5781
+ debugLogging: false,
5782
+ };
5783
+ /**
5784
+ * Manages CSRF token fetching and caching for secure requests.
5785
+ * Implements a singleton pattern to ensure consistent token management across the application.
5786
+ */
5787
+ class CsrfTokenManager {
5788
+ constructor() {
5789
+ this.tokenPromise = null;
5790
+ // Initialize AuraStorage
5791
+ this.storage = createStorage(CSRF_STORAGE_CONFIG);
5792
+ }
5793
+ static getInstance() {
5794
+ if (!CsrfTokenManager.instance) {
5795
+ CsrfTokenManager.instance = new CsrfTokenManager();
5796
+ }
5797
+ return CsrfTokenManager.instance;
5798
+ }
5799
+ /**
5800
+ * Obtain a CSRF token, either from AuraStorage or by fetching a fresh one.
5801
+ *
5802
+ * @private
5803
+ */
5804
+ async loadOrFetchToken() {
5805
+ // First try to get token from AuraStorage
5806
+ if (this.storage) {
5807
+ try {
5808
+ const cachedToken = await this.storage.get(CSRF_TOKEN_KEY);
5809
+ if (typeof cachedToken === 'string' && cachedToken) {
5810
+ return cachedToken;
5811
+ }
5812
+ }
5813
+ catch {
5814
+ // If storage read fails, continue to fetch
5815
+ }
5816
+ }
5817
+ // No cached token, fetch from server
5818
+ return this.fetchFreshToken();
5819
+ }
5820
+ /**
5821
+ * Call API endpoint to acquire a CSRF token and cache it.
5822
+ *
5823
+ * @private
5824
+ */
5825
+ async fetchFreshToken() {
5826
+ try {
5827
+ const response = await fetch(CSRF_TOKEN_ENDPOINT, {
5828
+ method: 'GET',
5829
+ credentials: 'same-origin',
5830
+ });
5831
+ if (!response.ok) {
5832
+ return undefined;
5833
+ }
5834
+ const data = await response.json();
5835
+ const token = data.csrfToken;
5836
+ if (token && this.storage) {
5837
+ // Cache the token in AuraStorage
5838
+ try {
5839
+ await this.storage.set(CSRF_TOKEN_KEY, token);
5840
+ }
5841
+ catch {
5842
+ // Non-fatal: token is still available even if caching fails
5843
+ }
5844
+ }
5845
+ return token;
5846
+ }
5847
+ catch {
5848
+ return undefined;
5849
+ }
5850
+ }
5851
+ /**
5852
+ * Returns the current token value as a Promise.
5853
+ * Lazy-loads the token on first call (from cache or by fetching).
5854
+ */
5855
+ async getToken() {
5856
+ // Lazy initialization: only fetch token when actually needed
5857
+ if (!this.tokenPromise) {
5858
+ this.tokenPromise = this.loadOrFetchToken();
5859
+ }
5860
+ return this.tokenPromise;
5861
+ }
5862
+ /**
5863
+ * Obtains and returns a new token value as a promise.
5864
+ * This will clear the cached token and fetch a fresh one.
5865
+ */
5866
+ async refreshToken() {
5867
+ // Clear cached token
5868
+ if (this.storage) {
5869
+ try {
5870
+ await this.storage.remove(CSRF_TOKEN_KEY);
5871
+ }
5872
+ catch {
5873
+ // Non-fatal: continue with refresh even if clear fails
5874
+ }
5875
+ }
5876
+ // Fetch (and cache) fresh token
5877
+ this.tokenPromise = this.fetchFreshToken();
5878
+ return this.tokenPromise;
5879
+ }
5880
+ /**
5881
+ * Reset the singleton instance (useful for testing).
5882
+ * @internal
5883
+ */
5884
+ static resetInstance() {
5885
+ CsrfTokenManager.instance = null;
5886
+ }
5887
+ }
5888
+ CsrfTokenManager.instance = null;
5889
+
5890
+ const CSRF_TOKEN_HEADER = 'X-CSRF-Token';
5891
+ /**
5892
+ * Checks if all required gates are enabled for CSRF token interceptor.
5893
+ *
5894
+ * @returns true if all gates are enabled, false otherwise
5895
+ */
5896
+ function areCsrfGatesEnabled() {
5897
+ try {
5898
+ return (lightningConnectEnabled.isOpen({ fallback: false }) &&
5899
+ bypassAppRestrictionEnabled.isOpen({ fallback: false }) &&
5900
+ csrfValidationEnabled.isOpen({ fallback: false }) &&
5901
+ sessionApiEnabled.isOpen({ fallback: false }));
5902
+ }
5903
+ catch (error) {
5904
+ // If any gate check fails, disable CSRF interceptor
5905
+ return false;
5906
+ }
5907
+ }
5908
+ /**
5909
+ * Determines if the HTTP method requires CSRF protection.
5910
+ * Only mutating operations (POST, PUT, PATCH, DELETE) require CSRF tokens.
5911
+ *
5912
+ * @param method - The HTTP method to check
5913
+ * @returns true if the method requires CSRF protection
5914
+ */
5915
+ function isCsrfMethod(method) {
5916
+ if (!method) {
5917
+ return false;
5918
+ }
5919
+ const normalizedMethod = method.toLowerCase();
5920
+ return (normalizedMethod === 'post' ||
5921
+ normalizedMethod === 'put' ||
5922
+ normalizedMethod === 'patch' ||
5923
+ normalizedMethod === 'delete');
5924
+ }
5925
+ /**
5926
+ * Builds a request interceptor that adds CSRF token headers to mutating requests.
5927
+ * The CSRF token is fetched once and cached for subsequent requests.
5928
+ * Only POST, PUT, PATCH, and DELETE requests will have the CSRF token added.
5929
+ *
5930
+ * @returns A RequestInterceptor function for FetchParameters
5931
+ */
5932
+ function buildCsrfTokenInterceptor() {
5933
+ const csrfTokenManager = CsrfTokenManager.getInstance();
5934
+ return async (fetchArgs) => {
5935
+ // Check if all required gates are enabled before running
5936
+ if (!areCsrfGatesEnabled()) {
5937
+ return resolvedPromiseLike$2(fetchArgs);
5938
+ }
5939
+ const [urlOrRequest, options] = fetchArgs;
5940
+ // Determine the method from either Request object or options
5941
+ let method;
5942
+ if (typeof urlOrRequest !== 'string' && 'method' in urlOrRequest) {
5943
+ method = urlOrRequest.method;
5944
+ }
5945
+ else if (options && 'method' in options) {
5946
+ method = options.method;
5947
+ }
5948
+ // Only add CSRF token for mutating operations
5949
+ if (isCsrfMethod(method)) {
5950
+ const token = await csrfTokenManager.getToken();
5951
+ if (token) {
5952
+ fetchArgs = setHeader(CSRF_TOKEN_HEADER, token, fetchArgs);
5953
+ }
5954
+ }
5955
+ return resolvedPromiseLike$2(fetchArgs);
5956
+ };
5957
+ }
5958
+ /**
5959
+ * Builds a Luvio request interceptor that adds CSRF token headers to mutating requests.
5960
+ * The CSRF token is fetched once and cached for subsequent requests.
5961
+ * Only POST, PUT, PATCH, and DELETE requests will have the CSRF token added.
5962
+ *
5963
+ * @returns A request interceptor function for Luvio ResourceRequest objects
5964
+ */
5965
+ function buildLuvioCsrfTokenInterceptor() {
5966
+ const csrfTokenManager = CsrfTokenManager.getInstance();
5967
+ return async (resourceRequest) => {
5968
+ // Check if all required gates are enabled before running
5969
+ if (!areCsrfGatesEnabled()) {
5970
+ return resolvedPromiseLike$2(resourceRequest);
5971
+ }
5972
+ // Ensure headers object exists
5973
+ if (!resourceRequest.headers) {
5974
+ resourceRequest.headers = {};
5975
+ }
5976
+ // Only add CSRF token for mutating operations
5977
+ if (isCsrfMethod(resourceRequest.method)) {
5978
+ // Don't overwrite existing CSRF token header if it already exists
5979
+ if (!resourceRequest.headers[CSRF_TOKEN_HEADER]) {
5980
+ const token = await csrfTokenManager.getToken();
5981
+ if (token) {
5982
+ resourceRequest.headers[CSRF_TOKEN_HEADER] = token;
5983
+ }
5984
+ }
5985
+ }
5986
+ return resolvedPromiseLike$2(resourceRequest);
5987
+ };
5988
+ }
5989
+
5718
5990
  const API_PATHS = [
5719
5991
  // getLookupActions
5720
5992
  // '/ui-api/actions/lookup/{objectApiNames}',
@@ -5776,7 +6048,7 @@ const composedFetchNetworkAdapter = {
5776
6048
  return API_PATH_MATCHERS.some((matcher) => matcher.test(path));
5777
6049
  },
5778
6050
  adapter: setupLexNetworkAdapter(requestTracker, requestLogger, {
5779
- request: [buildLuvioPageScopedCacheRequestInterceptor()],
6051
+ request: [buildLuvioPageScopedCacheRequestInterceptor(), buildLuvioCsrfTokenInterceptor()],
5780
6052
  response: [
5781
6053
  buildLexRuntimeLuvio5xxStatusResponseInterceptor(),
5782
6054
  buildLexRuntimeLuvioAuthExpirationRedirectResponseInterceptor(),
@@ -5855,120 +6127,6 @@ function buildTransportMarksReceiveInterceptor() {
5855
6127
  };
5856
6128
  }
5857
6129
 
5858
- const CSRF_TOKEN_KEY = 'salesforce_csrf_token';
5859
- const CSRF_STORAGE_NAME = 'ldsCSRFToken';
5860
- const CSRF_STORAGE_CONFIG = {
5861
- name: CSRF_STORAGE_NAME,
5862
- persistent: true,
5863
- secure: true,
5864
- maxSize: 1024,
5865
- expiration: 24 * 60 * 60,
5866
- clearOnInit: false,
5867
- debugLogging: false,
5868
- };
5869
- /**
5870
- * Manages CSRF token fetching and caching for secure requests.
5871
- * Implements a singleton pattern to ensure consistent token management across the application.
5872
- */
5873
- class CsrfTokenManager {
5874
- constructor() {
5875
- // Initialize AuraStorage
5876
- this.storage = createStorage(CSRF_STORAGE_CONFIG);
5877
- // Try to load token from AuraStorage on initialization
5878
- this.tokenPromise = this.loadOrFetchToken();
5879
- }
5880
- static getInstance() {
5881
- if (!CsrfTokenManager.instance) {
5882
- CsrfTokenManager.instance = new CsrfTokenManager();
5883
- }
5884
- return CsrfTokenManager.instance;
5885
- }
5886
- /**
5887
- * Obtain a CSRF token, either from AuraStorage or by fetching a fresh one.
5888
- *
5889
- * @private
5890
- */
5891
- async loadOrFetchToken() {
5892
- // First try to get token from AuraStorage
5893
- if (this.storage) {
5894
- try {
5895
- const cachedToken = await this.storage.get(CSRF_TOKEN_KEY);
5896
- if (typeof cachedToken === 'string' && cachedToken) {
5897
- return cachedToken;
5898
- }
5899
- }
5900
- catch {
5901
- // If storage read fails, continue to fetch
5902
- }
5903
- }
5904
- // No cached token, fetch from server
5905
- return this.fetchFreshToken();
5906
- }
5907
- /**
5908
- * Call API endpoint to acquire a CSRF token and cache it.
5909
- *
5910
- * @private
5911
- */
5912
- async fetchFreshToken() {
5913
- try {
5914
- const response = await fetch('/session/csrf', {
5915
- method: 'GET',
5916
- credentials: 'same-origin',
5917
- });
5918
- if (!response.ok) {
5919
- return undefined;
5920
- }
5921
- const data = await response.json();
5922
- const token = data.csrfToken;
5923
- if (token && this.storage) {
5924
- // Cache the token in AuraStorage
5925
- try {
5926
- await this.storage.set(CSRF_TOKEN_KEY, token);
5927
- }
5928
- catch {
5929
- // Non-fatal: token is still available even if caching fails
5930
- }
5931
- }
5932
- return token;
5933
- }
5934
- catch {
5935
- return undefined;
5936
- }
5937
- }
5938
- /**
5939
- * Returns the current token value as a Promise.
5940
- */
5941
- async getToken() {
5942
- return this.tokenPromise;
5943
- }
5944
- /**
5945
- * Obtains and returns a new token value as a promise.
5946
- * This will clear the cached token and fetch a fresh one.
5947
- */
5948
- async refreshToken() {
5949
- // Clear cached token
5950
- if (this.storage) {
5951
- try {
5952
- await this.storage.remove(CSRF_TOKEN_KEY);
5953
- }
5954
- catch {
5955
- // Non-fatal: continue with refresh even if clear fails
5956
- }
5957
- }
5958
- // Fetch (and cache) fresh token
5959
- this.tokenPromise = this.fetchFreshToken();
5960
- return this.tokenPromise;
5961
- }
5962
- /**
5963
- * Reset the singleton instance (useful for testing).
5964
- * @internal
5965
- */
5966
- static resetInstance() {
5967
- CsrfTokenManager.instance = null;
5968
- }
5969
- }
5970
- CsrfTokenManager.instance = null;
5971
-
5972
6130
  const DEFAULT_CONFIG$1 = {
5973
6131
  maxRetries: 1, // Only retry once after token refresh
5974
6132
  };
@@ -6059,8 +6217,8 @@ async function isCsrfError(response) {
6059
6217
  // Clone to avoid consuming the original response
6060
6218
  const cloned = response.clone();
6061
6219
  const body = await cloned.json();
6062
- // Check the error array format: data[0].errorCode
6063
- const errorCode = body?.data?.[0]?.errorCode;
6220
+ // Check the error array format: body[0].errorCode
6221
+ const errorCode = body?.[0]?.errorCode;
6064
6222
  return errorCode === 'INVALID_ACCESS_TOKEN';
6065
6223
  }
6066
6224
  catch {
@@ -6077,6 +6235,7 @@ function buildLexRuntimeDefaultFetchServiceDescriptor(logger, retryService) {
6077
6235
  buildThirdPartyTrackerRegisterInterceptor(),
6078
6236
  buildPageScopedCacheRequestInterceptor(),
6079
6237
  buildTransportMarksSendInterceptor(),
6238
+ buildCsrfTokenInterceptor(),
6080
6239
  ],
6081
6240
  response: [
6082
6241
  buildLexRuntime5xxStatusResponseInterceptor(logger),
@@ -6098,6 +6257,7 @@ function buildLexRuntimeAllow5xxFetchServiceDescriptor(logger, retryService) {
6098
6257
  buildThirdPartyTrackerRegisterInterceptor(),
6099
6258
  buildPageScopedCacheRequestInterceptor(),
6100
6259
  buildTransportMarksSendInterceptor(),
6260
+ buildCsrfTokenInterceptor(),
6101
6261
  ],
6102
6262
  response: [buildLexRuntimeAuthExpirationRedirectResponseInterceptor(logger)],
6103
6263
  finally: [
@@ -6691,9 +6851,31 @@ function isFieldsRequest(config) {
6691
6851
  config.modes === undefined &&
6692
6852
  (config.fields !== undefined || config.optionalFields !== undefined));
6693
6853
  }
6854
+ function isCombinableLayoutRequest(config) {
6855
+ // We will only consider a layout request combinable if it is a single layout type request
6856
+ // and the only request parameters are:
6857
+ // - layoutTypes
6858
+ // - optionalFields
6859
+ // - modes
6860
+ const hasExtraParams = config.childRelationships !== undefined ||
6861
+ config.pageSize !== undefined ||
6862
+ config.updateMru !== undefined;
6863
+ return config.layoutTypes !== undefined && !hasExtraParams;
6864
+ }
6865
+ function areCombinableLayoutRequests(reqA, reqB) {
6866
+ const normilizedLayoutTypesA = coerceLayoutTypeArray(reqA.layoutTypes) || [];
6867
+ const normilizedLayoutTypesB = coerceLayoutTypeArray(reqB.layoutTypes) || [];
6868
+ // Let's only combine when the layoutTypes are the same
6869
+ return (isCombinableLayoutRequest(reqA) &&
6870
+ isCombinableLayoutRequest(reqB) &&
6871
+ reqA.recordId === reqB.recordId &&
6872
+ normilizedLayoutTypesA.length === normilizedLayoutTypesB.length &&
6873
+ normilizedLayoutTypesA.every((type, index) => type === normilizedLayoutTypesB[index]));
6874
+ }
6694
6875
  class GetRecordRequestStrategy extends LuvioAdapterRequestStrategy {
6695
- constructor() {
6696
- super(...arguments);
6876
+ constructor(luvio, canCombineRecordLayoutRequests = false) {
6877
+ super(luvio);
6878
+ this.canCombineRecordLayoutRequests = canCombineRecordLayoutRequests;
6697
6879
  this.adapterName = GET_RECORD_ADAPTER_NAME;
6698
6880
  this.adapterFactory = getRecordAdapterFactory;
6699
6881
  }
@@ -6722,10 +6904,41 @@ class GetRecordRequestStrategy extends LuvioAdapterRequestStrategy {
6722
6904
  };
6723
6905
  }
6724
6906
  canCombine(reqA, reqB) {
6725
- // must be same record and
6726
- return reqA.recordId === reqB.recordId && isFieldsRequest(reqA) && isFieldsRequest(reqB);
6907
+ // must be same record and either both are fields requests or both are combinable layout requests
6908
+ return (reqA.recordId === reqB.recordId &&
6909
+ ((isFieldsRequest(reqA) && isFieldsRequest(reqB)) ||
6910
+ (this.canCombineRecordLayoutRequests && areCombinableLayoutRequests(reqA, reqB))));
6727
6911
  }
6728
6912
  combineRequests(reqA, reqB) {
6913
+ if (isFieldsRequest(reqA)) {
6914
+ return this.combineFieldsRequests(reqA, reqB);
6915
+ }
6916
+ else {
6917
+ return this.combineLayoutRequests(reqA, reqB);
6918
+ }
6919
+ }
6920
+ combineLayoutRequests(reqA, reqB) {
6921
+ const combined = {
6922
+ recordId: reqA.recordId,
6923
+ layoutTypes: coerceLayoutTypeArray(reqA.layoutTypes),
6924
+ };
6925
+ // combine Modes.
6926
+ // Note: the || ['View'] is important; it is to cover the case in which it needs to
6927
+ // combine mode: undefined (defaults to View) with mode: ['something else than View']
6928
+ const modeA = coerceLayoutModeArray(reqA.modes) || ['View'];
6929
+ const modeB = coerceLayoutModeArray(reqB.modes) || ['View'];
6930
+ if (reqA.modes !== undefined || reqB.modes !== undefined) {
6931
+ combined.modes = Array.from(new Set([...modeA, ...modeB]));
6932
+ }
6933
+ // combine Optional Fields.
6934
+ const optionalFieldsA = coerceFieldIdArray(reqA.optionalFields, COERCE_FIELD_ID_ARRAY_OPTIONS) || [];
6935
+ const optionalFieldsB = coerceFieldIdArray(reqB.optionalFields, COERCE_FIELD_ID_ARRAY_OPTIONS) || [];
6936
+ if (optionalFieldsA !== undefined || optionalFieldsB !== undefined) {
6937
+ combined.optionalFields = Array.from(new Set([...optionalFieldsA, ...optionalFieldsB]));
6938
+ }
6939
+ return combined;
6940
+ }
6941
+ combineFieldsRequests(reqA, reqB) {
6729
6942
  const fields = new Set();
6730
6943
  const optionalFields = new Set();
6731
6944
  if (reqA.fields !== undefined) {
@@ -9411,7 +9624,7 @@ function whenPredictionsReady(callback) {
9411
9624
  }
9412
9625
  function setupPredictivePrefetcher(luvio) {
9413
9626
  const allStrategies = [
9414
- new GetRecordRequestStrategy(luvio),
9627
+ new GetRecordRequestStrategy(luvio, canCombineRecordLayoutRequests.isOpen({ fallback: false })),
9415
9628
  new GetRecordsRequestStrategy(luvio),
9416
9629
  new GetRecordActionsRequestStrategy(luvio),
9417
9630
  new GetRecordAvatarsRequestStrategy(luvio),
@@ -9704,4 +9917,4 @@ function ldsEngineCreator() {
9704
9917
  }
9705
9918
 
9706
9919
  export { LexRequestStrategy, PdlRequestPriority, buildPredictorForContext, ldsEngineCreator as default, initializeLDS, initializeOneStore, notifyUpdateAvailableFactory, registerRequestStrategy, saveRequestAsPrediction, unregisterRequestStrategy, whenPredictionsReady };
9707
- // version: 1.404.0-dev1-48073cfce6
9920
+ // version: 1.404.0-dev10-5a5eea9232
package/dist/types/predictive-loading/request-strategy/get-record-request-strategy.d.ts CHANGED
@@ -1,3 +1,4 @@
1
+ import type { Luvio } from '@luvio/engine';
1
2
  import type { GetRecordConfig } from '@salesforce/lds-adapters-uiapi';
2
3
  import { LuvioAdapterRequestStrategy } from './luvio-adapter-request-strategy';
3
4
  export type GetRecordRequest = {
@@ -9,12 +10,16 @@ type GetRecordContext = {
9
10
  };
10
11
  export declare const GET_RECORD_ADAPTER_NAME = "getRecord";
11
12
  export declare class GetRecordRequestStrategy extends LuvioAdapterRequestStrategy<GetRecordConfig, GetRecordRequest, GetRecordContext> {
13
+ private readonly canCombineRecordLayoutRequests;
12
14
  adapterName: string;
13
15
  adapterFactory: import("@luvio/engine").AdapterFactory<GetRecordConfig, import("@salesforce/lds-adapters-uiapi").RecordRepresentation>;
16
+ constructor(luvio: Luvio, canCombineRecordLayoutRequests?: boolean);
14
17
  buildConcreteRequest(similarRequest: GetRecordRequest, context: GetRecordContext): GetRecordRequest;
15
18
  transformForSave(request: GetRecordRequest): GetRecordRequest;
16
19
  canCombine(reqA: GetRecordConfig, reqB: GetRecordConfig): boolean;
17
20
  combineRequests(reqA: GetRecordConfig, reqB: GetRecordConfig): GetRecordConfig;
21
+ combineLayoutRequests(reqA: GetRecordConfig, reqB: GetRecordConfig): GetRecordConfig;
22
+ combineFieldsRequests(reqA: GetRecordConfig, reqB: GetRecordConfig): GetRecordConfig;
18
23
  isContextDependent(context: GetRecordContext, request: GetRecordRequest): boolean;
19
24
  transformForSaveSimilarRequest(request: GetRecordRequest): GetRecordRequest;
20
25
  }
package/dist/types/request-interceptors/csrf-manager.d.ts CHANGED
@@ -22,6 +22,7 @@ declare class CsrfTokenManager {
22
22
  private fetchFreshToken;
23
23
  /**
24
24
  * Returns the current token value as a Promise.
25
+ * Lazy-loads the token on first call (from cache or by fetching).
25
26
  */
26
27
  getToken(): Promise<string | undefined>;
27
28
  /**
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@salesforce/lds-runtime-aura",
3
- "version": "1.404.0-dev1",
3
+ "version": "1.404.0-dev10",
4
4
  "license": "SEE LICENSE IN LICENSE.txt",
5
5
  "description": "LDS engine for Aura runtime",
6
6
  "main": "dist/ldsEngineCreator.js",
@@ -34,47 +34,49 @@
34
34
  "release:corejar": "yarn build && ../core-build/scripts/core.js --name=lds-runtime-aura"
35
35
  },
36
36
  "devDependencies": {
37
- "@conduit-client/service-provisioner": "3.2.0",
38
- "@conduit-client/tools-core": "3.2.0",
39
- "@salesforce/lds-adapters-apex": "^1.404.0-dev1",
40
- "@salesforce/lds-adapters-uiapi": "^1.404.0-dev1",
41
- "@salesforce/lds-ads-bridge": "^1.404.0-dev1",
42
- "@salesforce/lds-aura-storage": "^1.404.0-dev1",
43
- "@salesforce/lds-bindings": "^1.404.0-dev1",
44
- "@salesforce/lds-instrumentation": "^1.404.0-dev1",
45
- "@salesforce/lds-network-aura": "^1.404.0-dev1",
46
- "@salesforce/lds-network-fetch": "^1.404.0-dev1",
37
+ "@conduit-client/service-provisioner": "3.7.0-dev2",
38
+ "@conduit-client/tools-core": "3.7.0-dev2",
39
+ "@salesforce/lds-adapters-apex": "^1.404.0-dev10",
40
+ "@salesforce/lds-adapters-uiapi": "^1.404.0-dev10",
41
+ "@salesforce/lds-ads-bridge": "^1.404.0-dev10",
42
+ "@salesforce/lds-aura-storage": "^1.404.0-dev10",
43
+ "@salesforce/lds-bindings": "^1.404.0-dev10",
44
+ "@salesforce/lds-instrumentation": "^1.404.0-dev10",
45
+ "@salesforce/lds-network-aura": "^1.404.0-dev10",
46
+ "@salesforce/lds-network-fetch": "^1.404.0-dev10",
47
47
  "jwt-encode": "1.0.1"
48
48
  },
49
49
  "dependencies": {
50
- "@conduit-client/command-aura-graphql-normalized-cache-control": "3.2.0",
51
- "@conduit-client/command-aura-network": "3.2.0",
52
- "@conduit-client/command-aura-normalized-cache-control": "3.2.0",
53
- "@conduit-client/command-aura-resource-cache-control": "3.2.0",
54
- "@conduit-client/command-fetch-network": "3.2.0",
55
- "@conduit-client/command-http-graphql-normalized-cache-control": "3.2.0",
56
- "@conduit-client/command-http-normalized-cache-control": "3.2.0",
57
- "@conduit-client/command-ndjson": "3.2.0",
58
- "@conduit-client/command-network": "3.2.0",
59
- "@conduit-client/command-sse": "3.2.0",
60
- "@conduit-client/command-streaming": "3.2.0",
61
- "@conduit-client/service-aura-network": "3.2.0",
62
- "@conduit-client/service-cache": "3.2.0",
63
- "@conduit-client/service-cache-control": "3.2.0",
64
- "@conduit-client/service-cache-inclusion-policy": "3.2.0",
65
- "@conduit-client/service-feature-flags": "3.2.0",
66
- "@conduit-client/service-fetch-network": "3.2.0",
67
- "@conduit-client/service-instrument-command": "3.2.0",
68
- "@conduit-client/service-pubsub": "3.2.0",
69
- "@conduit-client/service-store": "3.2.0",
70
- "@conduit-client/utils": "3.2.0",
50
+ "@conduit-client/command-aura-graphql-normalized-cache-control": "3.7.0-dev2",
51
+ "@conduit-client/command-aura-network": "3.7.0-dev2",
52
+ "@conduit-client/command-aura-normalized-cache-control": "3.7.0-dev2",
53
+ "@conduit-client/command-aura-resource-cache-control": "3.7.0-dev2",
54
+ "@conduit-client/command-fetch-network": "3.7.0-dev2",
55
+ "@conduit-client/command-http-graphql-normalized-cache-control": "3.7.0-dev2",
56
+ "@conduit-client/command-http-normalized-cache-control": "3.7.0-dev2",
57
+ "@conduit-client/command-ndjson": "3.7.0-dev2",
58
+ "@conduit-client/command-network": "3.7.0-dev2",
59
+ "@conduit-client/command-sse": "3.7.0-dev2",
60
+ "@conduit-client/command-streaming": "3.7.0-dev2",
61
+ "@conduit-client/service-aura-network": "3.7.0-dev2",
62
+ "@conduit-client/service-bindings-imperative": "3.7.0-dev2",
63
+ "@conduit-client/service-bindings-lwc": "3.7.0-dev2",
64
+ "@conduit-client/service-cache": "3.7.0-dev2",
65
+ "@conduit-client/service-cache-control": "3.7.0-dev2",
66
+ "@conduit-client/service-cache-inclusion-policy": "3.7.0-dev2",
67
+ "@conduit-client/service-feature-flags": "3.7.0-dev2",
68
+ "@conduit-client/service-fetch-network": "3.7.0-dev2",
69
+ "@conduit-client/service-instrument-command": "3.7.0-dev2",
70
+ "@conduit-client/service-pubsub": "3.7.0-dev2",
71
+ "@conduit-client/service-store": "3.7.0-dev2",
72
+ "@conduit-client/utils": "3.7.0-dev2",
71
73
  "@luvio/network-adapter-composable": "0.158.7",
72
74
  "@luvio/network-adapter-fetch": "0.158.7",
73
75
  "@lwc/state": "^0.23.0",
74
- "@salesforce/lds-adapters-onestore-graphql": "^1.404.0-dev1",
75
- "@salesforce/lds-adapters-uiapi-lex": "^1.404.0-dev1",
76
- "@salesforce/lds-luvio-service": "^1.404.0-dev1",
77
- "@salesforce/lds-luvio-uiapi-records-service": "^1.404.0-dev1"
76
+ "@salesforce/lds-adapters-onestore-graphql": "^1.404.0-dev10",
77
+ "@salesforce/lds-adapters-uiapi-lex": "^1.404.0-dev10",
78
+ "@salesforce/lds-luvio-service": "^1.404.0-dev10",
79
+ "@salesforce/lds-luvio-uiapi-records-service": "^1.404.0-dev10"
78
80
  },
79
81
  "luvioBundlesize": [
80
82
  {
@@ -82,7 +84,7 @@
82
84
  "maxSize": {
83
85
  "none": "350 kB",
84
86
  "min": "190 kB",
85
- "compressed": "56 kB"
87
+ "compressed": "57 kB"
86
88
  }
87
89
  }
88
90
  ],