@sanity/sdk 2.7.0 → 3.0.0-rc.0

package/src/auth/refreshStampedToken.test.ts

@@ -7,13 +7,13 @@ import {createSanityInstance} from '../store/createSanityInstance'
 import {createStoreState} from '../store/createStoreState'
 import {AuthStateType} from './authStateType'
 import {type AuthState, authStore} from './authStore'
-// Import only the public function
 import {
   getLastRefreshTime,
   getNextRefreshDelay,
   refreshStampedToken,
   setLastRefreshTime,
 } from './refreshStampedToken'
+import {createLoggedInAuthState} from './utils'
 
 // Type definitions for Web Locks (can be kept if needed for context)
 // ... (Lock, LockOptions, LockGrantedCallback types)
@@ -118,8 +118,6 @@ describe('refreshStampedToken', () => {
       }
       const mockClientFactory = vi.fn().mockReturnValue(mockClient)
       const instance = createSanityInstance({
-        projectId: 'p',
-        dataset: 'd',
         auth: {clientFactory: mockClientFactory, storageArea: mockStorage},
       })
       const initialState = authStore.getInitialState(instance, null)
@@ -147,6 +145,126 @@ describe('refreshStampedToken', () => {
       expect(locksRequest).not.toHaveBeenCalled()
     })
 
+    it('does not refresh on visibility change when lastTokenRefresh is recent', async () => {
+      const mockClient = {
+        observable: {request: vi.fn(() => of({token: 'sk-refreshed-token-st123'}))},
+      }
+      const mockClientFactory = vi.fn().mockReturnValue(mockClient)
+      const instance = createSanityInstance({
+        defaultResource: {projectId: 'p', dataset: 'd'},
+        auth: {clientFactory: mockClientFactory, storageArea: mockStorage},
+      })
+      const initialState = authStore.getInitialState(instance, null)
+      initialState.authState = createLoggedInAuthState('sk-initial-token-st123', null)
+      initialState.dashboardContext = {mode: 'test'}
+      const state = createStoreState(initialState)
+
+      const subscription = refreshStampedToken({state, instance, key: null})
+      subscriptions.push(subscription)
+
+      const addEventListenerMock = global.document.addEventListener as ReturnType<typeof vi.fn>
+      expect(addEventListenerMock).toHaveBeenCalledWith('visibilitychange', expect.any(Function))
+      const visibilityHandler = addEventListenerMock.mock.calls[0][1] as () => void
+
+      Object.defineProperty(global.document, 'visibilityState', {
+        value: 'visible',
+        writable: true,
+        configurable: true,
+      })
+
+      visibilityHandler()
+      await vi.advanceTimersByTimeAsync(100)
+
+      expect(mockClient.observable.request).not.toHaveBeenCalled()
+      const finalAuthState = state.get().authState
+      if (finalAuthState.type === AuthStateType.LOGGED_IN) {
+        expect(finalAuthState.token).toBe('sk-initial-token-st123')
+      }
+    })
+
+    it('refreshes on visibility change when lastTokenRefresh is stale', async () => {
+      const REFRESH_INTERVAL = 12 * 60 * 60 * 1000
+      const mockClient = {
+        observable: {request: vi.fn(() => of({token: 'sk-refreshed-token-st123'}))},
+      }
+      const mockClientFactory = vi.fn().mockReturnValue(mockClient)
+      const instance = createSanityInstance({
+        defaultResource: {projectId: 'p', dataset: 'd'},
+        auth: {clientFactory: mockClientFactory, storageArea: mockStorage},
+      })
+      const initialState = authStore.getInitialState(instance, null)
+      const staleTimestamp = Date.now() - REFRESH_INTERVAL - 1000
+      initialState.authState = {
+        type: AuthStateType.LOGGED_IN,
+        token: 'sk-initial-token-st123',
+        currentUser: null,
+        lastTokenRefresh: staleTimestamp,
+      }
+      initialState.dashboardContext = {mode: 'test'}
+      const state = createStoreState(initialState)
+
+      const subscription = refreshStampedToken({state, instance, key: null})
+      subscriptions.push(subscription)
+
+      const addEventListenerMock = global.document.addEventListener as ReturnType<typeof vi.fn>
+      expect(addEventListenerMock).toHaveBeenCalledWith('visibilitychange', expect.any(Function))
+      const visibilityHandler = addEventListenerMock.mock.calls[0][1] as () => void
+
+      Object.defineProperty(global.document, 'visibilityState', {
+        value: 'visible',
+        writable: true,
+        configurable: true,
+      })
+
+      visibilityHandler()
+      await vi.advanceTimersToNextTimerAsync()
+
+      expect(mockClient.observable.request).toHaveBeenCalled()
+      const finalAuthState = state.get().authState
+      if (finalAuthState.type === AuthStateType.LOGGED_IN) {
+        expect(finalAuthState.token).toBe('sk-refreshed-token-st123')
+        expect(finalAuthState.lastTokenRefresh).toBeGreaterThan(staleTimestamp)
+      }
+    })
+
+    it('refreshes on visibility change when lastTokenRefresh is undefined (pre-fix behavior)', async () => {
+      const mockClient = {
+        observable: {request: vi.fn(() => of({token: 'sk-refreshed-token-st123'}))},
+      }
+      const mockClientFactory = vi.fn().mockReturnValue(mockClient)
+      const instance = createSanityInstance({
+        defaultResource: {projectId: 'p', dataset: 'd'},
+        auth: {clientFactory: mockClientFactory, storageArea: mockStorage},
+      })
+      const initialState = authStore.getInitialState(instance, null)
+      initialState.authState = {
+        type: AuthStateType.LOGGED_IN,
+        token: 'sk-initial-token-st123',
+        currentUser: null,
+        // lastTokenRefresh intentionally omitted to demonstrate the old bug
+      }
+      initialState.dashboardContext = {mode: 'test'}
+      const state = createStoreState(initialState)
+
+      const subscription = refreshStampedToken({state, instance, key: null})
+      subscriptions.push(subscription)
+
+      const addEventListenerMock = global.document.addEventListener as ReturnType<typeof vi.fn>
+      const visibilityHandler = addEventListenerMock.mock.calls[0][1] as () => void
+
+      Object.defineProperty(global.document, 'visibilityState', {
+        value: 'visible',
+        writable: true,
+        configurable: true,
+      })
+
+      visibilityHandler()
+      await vi.advanceTimersToNextTimerAsync()
+
+      // Without lastTokenRefresh, shouldRefreshToken returns true — this is the bug
+      expect(mockClient.observable.request).toHaveBeenCalled()
+    })
+
     it('does not refresh when tab is not visible', async () => {
       // Set visibility to hidden
       Object.defineProperty(global, 'document', {
@@ -164,8 +282,6 @@ describe('refreshStampedToken', () => {
       }
       const mockClientFactory = vi.fn().mockReturnValue(mockClient)
       const instance = createSanityInstance({
-        projectId: 'p',
-        dataset: 'd',
         auth: {clientFactory: mockClientFactory, storageArea: mockStorage},
       })
       const initialState = authStore.getInitialState(instance, null)
@@ -198,8 +314,6 @@ describe('refreshStampedToken', () => {
       const mockClient = {observable: {request: vi.fn()}}
       const mockClientFactory = vi.fn().mockReturnValue(mockClient)
       const instance = createSanityInstance({
-        projectId: 'p',
-        dataset: 'd',
         auth: {clientFactory: mockClientFactory, storageArea: mockStorage},
       })
       const initialState = authStore.getInitialState(instance, null)
@@ -249,8 +363,6 @@ describe('refreshStampedToken', () => {
         }
         const mockClientFactory = vi.fn().mockReturnValue(mockClient)
         const instance = createSanityInstance({
-          projectId: 'p',
-          dataset: 'd',
           auth: {clientFactory: mockClientFactory, storageArea: mockStorage},
         })
         const initialState = authStore.getInitialState(instance, null)
@@ -299,8 +411,6 @@ describe('refreshStampedToken', () => {
         }
         const mockClientFactory = vi.fn().mockReturnValue(mockClient)
         const instance = createSanityInstance({
-          projectId: 'p',
-          dataset: 'd',
           auth: {clientFactory: mockClientFactory, storageArea: mockStorage},
         })
         const initialState = authStore.getInitialState(instance, null)
@@ -345,8 +455,6 @@ describe('refreshStampedToken', () => {
     const mockClient = {observable: {request: vi.fn(() => throwError(() => error))}}
     const mockClientFactory = vi.fn().mockReturnValue(mockClient)
     const instance = createSanityInstance({
-      projectId: 'p',
-      dataset: 'd',
       auth: {clientFactory: mockClientFactory, storageArea: mockStorage},
     })
     const initialState = authStore.getInitialState(instance, null)
@@ -374,8 +482,6 @@ describe('refreshStampedToken', () => {
   it('does nothing if user is not logged in', async () => {
     const mockClientFactory = vi.fn()
     const instance = createSanityInstance({
-      projectId: 'p',
-      dataset: 'd',
       auth: {clientFactory: mockClientFactory, storageArea: mockStorage},
     })
     const initialState = authStore.getInitialState(instance, null)
@@ -400,8 +506,6 @@ describe('refreshStampedToken', () => {
     const mockClient = {observable: {request: vi.fn()}}
     const mockClientFactory = vi.fn().mockReturnValue(mockClient)
     const instance = createSanityInstance({
-      projectId: 'p',
-      dataset: 'd',
       auth: {clientFactory: mockClientFactory, storageArea: mockStorage},
     })
     const initialState = authStore.getInitialState(instance, null)

package/src/auth/standaloneAuth.ts

@@ -7,7 +7,13 @@ import {type AuthStrategyOptions, type AuthStrategyResult} from './authStrategy'
 import {refreshStampedToken} from './refreshStampedToken'
 import {subscribeToStateAndFetchCurrentUser} from './subscribeToStateAndFetchCurrentUser'
 import {subscribeToStorageEventsAndSetToken} from './subscribeToStorageEventsAndSetToken'
-import {getAuthCode, getDefaultStorage, getTokenFromLocation, getTokenFromStorage} from './utils'
+import {
+  createLoggedInAuthState,
+  getAuthCode,
+  getDefaultStorage,
+  getTokenFromLocation,
+  getTokenFromStorage,
+} from './utils'
 
 /**
  * Resolves the initial auth state for Standalone mode.
@@ -30,7 +36,7 @@ export function getStandaloneInitialState(options: AuthStrategyOptions): AuthStr
   // Provided token always wins
   if (providedToken) {
     return {
-      authState: {type: AuthStateType.LOGGED_IN, token: providedToken, currentUser: null},
+      authState: createLoggedInAuthState(providedToken, null),
       storageKey,
       storageArea,
       authMethod: undefined,
@@ -53,7 +59,7 @@ export function getStandaloneInitialState(options: AuthStrategyOptions): AuthStr
   const token = getTokenFromStorage(storageArea, storageKey)
   if (token) {
     return {
-      authState: {type: AuthStateType.LOGGED_IN, token, currentUser: null},
+      authState: createLoggedInAuthState(token, null),
       storageKey,
       storageArea,
       authMethod: 'localstorage',

package/src/auth/studioAuth.ts

@@ -9,7 +9,7 @@ import {refreshStampedToken} from './refreshStampedToken'
 import {checkForCookieAuth, getStudioTokenFromLocalStorage} from './studioModeAuth'
 import {subscribeToStateAndFetchCurrentUser} from './subscribeToStateAndFetchCurrentUser'
 import {subscribeToStorageEventsAndSetToken} from './subscribeToStorageEventsAndSetToken'
-import {getDefaultStorage} from './utils'
+import {createLoggedInAuthState, getDefaultStorage} from './utils'
 
 /**
  * Resolves the initial auth state for Studio mode.
@@ -55,7 +55,7 @@ export function getStudioInitialState(options: AuthStrategyOptions): AuthStrateg
 
   if (providedToken) {
     return {
-      authState: {type: AuthStateType.LOGGED_IN, token: providedToken, currentUser: null},
+      authState: createLoggedInAuthState(providedToken, null),
       storageKey: studioStorageKey,
       storageArea,
       authMethod,
@@ -65,7 +65,7 @@ export function getStudioInitialState(options: AuthStrategyOptions): AuthStrateg
 
   if (token) {
     return {
-      authState: {type: AuthStateType.LOGGED_IN, token, currentUser: null},
+      authState: createLoggedInAuthState(token, null),
       storageKey: studioStorageKey,
       storageArea,
       authMethod: 'localstorage',
@@ -115,14 +115,29 @@ export function initializeStudioAuth(
 
 /**
  * Subscribe to a reactive token source from the Studio workspace.
- * The Studio is the single authority for auth — the SDK does not run
- * its own token refresher or cookie auth checks.
+ *
+ * When the token source emits a non-null token, the SDK uses it directly.
+ * When it emits `null`, the behavior depends on the `authenticated` flag
+ * from the Studio's workspace config:
+ *
+ * - `authenticated: true` — the Studio has already verified the user is
+ *   logged in (e.g. via cookie auth). The SDK treats the null token as
+ *   cookie-based auth and stays in the LOGGED_IN state.
+ *
+ * - `authenticated` absent/false — the user is genuinely not authenticated;
+ *   transition to LOGGED_OUT.
+ *
+ * No async cookie probing is needed here because this code path only runs
+ * when a Studio provides SDKStudioContext, and the Studio's Workspace type
+ * always includes `authenticated`. The async `checkForCookieAuth` fallback
+ * remains in `initializeWithFallback` for the non-Studio path.
  */
 function initializeWithTokenSource(
   context: StoreContext<AuthStoreState>,
   tokenSource: TokenSource,
 ): {dispose: () => void; tokenRefresherStarted: boolean} {
   const subscriptions: Subscription[] = []
+  const studioAuthenticated = context.instance.config.studio?.authenticated === true
 
   // Subscribe to the current user fetcher — runs whenever auth state changes
   subscriptions.push(subscribeToStateAndFetchCurrentUser(context, {useProjectHostname: true}))
@@ -132,11 +147,23 @@ function initializeWithTokenSource(
     next: (token) => {
       const {state} = context
       if (token) {
+        // Studio provided a real token — use it directly
         state.set('studioTokenSource', (prev) => ({
           options: {...prev.options, authMethod: undefined},
-          authState: {type: AuthStateType.LOGGED_IN, token, currentUser: null},
+          authState: createLoggedInAuthState(token, null),
+        }))
+      } else if (studioAuthenticated) {
+        // The Studio says the user is authenticated — null token means
+        // cookie-based auth is in use. Stay logged in with cookie method.
+        state.set('studioTokenSourceCookieAuth', (prev) => ({
+          options: {...prev.options, authMethod: 'cookie'},
+          authState:
+            prev.authState.type === AuthStateType.LOGGED_IN
+              ? prev.authState
+              : createLoggedInAuthState('', null),
         }))
       } else {
+        // No token and Studio doesn't confirm authentication — logged out
         state.set('studioTokenSourceLoggedOut', (prev) => ({
           options: {...prev.options, authMethod: undefined},
           authState: {type: AuthStateType.LOGGED_OUT, isDestroyingSession: false},
@@ -184,7 +211,7 @@ function initializeWithFallback(
         : null
 
     if (!token) {
-      const projectIdValue = instance.config.projectId
+      const projectIdValue = instance.config.studio?.projectId
       const clientFactory = state.get().options.clientFactory
       checkForCookieAuth(projectIdValue, clientFactory).then((isCookieAuthEnabled) => {
         if (!isCookieAuthEnabled) return
@@ -193,7 +220,7 @@ function initializeWithFallback(
           authState:
             prev.authState.type === AuthStateType.LOGGED_IN
               ? prev.authState
-              : {type: AuthStateType.LOGGED_IN, token: '', currentUser: null},
+              : createLoggedInAuthState('', null),
         }))
       })
     }

package/src/auth/subscribeToStateAndFetchCurrentUser.test.ts

@@ -18,7 +18,9 @@ describe('subscribeToStateAndFetchCurrentUser', () => {
     const mockRequest = vi.fn().mockReturnValue(of(mockUser))
     const mockClient = {observable: {request: mockRequest}}
     const clientFactory = vi.fn().mockReturnValue(mockClient)
-    const instance = createSanityInstance({projectId: 'p', dataset: 'd', auth: {clientFactory}})
+    const instance = createSanityInstance({
+      auth: {clientFactory},
+    })
 
     const state = createStoreState(authStore.getInitialState(instance, null))
     const subscription = subscribeToStateAndFetchCurrentUser({state, instance, key: null})
@@ -50,7 +52,9 @@ describe('subscribeToStateAndFetchCurrentUser', () => {
     const mockRequest = vi.fn().mockReturnValue(of(mockUser).pipe(delay(0)))
     const mockClient = {observable: {request: mockRequest}}
     const clientFactory = vi.fn().mockReturnValue(mockClient)
-    const instance = createSanityInstance({projectId: 'p', dataset: 'd', auth: {clientFactory}})
+    const instance = createSanityInstance({
+      auth: {clientFactory},
+    })
 
     const state = createStoreState(authStore.getInitialState(instance, null))
     const subscription = subscribeToStateAndFetchCurrentUser({state, instance, key: null})
@@ -86,7 +90,9 @@ describe('subscribeToStateAndFetchCurrentUser', () => {
     const mockRequest = vi.fn().mockReturnValue(throwError(() => error))
     const mockClient = {observable: {request: mockRequest}}
     const clientFactory = vi.fn().mockReturnValue(mockClient)
-    const instance = createSanityInstance({projectId: 'p', dataset: 'd', auth: {clientFactory}})
+    const instance = createSanityInstance({
+      auth: {clientFactory},
+    })
 
     const state = createStoreState(authStore.getInitialState(instance, null))
     const subscription = subscribeToStateAndFetchCurrentUser({state, instance, key: null})

package/src/auth/subscribeToStateAndFetchCurrentUser.ts

@@ -24,7 +24,7 @@ export const subscribeToStateAndFetchCurrentUser = (
 ): Subscription => {
   const {clientFactory, apiHost} = state.get().options
   const useProjectHostname = fetchOptions?.useProjectHostname ?? isStudioConfig(instance.config)
-  const projectId = instance.config.projectId
+  const projectId = instance.config.studio?.projectId
 
   const currentUser$ = state.observable
     .pipe(

package/src/auth/subscribeToStorageEventsAndSetToken.test.ts

@@ -23,8 +23,6 @@ describe('subscribeToStorageEventsAndSetToken', () => {
     vi.clearAllMocks()
 
     instance = createSanityInstance({
-      projectId: 'p',
-      dataset: 'd',
       auth: {storageArea: storageArea},
     })
 

package/src/auth/subscribeToStorageEventsAndSetToken.ts

@@ -3,7 +3,7 @@ import {defer, distinctUntilChanged, filter, map, type Subscription} from 'rxjs'
 import {type StoreContext} from '../store/defineStore'
 import {AuthStateType} from './authStateType'
 import {type AuthStoreState} from './authStore'
-import {getStorageEvents, getTokenFromStorage} from './utils'
+import {createLoggedInAuthState, getStorageEvents, getTokenFromStorage} from './utils'
 
 export const subscribeToStorageEventsAndSetToken = ({
   state,
@@ -22,7 +22,7 @@ export const subscribeToStorageEventsAndSetToken = ({
   return tokenFromStorage$.subscribe((token) => {
     state.set('updateTokenFromStorageEvent', {
       authState: token
-        ? {type: AuthStateType.LOGGED_IN, token, currentUser: null}
+        ? createLoggedInAuthState(token, null)
         : {type: AuthStateType.LOGGED_OUT, isDestroyingSession: false},
     })
   })

package/src/auth/utils.ts

@@ -1,7 +1,40 @@
 import {type ClientError} from '@sanity/client'
+import {type CurrentUser} from '@sanity/types'
 import {EMPTY, fromEvent, Observable} from 'rxjs'
 
 import {AUTH_CODE_PARAM, DEFAULT_BASE} from './authConstants'
+import {AuthStateType} from './authStateType'
+import {type LoggedInAuthState} from './authStore'
+
+/**
+ * Creates a properly initialized {@link LoggedInAuthState}.
+ *
+ * For stamped tokens (containing `"-st"`), `lastTokenRefresh` is set to
+ * `Date.now()` so that the visibility-change handler in
+ * {@link refreshStampedToken} does not trigger an unnecessary refresh the
+ * first time the tab becomes visible.
+ *
+ * @param token - The auth token.
+ * @param currentUser - The current user, or `null` if not yet fetched.
+ * @param existingLastTokenRefresh - An existing timestamp to preserve
+ *   (e.g. when updating a token while keeping the previous refresh time).
+ * @internal
+ */
+export function createLoggedInAuthState(
+  token: string,
+  currentUser: CurrentUser | null,
+  existingLastTokenRefresh?: number,
+): LoggedInAuthState {
+  const isStampedToken = token.includes('-st')
+  const lastTokenRefresh = existingLastTokenRefresh ?? (isStampedToken ? Date.now() : undefined)
+
+  return {
+    type: AuthStateType.LOGGED_IN,
+    token,
+    currentUser,
+    ...(lastTokenRefresh !== undefined && {lastTokenRefresh}),
+  }
+}
 
 export function getAuthCode(callbackUrl: string | undefined, locationHref: string): string | null {
   const loc = new URL(locationHref, DEFAULT_BASE)

package/src/client/clientStore.test.ts

@@ -1,6 +1,6 @@
 import {createClient, type SanityClient} from '@sanity/client'
 import {Subject} from 'rxjs'
-import {beforeEach, describe, expect, it, vi} from 'vitest'
+import {afterEach, beforeEach, describe, expect, it, vi} from 'vitest'
 
 import {getAuthMethodState, getTokenState} from '../auth/authStore'
 import {createSanityInstance, type SanityInstance} from '../store/createSanityInstance'
@@ -33,10 +33,7 @@ beforeEach(() => {
   vi.mocked(createClient).mockImplementation(
     (clientConfig) => ({config: () => clientConfig}) as SanityClient,
   )
-  instance = createSanityInstance({
-    projectId: 'test-project',
-    dataset: 'test-dataset',
-  })
+  instance = createSanityInstance()
 })
 
 afterEach(() => {
@@ -45,29 +42,6 @@ afterEach(() => {
 
 describe('clientStore', () => {
   describe('getClient', () => {
-    it('should create a client with default configuration', () => {
-      const client = getClient(instance, {apiVersion: '2024-11-12'})
-
-      const defaultConfiguration = {
-        useCdn: false,
-        ignoreBrowserTokenWarning: true,
-        allowReconfigure: false,
-        requestTagPrefix: 'sanity.sdk',
-        projectId: 'test-project',
-        dataset: 'test-dataset',
-        token: 'initial-token',
-      }
-
-      expect(vi.mocked(createClient)).toHaveBeenCalledWith({
-        ...defaultConfiguration,
-        apiVersion: '2024-11-12',
-      })
-      expect(client.config()).toEqual({
-        ...defaultConfiguration,
-        apiVersion: '2024-11-12',
-      })
-    })
-
     it('should throw when using disallowed configuration keys', () => {
       expect(() =>
         getClient(instance, {
@@ -180,35 +154,13 @@ describe('clientStore', () => {
     it('should create client when source is provided', () => {
       const client = getClient(instance, {
         apiVersion: '2024-11-12',
-        source: {projectId: 'source-project', dataset: 'source-dataset'},
+        resource: {mediaLibraryId: 'media-lib-123'},
       })
 
       expect(vi.mocked(createClient)).toHaveBeenCalledWith(
         expect.objectContaining({
           'apiVersion': '2024-11-12',
-          '~experimental_resource': {type: 'dataset', id: 'source-project.source-dataset'},
-        }),
-      )
-      // Client should be projectless - no projectId/dataset in config
-      expect(client.config()).not.toHaveProperty('projectId')
-      expect(client.config()).not.toHaveProperty('dataset')
-      expect(client.config()).toEqual(
-        expect.objectContaining({
-          '~experimental_resource': {type: 'dataset', id: 'source-project.source-dataset'},
-        }),
-      )
-    })
-
-    it('should create resource when source has array sourceId and be projectless', () => {
-      const client = getClient(instance, {
-        apiVersion: '2024-11-12',
-        source: {mediaLibraryId: 'media-lib-123'},
-      })
-
-      expect(vi.mocked(createClient)).toHaveBeenCalledWith(
-        expect.objectContaining({
           '~experimental_resource': {type: 'media-library', id: 'media-lib-123'},
-          'apiVersion': '2024-11-12',
         }),
       )
       // Client should be projectless - no projectId/dataset in config
@@ -224,7 +176,7 @@ describe('clientStore', () => {
     it('should create resource when canvas source is provided and be projectless', () => {
       const client = getClient(instance, {
         apiVersion: '2024-11-12',
-        source: {canvasId: 'canvas-123'},
+        resource: {canvasId: 'canvas-123'},
       })
 
       expect(vi.mocked(createClient)).toHaveBeenCalledWith(
@@ -243,10 +195,11 @@ describe('clientStore', () => {
       )
     })
 
-    it('should create projectless client when source is provided, ignoring instance config', () => {
+    // skipped until we migrate to using source for project and dataset
+    it.skip('should create projectless client when source is provided, ignoring instance config', () => {
       const client = getClient(instance, {
         apiVersion: '2024-11-12',
-        source: {projectId: 'source-project', dataset: 'source-dataset'},
+        resource: {projectId: 'source-project', dataset: 'source-dataset'},
       })
 
       // Client should be projectless - source takes precedence, instance config is ignored
@@ -263,13 +216,13 @@ describe('clientStore', () => {
       const consoleSpy = vi.spyOn(console, 'warn').mockImplementation(() => {})
       const client = getClient(instance, {
         apiVersion: '2024-11-12',
-        source: {projectId: 'source-project', dataset: 'source-dataset'},
+        resource: {mediaLibraryId: 'media-lib-123'},
         projectId: 'explicit-project',
         dataset: 'explicit-dataset',
       })
 
       expect(consoleSpy).toHaveBeenCalledWith(
-        'Both source and explicit projectId/dataset are provided. The source will be used and projectId/dataset will be ignored.',
+        'Both resource and explicit projectId/dataset are provided. The resource will be used and projectId/dataset will be ignored.',
       )
       // Client should still be projectless despite explicit projectId/dataset
       expect(client.config()).not.toHaveProperty('projectId')
@@ -280,15 +233,15 @@ describe('clientStore', () => {
     it('should create different clients for different sources', () => {
       const client1 = getClient(instance, {
         apiVersion: '2024-11-12',
-        source: {projectId: 'source-project', dataset: 'source-dataset'},
+        resource: {projectId: 'source-project', dataset: 'source-dataset'},
       })
       const client2 = getClient(instance, {
         apiVersion: '2024-11-12',
-        source: {mediaLibraryId: 'media-lib-123'},
+        resource: {mediaLibraryId: 'media-lib-123'},
       })
       const client3 = getClient(instance, {
         apiVersion: '2024-11-12',
-        source: {canvasId: 'canvas-123'},
+        resource: {canvasId: 'canvas-123'},
       })
 
       expect(client1).not.toBe(client2)
@@ -300,11 +253,11 @@ describe('clientStore', () => {
     it('should reuse clients with identical source configurations', () => {
       const client1 = getClient(instance, {
         apiVersion: '2024-11-12',
-        source: {projectId: 'source-project', dataset: 'source-dataset'},
+        resource: {projectId: 'source-project', dataset: 'source-dataset'},
       })
       const client2 = getClient(instance, {
         apiVersion: '2024-11-12',
-        source: {projectId: 'source-project', dataset: 'source-dataset'},
+        resource: {projectId: 'source-project', dataset: 'source-dataset'},
       })
 
       expect(client1).toBe(client2)