@scalar/api-client 2.13.0 → 2.14.0

package/CHANGELOG.md

@@ -1,5 +1,29 @@
 # @scalar/api-client
 
+## 2.14.0
+
+### Minor Changes
+
+- [#7477](https://github.com/scalar/scalar/pull/7477) [`9ec8adf`](https://github.com/scalar/scalar/commit/9ec8adfea017333dee5bc3949104232f7dc57f4a) Thanks [@DemonHa](https://github.com/DemonHa)! - fix: correctly sort documents on the workspace
+
+### Patch Changes
+
+- [#7483](https://github.com/scalar/scalar/pull/7483) [`f446bbc`](https://github.com/scalar/scalar/commit/f446bbc0b8aec7fa7314603fd48471f06c1318d5) Thanks [@hanspagel](https://github.com/hanspagel)! - fix: can not use relative URLs in oauth security schemes
+
+- Updated dependencies [[`8842799`](https://github.com/scalar/scalar/commit/884279984b144082e85b699014e77ed71e9ae6a5), [`18a7bcd`](https://github.com/scalar/scalar/commit/18a7bcd8ad00f9f7ee09a562167593c7ed07e01d), [`18a7bcd`](https://github.com/scalar/scalar/commit/18a7bcd8ad00f9f7ee09a562167593c7ed07e01d), [`9ec8adf`](https://github.com/scalar/scalar/commit/9ec8adfea017333dee5bc3949104232f7dc57f4a), [`cc4de25`](https://github.com/scalar/scalar/commit/cc4de2587b36f0d169b01c1bf312ba91b67e3e0c)]:
+  - @scalar/workspace-store@0.22.1
+  - @scalar/use-codemirror@0.13.0
+  - @scalar/helpers@0.2.0
+  - @scalar/use-hooks@0.3.2
+  - @scalar/oas-utils@0.6.6
+  - @scalar/sidebar@0.5.1
+  - @scalar/components@0.16.6
+  - @scalar/import@0.4.37
+  - @scalar/json-magic@0.8.4
+  - @scalar/object-utils@1.2.14
+  - @scalar/postman-to-openapi@0.3.47
+  - @scalar/openapi-parser@0.23.5
+
 ## 2.13.0
 
 ### Minor Changes

package/dist/v2/blocks/scalar-auth-selector-block/helpers/oauth.d.ts

@@ -25,10 +25,10 @@ proxyUrl?: string) => Promise<ErrorResponse<string>>;
  * Makes the BE authorization call to grab the token server to server
  * Used for clientCredentials and authorizationCode
  */
-export declare const authorizeServers: (flows: NonImplicitFlow, type: keyof NonImplicitFlow, scopes: string, { code, pkce, proxyUrl, }?: {
+export declare const authorizeServers: (flows: NonImplicitFlow, type: keyof NonImplicitFlow, scopes: string, { code, pkce, proxyUrl, }: {
     code?: string;
     pkce?: PKCEState | null;
     proxyUrl?: string | undefined;
-}) => Promise<ErrorResponse<string>>;
+} | undefined, activeServer: ServerObject | undefined) => Promise<ErrorResponse<string>>;
 export {};
 //# sourceMappingURL=oauth.d.ts.map

package/dist/v2/blocks/scalar-auth-selector-block/helpers/oauth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../../../../src/v2/blocks/scalar-auth-selector-block/helpers/oauth.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,8DAA8D,CAAA;AAGlH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAElD,qDAAqD;AACrD,KAAK,eAAe,GAAG,IAAI,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAA;AAEzD,KAAK,SAAS,GAAG;IACf,YAAY,EAAE,MAAM,CAAA;IACpB,aAAa,EAAE,MAAM,CAAA;IACrB,mBAAmB,EAAE,MAAM,CAAA;CAC5B,CAAA;AAgBD;;GAEG;AACH,eAAO,MAAM,qBAAqB,GAAU,UAAU,MAAM,EAAE,UAAU,SAAS,GAAG,OAAO,KAAG,OAAO,CAAC,MAAM,CAkB3G,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,eAAe,GAC1B,OAAO,gBAAgB,EACvB,MAAM,MAAM,gBAAgB,EAC5B,gBAAgB,MAAM,EAAE;AACxB,wEAAwE;AACxE,cAAc,YAAY,GAAG,SAAS;AACtC,kCAAkC;AAClC,WAAW,MAAM,KAChB,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CAkK/B,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,gBAAgB,GAC3B,OAAO,eAAe,EACtB,MAAM,MAAM,eAAe,EAC3B,QAAQ,MAAM,EACd,4BAIG;IACD,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,IAAI,CAAC,EAAE,SAAS,GAAG,IAAI,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CACzB,KACL,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CA8F/B,CAAA"}
+{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../../../../src/v2/blocks/scalar-auth-selector-block/helpers/oauth.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,8DAA8D,CAAA;AAGlH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAElD,qDAAqD;AACrD,KAAK,eAAe,GAAG,IAAI,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAA;AAEzD,KAAK,SAAS,GAAG;IACf,YAAY,EAAE,MAAM,CAAA;IACpB,aAAa,EAAE,MAAM,CAAA;IACrB,mBAAmB,EAAE,MAAM,CAAA;CAC5B,CAAA;AAgBD;;GAEG;AACH,eAAO,MAAM,qBAAqB,GAAU,UAAU,MAAM,EAAE,UAAU,SAAS,GAAG,OAAO,KAAG,OAAO,CAAC,MAAM,CAkB3G,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,eAAe,GAC1B,OAAO,gBAAgB,EACvB,MAAM,MAAM,gBAAgB,EAC5B,gBAAgB,MAAM,EAAE;AACxB,wEAAwE;AACxE,cAAc,YAAY,GAAG,SAAS;AACtC,kCAAkC;AAClC,WAAW,MAAM,KAChB,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CAmL/B,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,gBAAgB,GAC3B,OAAO,eAAe,EACtB,MAAM,MAAM,eAAe,EAC3B,QAAQ,MAAM,EACd,2BAIG;IACD,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,IAAI,CAAC,EAAE,SAAS,GAAG,IAAI,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CAC9B,YAAK,EACN,cAAc,YAAY,GAAG,SAAS,KACrC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CA+F/B,CAAA"}

package/dist/v2/blocks/scalar-auth-selector-block/helpers/oauth.js

@@ -1,113 +1,128 @@
-import { shouldUseProxy as U } from "@scalar/oas-utils/helpers";
-import { encode as A, fromUint8Array as S } from "js-base64";
-const C = () => {
-  const a = new Uint8Array(32);
-  return crypto.getRandomValues(a), S(a, !0);
-}, E = async (a, t) => {
+import { makeUrlAbsolute as A } from "@scalar/helpers/url/make-url-absolute";
+import { shouldUseProxy as b } from "@scalar/oas-utils/helpers";
+import { encode as C, fromUint8Array as S } from "js-base64";
+const E = () => {
+  const r = new Uint8Array(32);
+  return crypto.getRandomValues(r), S(r, !0);
+}, z = async (r, t) => {
   if (t === "plain")
-    return a;
+    return r;
   if (typeof crypto?.subtle?.digest != "function")
-    return console.warn("SHA-256 is only supported when using https, using a plain text code challenge instead."), a;
-  const f = new TextEncoder().encode(a), h = await crypto.subtle.digest("SHA-256", f);
-  return S(new Uint8Array(h), !0);
-}, z = async (a, t, m, f, h) => {
-  const i = a[t];
+    return console.warn("SHA-256 is only supported when using https, using a plain text code challenge instead."), r;
+  const l = new TextEncoder().encode(r), w = await crypto.subtle.digest("SHA-256", l);
+  return S(new Uint8Array(w), !0);
+}, $ = async (r, t, p, l, w) => {
+  const d = r[t];
   try {
-    if (!i)
+    if (!d)
       return [new Error("Flow not found"), null];
-    const e = m.join(" ");
+    const f = p.join(" ");
     if (t === "clientCredentials" || t === "password")
-      return k(a, t, e, {
-        proxyUrl: h
-      });
-    const r = (Math.random() + 1).toString(36).substring(2, 10), c = new URL(a[t].authorizationUrl);
+      return U(
+        r,
+        t,
+        f,
+        {
+          proxyUrl: w
+        },
+        l
+      );
+    const e = (Math.random() + 1).toString(36).substring(2, 10), a = A(r[t].authorizationUrl, {
+      baseUrl: l?.url
+    }), n = new URL(a);
     let o = null;
     if (t === "implicit")
-      c.searchParams.set("response_type", "token");
+      n.searchParams.set("response_type", "token");
     else if (t === "authorizationCode") {
-      const s = a[t];
-      if (c.searchParams.set("response_type", "code"), s["x-usePkce"] !== "no") {
-        const n = C(), l = await E(n, s["x-usePkce"]);
+      const s = r[t];
+      if (n.searchParams.set("response_type", "code"), s["x-usePkce"] !== "no") {
+        const c = E(), i = await z(c, s["x-usePkce"]);
         o = {
-          codeVerifier: n,
-          codeChallenge: l,
+          codeVerifier: c,
+          codeChallenge: i,
           codeChallengeMethod: s["x-usePkce"] === "SHA-256" ? "S256" : "plain"
-        }, c.searchParams.set("code_challenge", l), c.searchParams.set("code_challenge_method", o.codeChallengeMethod);
+        }, n.searchParams.set("code_challenge", i), n.searchParams.set("code_challenge_method", o.codeChallengeMethod);
       }
     }
-    const w = a[t];
-    if (w["x-scalar-secret-redirect-uri"].startsWith("/")) {
-      const s = f?.url || window.location.origin + window.location.pathname, n = new URL(w["x-scalar-secret-redirect-uri"], s).toString();
-      c.searchParams.set("redirect_uri", n);
+    const m = r[t];
+    if (m["x-scalar-secret-redirect-uri"].startsWith("/")) {
+      const s = l?.url || window.location.origin + window.location.pathname, c = new URL(m["x-scalar-secret-redirect-uri"], s).toString();
+      n.searchParams.set("redirect_uri", c);
     } else
-      c.searchParams.set("redirect_uri", w["x-scalar-secret-redirect-uri"]);
-    i["x-scalar-security-query"] && Object.keys(i["x-scalar-security-query"]).forEach((s) => {
-      const n = i["x-scalar-security-query"]?.[s];
-      n && c.searchParams.set(s, n);
-    }), c.searchParams.set("client_id", i["x-scalar-secret-client-id"]), c.searchParams.set("state", r), e && c.searchParams.set("scope", e);
-    const d = window.open(c, "openAuth2Window", "left=100,top=100,width=800,height=600");
-    return d ? new Promise((s) => {
-      const n = setInterval(() => {
-        let l = null, g = null, x = null, p = null;
+      n.searchParams.set("redirect_uri", m["x-scalar-secret-redirect-uri"]);
+    d["x-scalar-security-query"] && Object.keys(d["x-scalar-security-query"]).forEach((s) => {
+      const c = d["x-scalar-security-query"]?.[s];
+      c && n.searchParams.set(s, c);
+    }), n.searchParams.set("client_id", d["x-scalar-secret-client-id"]), n.searchParams.set("state", e), f && n.searchParams.set("scope", f);
+    const u = window.open(n, "openAuth2Window", "left=100,top=100,width=800,height=600");
+    return u ? new Promise((s) => {
+      const c = setInterval(() => {
+        let i = null, g = null, x = null, P = null;
         try {
-          const u = new URL(d.location.href).searchParams, y = i["x-tokenName"] || "access_token";
-          l = u.get(y), g = u.get("code"), x = u.get("error"), p = u.get("error_description");
-          const _ = new URLSearchParams(d.location.href.split("#")[1]);
-          l ||= _.get(y), g ||= _.get("code"), x ||= _.get("error"), p ||= _.get("error_description");
+          const h = new URL(u.location.href).searchParams, k = d["x-tokenName"] || "access_token";
+          i = h.get(k), g = h.get("code"), x = h.get("error"), P = h.get("error_description");
+          const y = new URLSearchParams(u.location.href.split("#")[1]);
+          i ||= y.get(k), g ||= y.get("code"), x ||= y.get("error"), P ||= y.get("error_description");
         } catch {
         }
-        if (d.closed || l || g || x)
-          if (clearInterval(n), d.close(), x)
-            s([new Error(`OAuth error: ${x}${p ? ` (${p})` : ""}`), null]);
-          else if (l) {
-            const u = d.location.href.match(/state=([^&]*)/)?.[1];
-            s(u === r ? [null, l] : [new Error("State mismatch"), null]);
-          } else g && t === "authorizationCode" ? new URL(d.location.href).searchParams.get("state") === r ? k(a, t, e, {
-            code: g,
-            pkce: o,
-            proxyUrl: h
-          }).then(s) : s([new Error("State mismatch"), null]) : (clearInterval(n), s([new Error("Window was closed without granting authorization"), null]));
+        if (u.closed || i || g || x)
+          if (clearInterval(c), u.close(), x)
+            s([new Error(`OAuth error: ${x}${P ? ` (${P})` : ""}`), null]);
+          else if (i) {
+            const h = u.location.href.match(/state=([^&]*)/)?.[1];
+            s(h === e ? [null, i] : [new Error("State mismatch"), null]);
+          } else g && t === "authorizationCode" ? new URL(u.location.href).searchParams.get("state") === e ? U(
+            r,
+            t,
+            f,
+            {
+              code: g,
+              pkce: o,
+              proxyUrl: w
+            },
+            l
+          ).then(s) : s([new Error("State mismatch"), null]) : (clearInterval(c), s([new Error("Window was closed without granting authorization"), null]));
       }, 200);
     }) : [new Error("Failed to open auth window"), null];
   } catch {
     return [new Error("Failed to authorize oauth2 flow"), null];
   }
-}, k = async (a, t, m, {
-  code: f,
-  pkce: h,
-  proxyUrl: i
-} = {}) => {
-  const e = a[t];
+}, U = async (r, t, p, {
+  code: l,
+  pkce: w,
+  proxyUrl: d
+} = {}, f) => {
+  const e = r[t];
   if (!e)
     return [new Error("OAuth2 flow was not defined"), null];
-  const r = new URLSearchParams();
-  if (r.set("client_id", e["x-scalar-secret-client-id"]), m && (t === "clientCredentials" || t === "password") && r.set("scope", m), e["x-scalar-secret-client-secret"] && (!e["x-scalar-credentials-location"] || e["x-scalar-credentials-location"] === "body") && r.set("client_secret", e["x-scalar-secret-client-secret"]), "x-scalar-secret-redirect-uri" in e && e["x-scalar-secret-redirect-uri"] && r.set("redirect_uri", e["x-scalar-secret-redirect-uri"]), f)
-    r.set("code", f), r.set("grant_type", "authorization_code"), h && r.set("code_verifier", h.codeVerifier);
+  const a = new URLSearchParams();
+  if (a.set("client_id", e["x-scalar-secret-client-id"]), p && (t === "clientCredentials" || t === "password") && a.set("scope", p), e["x-scalar-secret-client-secret"] && (!e["x-scalar-credentials-location"] || e["x-scalar-credentials-location"] === "body") && a.set("client_secret", e["x-scalar-secret-client-secret"]), "x-scalar-secret-redirect-uri" in e && e["x-scalar-secret-redirect-uri"] && a.set("redirect_uri", e["x-scalar-secret-redirect-uri"]), l)
+    a.set("code", l), a.set("grant_type", "authorization_code"), w && a.set("code_verifier", w.codeVerifier);
   else if (t === "password") {
-    const o = a[t];
-    r.set("grant_type", "password"), r.set("username", o["x-scalar-secret-username"]), r.set("password", o["x-scalar-secret-password"]);
+    const o = r[t];
+    a.set("grant_type", "password"), a.set("username", o["x-scalar-secret-username"]), a.set("password", o["x-scalar-secret-password"]);
   } else
-    r.set("grant_type", "client_credentials");
-  e["x-scalar-security-body"] && Object.entries(e["x-scalar-security-body"]).forEach(([o, w]) => {
-    w && r.set(o, w);
+    a.set("grant_type", "client_credentials");
+  e["x-scalar-security-body"] && Object.entries(e["x-scalar-security-body"]).forEach(([o, m]) => {
+    m && a.set(o, m);
   });
   try {
     const o = {
       "Content-Type": "application/x-www-form-urlencoded"
     };
-    e["x-scalar-secret-client-secret"] && (!e["x-scalar-credentials-location"] || e["x-scalar-credentials-location"] === "header") && (o.Authorization = `Basic ${A(`${e["x-scalar-secret-client-id"]}:${e["x-scalar-secret-client-secret"]}`)}`);
-    const P = U(i, e.tokenUrl) ? `${i}?${new URLSearchParams([["scalar_url", e.tokenUrl]]).toString()}` : e.tokenUrl, s = await (await fetch(P, {
+    e["x-scalar-secret-client-secret"] && (!e["x-scalar-credentials-location"] || e["x-scalar-credentials-location"] === "header") && (o.Authorization = `Basic ${C(`${e["x-scalar-secret-client-id"]}:${e["x-scalar-secret-client-secret"]}`)}`);
+    const _ = A(e.tokenUrl, { baseUrl: f?.url }), u = b(d, _) ? `${d}?${new URLSearchParams([["scalar_url", _]]).toString()}` : _, c = await (await fetch(u, {
       method: "POST",
       headers: o,
-      body: r
-    })).json(), n = e["x-tokenName"] || "access_token";
-    return [null, s[n]];
+      body: a
+    })).json(), i = e["x-tokenName"] || "access_token";
+    return [null, c[i]];
   } catch {
     return [new Error("Failed to get an access token. Please check your credentials."), null];
   }
 };
 export {
-  z as authorizeOauth2,
-  k as authorizeServers,
-  E as generateCodeChallenge
+  $ as authorizeOauth2,
+  U as authorizeServers,
+  z as generateCodeChallenge
 };

package/dist/v2/features/operation/Operation.vue.js

@@ -40,7 +40,7 @@ const g = {
       method: e.method ?? "get"
     } : {
       type: "document"
-    }), i = "2.13.0", d = B();
+    }), i = "2.14.0", d = B();
     return (t, o) => t.path && t.method && t.exampleName && n.value ? (s(), h(u(R), {
       key: 0,
       appVersion: u(i),

package/dist/v2/helpers/drag-handle-factory.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"drag-handle-factory.d.ts","sourceRoot":"","sources":["../../../src/v2/helpers/drag-handle-factory.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAc,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC1F,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAA;AAIpE,OAAO,KAAK,EAEV,cAAc,EAGf,MAAM,4CAA4C,CAAA;AAGnD,OAAO,EAAE,KAAK,gBAAgB,EAAW,MAAM,KAAK,CAAA;AA+SpD;;;GAGG;AACH,eAAO,MAAM,iBAAiB,GAAI,kCAG/B;IACD,KAAK,EAAE,gBAAgB,CAAC,cAAc,GAAG,IAAI,CAAC,CAAA;IAC9C,YAAY,EAAE,YAAY,CAAC,cAAc,CAAC,CAAA;CAC3C;mCAKuC,YAAY,gBAAgB,WAAW,KAAG,OAAO;iCA2DnD,YAAY,gBAAgB,WAAW,KAAG,OAAO;CAwEtF,CAAA"}
+{"version":3,"file":"drag-handle-factory.d.ts","sourceRoot":"","sources":["../../../src/v2/helpers/drag-handle-factory.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAc,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC1F,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAA;AAIpE,OAAO,KAAK,EAEV,cAAc,EAGf,MAAM,4CAA4C,CAAA;AAGnD,OAAO,EAAE,KAAK,gBAAgB,EAAW,MAAM,KAAK,CAAA;AAiTpD;;;GAGG;AACH,eAAO,MAAM,iBAAiB,GAAI,kCAG/B;IACD,KAAK,EAAE,gBAAgB,CAAC,cAAc,GAAG,IAAI,CAAC,CAAA;IAC9C,YAAY,EAAE,YAAY,CAAC,cAAc,CAAC,CAAA;CAC3C;mCAKuC,YAAY,gBAAgB,WAAW,KAAG,OAAO;iCA2DnD,YAAY,gBAAgB,WAAW,KAAG,OAAO;CAwEtF,CAAA"}

package/dist/v2/helpers/drag-handle-factory.js

@@ -1,119 +1,120 @@
-import { dereference as B, escapeJsonPointer as k } from "@scalar/openapi-parser";
+import { sortByOrder as B } from "@scalar/helpers/array/sort-by-order";
+import { dereference as k, escapeJsonPointer as j } from "@scalar/openapi-parser";
 import { unpackProxyObject as x } from "@scalar/workspace-store/helpers/unpack-proxy";
-import { getParentEntry as p, getOpenapiObject as h } from "@scalar/workspace-store/navigation";
+import { getParentEntry as d, getOpenapiObject as h } from "@scalar/workspace-store/navigation";
 import { toValue as b } from "vue";
-import { removeCircular as j } from "./remove-circular.js";
-const P = (r, t, n, c) => {
+import { removeCircular as A } from "./remove-circular.js";
+const P = (r, t, n, a) => {
   if (t === -1 || n === -1 || t === n)
     return null;
-  const o = [...r], [s] = o.splice(t, 1);
-  if (s === void 0)
+  const o = [...r], [e] = o.splice(t, 1);
+  if (e === void 0)
     return null;
-  const u = A(t, n, c, o.length);
-  return o.splice(u, 0, s), x(o, { depth: 1 });
-}, A = (r, t, n, c) => {
+  const u = R(t, n, a, o.length);
+  return o.splice(u, 0, e), x(o, { depth: 1 });
+}, R = (r, t, n, a) => {
   const o = r < t;
-  return n === "after" ? o ? t : t + 1 : n === "before" ? o ? t - 1 : t : n === "into" ? c : t;
-}, y = (r, t) => t.includes(r.type), i = (r) => r.offset === "before" || r.offset === "after", m = (r) => r.offset === "into", l = (r, t) => !r.parent || !t.parent ? !1 : r.parent.id === t.parent.id, E = ({ store: r, entry: t }) => {
-  const n = p("document", t);
+  return n === "after" ? o ? t : t + 1 : n === "before" ? o ? t - 1 : t : n === "into" ? a : t;
+}, y = (r, t) => t.includes(r.type), p = (r) => r.offset === "before" || r.offset === "after", m = (r) => r.offset === "into", l = (r, t) => !r.parent || !t.parent ? !1 : r.parent.id === t.parent.id, O = ({ store: r, entry: t }) => {
+  const n = d("document", t);
   n && r.buildSidebar(n.name);
-}, R = (r, t) => r["x-scalar-order"] ?? t.children?.map((c) => c.id) ?? [], w = (r, t, n, c) => {
+}, M = (r, t) => r["x-scalar-order"] ?? t.children?.map((a) => a.id) ?? [], w = (r, t, n, a) => {
   const o = t.parent;
   if (!o || !y(o, ["tag", "document"]))
     return !1;
-  const s = h({ store: r, entry: o });
-  if (!s)
+  const e = h({ store: r, entry: o });
+  if (!e)
     return !1;
-  const u = R(s, o), e = u.findIndex((d) => d === t.id), a = u.findIndex((d) => d === n.id), f = P(u, e, a, c);
-  return f ? (s["x-scalar-order"] = f, E({ store: r, entry: o }), !0) : !1;
-}, M = (r, t, n) => {
-  const c = new Set(r.tags ?? []);
-  n && c.add(n.name), t && c.delete(t.name), r.tags = Array.from(c);
-}, T = (r, t, n, c) => {
-  r.paths?.[n.path]?.[n.method] && delete r.paths[n.path][n.method], t.paths ? (t.paths[n.path] || (t.paths[n.path] = {}), t.paths[n.path][n.method] = c) : t.paths = {
+  const u = M(e, o), s = u.findIndex((f) => f === t.id), c = u.findIndex((f) => f === n.id), i = P(u, s, c, a);
+  return i ? (e["x-scalar-order"] = i, O({ store: r, entry: o }), !0) : !1;
+}, T = (r, t, n) => {
+  const a = new Set(r.tags ?? []);
+  n && a.add(n.name), t && a.delete(t.name), r.tags = Array.from(a);
+}, $ = (r, t, n, a) => {
+  r.paths?.[n.path]?.[n.method] && delete r.paths[n.path][n.method], t.paths ? (t.paths[n.path] || (t.paths[n.path] = {}), t.paths[n.path][n.method] = a) : t.paths = {
     [n.path]: {
-      [n.method]: c
+      [n.method]: a
     }
   };
-}, $ = (r, t, n) => {
-  const o = B(r).schema.paths?.[t]?.[n];
-  return j(o, { prefix: `#/paths/${k(t)}/${n}` });
 }, C = (r, t, n) => {
-  const c = p("document", t), o = p("document", n);
-  if (!c || !o)
+  const o = k(r).schema.paths?.[t]?.[n];
+  return A(o, { prefix: `#/paths/${j(t)}/${n}` });
+}, F = (r, t, n) => {
+  const a = d("document", t), o = d("document", n);
+  if (!a || !o)
     return !1;
-  const s = h({ store: r, entry: c }), u = h({ store: r, entry: o });
-  if (!s || !u)
+  const e = h({ store: r, entry: a }), u = h({ store: r, entry: o });
+  if (!e || !u)
     return !1;
-  const e = $(
-    x(s),
+  const s = C(
+    x(e),
     t.path,
     t.method
   );
-  if (!e)
+  if (!s)
     return !1;
-  const a = p("tag", t) ?? null, f = p("tag", n) ?? null;
-  return M(e, a, f), T(s, u, t, e), E({ store: r, entry: t }), E({ store: r, entry: n }), !0;
-}, F = (r, t, n, c) => {
-  const o = r.workspace["x-scalar-order"] ?? Object.keys(r.workspace.documents), s = o.findIndex((a) => a === t.id), u = o.findIndex((a) => a === n.id), e = P(o, s, u, c);
-  return e ? (r.update("x-scalar-order", e), !0) : !1;
-}, q = ({
+  const c = d("tag", t) ?? null, i = d("tag", n) ?? null;
+  return T(s, c, i), $(e, u, t, s), O({ store: r, entry: t }), O({ store: r, entry: n }), !0;
+}, H = (r, t, n, a) => {
+  const o = r.workspace["x-scalar-order"] ?? [], e = Object.keys(r.workspace.documents), u = B(e, o, (f) => f), s = u.findIndex((f) => f === t.id), c = u.findIndex((f) => f === n.id), i = P(u, s, c, a);
+  return i ? (r.update("x-scalar-order", i), !0) : !1;
+}, G = ({
   store: r,
   sidebarState: t
 }) => ({
-  handleDragEnd: (o, s) => {
+  handleDragEnd: (o, e) => {
     const u = b(r);
     if (!u)
       return !1;
-    const e = t.getEntryById(o.id), a = t.getEntryById(s.id);
-    if (!e || !a)
+    const s = t.getEntryById(o.id), c = t.getEntryById(e.id);
+    if (!s || !c)
       return !1;
-    if (e.type === "document")
-      return a.type !== "document" || !i(s) ? !1 : F(u, e, a, s.offset);
-    if (e.type === "tag")
-      return a.type !== "tag" || !i(s) || !l(e, a) ? !1 : w(
+    if (s.type === "document")
+      return c.type !== "document" || !p(e) ? !1 : H(u, s, c, e.offset);
+    if (s.type === "tag")
+      return c.type !== "tag" || !p(e) || !l(s, c) ? !1 : w(
         u,
-        e,
-        a,
-        s.offset
+        s,
+        c,
+        e.offset
       );
-    if (e.type === "operation") {
-      if (i(s) && l(e, a))
+    if (s.type === "operation") {
+      if (p(e) && l(s, c))
         return w(
           u,
-          e,
-          a,
-          s.offset
+          s,
+          c,
+          e.offset
         );
-      if (y(a, ["tag", "document"]) && m(s))
-        return C(u, e, a);
+      if (y(c, ["tag", "document"]) && m(e))
+        return F(u, s, c);
     }
     return !1;
   },
-  isDroppable: (o, s) => {
+  isDroppable: (o, e) => {
     const u = b(r);
     if (!u)
       return !1;
-    const e = t.getEntryById(o.id), a = t.getEntryById(s.id);
-    if (!e || !a || e.type === "example")
+    const s = t.getEntryById(o.id), c = t.getEntryById(e.id);
+    if (!s || !c || s.type === "example")
       return !1;
-    if (e.type === "document")
-      return a.type === "document" && i(s);
-    if (e.type === "tag")
-      return i(s) && l(e, a);
-    if (e.type === "operation") {
-      const f = p("document", a), d = p("document", e);
-      if (!f || !d)
+    if (s.type === "document")
+      return c.type === "document" && p(e);
+    if (s.type === "tag")
+      return p(e) && l(s, c);
+    if (s.type === "operation") {
+      const i = d("document", c), f = d("document", s);
+      if (!i || !f)
         return !1;
-      const O = h({ store: u, entry: f });
-      if (!O)
+      const E = h({ store: u, entry: i });
+      if (!E)
         return !1;
-      const D = l(e, a);
-      return i(s) && !D ? !1 : D ? i(s) || m(s) && y(a, ["tag", "document"]) : m(s) && y(a, ["tag", "document"]) && (d.id === f.id || O.paths?.[e.path]?.[e.method] === void 0);
+      const D = l(s, c);
+      return p(e) && !D ? !1 : D ? p(e) || m(e) && y(c, ["tag", "document"]) : m(e) && y(c, ["tag", "document"]) && (f.id === i.id || E.paths?.[s.path]?.[s.method] === void 0);
     }
     return !1;
   }
 });
 export {
-  q as dragHandleFactory
+  G as dragHandleFactory
 };

package/dist/v2/hooks/use-sidebar-state.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"use-sidebar-state.d.ts","sourceRoot":"","sources":["../../../src/v2/hooks/use-sidebar-state.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,EAAE,kBAAkB,EAAwB,MAAM,iBAAiB,CAAA;AAC1E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAA;AAEpE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,4CAA4C,CAAA;AAChF,OAAO,EAAE,KAAK,gBAAgB,EAA4B,MAAM,KAAK,CAAA;AAGrE,MAAM,MAAM,qBAAqB,GAAG;IAClC,gBAAgB,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,IAAI,CAAA;IACtC,KAAK,EAAE,UAAU,CAAC,OAAO,kBAAkB,CAAC,cAAc,CAAC,CAAC,CAAA;IAC5D,kBAAkB,EAAE,CAAC,QAAQ,EAAE;QAC7B,QAAQ,EAAE,MAAM,CAAA;QAChB,IAAI,CAAC,EAAE,MAAM,CAAA;QACb,MAAM,CAAC,EAAE,UAAU,CAAA;QACnB,OAAO,CAAC,EAAE,MAAM,CAAA;KACjB,KAAK,cAAc,GAAG,SAAS,CAAA;CACjC,CAAA;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,eAAe,GAAI,8DAM7B;IACD,cAAc,EAAE,gBAAgB,CAAC,cAAc,GAAG,IAAI,CAAC,CAAA;IACvD,aAAa,EAAE,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAC,CAAA;IACnD,YAAY,EAAE,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAC,CAAA;IAClD,IAAI,EAAE,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAC,CAAA;IAC1C,MAAM,EAAE,gBAAgB,CAAC,UAAU,GAAG,SAAS,CAAC,CAAA;IAChD,WAAW,EAAE,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAC,CAAA;CAClD,KAAG,qBAoOH,CAAA"}
+{"version":3,"file":"use-sidebar-state.d.ts","sourceRoot":"","sources":["../../../src/v2/hooks/use-sidebar-state.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,EAAE,kBAAkB,EAAwB,MAAM,iBAAiB,CAAA;AAC1E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAA;AAEpE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,4CAA4C,CAAA;AAChF,OAAO,EAAE,KAAK,gBAAgB,EAA4B,MAAM,KAAK,CAAA;AAGrE,MAAM,MAAM,qBAAqB,GAAG;IAClC,gBAAgB,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,IAAI,CAAA;IACtC,KAAK,EAAE,UAAU,CAAC,OAAO,kBAAkB,CAAC,cAAc,CAAC,CAAC,CAAA;IAC5D,kBAAkB,EAAE,CAAC,QAAQ,EAAE;QAC7B,QAAQ,EAAE,MAAM,CAAA;QAChB,IAAI,CAAC,EAAE,MAAM,CAAA;QACb,MAAM,CAAC,EAAE,UAAU,CAAA;QACnB,OAAO,CAAC,EAAE,MAAM,CAAA;KACjB,KAAK,cAAc,GAAG,SAAS,CAAA;CACjC,CAAA;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,eAAe,GAAI,8DAM7B;IACD,cAAc,EAAE,gBAAgB,CAAC,cAAc,GAAG,IAAI,CAAC,CAAA;IACvD,aAAa,EAAE,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAC,CAAA;IACnD,YAAY,EAAE,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAC,CAAA;IAClD,IAAI,EAAE,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAC,CAAA;IAC1C,MAAM,EAAE,gBAAgB,CAAC,UAAU,GAAG,SAAS,CAAC,CAAA;IAChD,WAAW,EAAE,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAC,CAAA;CAClD,KAAG,qBAoOH,CAAA"}

package/dist/v2/hooks/use-sidebar-state.js

@@ -1,19 +1,23 @@
 import { isDefined as h } from "@scalar/helpers/array/is-defined";
-import { createSidebarState as w, generateReverseIndex as b } from "@scalar/sidebar";
-import { getParentEntry as a } from "@scalar/workspace-store/navigation";
+import { sortByOrder as w } from "@scalar/helpers/array/sort-by-order";
+import { createSidebarState as b, generateReverseIndex as k } from "@scalar/sidebar";
+import { getParentEntry as o } from "@scalar/workspace-store/navigation";
 import { computed as x, toValue as c, watch as f } from "vue";
-import { useRouter as R } from "vue-router";
-const U = ({
+import { useRouter as O } from "vue-router";
+const W = ({
   workspaceStore: d,
   documentSlug: y,
   path: E,
   method: S,
   exampleName: g
 }) => {
-  const m = R(), u = x(() => {
+  const m = O(), u = x(() => {
     const e = c(d);
-    return e ? (e.workspace["x-scalar-order"] ?? Object.keys(e.workspace.documents)).map((r) => e.workspace.documents[r]?.["x-scalar-navigation"]).filter(h) : [];
-  }), n = w(u);
+    if (!e)
+      return [];
+    const t = e.workspace["x-scalar-order"] ?? Object.keys(e.workspace.documents);
+    return w(Object.keys(e.workspace.documents), t, (r) => r).map((r) => e.workspace.documents[r]?.["x-scalar-navigation"]).filter(h);
+  }), n = b(u);
   f(
     () => c(d),
     () => {
@@ -27,14 +31,14 @@ const U = ({
     document: e,
     path: t,
     method: r,
-    example: o
-  }) => JSON.stringify([e, t, r, o].filter(h)), i = x(
-    () => b({
+    example: a
+  }) => JSON.stringify([e, t, r, a].filter(h)), i = x(
+    () => k({
       items: u.value,
       nestedKey: "children",
       filter: (e) => e.type === "document" || e.type === "operation" || e.type === "example",
       getId: (e) => {
-        const t = a("document", e), r = a("operation", e);
+        const t = o("document", e), r = o("operation", e);
         return p({
           document: t?.name ?? "",
           path: r?.path,
@@ -68,11 +72,11 @@ const U = ({
         n.setExpanded(e, !n.isExpanded(e));
         return;
       }
-      const r = t.children?.find((o) => o.type === "example");
+      const r = t.children?.find((a) => a.type === "example");
       return r ? (n.setSelected(r.id), n.setExpanded(r.id, !0)) : n.setSelected(e), m.push({
         name: "example",
         params: {
-          documentSlug: a("document", t)?.name,
+          documentSlug: o("document", t)?.name,
           pathEncoded: encodeURIComponent(t.path),
           method: t.method,
           exampleName: r?.name ?? "default"
@@ -81,11 +85,11 @@ const U = ({
     }
     if (t.type === "example") {
       n.setSelected(e), n.setExpanded(e, !0);
-      const r = a("operation", t);
+      const r = o("operation", t);
       return m.push({
         name: "example",
         params: {
-          documentSlug: a("document", t)?.name,
+          documentSlug: o("document", t)?.name,
           pathEncoded: encodeURIComponent(r?.path ?? ""),
           method: r?.method,
           exampleName: t.name
@@ -96,14 +100,14 @@ const U = ({
       return m.push({
         name: "document.overview",
         params: {
-          documentSlug: a("document", t)?.name
+          documentSlug: o("document", t)?.name
         }
       });
     n.setExpanded(e, !n.isExpanded(e));
   };
   return f(
     [() => c(d), y, E, S, g],
-    ([e, t, r, o, I]) => {
+    ([e, t, r, a, I]) => {
       if (!t) {
         n.setSelected(null);
         return;
@@ -111,7 +115,7 @@ const U = ({
       const s = l({
         document: t,
         path: r,
-        method: o,
+        method: a,
         example: I
       });
       s && (n.setSelected(s.id), n.setExpanded(s.id, !0));
@@ -126,5 +130,5 @@ const U = ({
   };
 };
 export {
-  U as useSidebarState
+  W as useSidebarState
 };

package/dist/views/Request/ResponseSection/ResponseEmpty.vue2.js

@@ -33,7 +33,7 @@ const W = { class: "flex-center relative flex flex-1 flex-col gap-6 p-2 capitali
       }));
     }, f = (o) => {
       o?.createNew && g.name === "request" && d();
-    }, v = "2.13.0";
+    }, v = "2.14.0";
     return q(() => a.hotKeys.on(f)), R(() => a.hotKeys.off(f)), (o, e) => (i(), l("div", W, [
       s("div", {
         class: y(["flex h-[calc(100%_-_50px)] flex-col items-center justify-center", {

package/dist/views/Request/libs/oauth2.d.ts

@@ -27,10 +27,10 @@ proxyUrl?: string) => Promise<ErrorResponse<string>>;
  * Makes the BE authorization call to grab the token server to server
  * Used for clientCredentials and authorizationCode
  */
-export declare const authorizeServers: (flow: NonImplicitFlow, scopes: string, { code, pkce, proxyUrl, }?: {
+export declare const authorizeServers: (flow: NonImplicitFlow, scopes: string, { code, pkce, proxyUrl, }: {
     code?: string;
     pkce?: PKCEState | null;
     proxyUrl?: string | undefined;
-}) => Promise<ErrorResponse<string>>;
+} | undefined, activeServer: Server | undefined) => Promise<ErrorResponse<string>>;
 export {};
 //# sourceMappingURL=oauth2.d.ts.map

package/dist/views/Request/libs/oauth2.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth2.d.ts","sourceRoot":"","sources":["../../../../src/views/Request/libs/oauth2.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,iCAAiC,CAAA;AAIzE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAElD,qDAAqD;AACrD,KAAK,eAAe,GAAG,OAAO,CAAC,UAAU,EAAE;IAAE,IAAI,EAAE,UAAU,CAAA;CAAE,CAAC,CAAA;AAEhE,KAAK,SAAS,GAAG;IACf,YAAY,EAAE,MAAM,CAAA;IACpB,aAAa,EAAE,MAAM,CAAA;IACrB,mBAAmB,EAAE,MAAM,CAAA;CAC5B,CAAA;AAgBD;;GAEG;AACH,eAAO,MAAM,qBAAqB,GAAU,UAAU,MAAM,EAAE,UAAU,SAAS,GAAG,OAAO,KAAG,OAAO,CAAC,MAAM,CAkB3G,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,eAAe,GAC1B,MAAM,UAAU;AAChB,wEAAwE;AACxE,cAAc,MAAM;AACpB,kCAAkC;AAClC,WAAW,MAAM,KAChB,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CA+J/B,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,gBAAgB,GAC3B,MAAM,eAAe,EACrB,QAAQ,MAAM,EACd,4BAIG;IACD,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,IAAI,CAAC,EAAE,SAAS,GAAG,IAAI,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CACzB,KACL,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CA0F/B,CAAA"}
+{"version":3,"file":"oauth2.d.ts","sourceRoot":"","sources":["../../../../src/views/Request/libs/oauth2.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,iCAAiC,CAAA;AAIzE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAElD,qDAAqD;AACrD,KAAK,eAAe,GAAG,OAAO,CAAC,UAAU,EAAE;IAAE,IAAI,EAAE,UAAU,CAAA;CAAE,CAAC,CAAA;AAEhE,KAAK,SAAS,GAAG;IACf,YAAY,EAAE,MAAM,CAAA;IACpB,aAAa,EAAE,MAAM,CAAA;IACrB,mBAAmB,EAAE,MAAM,CAAA;CAC5B,CAAA;AAgBD;;GAEG;AACH,eAAO,MAAM,qBAAqB,GAAU,UAAU,MAAM,EAAE,UAAU,SAAS,GAAG,OAAO,KAAG,OAAO,CAAC,MAAM,CAkB3G,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,eAAe,GAC1B,MAAM,UAAU;AAChB,wEAAwE;AACxE,cAAc,MAAM;AACpB,kCAAkC;AAClC,WAAW,MAAM,KAChB,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CA4K/B,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,gBAAgB,GAC3B,MAAM,eAAe,EACrB,QAAQ,MAAM,EACd,2BAIG;IACD,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,IAAI,CAAC,EAAE,SAAS,GAAG,IAAI,CAAA;IACvB,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CAC9B,YAAK,EACN,cAAc,MAAM,GAAG,SAAS,KAC/B,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CA2F/B,CAAA"}

package/dist/views/Request/libs/oauth2.js

@@ -1,100 +1,113 @@
-import { shouldUseProxy as S } from "@scalar/oas-utils/helpers";
-import { fromUint8Array as P, encode as k } from "js-base64";
-const w = () => {
+import { makeUrlAbsolute as x } from "@scalar/helpers/url/make-url-absolute";
+import { shouldUseProxy as U } from "@scalar/oas-utils/helpers";
+import { fromUint8Array as S, encode as w } from "js-base64";
+const A = () => {
   const e = new Uint8Array(32);
-  return crypto.getRandomValues(e), P(e, !0);
-}, U = async (e, l) => {
-  if (l === "plain")
+  return crypto.getRandomValues(e), S(e, !0);
+}, b = async (e, c) => {
+  if (c === "plain")
     return e;
   if (typeof crypto?.subtle?.digest != "function")
     return console.warn("SHA-256 is only supported when using https, using a plain text code challenge instead."), e;
-  const n = new TextEncoder().encode(e), c = await crypto.subtle.digest("SHA-256", n);
-  return P(new Uint8Array(c), !0);
-}, b = async (e, l, u) => {
+  const n = new TextEncoder().encode(e), o = await crypto.subtle.digest("SHA-256", n);
+  return S(new Uint8Array(o), !0);
+}, T = async (e, c, u) => {
   try {
     if (!e)
       return [new Error("Flow not found"), null];
     const n = e.selectedScopes.join(" ");
     if (e.type === "clientCredentials" || e.type === "password")
-      return x(e, n, {
-        proxyUrl: u
-      });
-    const c = (Math.random() + 1).toString(36).substring(2, 10), t = new URL(e.authorizationUrl);
-    let m = null;
+      return k(
+        e,
+        n,
+        {
+          proxyUrl: u
+        },
+        c
+      );
+    const o = (Math.random() + 1).toString(36).substring(2, 10), _ = x(e.authorizationUrl, {
+      baseUrl: c?.url
+    }), t = new URL(_);
+    let y = null;
     if (e.type === "implicit")
       t.searchParams.set("response_type", "token");
     else if (e.type === "authorizationCode" && (t.searchParams.set("response_type", "code"), e["x-usePkce"] !== "no")) {
-      const r = w(), s = await U(r, e["x-usePkce"]);
-      m = {
+      const r = A(), a = await b(r, e["x-usePkce"]);
+      y = {
         codeVerifier: r,
-        codeChallenge: s,
+        codeChallenge: a,
         codeChallengeMethod: e["x-usePkce"] === "SHA-256" ? "S256" : "plain"
-      }, t.searchParams.set("code_challenge", s), t.searchParams.set("code_challenge_method", m.codeChallengeMethod);
+      }, t.searchParams.set("code_challenge", a), t.searchParams.set("code_challenge_method", y.codeChallengeMethod);
     }
     if (e["x-scalar-redirect-uri"].startsWith("/")) {
-      const r = l.url || window.location.origin + window.location.pathname, s = new URL(e["x-scalar-redirect-uri"], r).toString();
-      t.searchParams.set("redirect_uri", s);
+      const r = c?.url || window.location.origin + window.location.pathname, a = x(e["x-scalar-redirect-uri"], { baseUrl: r });
+      t.searchParams.set("redirect_uri", a);
     } else
       t.searchParams.set("redirect_uri", e["x-scalar-redirect-uri"]);
     e["x-scalar-security-query"] && Object.keys(e["x-scalar-security-query"]).forEach((r) => {
-      const s = e["x-scalar-security-query"]?.[r];
-      s && t.searchParams.set(r, s);
-    }), t.searchParams.set("client_id", e["x-scalar-client-id"]), t.searchParams.set("state", c), n && t.searchParams.set("scope", n);
-    const a = window.open(t, "openAuth2Window", "left=100,top=100,width=800,height=600");
-    return a ? new Promise((r) => {
-      const s = setInterval(() => {
-        let o = null, d = null, h = null, y = null;
+      const a = e["x-scalar-security-query"]?.[r];
+      a && t.searchParams.set(r, a);
+    }), t.searchParams.set("client_id", e["x-scalar-client-id"]), t.searchParams.set("state", o), n && t.searchParams.set("scope", n);
+    const s = window.open(t, "openAuth2Window", "left=100,top=100,width=800,height=600");
+    return s ? new Promise((r) => {
+      const a = setInterval(() => {
+        let h = null, l = null, d = null, m = null;
         try {
-          const i = new URL(a.location.href).searchParams, _ = e["x-tokenName"] || "access_token";
-          o = i.get(_), d = i.get("code"), h = i.get("error"), y = i.get("error_description");
-          const g = new URLSearchParams(a.location.href.split("#")[1]);
-          o ||= g.get(_), d ||= g.get("code"), h ||= g.get("error"), y ||= g.get("error_description");
+          const i = new URL(s.location.href).searchParams, P = e["x-tokenName"] || "access_token";
+          h = i.get(P), l = i.get("code"), d = i.get("error"), m = i.get("error_description");
+          const g = new URLSearchParams(s.location.href.split("#")[1]);
+          h ||= g.get(P), l ||= g.get("code"), d ||= g.get("error"), m ||= g.get("error_description");
         } catch {
         }
-        if (a.closed || o || d || h)
-          if (clearInterval(s), a.close(), h)
-            r([new Error(`OAuth error: ${h}${y ? ` (${y})` : ""}`), null]);
-          else if (o) {
-            const i = a.location.href.match(/state=([^&]*)/)?.[1];
-            r(i === c ? [null, o] : [new Error("State mismatch"), null]);
-          } else d ? new URL(a.location.href).searchParams.get("state") === c ? x(e, n, {
-            code: d,
-            pkce: m,
-            proxyUrl: u
-          }).then(r) : r([new Error("State mismatch"), null]) : (clearInterval(s), r([new Error("Window was closed without granting authorization"), null]));
+        if (s.closed || h || l || d)
+          if (clearInterval(a), s.close(), d)
+            r([new Error(`OAuth error: ${d}${m ? ` (${m})` : ""}`), null]);
+          else if (h) {
+            const i = s.location.href.match(/state=([^&]*)/)?.[1];
+            r(i === o ? [null, h] : [new Error("State mismatch"), null]);
+          } else l ? new URL(s.location.href).searchParams.get("state") === o ? k(
+            e,
+            n,
+            {
+              code: l,
+              pkce: y,
+              proxyUrl: u
+            },
+            c
+          ).then(r) : r([new Error("State mismatch"), null]) : (clearInterval(a), r([new Error("Window was closed without granting authorization"), null]));
       }, 200);
     }) : [new Error("Failed to open auth window"), null];
   } catch {
     return [new Error("Failed to authorize oauth2 flow"), null];
   }
-}, x = async (e, l, {
+}, k = async (e, c, {
   code: u,
   pkce: n,
-  proxyUrl: c
-} = {}) => {
+  proxyUrl: o
+} = {}, _) => {
   if (!e)
     return [new Error("OAuth2 flow was not defined"), null];
   const t = new URLSearchParams();
-  t.set("client_id", e["x-scalar-client-id"]), l && (e.type === "clientCredentials" || e.type === "password") && t.set("scope", l), e.clientSecret && (!e["x-scalar-credentials-location"] || e["x-scalar-credentials-location"] === "body") && t.set("client_secret", e.clientSecret), "x-scalar-redirect-uri" in e && e["x-scalar-redirect-uri"] && t.set("redirect_uri", e["x-scalar-redirect-uri"]), u ? (t.set("code", u), t.set("grant_type", "authorization_code"), n && t.set("code_verifier", n.codeVerifier)) : e.type === "password" ? (t.set("grant_type", "password"), t.set("username", e.username), t.set("password", e.password)) : t.set("grant_type", "client_credentials"), e["x-scalar-security-body"] && Object.entries(e["x-scalar-security-body"]).forEach(([p, a]) => {
-    a && t.set(p, a);
+  t.set("client_id", e["x-scalar-client-id"]), c && (e.type === "clientCredentials" || e.type === "password") && t.set("scope", c), e.clientSecret && (!e["x-scalar-credentials-location"] || e["x-scalar-credentials-location"] === "body") && t.set("client_secret", e.clientSecret), "x-scalar-redirect-uri" in e && e["x-scalar-redirect-uri"] && t.set("redirect_uri", e["x-scalar-redirect-uri"]), u ? (t.set("code", u), t.set("grant_type", "authorization_code"), n && t.set("code_verifier", n.codeVerifier)) : e.type === "password" ? (t.set("grant_type", "password"), t.set("username", e.username), t.set("password", e.password)) : t.set("grant_type", "client_credentials"), e["x-scalar-security-body"] && Object.entries(e["x-scalar-security-body"]).forEach(([p, s]) => {
+    s && t.set(p, s);
   });
   try {
     const p = {
       "Content-Type": "application/x-www-form-urlencoded"
     };
-    e.clientSecret && (!e["x-scalar-credentials-location"] || e["x-scalar-credentials-location"] === "header") && (p.Authorization = `Basic ${k(`${e["x-scalar-client-id"]}:${e.clientSecret}`)}`);
-    const r = S(c, e.tokenUrl) ? `${c}?${new URLSearchParams([["scalar_url", e.tokenUrl]]).toString()}` : e.tokenUrl, o = await (await fetch(r, {
+    e.clientSecret && (!e["x-scalar-credentials-location"] || e["x-scalar-credentials-location"] === "header") && (p.Authorization = `Basic ${w(`${e["x-scalar-client-id"]}:${e.clientSecret}`)}`);
+    const r = x(e.tokenUrl, { baseUrl: _?.url }), a = U(o, r) ? `${o}?${new URLSearchParams([["scalar_url", r]]).toString()}` : r, l = await (await fetch(a, {
       method: "POST",
       headers: p,
       body: t
     })).json(), d = e["x-tokenName"] || "access_token";
-    return [null, o[d]];
+    return [null, l[d]];
   } catch {
     return [new Error("Failed to get an access token. Please check your credentials."), null];
   }
 };
 export {
-  b as authorizeOauth2,
-  x as authorizeServers,
-  U as generateCodeChallenge
+  T as authorizeOauth2,
+  k as authorizeServers,
+  b as generateCodeChallenge
 };

package/package.json

@@ -18,7 +18,7 @@
     "rest",
     "testing"
   ],
-  "version": "2.13.0",
+  "version": "2.14.0",
   "engines": {
     "node": ">=20"
   },
@@ -321,26 +321,26 @@
     "whatwg-mimetype": "^4.0.0",
     "yaml": "2.8.0",
     "zod": "4.1.11",
-    "@scalar/components": "0.16.5",
-    "@scalar/draggable": "0.3.0",
     "@scalar/analytics-client": "1.0.0",
-    "@scalar/helpers": "0.1.3",
+    "@scalar/draggable": "0.3.0",
+    "@scalar/helpers": "0.2.0",
+    "@scalar/components": "0.16.6",
     "@scalar/icons": "0.5.0",
-    "@scalar/import": "0.4.36",
-    "@scalar/oas-utils": "0.6.5",
-    "@scalar/object-utils": "1.2.13",
-    "@scalar/json-magic": "0.8.3",
-    "@scalar/openapi-parser": "0.23.4",
+    "@scalar/import": "0.4.37",
+    "@scalar/json-magic": "0.8.4",
+    "@scalar/object-utils": "1.2.14",
     "@scalar/openapi-types": "0.5.2",
-    "@scalar/postman-to-openapi": "0.3.46",
-    "@scalar/sidebar": "0.5.0",
+    "@scalar/oas-utils": "0.6.6",
+    "@scalar/openapi-parser": "0.23.5",
+    "@scalar/postman-to-openapi": "0.3.47",
+    "@scalar/sidebar": "0.5.1",
     "@scalar/snippetz": "0.5.4",
     "@scalar/types": "0.5.1",
     "@scalar/themes": "0.13.25",
-    "@scalar/use-codemirror": "0.12.49",
-    "@scalar/use-hooks": "0.3.1",
+    "@scalar/use-hooks": "0.3.2",
     "@scalar/use-toasts": "0.9.1",
-    "@scalar/workspace-store": "0.22.0"
+    "@scalar/workspace-store": "0.22.1",
+    "@scalar/use-codemirror": "0.13.0"
   },
   "devDependencies": {
     "@tailwindcss/vite": "^4.1.7",
@@ -355,8 +355,8 @@
     "vite": "7.1.11",
     "vite-svg-loader": "5.1.0",
     "vitest": "3.2.4",
-    "@scalar/build-tooling": "0.3.1",
-    "@scalar/galaxy": "0.5.12"
+    "@scalar/galaxy": "0.5.12",
+    "@scalar/build-tooling": "0.3.1"
   },
   "scripts": {
     "build": "scalar-build-vite",