@schibsted/account-sdk-browser 5.2.7 → 6.0.0-alpha.2

package/README.md

@@ -24,14 +24,11 @@ For example if your `pre` domain is pre.sdk-example.com, and it uses id.pre.sdk-
 domain, your local domain should be local.sdk-example.com.
 
 1. Do `npm install --save @schibsted/account-sdk-browser`
-1. Use this library as you would any other npm module: `import { Identity, Monetization, Payment } from '@schibsted/account-sdk-browser'`
-   With CommonJS it is possible to `require` the modules Identity, Monetization and Payment
-   by appending `/identity`, `/monetization'` or `/payment'`.
-1. Build your site as you prefer. This library uses modern JavaScript syntax (including async/await
-   and other ES2017 and WHATWG features) by default. We recommend that you do any transpilation
-   yourself for the browser versions you need to cater to. See [this paragraph](#polyfills) for
-   info about our Babel-ified version and info about polyfills.
-1. Initiate the SDK and provide at least `clientId`, `env` and `sessionDomain`.
+2. Use this library as you would any other npm module: `import { Identity, Monetization } from '@schibsted/account-sdk-browser'`.
+3. Build your site as you prefer. This library is published as ES modules and uses modern JavaScript
+   syntax (including async/await and other ES2017 and WHATWG features). We recommend that you do
+   any transpilation yourself for the browser versions you need to cater to. We do not add polyfills.
+4. Initiate the SDK and provide at least `clientId`, `env` and `sessionDomain`.
 
 If this is for a new site and there is no sessionDomain yet, contact
 [support](mailto:schibstedaccount@schibsted.com) to initiate the process.
@@ -44,8 +41,8 @@ Follow the [migration guide](./MIGRATION.md).
 
 1. Ensure that your site has no site specific terms and conditions in the Schibsted account login flow.
 1. Define rules for when and how often the simplified login prompt should be shown to unique users on your site. How you do this is up to you, but we recommend starting with showing the prompt once per user before potentially increasing this frequency over time.
-1. Set up a function to check if users landing on your domain [is logged in](https://schibsted.github.io/account-sdk-browser/Identity.html#isLoggedIn) to your site.
-1. If the user is not logged-in to your site, call the [showSimplifiedLoginWidget](https://schibsted.github.io/account-sdk-browser/Identity.html#showSimplifiedLoginWidget) function. The `showSimplifiedLoginWidget` accepts the same params as login function (`state` is required, it might be string or async function). If the simplified login prompt is to be loaded, `showSimplifiedLoginWidget` will return `true`.
+1. Set up a function to check if users landing on your domain [is logged in](https://schibsted.github.io/account-sdk-browser/classes/Identity.html#isloggedin) to your site.
+1. If the user is not logged-in to your site, call the [showSimplifiedLoginWidget](https://schibsted.github.io/account-sdk-browser/classes/Identity.html#showsimplifiedloginwidget) function. The `showSimplifiedLoginWidget` accepts the same params as login function (`state` is required, it might be string or async function). If the simplified login prompt is to be loaded, `showSimplifiedLoginWidget` will return `true`.
 1. Set up a way to store information about which users have been shown the simplified login prompt. How you do this is up to you, but one way is to use localStorage. Use this information to execute on the rules defined in #2.
 
 ## Example project
@@ -69,7 +66,7 @@ This allows you to call Schibsted Account APIs on behalf of that user.
 ## Events
 
 The SDK fires events on the instances when something we deem interesting is happening. For example the
-[Identity](https://schibsted.github.io/account-sdk-browser/Identity.html) class
+[Identity](https://schibsted.github.io/account-sdk-browser/classes/Identity.html) class
 emits some events when the user is logged in or logged out. This SDK uses a familar interface that's
 very similar to Node's [EventEmitter](https://nodejs.org/api/events.html). The most important
 methods are `.on(eventName, listener)` (to subscribe to an event) and `.off(eventName, listener)`
@@ -82,7 +79,6 @@ Events are emitted for:
 | ------------ | ----------------------- |
 | Identity     | `schIdentity:ready`     |
 | Monetization | `schMonetization:ready` |
-| Payment      | `schPayment:ready`      |
 
 ```js
 window.addEventListener('schIdentity:ready', e => {
@@ -191,10 +187,10 @@ Schibsted account relies on browser cookies to determine whether a user is recog
 The SDK provides functions that can be used to check if the user that's visiting your site is
 already a Schibsted user or not.
 
-*  [Identity#isLoggedIn](https://schibsted.github.io/account-sdk-browser/Identity.html#isLoggedIn)
+*  [Identity#isLoggedIn](https://schibsted.github.io/account-sdk-browser/classes/Identity.html#isloggedin)
     tells you if the user that is visiting your site is already logged in to Schibsted account or not.
 
-*  [Identity#isConnected](https://schibsted.github.io/account-sdk-browser/Identity.html#isConnected)
+*  [Identity#isConnected](https://schibsted.github.io/account-sdk-browser/classes/Identity.html#isconnected)
     tells you if the user is connected to your client. A user might have `isLoggedIn=true` and at the
     same time `isConnected=false` if they have logged in to Schibsted account, but not accepted terms
     and privacy policy for your site.
@@ -206,13 +202,13 @@ will just ask them to accept those terms and redirect them right back to your si
 #### Logging out
 
 If you want to log the user out of Schibsted account, you can call
-[Identity#logout](https://schibsted.github.io/account-sdk-browser/Identity.html#logout). This
+[Identity#logout](https://schibsted.github.io/account-sdk-browser/classes/Identity.html#logout). This
 will remove the Schibsted account brand session. User will still be logged into Schibsted account.
 
 ## Monetization
 
 The preferred method for checking whether a user has access to a product/subscription is
-[Monetization#hasAccess](https://schibsted.github.io/account-sdk-browser/Monetization.html#hasAccess).
+[Monetization#hasAccess](https://schibsted.github.io/account-sdk-browser/classes/Monetization.html#hasaccess).
 It requires using Session Service, and supports both Schibsted account productId's and Zuora
 feature id's.
 
@@ -238,49 +234,6 @@ try {
 }
 ```
 
-## Payment
-
-This class provides methods for paying with a so-called paylink, buying a product, getting links to
-pages for redeeming voucher codes, reviewing payment history, and more.
-
-#### Example
-
-```javascript
-import { Payment } from '@schibsted/account-sdk-browser';
-
-const paymentSDK = new Payment({
-    clientId: '56e9a5d1eee0000000000000',
-    redirectUri: 'https://awesomenews.site', // ensure it's listed in selfservice
-    env: 'PRE', // Schibsted account env. A url or a special key: 'PRE', 'PRO' or 'PRO_NO'
-});
-
-// Get the url to paymentSDK with paylink
-const paylink = '...';
-const paylinkUrl = paymentSDK.purchasePaylinkUrl(paylink);
-
-// Or another example --- pay with paylink in a popup
-paymentSDK.payWithPaylink(paylink);
-```
-
-## Appendix
-
-#### Polyfills
-
-This SDK uses modern JavaScript features. If you support older browsers, you should use a tool like
-babel to transform the JavaScript as needed. However, since certain teams have deployment pipelines
-where it's difficult to do their own transpilation, we do provide some opt-in es5 files as well:
-
-1. `@schibsted/account-sdk-browser/es5`: Include both `Identity`, `Monetization` and `Payment`.
-1. `@schibsted/account-sdk-browser/es5/global`: Include both `Identity`, `Monetization` and
-   `Payment`. In addition, add them as variables to the global `window` object.
-1. `@schibsted/account-sdk-browser/es5/identity`, `@schibsted/account-sdk-browser/es5/monetization`
-   or `@schibsted/account-sdk-browser/es5/payment` can be used to only include each class by itself.
-
-But then regardless of whether you use the es5 versions or not, you might need to polyfill certain
-things that might be missing in the browsers you wish to support. A quick test using IE11 showed
-that we needed polyfills for `Promise`, `URL`, `Object.entries`, `fetch`, `Number.isFinite` and
-`Number.isInteger`.
-
 #### Cookies
 
 There are some cookies used by Schibsted account. They should all be considered opaque on the

package/dist/RESTClient.d.ts

@@ -0,0 +1,91 @@
+type FetchFunction = (input: RequestInfo, init?: RequestInit) => Promise<Response>;
+/**
+ * The value of a single query parameter; `undefined` entries are skipped.
+ */
+type QueryValue = string | number | boolean | undefined;
+/**
+ * Query parameters appended to a request URL.
+ */
+type QueryParams = Record<string, QueryValue>;
+/**
+ * HTTP method used for a request.
+ */
+type HttpMethod = 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH';
+/**
+ * This class can be used for creating a wrapper around a server and all its endpoints.
+ * Its functionality is extended by {@link JSONPClient}
+ * Creates a client to a REST server. While useful stand-alone, it's also used for some other
+ * types of client that change some functionalities.
+ * @throws {SDKError} - If any of options are invalid
+ * @summary The simplest way to communicate to a REST endpoint without any
+ *          special authentication
+ * @private
+ */
+export declare class RESTClient {
+    url: URL;
+    defaultParams: QueryParams;
+    log?: Function;
+    fetch: FetchFunction;
+    /**
+     * @param options
+     * @param options.serverUrl - The URL to the server eg.
+     * https://login.schibsted.com or a URL key like 'DEV' in combination with {@link envDic}.
+     * @param options.envDic - A dictionary that will be used for looking up
+     * {@link serverUrl} keys. If serverUrl is always a URL, you don't need this.
+     * @param options.fetch - The fetch function to use. It can be native
+     * or a polyfill
+     * @param options.log - A function that will be called with log messages about
+     * request and response
+     * @param options.defaultParams - Query parameters added to every request
+     */
+    constructor({ serverUrl, envDic, fetch, log, defaultParams, }: {
+        serverUrl?: string;
+        envDic?: Record<string, string>;
+        fetch?: FetchFunction;
+        log?: Function;
+        defaultParams?: QueryParams;
+    });
+    /**
+     * Makes the actual call to the server and deals with headers, data objects and the edge cases.
+     * Please note that this method expects the response to be in JSON format. However, it'll not
+     * parse the response if its code is not in the 200 range.
+     * @param options - An obligatory options object
+     * @param options.method - The HTTP request method, e.g. 'GET' or 'POST'
+     * @param options.pathname - The path to the endpoint like 'api/2/endpoint-name'
+     * @param options.data - Query parameters added to the request URL
+     * @param options.headers - Request headers as a plain key/value map
+     * @param options.useDefaultParams - Should we add the defaultParams to the query?
+     * @param options.fetchOptions - Additional fetch options
+     * @throws {SDKError} - If the call can't be made for whatever reason.
+     */
+    go({ method, headers, pathname, data, useDefaultParams, fetchOptions, }: {
+        method: HttpMethod;
+        pathname: string;
+        data?: QueryParams;
+        headers?: Record<string, string>;
+        useDefaultParams?: boolean;
+        fetchOptions?: RequestInit;
+    }): Promise<any>;
+    /**
+     * Creates a url that points to an endpoint in the server
+     * @param pathname - WHATWG pathname ie. 'api/2/endpoint-name'
+     * @param query - Query parameters to serialize into the query string
+     * @param useDefaultParams - Should we add the defaultParams to the query?
+     */
+    makeUrl(pathname?: string, query?: QueryParams, useDefaultParams?: boolean): string;
+    /**
+     * Make a GET request
+     * @param pathname - WHATWG pathname ie. 'api/2/endpoint-name'
+     * @param data - Query parameters
+     */
+    get(pathname: string, data?: QueryParams): Promise<any>;
+    /**
+     * Construct query string for WHATWG urls
+     * @private
+     * @param query - Query parameters to generate the query string from
+     * @param useDefaultParams - Use defaultParams or not
+     * @param defaultParams - Default params
+     */
+    private static search;
+}
+export default RESTClient;

package/dist/SDKError.d.ts

@@ -0,0 +1,27 @@
+/**
+ * Custom error class thrown by all SDK methods on failure.
+ *
+ * All rejected promises from API calls reject with an instance of this class.
+ */
+export default class SDKError extends Error {
+    /** HTTP status code from the server error payload;
+     * declared explicitly to allow numeric comparisons without type-casting.
+     */
+    code?: number;
+    /**
+     * Properties copied from the server error object.
+     * @internal
+     */
+    [key: string]: unknown;
+    /**
+     * @param message - Human-readable error message
+     * @param errorObject - Optional server error payload. All enumerable properties are
+     * shallow-copied onto this instance.
+     */
+    constructor(message: string, errorObject?: Record<string, unknown>);
+    /**
+     * Returns a multi-line string with the error name, message, and any other properties copied
+     * from the server error payload.
+     */
+    toString(): string;
+}

package/dist/cache.d.ts

@@ -0,0 +1,65 @@
+/**
+ * Cache implementation used when web storage is available. Wraps a `Storage` instance.
+ * @private
+ */
+declare class WebStorageCache {
+    store: Storage;
+    get: (key: string) => string | null;
+    set: (key: string, value: string) => void;
+    delete: (key: string) => void;
+    /**
+     * Create web storage cache object
+     * @param store - A reference to either `sessionStorage` or `localStorage` from a
+     * `Window` object
+     */
+    constructor(store: Storage);
+}
+/**
+ * Cache implementation used when web storage is not available. Stores entries in an in-memory object.
+ * @private
+ */
+declare class LiteralCache {
+    store: Record<string, string>;
+    get: (key: string) => string | undefined;
+    set: (key: string, value: string) => void;
+    delete: (key: string) => void;
+    /**
+     * Create JS object literal cache object
+     */
+    constructor();
+}
+/**
+ * Cache class that attempts WebStorage (session/local storage), and falls back to JS object literal
+ * @private
+ */
+export default class Cache {
+    cache: WebStorageCache | LiteralCache;
+    type: string;
+    /**
+     * @param storeProvider - A function to return a WebStorage instance (either
+     * `sessionStorage` or `localStorage` from a `Window` object)
+     * @throws {SDKError} - If sessionStorage or localStorage are not accessible
+     */
+    constructor(storeProvider?: () => Storage);
+    /**
+     * Get a value from cache (checks that the object has not expired)
+     * @param key
+     * @private
+     */
+    get(key: string): unknown;
+    /**
+     * Set a cache entry
+     * @param key
+     * @param value
+     * @param expiresIn - Value in milliseconds until the entry expires
+     * @private
+     */
+    set(key: string, value: unknown, expiresIn?: number): void;
+    /**
+     * Delete a cache entry
+     * @param key
+     * @private
+     */
+    delete(key: string): void;
+}
+export {};

package/dist/config.d.ts

@@ -0,0 +1,86 @@
+/**
+ * Core configuration used by the SDK.
+ * - `ENDPOINTS.SPiD` — SPiD endpoints per environment
+ * - `ENDPOINTS.BFF` — Endpoints used with new GDPR-compliant web flows
+ * - `ENDPOINTS.SESSION_SERVICE` — Endpoints to check global user session data
+ *
+ */
+declare const config: {
+    readonly ENDPOINTS: {
+        readonly SPiD: {
+            readonly LOCAL: "http://id.localhost";
+            readonly DEV: "https://identity-dev.schibsted.com";
+            readonly PRE: "https://identity-pre.schibsted.com";
+            readonly PRO: "https://login.schibsted.com";
+            readonly PRO_NO: "https://payment.schibsted.no";
+            readonly PRO_FI: "https://login.schibsted.fi";
+            readonly PRO_DK: "https://login.schibsted.dk";
+        };
+        readonly BFF: {
+            readonly LOCAL: "http://id.localhost/authn/";
+            readonly DEV: "https://identity-dev.schibsted.com/authn/";
+            readonly PRE: "https://identity-pre.schibsted.com/authn/";
+            readonly PRO: "https://login.schibsted.com/authn/";
+            readonly PRO_NO: "https://payment.schibsted.no/authn/";
+            readonly PRO_FI: "https://login.schibsted.fi/authn/";
+            readonly PRO_DK: "https://login.schibsted.dk/authn/";
+        };
+        readonly SESSION_SERVICE: {
+            readonly LOCAL: "http://session-service.id.localhost";
+            readonly DEV: "https://session-service.identity-dev.schibsted.com";
+            readonly PRE: "https://session-service.identity-pre.schibsted.com";
+            readonly PRO: "https://session-service.login.schibsted.com";
+            readonly PRO_NO: "https://session-service.payment.schibsted.no";
+            readonly PRO_FI: "https://session-service.login.schibsted.fi";
+            readonly PRO_DK: "https://session-service.login.schibsted.dk";
+        };
+    };
+    readonly NAMESPACE: {
+        readonly LOCAL: "id.localhost";
+        readonly DEV: "schibsted.com";
+        readonly PRE: "schibsted.com";
+        readonly PRO: "schibsted.com";
+        readonly PRO_NO: "spid.no";
+        readonly PRO_FI: "schibsted.fi";
+        readonly PRO_DK: "schibsted.dk";
+    };
+};
+export default config;
+export declare const ENDPOINTS: {
+    readonly SPiD: {
+        readonly LOCAL: "http://id.localhost";
+        readonly DEV: "https://identity-dev.schibsted.com";
+        readonly PRE: "https://identity-pre.schibsted.com";
+        readonly PRO: "https://login.schibsted.com";
+        readonly PRO_NO: "https://payment.schibsted.no";
+        readonly PRO_FI: "https://login.schibsted.fi";
+        readonly PRO_DK: "https://login.schibsted.dk";
+    };
+    readonly BFF: {
+        readonly LOCAL: "http://id.localhost/authn/";
+        readonly DEV: "https://identity-dev.schibsted.com/authn/";
+        readonly PRE: "https://identity-pre.schibsted.com/authn/";
+        readonly PRO: "https://login.schibsted.com/authn/";
+        readonly PRO_NO: "https://payment.schibsted.no/authn/";
+        readonly PRO_FI: "https://login.schibsted.fi/authn/";
+        readonly PRO_DK: "https://login.schibsted.dk/authn/";
+    };
+    readonly SESSION_SERVICE: {
+        readonly LOCAL: "http://session-service.id.localhost";
+        readonly DEV: "https://session-service.identity-dev.schibsted.com";
+        readonly PRE: "https://session-service.identity-pre.schibsted.com";
+        readonly PRO: "https://session-service.login.schibsted.com";
+        readonly PRO_NO: "https://session-service.payment.schibsted.no";
+        readonly PRO_FI: "https://session-service.login.schibsted.fi";
+        readonly PRO_DK: "https://session-service.login.schibsted.dk";
+    };
+};
+export declare const NAMESPACE: {
+    readonly LOCAL: "id.localhost";
+    readonly DEV: "schibsted.com";
+    readonly PRE: "schibsted.com";
+    readonly PRO: "schibsted.com";
+    readonly PRO_NO: "spid.no";
+    readonly PRO_FI: "schibsted.fi";
+    readonly PRO_DK: "schibsted.dk";
+};

package/dist/global-registry.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Names of the SDK instance properties that can be registered on the global {@link Window} object.
+ */
+type Property = 'schIdentity' | 'schMonetization';
+/**
+ * Registers an SDK instance on the global {@link Window} object's given property and dispatches a ready event.
+ *
+ * The dispatched event is a {@link CustomEvent} fired on `global` (i.e. `window`) with:
+ * - name: `${property}:ready` (e.g. `"schIdentity:ready"` or `"schMonetization:ready"`)
+ * - `detail.instance`: the registered SDK instance
+ *
+ * @typeParam T - Constrained to {@link Property}; inferred from the `property` argument.
+ * @param global - The `Window` object to register on.
+ * @param property - The window property name to assign the instance to, 'schIdentity' or 'schMonetization'.
+ * @param instance - The SDK instance to register. Must be non-nullable.
+ *
+ * @example
+ * registerAndDispatchInGlobal(window, 'schIdentity', identityInstance);
+ * / window.schIdentity === identityInstance
+ * / CustomEvent 'schIdentity:ready' has been dispatched on window
+ */
+export declare const registerAndDispatchInGlobal: <T extends Property>(global: Window, property: T, instance: NonNullable<Window[T]>) => void;
+export {};

package/dist/globals.d.ts

@@ -0,0 +1,13 @@
+import { Identity } from './identity.js';
+import { Monetization } from './monetization.js';
+declare global {
+    interface Window {
+        schIdentity?: Identity;
+        schMonetization?: Monetization;
+        SPiD?: {
+            Talk?: {
+                response?: (callbackName: string, data: unknown) => unknown;
+            };
+        };
+    }
+}