@shopsbuilder/auth-sdk 1.2.7 → 1.2.9

package/dist/SaleorAccessTokenStorageHandler.d.mts

@@ -4,6 +4,7 @@ declare const getAccessTokenKey: (prefix?: string) => string;
 declare class SaleorAccessTokenStorageHandler {
     private storage;
     private prefix?;
+    private cachedToken;
     constructor(storage: StorageRepository, prefix?: string | undefined);
     getAccessToken: () => string | null;
     setAccessToken: (token: string) => void;

package/dist/SaleorAccessTokenStorageHandler.d.ts

@@ -4,6 +4,7 @@ declare const getAccessTokenKey: (prefix?: string) => string;
 declare class SaleorAccessTokenStorageHandler {
     private storage;
     private prefix?;
+    private cachedToken;
     constructor(storage: StorageRepository, prefix?: string | undefined);
     getAccessToken: () => string | null;
     setAccessToken: (token: string) => void;

package/dist/SaleorAccessTokenStorageHandler.js

@@ -30,15 +30,22 @@ var SaleorAccessTokenStorageHandler = class {
     this.storage = storage;
     this.prefix = prefix;
   }
+  // In-memory cache so the token is available even when the storage
+  // backend is read-only (e.g. Next.js cookies during render).
+  cachedToken = null;
   getAccessToken = () => {
+    if (this.cachedToken)
+      return this.cachedToken;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.getItem(key);
   };
   setAccessToken = (token) => {
+    this.cachedToken = token;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.setItem(key, token);
   };
   clearAuthStorage = () => {
+    this.cachedToken = null;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.removeItem(key);
   };

package/dist/SaleorAccessTokenStorageHandler.mjs

@@ -1,7 +1,7 @@
 import {
   SaleorAccessTokenStorageHandler,
   getAccessTokenKey
-} from "./chunk-BZFBMGPG.mjs";
+} from "./chunk-B326YIV6.mjs";
 export {
   SaleorAccessTokenStorageHandler,
   getAccessTokenKey

package/dist/SaleorAuthClient.d.mts

@@ -3,12 +3,6 @@ import { StorageRepository, FetchWithAdditionalParams, PasswordResetVariables, P
 interface SaleorAuthClientProps {
     onAuthRefresh?: (isAuthenticating: boolean) => void;
     saleorApiUrl: string;
-    /**
-     * Prefix used for storage keys. Defaults to saleorApiUrl.
-     * Set this to the public API URL when the server uses an internal URL
-     * for saleorApiUrl, so that cookie keys match between client and server.
-     */
-    storageKeyPrefix?: string;
     refreshTokenStorage?: StorageRepository;
     accessTokenStorage?: StorageRepository;
     tokenGracePeriod?: number;
@@ -39,7 +33,7 @@ declare class SaleorAuthClient {
      *  }, [])
      *  ```
      */
-    constructor({ saleorApiUrl, storageKeyPrefix, refreshTokenStorage, accessTokenStorage, onAuthRefresh, tokenGracePeriod, defaultRequestInit, }: SaleorAuthClientProps);
+    constructor({ saleorApiUrl, refreshTokenStorage, accessTokenStorage, onAuthRefresh, tokenGracePeriod, defaultRequestInit, }: SaleorAuthClientProps);
     cleanup: () => void;
     private runAuthorizedRequest;
     private handleRequestWithTokenRefresh;

package/dist/SaleorAuthClient.d.ts

@@ -3,12 +3,6 @@ import { StorageRepository, FetchWithAdditionalParams, PasswordResetVariables, P
 interface SaleorAuthClientProps {
     onAuthRefresh?: (isAuthenticating: boolean) => void;
     saleorApiUrl: string;
-    /**
-     * Prefix used for storage keys. Defaults to saleorApiUrl.
-     * Set this to the public API URL when the server uses an internal URL
-     * for saleorApiUrl, so that cookie keys match between client and server.
-     */
-    storageKeyPrefix?: string;
     refreshTokenStorage?: StorageRepository;
     accessTokenStorage?: StorageRepository;
     tokenGracePeriod?: number;
@@ -39,7 +33,7 @@ declare class SaleorAuthClient {
      *  }, [])
      *  ```
      */
-    constructor({ saleorApiUrl, storageKeyPrefix, refreshTokenStorage, accessTokenStorage, onAuthRefresh, tokenGracePeriod, defaultRequestInit, }: SaleorAuthClientProps);
+    constructor({ saleorApiUrl, refreshTokenStorage, accessTokenStorage, onAuthRefresh, tokenGracePeriod, defaultRequestInit, }: SaleorAuthClientProps);
     cleanup: () => void;
     private runAuthorizedRequest;
     private handleRequestWithTokenRefresh;

package/dist/SaleorAuthClient.js

@@ -110,6 +110,10 @@ var getTokenExpiry = (token) => {
   const parsedTokenData = decodeToken(token);
   return parsedTokenData.exp * MILLI_MULTIPLYER || 0;
 };
+var getTokenIss = (token) => {
+  const parsedTokenData = decodeToken(token);
+  return parsedTokenData.iss;
+};
 var isExpiredToken = (token, tokenGracePeriod) => {
   return getTokenExpiry(token) - tokenGracePeriod <= Date.now();
 };
@@ -239,15 +243,22 @@ var SaleorAccessTokenStorageHandler = class {
     this.storage = storage;
     this.prefix = prefix;
   }
+  // In-memory cache so the token is available even when the storage
+  // backend is read-only (e.g. Next.js cookies during render).
+  cachedToken = null;
   getAccessToken = () => {
+    if (this.cachedToken)
+      return this.cachedToken;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.getItem(key);
   };
   setAccessToken = (token) => {
+    this.cachedToken = token;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.setItem(key, token);
   };
   clearAuthStorage = () => {
+    this.cachedToken = null;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.removeItem(key);
   };
@@ -283,7 +294,6 @@ var SaleorAuthClient = class {
    */
   constructor({
     saleorApiUrl,
-    storageKeyPrefix,
     refreshTokenStorage,
     accessTokenStorage,
     onAuthRefresh,
@@ -296,23 +306,47 @@ var SaleorAuthClient = class {
     }
     this.onAuthRefresh = onAuthRefresh;
     this.saleorApiUrl = saleorApiUrl;
-    const keyPrefix = storageKeyPrefix ?? saleorApiUrl;
     const refreshTokenRepo = refreshTokenStorage ?? (typeof window !== "undefined" ? window.localStorage : void 0);
-    this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, keyPrefix) : null;
+    this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, saleorApiUrl) : null;
     const accessTokenRepo = accessTokenStorage ?? getInMemoryAccessTokenStorage();
-    this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, keyPrefix);
+    this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, saleorApiUrl);
   }
   cleanup = () => {
     this.refreshTokenStorage?.cleanup();
   };
-  runAuthorizedRequest = (input, init) => {
+  runAuthorizedRequest = (input, init, additionalParams) => {
     const token = this.accessTokenStorage.getAccessToken();
     if (!token) {
       return fetch(input, init);
     }
-    const headers = new Headers(init?.headers);
-    headers.set("Authorization", `Bearer ${token}`);
-    return fetch(input, { ...init, headers });
+    const headers = init?.headers || {};
+    const getURL = (input2) => {
+      if (typeof input2 === "string") {
+        return input2;
+      } else if ("url" in input2) {
+        return input2.url;
+      } else {
+        return input2.href;
+      }
+    };
+    const iss = getTokenIss(token);
+    const issuerAndDomainMatch = getURL(input) === iss;
+    const shouldAddAuthorizationHeader = issuerAndDomainMatch || additionalParams?.allowPassingTokenToThirdPartyDomains;
+    if (!issuerAndDomainMatch) {
+      if (shouldAddAuthorizationHeader) {
+        console.warn(
+          "Token's `iss` and request URL do not match but `allowPassingTokenToThirdPartyDomains` was specified."
+        );
+      } else {
+        console.warn(
+          "Token's `iss` and request URL do not match. Not adding `Authorization` header to the request."
+        );
+      }
+    }
+    return fetch(input, {
+      ...init,
+      headers: shouldAddAuthorizationHeader ? { ...headers, Authorization: `Bearer ${token}` } : headers
+    });
   };
   handleRequestWithTokenRefresh = async (input, requestInit, additionalParams) => {
     const refreshToken = this.refreshTokenStorage?.getRefreshToken();
@@ -324,37 +358,15 @@ var SaleorAuthClient = class {
     this.onAuthRefresh?.(true);
     if (this.tokenRefreshPromise) {
       const response = await this.tokenRefreshPromise;
-      const responseClone = response.clone();
-      const rawText = await response.clone().text();
-      console.log("[auth-sdk] Token refresh raw response:", JSON.stringify({
-        status: response.status,
-        statusText: response.statusText,
-        headers: Object.fromEntries(response.headers.entries()),
-        bodyLength: rawText.length,
-        body: rawText.slice(0, 500)
-      }));
-      let res;
-      try {
-        res = await responseClone.json();
-      } catch {
-        console.error("[auth-sdk] Token refresh response is not valid JSON, status:", response.status);
-        this.onAuthRefresh?.(false);
-        this.tokenRefreshPromise = null;
-        this.refreshTokenStorage?.clearAuthStorage();
-        return fetch(input, requestInit);
-      }
-      const graphqlErrors = res.errors;
-      const token = res.data?.tokenRefresh?.token;
-      const refreshErrors = res.data?.tokenRefresh?.errors;
+      const res = await response.clone().json();
+      const {
+        errors: graphqlErrors,
+        data: {
+          tokenRefresh: { errors, token }
+        }
+      } = res;
       this.onAuthRefresh?.(false);
-      if (refreshErrors?.length || graphqlErrors?.length || !token) {
-        console.warn("[auth-sdk] Token refresh failed:", JSON.stringify({
-          graphqlErrors: graphqlErrors ?? [],
-          refreshErrors: refreshErrors ?? [],
-          hasToken: Boolean(token),
-          httpStatus: response.status,
-          rawData: res.data ?? null
-        }));
+      if (errors?.length || graphqlErrors?.length || !token) {
         this.tokenRefreshPromise = null;
         this.refreshTokenStorage?.clearAuthStorage();
         return fetch(input, requestInit);
@@ -364,32 +376,10 @@ var SaleorAuthClient = class {
       this.tokenRefreshPromise = null;
       return this.runAuthorizedRequest(input, requestInit, additionalParams);
     }
-    const refreshHeaders = {
-      "Content-Type": "application/json"
-    };
-    if (requestInit?.headers) {
-      const origHeaders = new Headers(requestInit.headers);
-      for (const [key, value] of origHeaders.entries()) {
-        if (key !== "host" && key !== "content-type") {
-          refreshHeaders[key] = value;
-        }
-      }
-    }
-    const refreshBody = JSON.stringify({
-      query: TOKEN_REFRESH.toString(),
-      variables: { refreshToken }
-    });
-    console.log("[auth-sdk] Token refresh request:", JSON.stringify({
-      url: this.saleorApiUrl,
-      headers: refreshHeaders,
-      bodyLength: refreshBody.length,
-      bodyPreview: refreshBody.slice(0, 200)
-    }));
-    this.tokenRefreshPromise = fetch(this.saleorApiUrl, {
-      method: "POST",
-      headers: refreshHeaders,
-      body: refreshBody
-    });
+    this.tokenRefreshPromise = fetch(
+      this.saleorApiUrl,
+      getRequestData(TOKEN_REFRESH, { refreshToken }, { ...this.defaultRequestInit, ...requestInit })
+    );
     return this.fetchWithAuth(input, requestInit, additionalParams);
   };
   handleSignIn = async (response) => {

package/dist/SaleorAuthClient.mjs

@@ -1,8 +1,8 @@
 import {
   SaleorAuthClient,
   createSaleorAuthClient
-} from "./chunk-UHR2J6FG.mjs";
-import "./chunk-BZFBMGPG.mjs";
+} from "./chunk-GFXR244N.mjs";
+import "./chunk-B326YIV6.mjs";
 import "./chunk-263DHBMK.mjs";
 import "./chunk-UDLCOX6B.mjs";
 import "./chunk-7JTFMRQS.mjs";

package/dist/{chunk-BZFBMGPG.mjs → chunk-B326YIV6.mjs}

@@ -5,15 +5,22 @@ var SaleorAccessTokenStorageHandler = class {
     this.storage = storage;
     this.prefix = prefix;
   }
+  // In-memory cache so the token is available even when the storage
+  // backend is read-only (e.g. Next.js cookies during render).
+  cachedToken = null;
   getAccessToken = () => {
+    if (this.cachedToken)
+      return this.cachedToken;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.getItem(key);
   };
   setAccessToken = (token) => {
+    this.cachedToken = token;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.setItem(key, token);
   };
   clearAuthStorage = () => {
+    this.cachedToken = null;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.removeItem(key);
   };

package/dist/{chunk-UHR2J6FG.mjs → chunk-GFXR244N.mjs}

@@ -1,11 +1,12 @@
 import {
   SaleorAccessTokenStorageHandler
-} from "./chunk-BZFBMGPG.mjs";
+} from "./chunk-B326YIV6.mjs";
 import {
   SaleorRefreshTokenStorageHandler
 } from "./chunk-263DHBMK.mjs";
 import {
   getRequestData,
+  getTokenIss,
   invariant,
   isExpiredToken
 } from "./chunk-UDLCOX6B.mjs";
@@ -46,7 +47,6 @@ var SaleorAuthClient = class {
    */
   constructor({
     saleorApiUrl,
-    storageKeyPrefix,
     refreshTokenStorage,
     accessTokenStorage,
     onAuthRefresh,
@@ -59,23 +59,47 @@ var SaleorAuthClient = class {
     }
     this.onAuthRefresh = onAuthRefresh;
     this.saleorApiUrl = saleorApiUrl;
-    const keyPrefix = storageKeyPrefix ?? saleorApiUrl;
     const refreshTokenRepo = refreshTokenStorage ?? (typeof window !== "undefined" ? window.localStorage : void 0);
-    this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, keyPrefix) : null;
+    this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, saleorApiUrl) : null;
     const accessTokenRepo = accessTokenStorage ?? getInMemoryAccessTokenStorage();
-    this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, keyPrefix);
+    this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, saleorApiUrl);
   }
   cleanup = () => {
     this.refreshTokenStorage?.cleanup();
   };
-  runAuthorizedRequest = (input, init) => {
+  runAuthorizedRequest = (input, init, additionalParams) => {
     const token = this.accessTokenStorage.getAccessToken();
     if (!token) {
       return fetch(input, init);
     }
-    const headers = new Headers(init?.headers);
-    headers.set("Authorization", `Bearer ${token}`);
-    return fetch(input, { ...init, headers });
+    const headers = init?.headers || {};
+    const getURL = (input2) => {
+      if (typeof input2 === "string") {
+        return input2;
+      } else if ("url" in input2) {
+        return input2.url;
+      } else {
+        return input2.href;
+      }
+    };
+    const iss = getTokenIss(token);
+    const issuerAndDomainMatch = getURL(input) === iss;
+    const shouldAddAuthorizationHeader = issuerAndDomainMatch || additionalParams?.allowPassingTokenToThirdPartyDomains;
+    if (!issuerAndDomainMatch) {
+      if (shouldAddAuthorizationHeader) {
+        console.warn(
+          "Token's `iss` and request URL do not match but `allowPassingTokenToThirdPartyDomains` was specified."
+        );
+      } else {
+        console.warn(
+          "Token's `iss` and request URL do not match. Not adding `Authorization` header to the request."
+        );
+      }
+    }
+    return fetch(input, {
+      ...init,
+      headers: shouldAddAuthorizationHeader ? { ...headers, Authorization: `Bearer ${token}` } : headers
+    });
   };
   handleRequestWithTokenRefresh = async (input, requestInit, additionalParams) => {
     const refreshToken = this.refreshTokenStorage?.getRefreshToken();
@@ -87,37 +111,15 @@ var SaleorAuthClient = class {
     this.onAuthRefresh?.(true);
     if (this.tokenRefreshPromise) {
       const response = await this.tokenRefreshPromise;
-      const responseClone = response.clone();
-      const rawText = await response.clone().text();
-      console.log("[auth-sdk] Token refresh raw response:", JSON.stringify({
-        status: response.status,
-        statusText: response.statusText,
-        headers: Object.fromEntries(response.headers.entries()),
-        bodyLength: rawText.length,
-        body: rawText.slice(0, 500)
-      }));
-      let res;
-      try {
-        res = await responseClone.json();
-      } catch {
-        console.error("[auth-sdk] Token refresh response is not valid JSON, status:", response.status);
-        this.onAuthRefresh?.(false);
-        this.tokenRefreshPromise = null;
-        this.refreshTokenStorage?.clearAuthStorage();
-        return fetch(input, requestInit);
-      }
-      const graphqlErrors = res.errors;
-      const token = res.data?.tokenRefresh?.token;
-      const refreshErrors = res.data?.tokenRefresh?.errors;
+      const res = await response.clone().json();
+      const {
+        errors: graphqlErrors,
+        data: {
+          tokenRefresh: { errors, token }
+        }
+      } = res;
       this.onAuthRefresh?.(false);
-      if (refreshErrors?.length || graphqlErrors?.length || !token) {
-        console.warn("[auth-sdk] Token refresh failed:", JSON.stringify({
-          graphqlErrors: graphqlErrors ?? [],
-          refreshErrors: refreshErrors ?? [],
-          hasToken: Boolean(token),
-          httpStatus: response.status,
-          rawData: res.data ?? null
-        }));
+      if (errors?.length || graphqlErrors?.length || !token) {
         this.tokenRefreshPromise = null;
         this.refreshTokenStorage?.clearAuthStorage();
         return fetch(input, requestInit);
@@ -127,32 +129,10 @@ var SaleorAuthClient = class {
       this.tokenRefreshPromise = null;
       return this.runAuthorizedRequest(input, requestInit, additionalParams);
     }
-    const refreshHeaders = {
-      "Content-Type": "application/json"
-    };
-    if (requestInit?.headers) {
-      const origHeaders = new Headers(requestInit.headers);
-      for (const [key, value] of origHeaders.entries()) {
-        if (key !== "host" && key !== "content-type") {
-          refreshHeaders[key] = value;
-        }
-      }
-    }
-    const refreshBody = JSON.stringify({
-      query: TOKEN_REFRESH.toString(),
-      variables: { refreshToken }
-    });
-    console.log("[auth-sdk] Token refresh request:", JSON.stringify({
-      url: this.saleorApiUrl,
-      headers: refreshHeaders,
-      bodyLength: refreshBody.length,
-      bodyPreview: refreshBody.slice(0, 200)
-    }));
-    this.tokenRefreshPromise = fetch(this.saleorApiUrl, {
-      method: "POST",
-      headers: refreshHeaders,
-      body: refreshBody
-    });
+    this.tokenRefreshPromise = fetch(
+      this.saleorApiUrl,
+      getRequestData(TOKEN_REFRESH, { refreshToken }, { ...this.defaultRequestInit, ...requestInit })
+    );
     return this.fetchWithAuth(input, requestInit, additionalParams);
   };
   handleSignIn = async (response) => {

package/dist/index.js

@@ -113,6 +113,10 @@ var getTokenExpiry = (token) => {
   const parsedTokenData = decodeToken(token);
   return parsedTokenData.exp * MILLI_MULTIPLYER || 0;
 };
+var getTokenIss = (token) => {
+  const parsedTokenData = decodeToken(token);
+  return parsedTokenData.iss;
+};
 var isExpiredToken = (token, tokenGracePeriod) => {
   return getTokenExpiry(token) - tokenGracePeriod <= Date.now();
 };
@@ -242,15 +246,22 @@ var SaleorAccessTokenStorageHandler = class {
     this.storage = storage;
     this.prefix = prefix;
   }
+  // In-memory cache so the token is available even when the storage
+  // backend is read-only (e.g. Next.js cookies during render).
+  cachedToken = null;
   getAccessToken = () => {
+    if (this.cachedToken)
+      return this.cachedToken;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.getItem(key);
   };
   setAccessToken = (token) => {
+    this.cachedToken = token;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.setItem(key, token);
   };
   clearAuthStorage = () => {
+    this.cachedToken = null;
     const key = getAccessTokenKey(this.prefix);
     return this.storage.removeItem(key);
   };
@@ -286,7 +297,6 @@ var SaleorAuthClient = class {
    */
   constructor({
     saleorApiUrl,
-    storageKeyPrefix,
     refreshTokenStorage,
     accessTokenStorage,
     onAuthRefresh,
@@ -299,23 +309,47 @@ var SaleorAuthClient = class {
     }
     this.onAuthRefresh = onAuthRefresh;
     this.saleorApiUrl = saleorApiUrl;
-    const keyPrefix = storageKeyPrefix ?? saleorApiUrl;
     const refreshTokenRepo = refreshTokenStorage ?? (typeof window !== "undefined" ? window.localStorage : void 0);
-    this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, keyPrefix) : null;
+    this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, saleorApiUrl) : null;
     const accessTokenRepo = accessTokenStorage ?? getInMemoryAccessTokenStorage();
-    this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, keyPrefix);
+    this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, saleorApiUrl);
   }
   cleanup = () => {
     this.refreshTokenStorage?.cleanup();
   };
-  runAuthorizedRequest = (input, init) => {
+  runAuthorizedRequest = (input, init, additionalParams) => {
     const token = this.accessTokenStorage.getAccessToken();
     if (!token) {
       return fetch(input, init);
     }
-    const headers = new Headers(init?.headers);
-    headers.set("Authorization", `Bearer ${token}`);
-    return fetch(input, { ...init, headers });
+    const headers = init?.headers || {};
+    const getURL = (input2) => {
+      if (typeof input2 === "string") {
+        return input2;
+      } else if ("url" in input2) {
+        return input2.url;
+      } else {
+        return input2.href;
+      }
+    };
+    const iss = getTokenIss(token);
+    const issuerAndDomainMatch = getURL(input) === iss;
+    const shouldAddAuthorizationHeader = issuerAndDomainMatch || additionalParams?.allowPassingTokenToThirdPartyDomains;
+    if (!issuerAndDomainMatch) {
+      if (shouldAddAuthorizationHeader) {
+        console.warn(
+          "Token's `iss` and request URL do not match but `allowPassingTokenToThirdPartyDomains` was specified."
+        );
+      } else {
+        console.warn(
+          "Token's `iss` and request URL do not match. Not adding `Authorization` header to the request."
+        );
+      }
+    }
+    return fetch(input, {
+      ...init,
+      headers: shouldAddAuthorizationHeader ? { ...headers, Authorization: `Bearer ${token}` } : headers
+    });
   };
   handleRequestWithTokenRefresh = async (input, requestInit, additionalParams) => {
     const refreshToken = this.refreshTokenStorage?.getRefreshToken();
@@ -327,37 +361,15 @@ var SaleorAuthClient = class {
     this.onAuthRefresh?.(true);
     if (this.tokenRefreshPromise) {
       const response = await this.tokenRefreshPromise;
-      const responseClone = response.clone();
-      const rawText = await response.clone().text();
-      console.log("[auth-sdk] Token refresh raw response:", JSON.stringify({
-        status: response.status,
-        statusText: response.statusText,
-        headers: Object.fromEntries(response.headers.entries()),
-        bodyLength: rawText.length,
-        body: rawText.slice(0, 500)
-      }));
-      let res;
-      try {
-        res = await responseClone.json();
-      } catch {
-        console.error("[auth-sdk] Token refresh response is not valid JSON, status:", response.status);
-        this.onAuthRefresh?.(false);
-        this.tokenRefreshPromise = null;
-        this.refreshTokenStorage?.clearAuthStorage();
-        return fetch(input, requestInit);
-      }
-      const graphqlErrors = res.errors;
-      const token = res.data?.tokenRefresh?.token;
-      const refreshErrors = res.data?.tokenRefresh?.errors;
+      const res = await response.clone().json();
+      const {
+        errors: graphqlErrors,
+        data: {
+          tokenRefresh: { errors, token }
+        }
+      } = res;
       this.onAuthRefresh?.(false);
-      if (refreshErrors?.length || graphqlErrors?.length || !token) {
-        console.warn("[auth-sdk] Token refresh failed:", JSON.stringify({
-          graphqlErrors: graphqlErrors ?? [],
-          refreshErrors: refreshErrors ?? [],
-          hasToken: Boolean(token),
-          httpStatus: response.status,
-          rawData: res.data ?? null
-        }));
+      if (errors?.length || graphqlErrors?.length || !token) {
         this.tokenRefreshPromise = null;
         this.refreshTokenStorage?.clearAuthStorage();
         return fetch(input, requestInit);
@@ -367,32 +379,10 @@ var SaleorAuthClient = class {
       this.tokenRefreshPromise = null;
       return this.runAuthorizedRequest(input, requestInit, additionalParams);
     }
-    const refreshHeaders = {
-      "Content-Type": "application/json"
-    };
-    if (requestInit?.headers) {
-      const origHeaders = new Headers(requestInit.headers);
-      for (const [key, value] of origHeaders.entries()) {
-        if (key !== "host" && key !== "content-type") {
-          refreshHeaders[key] = value;
-        }
-      }
-    }
-    const refreshBody = JSON.stringify({
-      query: TOKEN_REFRESH.toString(),
-      variables: { refreshToken }
-    });
-    console.log("[auth-sdk] Token refresh request:", JSON.stringify({
-      url: this.saleorApiUrl,
-      headers: refreshHeaders,
-      bodyLength: refreshBody.length,
-      bodyPreview: refreshBody.slice(0, 200)
-    }));
-    this.tokenRefreshPromise = fetch(this.saleorApiUrl, {
-      method: "POST",
-      headers: refreshHeaders,
-      body: refreshBody
-    });
+    this.tokenRefreshPromise = fetch(
+      this.saleorApiUrl,
+      getRequestData(TOKEN_REFRESH, { refreshToken }, { ...this.defaultRequestInit, ...requestInit })
+    );
     return this.fetchWithAuth(input, requestInit, additionalParams);
   };
   handleSignIn = async (response) => {

package/dist/index.mjs

@@ -1,8 +1,8 @@
 import {
   SaleorAuthClient,
   createSaleorAuthClient
-} from "./chunk-UHR2J6FG.mjs";
-import "./chunk-BZFBMGPG.mjs";
+} from "./chunk-GFXR244N.mjs";
+import "./chunk-B326YIV6.mjs";
 import "./chunk-263DHBMK.mjs";
 import {
   GraphQLError,

package/dist/react/SaleorAuthProvider.mjs

@@ -2,8 +2,8 @@ import {
   SaleorAuthProvider
 } from "../chunk-74GMXOK4.mjs";
 import "../chunk-NAQNA6DI.mjs";
-import "../chunk-UHR2J6FG.mjs";
-import "../chunk-BZFBMGPG.mjs";
+import "../chunk-GFXR244N.mjs";
+import "../chunk-B326YIV6.mjs";
 import "../chunk-263DHBMK.mjs";
 import "../chunk-UDLCOX6B.mjs";
 import "../chunk-7JTFMRQS.mjs";

package/dist/react/context.mjs

@@ -3,8 +3,8 @@ import {
   createSafeContext,
   useSaleorAuthContext
 } from "../chunk-NAQNA6DI.mjs";
-import "../chunk-UHR2J6FG.mjs";
-import "../chunk-BZFBMGPG.mjs";
+import "../chunk-GFXR244N.mjs";
+import "../chunk-B326YIV6.mjs";
 import "../chunk-263DHBMK.mjs";
 import "../chunk-UDLCOX6B.mjs";
 import "../chunk-7JTFMRQS.mjs";

package/dist/react/index.mjs

@@ -12,8 +12,8 @@ import {
 import {
   useSaleorExternalAuth
 } from "../chunk-Q3UFWDCC.mjs";
-import "../chunk-UHR2J6FG.mjs";
-import "../chunk-BZFBMGPG.mjs";
+import "../chunk-GFXR244N.mjs";
+import "../chunk-B326YIV6.mjs";
 import "../chunk-263DHBMK.mjs";
 import "../chunk-T35JF4IS.mjs";
 import "../chunk-KLIEZ4V4.mjs";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@shopsbuilder/auth-sdk",
-  "version": "1.2.7",
+  "version": "1.2.9",
   "description": "Auth SDK for Saleor",
   "sideEffects": false,
   "files": ["dist/", "README.md"],