@shopsbuilder/auth-sdk 1.2.8 → 1.2.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/SaleorAuthClient.d.mts +1 -7
  2. package/dist/SaleorAuthClient.d.ts +1 -7
  3. package/dist/SaleorAuthClient.js +47 -64
  4. package/dist/SaleorAuthClient.mjs +1 -1
  5. package/dist/{chunk-X3MKOESH.mjs → chunk-GFXR244N.mjs} +44 -64
  6. package/dist/index.js +47 -64
  7. package/dist/index.mjs +1 -1
  8. package/dist/react/SaleorAuthProvider.mjs +1 -1
  9. package/dist/react/context.mjs +1 -1
  10. package/dist/react/index.mjs +1 -1
  11. package/package.json +1 -1
package/dist/SaleorAuthClient.d.mts CHANGED
@@ -3,12 +3,6 @@ import { StorageRepository, FetchWithAdditionalParams, PasswordResetVariables, P
3
3
  interface SaleorAuthClientProps {
4
4
  onAuthRefresh?: (isAuthenticating: boolean) => void;
5
5
  saleorApiUrl: string;
6
- /**
7
- * Prefix used for storage keys. Defaults to saleorApiUrl.
8
- * Set this to the public API URL when the server uses an internal URL
9
- * for saleorApiUrl, so that cookie keys match between client and server.
10
- */
11
- storageKeyPrefix?: string;
12
6
  refreshTokenStorage?: StorageRepository;
13
7
  accessTokenStorage?: StorageRepository;
14
8
  tokenGracePeriod?: number;
@@ -39,7 +33,7 @@ declare class SaleorAuthClient {
39
33
  * }, [])
40
34
  * ```
41
35
  */
42
- constructor({ saleorApiUrl, storageKeyPrefix, refreshTokenStorage, accessTokenStorage, onAuthRefresh, tokenGracePeriod, defaultRequestInit, }: SaleorAuthClientProps);
36
+ constructor({ saleorApiUrl, refreshTokenStorage, accessTokenStorage, onAuthRefresh, tokenGracePeriod, defaultRequestInit, }: SaleorAuthClientProps);
43
37
  cleanup: () => void;
44
38
  private runAuthorizedRequest;
45
39
  private handleRequestWithTokenRefresh;
package/dist/SaleorAuthClient.d.ts CHANGED
@@ -3,12 +3,6 @@ import { StorageRepository, FetchWithAdditionalParams, PasswordResetVariables, P
3
3
  interface SaleorAuthClientProps {
4
4
  onAuthRefresh?: (isAuthenticating: boolean) => void;
5
5
  saleorApiUrl: string;
6
- /**
7
- * Prefix used for storage keys. Defaults to saleorApiUrl.
8
- * Set this to the public API URL when the server uses an internal URL
9
- * for saleorApiUrl, so that cookie keys match between client and server.
10
- */
11
- storageKeyPrefix?: string;
12
6
  refreshTokenStorage?: StorageRepository;
13
7
  accessTokenStorage?: StorageRepository;
14
8
  tokenGracePeriod?: number;
@@ -39,7 +33,7 @@ declare class SaleorAuthClient {
39
33
  * }, [])
40
34
  * ```
41
35
  */
42
- constructor({ saleorApiUrl, storageKeyPrefix, refreshTokenStorage, accessTokenStorage, onAuthRefresh, tokenGracePeriod, defaultRequestInit, }: SaleorAuthClientProps);
36
+ constructor({ saleorApiUrl, refreshTokenStorage, accessTokenStorage, onAuthRefresh, tokenGracePeriod, defaultRequestInit, }: SaleorAuthClientProps);
43
37
  cleanup: () => void;
44
38
  private runAuthorizedRequest;
45
39
  private handleRequestWithTokenRefresh;
package/dist/SaleorAuthClient.js CHANGED
@@ -110,6 +110,10 @@ var getTokenExpiry = (token) => {
110
110
  const parsedTokenData = decodeToken(token);
111
111
  return parsedTokenData.exp * MILLI_MULTIPLYER || 0;
112
112
  };
113
+ var getTokenIss = (token) => {
114
+ const parsedTokenData = decodeToken(token);
115
+ return parsedTokenData.iss;
116
+ };
113
117
  var isExpiredToken = (token, tokenGracePeriod) => {
114
118
  return getTokenExpiry(token) - tokenGracePeriod <= Date.now();
115
119
  };
@@ -290,7 +294,6 @@ var SaleorAuthClient = class {
290
294
  */
291
295
  constructor({
292
296
  saleorApiUrl,
293
- storageKeyPrefix,
294
297
  refreshTokenStorage,
295
298
  accessTokenStorage,
296
299
  onAuthRefresh,
@@ -303,23 +306,47 @@ var SaleorAuthClient = class {
303
306
  }
304
307
  this.onAuthRefresh = onAuthRefresh;
305
308
  this.saleorApiUrl = saleorApiUrl;
306
- const keyPrefix = storageKeyPrefix ?? saleorApiUrl;
307
309
  const refreshTokenRepo = refreshTokenStorage ?? (typeof window !== "undefined" ? window.localStorage : void 0);
308
- this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, keyPrefix) : null;
310
+ this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, saleorApiUrl) : null;
309
311
  const accessTokenRepo = accessTokenStorage ?? getInMemoryAccessTokenStorage();
310
- this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, keyPrefix);
312
+ this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, saleorApiUrl);
311
313
  }
312
314
  cleanup = () => {
313
315
  this.refreshTokenStorage?.cleanup();
314
316
  };
315
- runAuthorizedRequest = (input, init) => {
317
+ runAuthorizedRequest = (input, init, additionalParams) => {
316
318
  const token = this.accessTokenStorage.getAccessToken();
317
319
  if (!token) {
318
320
  return fetch(input, init);
319
321
  }
320
- const headers = new Headers(init?.headers);
321
- headers.set("Authorization", `Bearer ${token}`);
322
- return fetch(input, { ...init, headers });
322
+ const headers = init?.headers || {};
323
+ const getURL = (input2) => {
324
+ if (typeof input2 === "string") {
325
+ return input2;
326
+ } else if ("url" in input2) {
327
+ return input2.url;
328
+ } else {
329
+ return input2.href;
330
+ }
331
+ };
332
+ const iss = getTokenIss(token);
333
+ const issuerAndDomainMatch = getURL(input) === iss;
334
+ const shouldAddAuthorizationHeader = issuerAndDomainMatch || additionalParams?.allowPassingTokenToThirdPartyDomains;
335
+ if (!issuerAndDomainMatch) {
336
+ if (shouldAddAuthorizationHeader) {
337
+ console.warn(
338
+ "Token's `iss` and request URL do not match but `allowPassingTokenToThirdPartyDomains` was specified."
339
+ );
340
+ } else {
341
+ console.warn(
342
+ "Token's `iss` and request URL do not match. Not adding `Authorization` header to the request."
343
+ );
344
+ }
345
+ }
346
+ return fetch(input, {
347
+ ...init,
348
+ headers: shouldAddAuthorizationHeader ? { ...headers, Authorization: `Bearer ${token}` } : headers
349
+ });
323
350
  };
324
351
  handleRequestWithTokenRefresh = async (input, requestInit, additionalParams) => {
325
352
  const refreshToken = this.refreshTokenStorage?.getRefreshToken();
@@ -331,37 +358,15 @@ var SaleorAuthClient = class {
331
358
  this.onAuthRefresh?.(true);
332
359
  if (this.tokenRefreshPromise) {
333
360
  const response = await this.tokenRefreshPromise;
334
- const responseClone = response.clone();
335
- const rawText = await response.clone().text();
336
- console.log("[auth-sdk] Token refresh raw response:", JSON.stringify({
337
- status: response.status,
338
- statusText: response.statusText,
339
- headers: Object.fromEntries(response.headers.entries()),
340
- bodyLength: rawText.length,
341
- body: rawText.slice(0, 500)
342
- }));
343
- let res;
344
- try {
345
- res = await responseClone.json();
346
- } catch {
347
- console.error("[auth-sdk] Token refresh response is not valid JSON, status:", response.status);
348
- this.onAuthRefresh?.(false);
349
- this.tokenRefreshPromise = null;
350
- this.refreshTokenStorage?.clearAuthStorage();
351
- return fetch(input, requestInit);
352
- }
353
- const graphqlErrors = res.errors;
354
- const token = res.data?.tokenRefresh?.token;
355
- const refreshErrors = res.data?.tokenRefresh?.errors;
361
+ const res = await response.clone().json();
362
+ const {
363
+ errors: graphqlErrors,
364
+ data: {
365
+ tokenRefresh: { errors, token }
366
+ }
367
+ } = res;
356
368
  this.onAuthRefresh?.(false);
357
- if (refreshErrors?.length || graphqlErrors?.length || !token) {
358
- console.warn("[auth-sdk] Token refresh failed:", JSON.stringify({
359
- graphqlErrors: graphqlErrors ?? [],
360
- refreshErrors: refreshErrors ?? [],
361
- hasToken: Boolean(token),
362
- httpStatus: response.status,
363
- rawData: res.data ?? null
364
- }));
369
+ if (errors?.length || graphqlErrors?.length || !token) {
365
370
  this.tokenRefreshPromise = null;
366
371
  this.refreshTokenStorage?.clearAuthStorage();
367
372
  return fetch(input, requestInit);
@@ -371,32 +376,10 @@ var SaleorAuthClient = class {
371
376
  this.tokenRefreshPromise = null;
372
377
  return this.runAuthorizedRequest(input, requestInit, additionalParams);
373
378
  }
374
- const refreshHeaders = {
375
- "Content-Type": "application/json"
376
- };
377
- if (requestInit?.headers) {
378
- const origHeaders = new Headers(requestInit.headers);
379
- for (const [key, value] of origHeaders.entries()) {
380
- if (key !== "host" && key !== "content-type") {
381
- refreshHeaders[key] = value;
382
- }
383
- }
384
- }
385
- const refreshBody = JSON.stringify({
386
- query: TOKEN_REFRESH.toString(),
387
- variables: { refreshToken }
388
- });
389
- console.log("[auth-sdk] Token refresh request:", JSON.stringify({
390
- url: this.saleorApiUrl,
391
- headers: refreshHeaders,
392
- bodyLength: refreshBody.length,
393
- bodyPreview: refreshBody.slice(0, 200)
394
- }));
395
- this.tokenRefreshPromise = fetch(this.saleorApiUrl, {
396
- method: "POST",
397
- headers: refreshHeaders,
398
- body: refreshBody
399
- });
379
+ this.tokenRefreshPromise = fetch(
380
+ this.saleorApiUrl,
381
+ getRequestData(TOKEN_REFRESH, { refreshToken }, { ...this.defaultRequestInit, ...requestInit })
382
+ );
400
383
  return this.fetchWithAuth(input, requestInit, additionalParams);
401
384
  };
402
385
  handleSignIn = async (response) => {
package/dist/SaleorAuthClient.mjs CHANGED
@@ -1,7 +1,7 @@
1
1
  import {
2
2
  SaleorAuthClient,
3
3
  createSaleorAuthClient
4
- } from "./chunk-X3MKOESH.mjs";
4
+ } from "./chunk-GFXR244N.mjs";
5
5
  import "./chunk-B326YIV6.mjs";
6
6
  import "./chunk-263DHBMK.mjs";
7
7
  import "./chunk-UDLCOX6B.mjs";
package/dist/{chunk-X3MKOESH.mjs → chunk-GFXR244N.mjs} RENAMED
@@ -6,6 +6,7 @@ import {
6
6
  } from "./chunk-263DHBMK.mjs";
7
7
  import {
8
8
  getRequestData,
9
+ getTokenIss,
9
10
  invariant,
10
11
  isExpiredToken
11
12
  } from "./chunk-UDLCOX6B.mjs";
@@ -46,7 +47,6 @@ var SaleorAuthClient = class {
46
47
  */
47
48
  constructor({
48
49
  saleorApiUrl,
49
- storageKeyPrefix,
50
50
  refreshTokenStorage,
51
51
  accessTokenStorage,
52
52
  onAuthRefresh,
@@ -59,23 +59,47 @@ var SaleorAuthClient = class {
59
59
  }
60
60
  this.onAuthRefresh = onAuthRefresh;
61
61
  this.saleorApiUrl = saleorApiUrl;
62
- const keyPrefix = storageKeyPrefix ?? saleorApiUrl;
63
62
  const refreshTokenRepo = refreshTokenStorage ?? (typeof window !== "undefined" ? window.localStorage : void 0);
64
- this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, keyPrefix) : null;
63
+ this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, saleorApiUrl) : null;
65
64
  const accessTokenRepo = accessTokenStorage ?? getInMemoryAccessTokenStorage();
66
- this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, keyPrefix);
65
+ this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, saleorApiUrl);
67
66
  }
68
67
  cleanup = () => {
69
68
  this.refreshTokenStorage?.cleanup();
70
69
  };
71
- runAuthorizedRequest = (input, init) => {
70
+ runAuthorizedRequest = (input, init, additionalParams) => {
72
71
  const token = this.accessTokenStorage.getAccessToken();
73
72
  if (!token) {
74
73
  return fetch(input, init);
75
74
  }
76
- const headers = new Headers(init?.headers);
77
- headers.set("Authorization", `Bearer ${token}`);
78
- return fetch(input, { ...init, headers });
75
+ const headers = init?.headers || {};
76
+ const getURL = (input2) => {
77
+ if (typeof input2 === "string") {
78
+ return input2;
79
+ } else if ("url" in input2) {
80
+ return input2.url;
81
+ } else {
82
+ return input2.href;
83
+ }
84
+ };
85
+ const iss = getTokenIss(token);
86
+ const issuerAndDomainMatch = getURL(input) === iss;
87
+ const shouldAddAuthorizationHeader = issuerAndDomainMatch || additionalParams?.allowPassingTokenToThirdPartyDomains;
88
+ if (!issuerAndDomainMatch) {
89
+ if (shouldAddAuthorizationHeader) {
90
+ console.warn(
91
+ "Token's `iss` and request URL do not match but `allowPassingTokenToThirdPartyDomains` was specified."
92
+ );
93
+ } else {
94
+ console.warn(
95
+ "Token's `iss` and request URL do not match. Not adding `Authorization` header to the request."
96
+ );
97
+ }
98
+ }
99
+ return fetch(input, {
100
+ ...init,
101
+ headers: shouldAddAuthorizationHeader ? { ...headers, Authorization: `Bearer ${token}` } : headers
102
+ });
79
103
  };
80
104
  handleRequestWithTokenRefresh = async (input, requestInit, additionalParams) => {
81
105
  const refreshToken = this.refreshTokenStorage?.getRefreshToken();
@@ -87,37 +111,15 @@ var SaleorAuthClient = class {
87
111
  this.onAuthRefresh?.(true);
88
112
  if (this.tokenRefreshPromise) {
89
113
  const response = await this.tokenRefreshPromise;
90
- const responseClone = response.clone();
91
- const rawText = await response.clone().text();
92
- console.log("[auth-sdk] Token refresh raw response:", JSON.stringify({
93
- status: response.status,
94
- statusText: response.statusText,
95
- headers: Object.fromEntries(response.headers.entries()),
96
- bodyLength: rawText.length,
97
- body: rawText.slice(0, 500)
98
- }));
99
- let res;
100
- try {
101
- res = await responseClone.json();
102
- } catch {
103
- console.error("[auth-sdk] Token refresh response is not valid JSON, status:", response.status);
104
- this.onAuthRefresh?.(false);
105
- this.tokenRefreshPromise = null;
106
- this.refreshTokenStorage?.clearAuthStorage();
107
- return fetch(input, requestInit);
108
- }
109
- const graphqlErrors = res.errors;
110
- const token = res.data?.tokenRefresh?.token;
111
- const refreshErrors = res.data?.tokenRefresh?.errors;
114
+ const res = await response.clone().json();
115
+ const {
116
+ errors: graphqlErrors,
117
+ data: {
118
+ tokenRefresh: { errors, token }
119
+ }
120
+ } = res;
112
121
  this.onAuthRefresh?.(false);
113
- if (refreshErrors?.length || graphqlErrors?.length || !token) {
114
- console.warn("[auth-sdk] Token refresh failed:", JSON.stringify({
115
- graphqlErrors: graphqlErrors ?? [],
116
- refreshErrors: refreshErrors ?? [],
117
- hasToken: Boolean(token),
118
- httpStatus: response.status,
119
- rawData: res.data ?? null
120
- }));
122
+ if (errors?.length || graphqlErrors?.length || !token) {
121
123
  this.tokenRefreshPromise = null;
122
124
  this.refreshTokenStorage?.clearAuthStorage();
123
125
  return fetch(input, requestInit);
@@ -127,32 +129,10 @@ var SaleorAuthClient = class {
127
129
  this.tokenRefreshPromise = null;
128
130
  return this.runAuthorizedRequest(input, requestInit, additionalParams);
129
131
  }
130
- const refreshHeaders = {
131
- "Content-Type": "application/json"
132
- };
133
- if (requestInit?.headers) {
134
- const origHeaders = new Headers(requestInit.headers);
135
- for (const [key, value] of origHeaders.entries()) {
136
- if (key !== "host" && key !== "content-type") {
137
- refreshHeaders[key] = value;
138
- }
139
- }
140
- }
141
- const refreshBody = JSON.stringify({
142
- query: TOKEN_REFRESH.toString(),
143
- variables: { refreshToken }
144
- });
145
- console.log("[auth-sdk] Token refresh request:", JSON.stringify({
146
- url: this.saleorApiUrl,
147
- headers: refreshHeaders,
148
- bodyLength: refreshBody.length,
149
- bodyPreview: refreshBody.slice(0, 200)
150
- }));
151
- this.tokenRefreshPromise = fetch(this.saleorApiUrl, {
152
- method: "POST",
153
- headers: refreshHeaders,
154
- body: refreshBody
155
- });
132
+ this.tokenRefreshPromise = fetch(
133
+ this.saleorApiUrl,
134
+ getRequestData(TOKEN_REFRESH, { refreshToken }, { ...this.defaultRequestInit, ...requestInit })
135
+ );
156
136
  return this.fetchWithAuth(input, requestInit, additionalParams);
157
137
  };
158
138
  handleSignIn = async (response) => {
package/dist/index.js CHANGED
@@ -113,6 +113,10 @@ var getTokenExpiry = (token) => {
113
113
  const parsedTokenData = decodeToken(token);
114
114
  return parsedTokenData.exp * MILLI_MULTIPLYER || 0;
115
115
  };
116
+ var getTokenIss = (token) => {
117
+ const parsedTokenData = decodeToken(token);
118
+ return parsedTokenData.iss;
119
+ };
116
120
  var isExpiredToken = (token, tokenGracePeriod) => {
117
121
  return getTokenExpiry(token) - tokenGracePeriod <= Date.now();
118
122
  };
@@ -293,7 +297,6 @@ var SaleorAuthClient = class {
293
297
  */
294
298
  constructor({
295
299
  saleorApiUrl,
296
- storageKeyPrefix,
297
300
  refreshTokenStorage,
298
301
  accessTokenStorage,
299
302
  onAuthRefresh,
@@ -306,23 +309,47 @@ var SaleorAuthClient = class {
306
309
  }
307
310
  this.onAuthRefresh = onAuthRefresh;
308
311
  this.saleorApiUrl = saleorApiUrl;
309
- const keyPrefix = storageKeyPrefix ?? saleorApiUrl;
310
312
  const refreshTokenRepo = refreshTokenStorage ?? (typeof window !== "undefined" ? window.localStorage : void 0);
311
- this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, keyPrefix) : null;
313
+ this.refreshTokenStorage = refreshTokenRepo ? new SaleorRefreshTokenStorageHandler(refreshTokenRepo, saleorApiUrl) : null;
312
314
  const accessTokenRepo = accessTokenStorage ?? getInMemoryAccessTokenStorage();
313
- this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, keyPrefix);
315
+ this.accessTokenStorage = new SaleorAccessTokenStorageHandler(accessTokenRepo, saleorApiUrl);
314
316
  }
315
317
  cleanup = () => {
316
318
  this.refreshTokenStorage?.cleanup();
317
319
  };
318
- runAuthorizedRequest = (input, init) => {
320
+ runAuthorizedRequest = (input, init, additionalParams) => {
319
321
  const token = this.accessTokenStorage.getAccessToken();
320
322
  if (!token) {
321
323
  return fetch(input, init);
322
324
  }
323
- const headers = new Headers(init?.headers);
324
- headers.set("Authorization", `Bearer ${token}`);
325
- return fetch(input, { ...init, headers });
325
+ const headers = init?.headers || {};
326
+ const getURL = (input2) => {
327
+ if (typeof input2 === "string") {
328
+ return input2;
329
+ } else if ("url" in input2) {
330
+ return input2.url;
331
+ } else {
332
+ return input2.href;
333
+ }
334
+ };
335
+ const iss = getTokenIss(token);
336
+ const issuerAndDomainMatch = getURL(input) === iss;
337
+ const shouldAddAuthorizationHeader = issuerAndDomainMatch || additionalParams?.allowPassingTokenToThirdPartyDomains;
338
+ if (!issuerAndDomainMatch) {
339
+ if (shouldAddAuthorizationHeader) {
340
+ console.warn(
341
+ "Token's `iss` and request URL do not match but `allowPassingTokenToThirdPartyDomains` was specified."
342
+ );
343
+ } else {
344
+ console.warn(
345
+ "Token's `iss` and request URL do not match. Not adding `Authorization` header to the request."
346
+ );
347
+ }
348
+ }
349
+ return fetch(input, {
350
+ ...init,
351
+ headers: shouldAddAuthorizationHeader ? { ...headers, Authorization: `Bearer ${token}` } : headers
352
+ });
326
353
  };
327
354
  handleRequestWithTokenRefresh = async (input, requestInit, additionalParams) => {
328
355
  const refreshToken = this.refreshTokenStorage?.getRefreshToken();
@@ -334,37 +361,15 @@ var SaleorAuthClient = class {
334
361
  this.onAuthRefresh?.(true);
335
362
  if (this.tokenRefreshPromise) {
336
363
  const response = await this.tokenRefreshPromise;
337
- const responseClone = response.clone();
338
- const rawText = await response.clone().text();
339
- console.log("[auth-sdk] Token refresh raw response:", JSON.stringify({
340
- status: response.status,
341
- statusText: response.statusText,
342
- headers: Object.fromEntries(response.headers.entries()),
343
- bodyLength: rawText.length,
344
- body: rawText.slice(0, 500)
345
- }));
346
- let res;
347
- try {
348
- res = await responseClone.json();
349
- } catch {
350
- console.error("[auth-sdk] Token refresh response is not valid JSON, status:", response.status);
351
- this.onAuthRefresh?.(false);
352
- this.tokenRefreshPromise = null;
353
- this.refreshTokenStorage?.clearAuthStorage();
354
- return fetch(input, requestInit);
355
- }
356
- const graphqlErrors = res.errors;
357
- const token = res.data?.tokenRefresh?.token;
358
- const refreshErrors = res.data?.tokenRefresh?.errors;
364
+ const res = await response.clone().json();
365
+ const {
366
+ errors: graphqlErrors,
367
+ data: {
368
+ tokenRefresh: { errors, token }
369
+ }
370
+ } = res;
359
371
  this.onAuthRefresh?.(false);
360
- if (refreshErrors?.length || graphqlErrors?.length || !token) {
361
- console.warn("[auth-sdk] Token refresh failed:", JSON.stringify({
362
- graphqlErrors: graphqlErrors ?? [],
363
- refreshErrors: refreshErrors ?? [],
364
- hasToken: Boolean(token),
365
- httpStatus: response.status,
366
- rawData: res.data ?? null
367
- }));
372
+ if (errors?.length || graphqlErrors?.length || !token) {
368
373
  this.tokenRefreshPromise = null;
369
374
  this.refreshTokenStorage?.clearAuthStorage();
370
375
  return fetch(input, requestInit);
@@ -374,32 +379,10 @@ var SaleorAuthClient = class {
374
379
  this.tokenRefreshPromise = null;
375
380
  return this.runAuthorizedRequest(input, requestInit, additionalParams);
376
381
  }
377
- const refreshHeaders = {
378
- "Content-Type": "application/json"
379
- };
380
- if (requestInit?.headers) {
381
- const origHeaders = new Headers(requestInit.headers);
382
- for (const [key, value] of origHeaders.entries()) {
383
- if (key !== "host" && key !== "content-type") {
384
- refreshHeaders[key] = value;
385
- }
386
- }
387
- }
388
- const refreshBody = JSON.stringify({
389
- query: TOKEN_REFRESH.toString(),
390
- variables: { refreshToken }
391
- });
392
- console.log("[auth-sdk] Token refresh request:", JSON.stringify({
393
- url: this.saleorApiUrl,
394
- headers: refreshHeaders,
395
- bodyLength: refreshBody.length,
396
- bodyPreview: refreshBody.slice(0, 200)
397
- }));
398
- this.tokenRefreshPromise = fetch(this.saleorApiUrl, {
399
- method: "POST",
400
- headers: refreshHeaders,
401
- body: refreshBody
402
- });
382
+ this.tokenRefreshPromise = fetch(
383
+ this.saleorApiUrl,
384
+ getRequestData(TOKEN_REFRESH, { refreshToken }, { ...this.defaultRequestInit, ...requestInit })
385
+ );
403
386
  return this.fetchWithAuth(input, requestInit, additionalParams);
404
387
  };
405
388
  handleSignIn = async (response) => {
package/dist/index.mjs CHANGED
@@ -1,7 +1,7 @@
1
1
  import {
2
2
  SaleorAuthClient,
3
3
  createSaleorAuthClient
4
- } from "./chunk-X3MKOESH.mjs";
4
+ } from "./chunk-GFXR244N.mjs";
5
5
  import "./chunk-B326YIV6.mjs";
6
6
  import "./chunk-263DHBMK.mjs";
7
7
  import {
package/dist/react/SaleorAuthProvider.mjs CHANGED
@@ -2,7 +2,7 @@ import {
2
2
  SaleorAuthProvider
3
3
  } from "../chunk-74GMXOK4.mjs";
4
4
  import "../chunk-NAQNA6DI.mjs";
5
- import "../chunk-X3MKOESH.mjs";
5
+ import "../chunk-GFXR244N.mjs";
6
6
  import "../chunk-B326YIV6.mjs";
7
7
  import "../chunk-263DHBMK.mjs";
8
8
  import "../chunk-UDLCOX6B.mjs";
package/dist/react/context.mjs CHANGED
@@ -3,7 +3,7 @@ import {
3
3
  createSafeContext,
4
4
  useSaleorAuthContext
5
5
  } from "../chunk-NAQNA6DI.mjs";
6
- import "../chunk-X3MKOESH.mjs";
6
+ import "../chunk-GFXR244N.mjs";
7
7
  import "../chunk-B326YIV6.mjs";
8
8
  import "../chunk-263DHBMK.mjs";
9
9
  import "../chunk-UDLCOX6B.mjs";
package/dist/react/index.mjs CHANGED
@@ -12,7 +12,7 @@ import {
12
12
  import {
13
13
  useSaleorExternalAuth
14
14
  } from "../chunk-Q3UFWDCC.mjs";
15
- import "../chunk-X3MKOESH.mjs";
15
+ import "../chunk-GFXR244N.mjs";
16
16
  import "../chunk-B326YIV6.mjs";
17
17
  import "../chunk-263DHBMK.mjs";
18
18
  import "../chunk-T35JF4IS.mjs";
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@shopsbuilder/auth-sdk",
3
- "version": "1.2.8",
3
+ "version": "1.2.9",
4
4
  "description": "Auth SDK for Saleor",
5
5
  "sideEffects": false,
6
6
  "files": ["dist/", "README.md"],