@sitecore-content-sdk/core 0.2.0-beta.2 → 0.2.0-beta.21

package/dist/esm/content/locales.js

@@ -0,0 +1,29 @@
+/**
+ * GraphQL query to retrieve a specific locale by its ID.
+ *
+ * Variables:
+ * - id: The ID of the locale to retrieve.
+ */
+export const GET_LOCALE_QUERY = `
+  query GetLocaleById($id: ID!) {
+    locale(id: $id) {
+      system {
+        id
+        label
+      }
+    }
+  }
+`;
+/**
+ * GraphQL query to retrieve all available locales.
+ */
+export const GET_LOCALES_QUERY = `
+  query GetAllLocales {
+    manyLocale {
+      system {
+        id
+        label
+      }
+    }
+  }
+`;

package/dist/esm/content/taxonomies.js

@@ -0,0 +1,75 @@
+// --- GraphQL queries ---
+/**
+ * GraphQL query to retrieve all taxonomies with optional pagination for taxonomies only.
+ *
+ * Variables:
+ * - pageSize: The number of taxonomies to retrieve per page.
+ * - after: The cursor for fetching the next page of taxonomies.
+ */
+export const GET_TAXONOMIES_QUERY = `
+  query GetAllTaxonomies(
+    $pageSize: Int
+    $after: String
+  ) {
+    manyTaxonomy(minimumPageSize: $pageSize, after: $after) {
+      cursor
+      hasMore
+      results {
+        terms {
+          cursor
+          hasMore
+          results {
+            id
+            name
+            label
+          }
+        }
+        system {
+          id
+          name
+          version
+          label
+          createdAt
+          createdBy
+          updatedAt
+          updatedBy
+          publishStatus
+        }
+      }
+    }
+  }
+`;
+/**
+ * GraphQL query to retrieve a specific taxonomy by its ID, with optional pagination for its terms.
+ *
+ * Variables:
+ * - id: The unique ID of the taxonomy to retrieve.
+ * - termsPageSize: The number of terms to retrieve per page.
+ * - termsAfter: The cursor for fetching the next page of terms.
+ */
+export const GET_TAXONOMY_QUERY = `
+  query GetTaxonomyById($id: ID!, $termsPageSize: Int, $termsAfter: String) {
+    taxonomy(id: $id) {
+      terms(minimumPageSize: $termsPageSize, after: $termsAfter) {
+        cursor
+        hasMore
+        results {
+          id
+          name
+          label
+        }
+      }
+      system {
+        id
+        name
+        version
+        label
+        createdAt
+        createdBy
+        updatedAt
+        updatedBy
+        publishStatus
+      }
+    }
+  }
+`;

package/dist/esm/content/utils.js

@@ -0,0 +1,13 @@
+import { normalizeUrl } from '../utils/normalize-url';
+/**
+ * Get the Content graphql endpoint url
+ * @param {object} params Parameters
+ * @param {string} [params.url] Content base graphql endpoint url
+ * @param {string} params.tenant Tenant name
+ * @param {string} params.environment Environment name
+ * @param {boolean} params.preview Indicates if preview mode is enabled
+ * @returns {string} Content graphql endpoint url
+ */
+export function getContentUrl({ url = 'https://edge-platform.sitecorecloud.io', tenant, environment, preview, }) {
+    return `${normalizeUrl(url)}/cs/api/v2/graphql/${tenant}/${environment}?preview=${preview}`;
+}

package/dist/esm/debug.js

@@ -22,6 +22,7 @@ export const enableDebug = (namespaces) => debug.enable(namespaces);
  */
 export default {
     common: debug(`${rootNamespace}:common`),
+    content: debug(`${rootNamespace}:content`),
     form: debug(`${rootNamespace}:form`),
     http: debug(`${rootNamespace}:http`),
     layout: debug(`${rootNamespace}:layout`),

package/dist/esm/editing/design-library.js

@@ -1,4 +1,5 @@
 import { SITECORE_EDGE_URL_DEFAULT } from '../constants';
+import { normalizeUrl } from '../utils/normalize-url';
 /**
  * Event to be sent when report status to design library
  */
@@ -103,5 +104,5 @@ export function getDesignLibraryStatusEvent(status, uid) {
  * @returns The full URL to the design library script.
  */
 export function getDesignLibraryScriptLink(sitecoreEdgeUrl = SITECORE_EDGE_URL_DEFAULT) {
-    return `${sitecoreEdgeUrl}/v1/files/designlibrary/lib/rh-lib-script.js`;
+    return `${normalizeUrl(sitecoreEdgeUrl)}/v1/files/designlibrary/lib/rh-lib-script.js`;
 }

package/dist/esm/editing/rest-component-layout-service.js

@@ -1,44 +1,24 @@
-import { debug, NativeDataFetcher } from '..';
-import { fetchData } from '../data-fetcher';
+import { NativeDataFetcher } from '../native-fetcher';
+import debug from '../debug';
+import { SITECORE_EDGE_URL_DEFAULT } from '../constants';
+import { resolveUrl } from '../utils';
 /**
- * REST service that enables Design Library functioality
- * Makes a request to /sitecore/api/layout/component in 'library' mode in Pages.
+ * REST service that enables design Library functionality
  * Returns layoutData for one single rendered component
  */
 export class RestComponentLayoutService {
     constructor(config) {
         this.config = config;
-        this.getFetcher = (req, res) => {
-            return this.config.dataFetcherResolver
-                ? this.config.dataFetcherResolver(req, res)
-                : this.getDefaultFetcher(req);
-        };
-        /**
-         * Provides default @see NativeDataFetcher data fetcher
-         * @param {IncomingMessage} [req] Request instance
-         * @returns default fetcher
-         */
-        this.getDefaultFetcher = (req) => {
-            var _a;
-            const config = {
-                debugger: debug.editing,
-            };
-            const nativeFetcher = new NativeDataFetcher(config);
-            const headers = req && Object.assign(Object.assign({}, req.headers), (((_a = req.socket) === null || _a === void 0 ? void 0 : _a.remoteAddress) ? { 'X-Forwarded-For': req.socket.remoteAddress } : {}));
-            const fetcher = (url, data) => {
-                data = Object.assign(Object.assign({}, data), { headers: headers });
-                return nativeFetcher.fetch(url, data);
-            };
-            return fetcher;
-        };
     }
-    fetchComponentData(params, req, res) {
-        params.siteName = params.siteName || this.config.siteName;
-        const querystringParams = this.getComponentFetchParams(params);
-        debug.layout('fetching component with uid %s for %s %s %s', params.componentUid, params.itemId, params.language, params.siteName);
-        const fetcher = this.getFetcher(req, res);
-        const fetchUrl = this.resolveLayoutServiceUrl('component');
-        return fetchData(fetchUrl, fetcher, querystringParams).catch((error) => {
+    fetchComponentData(params) {
+        const config = { debugger: debug.layout };
+        const fetcher = new NativeDataFetcher(config);
+        debug.layout('fetching component with uid %s for %s %s %s %s', params.componentUid, params.itemId, params.language, params.siteName, params.dataSourceId);
+        const fetchUrl = this.getFetchUrl(params);
+        return fetcher
+            .get(fetchUrl)
+            .then((response) => response.data)
+            .catch((error) => {
             var _a;
             if (((_a = error.response) === null || _a === void 0 ? void 0 : _a.status) === 404) {
                 return error.response.data;
@@ -46,19 +26,10 @@ export class RestComponentLayoutService {
             throw error;
         });
     }
-    /**
-     * Resolves layout service url
-     * @param {string} apiType which layout service API to call ('render' or 'placeholder')
-     * @returns the layout service url
-     */
-    resolveLayoutServiceUrl(apiType) {
-        const { apiHost = '', configurationName = 'jss' } = this.config;
-        return `${apiHost}/sitecore/api/layout/${apiType}/${configurationName}`;
-    }
     getComponentFetchParams(params) {
         // exclude undefined params with this one simple trick
         return JSON.parse(JSON.stringify({
-            sc_apikey: this.config.apiKey,
+            sitecoreContextId: this.config.contextId,
             item: params.itemId,
             uid: params.componentUid,
             dataSourceId: params.dataSourceId,
@@ -66,7 +37,14 @@ export class RestComponentLayoutService {
             version: params.version,
             sc_site: params.siteName,
             sc_lang: params.language || 'en',
-            sc_mode: params.editMode,
         }));
     }
+    /**
+     * Get the fetch URL for the partial layout data endpoint
+     * @param {ComponentLayoutRequestParams} params - The parameters for the request
+     * @returns {string} The fetch URL for the component data
+     */
+    getFetchUrl(params) {
+        return resolveUrl(`${this.config.edgeUrl || SITECORE_EDGE_URL_DEFAULT}/layout/component`, this.getComponentFetchParams(params));
+    }
 }

package/dist/esm/index.js

@@ -1,6 +1,7 @@
 // NOTE: all imports are now named as to not make breaking changes
 // and to keep react-native working with cjs modules.
 import * as constants from './constants';
+import * as form from './form';
 export { default as debug, enableDebug } from './debug';
 export { GraphQLRequestClient, } from './graphql-request-client';
 export { DefaultRetryStrategy } from './retries';
@@ -8,4 +9,5 @@ export { MemoryCacheClient } from './cache-client';
 export { ClientError } from 'graphql-request';
 export { NativeDataFetcher, } from './native-fetcher';
 export { constants };
+export { form };
 export { defineConfig } from './config';

package/dist/esm/layout/content-styles.js

@@ -1,4 +1,5 @@
 import { SITECORE_EDGE_URL_DEFAULT } from '../constants';
+import { normalizeUrl } from '../utils/normalize-url';
 /**
  * Regular expression to check if the content styles are used in the field value
  */
@@ -22,7 +23,7 @@ export const getContentStylesheetLink = (layoutData, sitecoreEdgeContextId, site
         rel: 'stylesheet',
     };
 };
-export const getContentStylesheetUrl = (sitecoreEdgeContextId, sitecoreEdgeUrl = SITECORE_EDGE_URL_DEFAULT) => `${sitecoreEdgeUrl}/v1/files/pages/styles/content-styles.css?sitecoreContextId=${sitecoreEdgeContextId}`;
+export const getContentStylesheetUrl = (sitecoreEdgeContextId, sitecoreEdgeUrl = SITECORE_EDGE_URL_DEFAULT) => `${normalizeUrl(sitecoreEdgeUrl)}/v1/files/pages/styles/content-styles.css?sitecoreContextId=${sitecoreEdgeContextId}`;
 export const traversePlaceholder = (components, config) => {
     if (config.loadStyles)
         return;

package/dist/esm/layout/themes.js

@@ -1,5 +1,6 @@
 import { getFieldValue } from '.';
 import { SITECORE_EDGE_URL_DEFAULT } from '../constants';
+import { normalizeUrl } from '../utils/normalize-url';
 /**
  * Pattern for library ids
  * @example -library--foo
@@ -23,7 +24,7 @@ export function getDesignLibraryStylesheetLinks(layoutData, sitecoreEdgeContextI
     }));
 }
 export const getStylesheetUrl = (id, sitecoreEdgeContextId, sitecoreEdgeUrl = SITECORE_EDGE_URL_DEFAULT) => {
-    return `${sitecoreEdgeUrl}/v1/files/components/styles/${id}.css?sitecoreContextId=${sitecoreEdgeContextId}`;
+    return `${normalizeUrl(sitecoreEdgeUrl)}/v1/files/components/styles/${id}.css?sitecoreContextId=${sitecoreEdgeContextId}`;
 };
 /**
  * Traverse placeholder and components to add library ids

package/dist/esm/site/graphql-robots-service.js

@@ -27,17 +27,18 @@ export class GraphQLRobotsService {
     }
     /**
      * Fetch a data of robots.txt from API
+     * @param {FetchOptions} fetchOptions - The fetch options to be used for the request.
      * @returns text of robots.txt
      * @throws {Error} if the siteName is empty.
      */
-    async fetchRobots() {
+    async fetchRobots(fetchOptions) {
         const siteName = this.options.siteName;
         if (!siteName) {
             throw new Error(siteNameError);
         }
         const robotsResult = this.graphQLClient.request(this.query, {
             siteName,
-        });
+        }, fetchOptions);
         try {
             return robotsResult.then((result) => {
                 var _a, _b;

package/dist/esm/tools/auth/encryption.js

@@ -0,0 +1,101 @@
+/* eslint-disable jsdoc/require-jsdoc */
+import keytar from 'keytar';
+import * as crypto from 'crypto';
+import { deleteTenantAuthInfo } from './tenant-store';
+import { clearActiveTenant } from './tenant-state';
+const algorithm = 'aes-256-gcm';
+const SERVICE_NAME = 'sitecore-tools-cli';
+/**
+ * Encrypts plaintext using AES-256-GCM for a given tenant.
+ * @param {string} plaintext
+ * @param {string} tenantId
+ */
+export let encryptData = _encryptData;
+/**
+ * Decrypts encrypted payload using AES-256-GCM for a specific tenant.
+ * If key is corrupted or invalid, optionally clears both key and tenant data.
+ * @param {EncryptedPayload} payload
+ * @param {string} tenantId
+ * @param {string} cleanupOnFailure
+ */
+export let decryptData = _decryptData;
+/**
+ * Deletes the encryption key for a tenant (useful for cleanup).
+ * @param {string} tenantId
+ */
+export let deleteKey = _deleteKey;
+// mock setup for unit tests to make sinon happy and mock-able with esbuild/tsx
+// https://sinonjs.org/how-to/typescript-swc/
+// This, plus the `_` names make the exports writable for sinon
+export const unitMocks = {
+    set encryptData(mockImplementation) {
+        encryptData = mockImplementation;
+    },
+    get encryptData() {
+        return _encryptData;
+    },
+    set decryptData(mockImplementation) {
+        decryptData = mockImplementation;
+    },
+    get decryptData() {
+        return _decryptData;
+    },
+    set deleteKey(mockImplementation) {
+        deleteKey = mockImplementation;
+    },
+    get deleteKey() {
+        return _deleteKey;
+    },
+};
+/**
+ * Generates or retrieves a 32-byte AES key for a specific tenant.
+ * @param {string} tenantId
+ */
+export async function getKey(tenantId) {
+    const account = `encryptionKey-${tenantId}`;
+    const key = await keytar.getPassword(SERVICE_NAME, account);
+    if (!key) {
+        const keyBuffer = crypto.randomBytes(32);
+        await keytar.setPassword(SERVICE_NAME, account, keyBuffer.toString('base64'));
+        return keyBuffer;
+    }
+    return Buffer.from(key, 'base64');
+}
+async function _encryptData(plaintext, tenantId) {
+    const key = await getKey(tenantId);
+    const iv = crypto.randomBytes(12);
+    const cipher = crypto.createCipheriv(algorithm, key, iv);
+    let encrypted = cipher.update(plaintext, 'utf8', 'base64');
+    encrypted += cipher.final('base64');
+    const authTag = cipher.getAuthTag().toString('base64');
+    return {
+        iv: iv.toString('base64'),
+        authTag,
+        encryptedData: encrypted,
+    };
+}
+async function _decryptData(payload, tenantId, cleanupOnFailure = true) {
+    try {
+        const key = await getKey(tenantId);
+        const decipher = crypto.createDecipheriv(algorithm, key, Buffer.from(payload.iv, 'base64'));
+        decipher.setAuthTag(Buffer.from(payload.authTag, 'base64'));
+        let decrypted = decipher.update(payload.encryptedData, 'base64', 'utf8');
+        decrypted += decipher.final('utf8');
+        return decrypted;
+    }
+    catch (err) {
+        console.error(`\nFailed to decrypt data for tenant '${tenantId}':`, err);
+        if (cleanupOnFailure) {
+            console.warn(`\nCleaning up key and auth data for corrupted tenant '${tenantId}'...`);
+            await deleteTenantAuthInfo(tenantId);
+            await deleteKey(`encryptionKey-${tenantId}`);
+            clearActiveTenant();
+            console.warn(`\nCleanup completed for tenant '${tenantId}'.`);
+            return null;
+        }
+        throw err;
+    }
+}
+async function _deleteKey(tenantId) {
+    await keytar.deletePassword(SERVICE_NAME, `encryptionKey-${tenantId}`);
+}

package/dist/esm/tools/auth/fetcher.js

@@ -0,0 +1,31 @@
+/* eslint-disable jsdoc/require-jsdoc */
+export const unitMocks = {
+    set sendPostRequest(mockImplementation) {
+        sendPostRequest = mockImplementation;
+    },
+    get sendPostRequest() {
+        return _sendPostRequest;
+    },
+};
+/**
+ * Performs a POST request with application/x-www-form-urlencoded headers.
+ * @param {string} url - The endpoint to post to.
+ * @param { URLSearchParams} params - A URLSearchParams instance representing the body.
+ * @returns Parsed JSON response.
+ * @throws Error if response is not OK.
+ */
+export let sendPostRequest = _sendPostRequest;
+async function _sendPostRequest(url, params, throwOnError = true) {
+    const response = await fetch(url, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/x-www-form-urlencoded',
+        },
+        body: params.toString(),
+    });
+    const data = await response.json();
+    if (throwOnError && !response.ok) {
+        throw new Error(data.error_description || data.error || 'Unknown error occurred');
+    }
+    return data;
+}

package/dist/esm/tools/auth/flow.js

@@ -0,0 +1,118 @@
+import { decodeJwtPayload } from './tenant-store';
+import { sendPostRequest } from './fetcher';
+import { DEFAULT_SITECORE_AUTH_DOMAIN, DEFAULT_SITECORE_AUTH_AUDIENCE, DEFAULT_SITECORE_AUTH_BASE_URL, DEVICE_GRANT_TYPE, CLIENT_GRANT_TYPE, SCOPE, TIMEOUT, DEFAULT_INTERVAL, } from '../../constants';
+/**
+ * Performs the OAuth 2.0 client credentials flow to obtain a JWT access token
+ * from the Sitecore Identity Provider using the provided client credentials.
+ * @param {TenantArgs} params - Parameters including clientId, clientSecret, organizationId, tenantId, audience, authority, and baseUrl.
+ * @returns A Promise that resolves to the access token response (including access token, token type, expiry, etc.)
+ * @throws Will log and exit the process if the request fails or returns a non-OK status
+ */
+export let clientCredentialsFlow = _clientCredentialsFlow;
+/**
+ * Initiates the OAuth 2.0 Device Authorization flow by requesting a device and user code.
+ * This flow is typically used by devices or CLI apps that cannot input credentials directly.
+ * @param {DeviceAuthRequest} params - Parameters including clientId, audience, authority, and baseUrl.
+ * @returns {Promise<DeviceAuthResponse>} A promise resolving to device authorization metadata needed for polling.
+ * @throws {Error} If the device authorization request fails or returns an error response.
+ */
+export let startDeviceAuthFlow = _startDeviceAuthFlow;
+/**
+ * Polls the OAuth 2.0 device token endpoint to retrieve the access token once the user has authorized the device.
+ * This is typically used to continue the device authorization process after a user enters a code on a browser.
+ * @param {DeviceTokenPollRequest} params - Parameters for polling including clientId, deviceCode, interval, and authority.
+ * @returns {Promise<any>} A promise resolving to the device token response including access token and refresh token.
+ * @throws {Error} If polling fails or exceeds the timeout period.
+ */
+export let pollForDeviceToken = _pollForDeviceToken;
+// mock setup for unit tests to make sinon happy and mock-able with esbuild/tsx
+// https://sinonjs.org/how-to/typescript-swc/
+// This, plus the `_` names make the exports writable for sinon
+export const unitMocks = {
+    set clientCredentialsFlow(mockImplementation) {
+        clientCredentialsFlow = mockImplementation;
+    },
+    get clientCredentialsFlow() {
+        return _clientCredentialsFlow;
+    },
+    set startDeviceAuthFlow(mockImplementation) {
+        startDeviceAuthFlow = mockImplementation;
+    },
+    get startDeviceAuthFlow() {
+        return _startDeviceAuthFlow;
+    },
+    set pollForDeviceToken(mockImplementation) {
+        pollForDeviceToken = mockImplementation;
+    },
+    get pollForDeviceToken() {
+        return _pollForDeviceToken;
+    },
+};
+async function _clientCredentialsFlow({ clientId, clientSecret, organizationId, tenantId, audience = DEFAULT_SITECORE_AUTH_AUDIENCE, authority = DEFAULT_SITECORE_AUTH_DOMAIN, baseUrl = DEFAULT_SITECORE_AUTH_BASE_URL, }) {
+    const params = new URLSearchParams({
+        client_id: clientId,
+        client_secret: clientSecret !== null && clientSecret !== void 0 ? clientSecret : '',
+        organization_id: organizationId !== null && organizationId !== void 0 ? organizationId : '',
+        tenant_id: tenantId !== null && tenantId !== void 0 ? tenantId : '',
+        audience,
+        grant_type: CLIENT_GRANT_TYPE,
+        baseUrl: baseUrl !== null && baseUrl !== void 0 ? baseUrl : '',
+    });
+    const url = `${authority}/oauth/token`;
+    const data = await sendPostRequest(url, params);
+    const decodedPayload = decodeJwtPayload(data.access_token) || {};
+    if (!(decodedPayload === null || decodedPayload === void 0 ? void 0 : decodedPayload.tokenTenantId) || !decodedPayload.tokenOrgId) {
+        throw new Error('\n Token is missing required claims tenant_id or org_id.');
+    }
+    const { tokenTenantId, tokenOrgId, tokenTenantName } = decodedPayload;
+    if (tenantId && tenantId !== tokenTenantId) {
+        throw new Error('\n Mismatch: Provided tenant ID does not match claims tenant ID.');
+    }
+    if (organizationId && organizationId !== tokenOrgId) {
+        throw new Error('\n Mismatch: Provided organization ID does not match claims organization ID.');
+    }
+    return { data, tokenOrgId, tokenTenantId, tokenTenantName, accessToken: data.access_token };
+}
+export async function _startDeviceAuthFlow({ clientId, audience, authority, baseUrl, }) {
+    const params = new URLSearchParams({
+        client_id: clientId,
+        scope: SCOPE,
+        audience,
+        baseUrl,
+    });
+    const url = `${authority}/oauth/device/code`;
+    const responseBody = (await sendPostRequest(url, params));
+    return responseBody;
+}
+export async function _pollForDeviceToken({ clientId, device_code, interval = DEFAULT_INTERVAL, authority = DEFAULT_SITECORE_AUTH_DOMAIN, }) {
+    const startTime = Date.now();
+    while (Date.now() - startTime < TIMEOUT * 1000) {
+        const params = new URLSearchParams({
+            grant_type: DEVICE_GRANT_TYPE,
+            device_code,
+            client_id: clientId,
+        });
+        const url = `${authority}/oauth/token`;
+        const responseBody = await sendPostRequest(url, params, false);
+        if ('error' in responseBody) {
+            switch (responseBody.error) {
+                case 'authorization_pending':
+                    console.log('\n ⌛ Waiting for user authorization...');
+                    break;
+                case 'slow_down':
+                    console.log('🐢 Slowing down polling interval...');
+                    interval += 5;
+                    break;
+                default:
+                    throw new Error(responseBody.error_description ||
+                        responseBody.error ||
+                        'Unknown error during device token polling.');
+            }
+            await new Promise((resolve) => setTimeout(resolve, interval * 1000));
+        }
+        else {
+            return responseBody;
+        }
+    }
+    throw new Error('⏳ Timeout: User did not complete authorization in time.');
+}

package/dist/esm/tools/auth/index.js

@@ -0,0 +1,5 @@
+export { clientCredentialsFlow, startDeviceAuthFlow, pollForDeviceToken } from './flow';
+export { renewClientToken, validateAndRenewAuthIfExpired, validateAuthInfo, getRefreshAccessToken, } from './renewal';
+export { getActiveTenant, setActiveTenant, clearActiveTenant } from './tenant-state';
+export { writeTenantAuthInfo, readTenantAuthInfo, deleteTenantAuthInfo, readTenantInfo, getAllTenantsInfo, writeTenantInfo, } from './tenant-store';
+export { encryptData, decryptData, deleteKey } from './encryption';

package/dist/esm/tools/auth/models.js

@@ -0,0 +1 @@
+export {};