@uniforge/testing 0.1.0-alpha.2

package/dist/security/index.mjs

@@ -0,0 +1,211 @@
+// src/security/factories.ts
+function createTestSecurityHeadersConfig(overrides) {
+  const defaults = {
+    hsts: true,
+    noSniff: true,
+    frameOptions: "DENY",
+    xssProtection: true,
+    referrerPolicy: "strict-origin-when-cross-origin"
+  };
+  const result = { ...defaults, ...overrides };
+  return result;
+}
+function createTestCSPDirectives(overrides) {
+  const defaults = {
+    defaultSrc: ["'self'"],
+    scriptSrc: ["'self'"],
+    styleSrc: ["'self'"],
+    imgSrc: ["'self'"],
+    connectSrc: ["'self'"],
+    fontSrc: ["'self'"],
+    frameSrc: ["'self'"],
+    frameAncestors: ["'self'"]
+  };
+  return { ...defaults, ...overrides };
+}
+function createTestRateLimitConfig(overrides) {
+  const defaults = {
+    windowMs: 6e4,
+    maxRequests: 100
+  };
+  const result = { ...defaults };
+  if (overrides?.windowMs !== void 0) {
+    result.windowMs = overrides.windowMs;
+  }
+  if (overrides?.maxRequests !== void 0) {
+    result.maxRequests = overrides.maxRequests;
+  }
+  if (overrides?.keyPrefix !== void 0) {
+    result.keyPrefix = overrides.keyPrefix;
+  }
+  return result;
+}
+function createTestAuditFinding(overrides) {
+  const defaults = {
+    id: "TEST-001",
+    severity: "medium",
+    category: "test",
+    title: "Test finding",
+    description: "A test security finding for unit tests.",
+    recommendation: "Address this finding in a test environment."
+  };
+  return { ...defaults, ...overrides };
+}
+function createTestAuditResult(overrides) {
+  const defaults = {
+    passed: true,
+    score: 100,
+    findings: [],
+    timestamp: (/* @__PURE__ */ new Date()).toISOString()
+  };
+  return { ...defaults, ...overrides };
+}
+function createTestValidationRule(overrides) {
+  const defaults = {
+    field: "testField",
+    type: "string"
+  };
+  const result = { ...defaults };
+  if (overrides?.field !== void 0) {
+    result.field = overrides.field;
+  }
+  if (overrides?.type !== void 0) {
+    result.type = overrides.type;
+  }
+  if (overrides?.required !== void 0) {
+    result.required = overrides.required;
+  }
+  if (overrides?.maxLength !== void 0) {
+    result.maxLength = overrides.maxLength;
+  }
+  if (overrides?.pattern !== void 0) {
+    result.pattern = overrides.pattern;
+  }
+  if (overrides?.message !== void 0) {
+    result.message = overrides.message;
+  }
+  return result;
+}
+function createTestSanitizeOptions(overrides) {
+  const defaults = {
+    stripHtml: true
+  };
+  const result = { ...defaults };
+  if (overrides?.stripHtml !== void 0) {
+    result.stripHtml = overrides.stripHtml;
+  }
+  if (overrides?.maxLength !== void 0) {
+    result.maxLength = overrides.maxLength;
+  }
+  if (overrides?.allowedPattern !== void 0) {
+    result.allowedPattern = overrides.allowedPattern;
+  }
+  return result;
+}
+
+// src/security/mock-input-validator.ts
+var MockInputValidator = class {
+  /** Recorded validate() calls for assertions. */
+  validateCalls = [];
+  /** Recorded sanitize() calls for assertions. */
+  sanitizeCalls = [];
+  /** Configurable return value for validate(). */
+  validateResult = {
+    valid: true,
+    errors: [],
+    sanitized: {}
+  };
+  /** Configurable return value for sanitize(). When set, overrides the default passthrough. */
+  sanitizeReturnValue;
+  validate(input, rules) {
+    this.validateCalls.push({ input, rules });
+    return this.validateResult;
+  }
+  sanitize(value, options) {
+    const callRecord = { value };
+    if (options) {
+      callRecord.options = options;
+    }
+    this.sanitizeCalls.push(callRecord);
+    if (this.sanitizeReturnValue !== void 0) {
+      return this.sanitizeReturnValue;
+    }
+    return value;
+  }
+  isValidShopDomain(domain) {
+    return domain.endsWith(".myshopify.com");
+  }
+  isValidEmail(email) {
+    return email.includes("@");
+  }
+  isValidUrl(url) {
+    return url.startsWith("http");
+  }
+  isValidApiKey(key) {
+    return key.length >= 32;
+  }
+  /** Reset all recorded calls and configurable values. */
+  _reset() {
+    this.validateCalls = [];
+    this.sanitizeCalls = [];
+    this.validateResult = { valid: true, errors: [], sanitized: {} };
+    this.sanitizeReturnValue = void 0;
+  }
+};
+
+// src/security/mock-rate-limiter.ts
+var MockRateLimiter = class {
+  config;
+  /** Recorded keys passed to check(). */
+  checkCalls = [];
+  /** Recorded keys passed to reset(). */
+  resetCalls = [];
+  /** When true, all requests are allowed. When false, all are denied. */
+  allowAll = true;
+  constructor(config) {
+    this.config = {
+      windowMs: config?.windowMs ?? 6e4,
+      maxRequests: config?.maxRequests ?? 100
+    };
+    if (config?.keyPrefix !== void 0) {
+      this.config.keyPrefix = config.keyPrefix;
+    }
+  }
+  async check(key) {
+    this.checkCalls.push(key);
+    if (this.allowAll) {
+      return {
+        allowed: true,
+        remaining: 10,
+        resetAt: Date.now() + 6e4
+      };
+    }
+    return {
+      allowed: false,
+      remaining: 0,
+      resetAt: Date.now() + 6e4,
+      retryAfter: 3e4
+    };
+  }
+  async reset(key) {
+    this.resetCalls.push(key);
+  }
+  /** Reset all recorded calls and restore default behavior. */
+  _reset() {
+    this.checkCalls = [];
+    this.resetCalls = [];
+    this.allowAll = true;
+  }
+};
+export {
+  MockInputValidator,
+  MockRateLimiter,
+  createTestAuditFinding,
+  createTestAuditResult,
+  createTestCSPDirectives,
+  createTestRateLimitConfig,
+  createTestSanitizeOptions,
+  createTestSecurityHeadersConfig,
+  createTestValidationRule
+};
+//# sourceMappingURL=index.mjs.map

package/dist/security/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/security/factories.ts","../../src/security/mock-input-validator.ts","../../src/security/mock-rate-limiter.ts"],"sourcesContent":["/**\n * Test data factories for security types.\n *\n * Each factory provides sensible defaults that can be overridden.\n */\n\nimport type {\n  SecurityHeadersConfig,\n  CSPDirectives,\n  RateLimitConfig,\n  SecurityAuditFinding,\n  SecurityAuditResult,\n  InputValidationRule,\n  SanitizeOptions,\n} from '@uniforge/platform-core/security';\n\nexport function createTestSecurityHeadersConfig(\n  overrides?: Partial<SecurityHeadersConfig>,\n): SecurityHeadersConfig {\n  const defaults: SecurityHeadersConfig = {\n    hsts: true,\n    noSniff: true,\n    frameOptions: 'DENY',\n    xssProtection: true,\n    referrerPolicy: 'strict-origin-when-cross-origin',\n  };\n\n  const result: SecurityHeadersConfig = { ...defaults, ...overrides };\n  return result;\n}\n\nexport function createTestCSPDirectives(\n  overrides?: Partial<CSPDirectives>,\n): CSPDirectives {\n  const defaults: CSPDirectives = {\n    defaultSrc: [\"'self'\"],\n    scriptSrc: [\"'self'\"],\n    styleSrc: [\"'self'\"],\n    imgSrc: [\"'self'\"],\n    connectSrc: [\"'self'\"],\n    fontSrc: [\"'self'\"],\n    frameSrc: [\"'self'\"],\n    frameAncestors: [\"'self'\"],\n  };\n\n  return { ...defaults, ...overrides };\n}\n\nexport function createTestRateLimitConfig(\n  overrides?: Partial<RateLimitConfig>,\n): RateLimitConfig {\n  const defaults: RateLimitConfig = {\n    windowMs: 60000,\n    maxRequests: 100,\n  };\n\n  const result: RateLimitConfig = { ...defaults };\n\n  if (overrides?.windowMs !== undefined) {\n    result.windowMs = overrides.windowMs;\n  }\n  if (overrides?.maxRequests !== undefined) {\n    result.maxRequests = overrides.maxRequests;\n  }\n  if (overrides?.keyPrefix !== undefined) {\n    result.keyPrefix = overrides.keyPrefix;\n  }\n\n  return result;\n}\n\nexport function createTestAuditFinding(\n  overrides?: Partial<SecurityAuditFinding>,\n): SecurityAuditFinding {\n  const defaults: SecurityAuditFinding = {\n    id: 'TEST-001',\n    severity: 'medium',\n    category: 'test',\n    title: 'Test finding',\n    description: 'A test security finding for unit tests.',\n    recommendation: 'Address this finding in a test environment.',\n  };\n\n  return { ...defaults, ...overrides };\n}\n\nexport function createTestAuditResult(\n  overrides?: Partial<SecurityAuditResult>,\n): SecurityAuditResult {\n  const defaults: SecurityAuditResult = {\n    passed: true,\n    score: 100,\n    findings: [],\n    timestamp: new Date().toISOString(),\n  };\n\n  return { ...defaults, ...overrides };\n}\n\nexport function createTestValidationRule(\n  overrides?: Partial<InputValidationRule>,\n): InputValidationRule {\n  const defaults: InputValidationRule = {\n    field: 'testField',\n    type: 'string',\n  };\n\n  const result: InputValidationRule = { ...defaults };\n\n  if (overrides?.field !== undefined) {\n    result.field = overrides.field;\n  }\n  if (overrides?.type !== undefined) {\n    result.type = overrides.type;\n  }\n  if (overrides?.required !== undefined) {\n    result.required = overrides.required;\n  }\n  if (overrides?.maxLength !== undefined) {\n    result.maxLength = overrides.maxLength;\n  }\n  if (overrides?.pattern !== undefined) {\n    result.pattern = overrides.pattern;\n  }\n  if (overrides?.message !== undefined) {\n    result.message = overrides.message;\n  }\n\n  return result;\n}\n\nexport function createTestSanitizeOptions(\n  overrides?: Partial<SanitizeOptions>,\n): SanitizeOptions {\n  const defaults: SanitizeOptions = {\n    stripHtml: true,\n  };\n\n  const result: SanitizeOptions = { ...defaults };\n\n  if (overrides?.stripHtml !== undefined) {\n    result.stripHtml = overrides.stripHtml;\n  }\n  if (overrides?.maxLength !== undefined) {\n    result.maxLength = overrides.maxLength;\n  }\n  if (overrides?.allowedPattern !== undefined) {\n    result.allowedPattern = overrides.allowedPattern;\n  }\n\n  return result;\n}\n","/**\n * Mock InputValidator for unit testing.\n *\n * Provides a configurable in-memory implementation of InputValidator\n * that tracks all calls for test assertions.\n */\n\nimport type {\n  InputValidator,\n  InputValidationRule,\n  InputValidationResult,\n  SanitizeOptions,\n} from '@uniforge/platform-core/security';\n\nexport interface ValidateCallRecord {\n  input: Record<string, unknown>;\n  rules: InputValidationRule[];\n}\n\nexport interface SanitizeCallRecord {\n  value: string;\n  options?: SanitizeOptions;\n}\n\nexport class MockInputValidator implements InputValidator {\n  /** Recorded validate() calls for assertions. */\n  validateCalls: ValidateCallRecord[] = [];\n\n  /** Recorded sanitize() calls for assertions. */\n  sanitizeCalls: SanitizeCallRecord[] = [];\n\n  /** Configurable return value for validate(). */\n  validateResult: InputValidationResult = {\n    valid: true,\n    errors: [],\n    sanitized: {},\n  };\n\n  /** Configurable return value for sanitize(). When set, overrides the default passthrough. */\n  sanitizeReturnValue: string | undefined;\n\n  validate(\n    input: Record<string, unknown>,\n    rules: InputValidationRule[],\n  ): InputValidationResult {\n    this.validateCalls.push({ input, rules });\n    return this.validateResult;\n  }\n\n  sanitize(value: string, options?: SanitizeOptions): string {\n    const callRecord: SanitizeCallRecord = { value };\n    if (options) {\n      callRecord.options = options;\n    }\n    this.sanitizeCalls.push(callRecord);\n    if (this.sanitizeReturnValue !== undefined) {\n      return this.sanitizeReturnValue;\n    }\n    return value;\n  }\n\n  isValidShopDomain(domain: string): boolean {\n    return domain.endsWith('.myshopify.com');\n  }\n\n  isValidEmail(email: string): boolean {\n    return email.includes('@');\n  }\n\n  isValidUrl(url: string): boolean {\n    return url.startsWith('http');\n  }\n\n  isValidApiKey(key: string): boolean {\n    return key.length >= 32;\n  }\n\n  /** Reset all recorded calls and configurable values. */\n  _reset(): void {\n    this.validateCalls = [];\n    this.sanitizeCalls = [];\n    this.validateResult = { valid: true, errors: [], sanitized: {} };\n    this.sanitizeReturnValue = undefined;\n  }\n}\n","/**\n * Mock RequestRateLimiter for unit testing.\n *\n * Provides an in-memory rate limiter that can be configured to\n * allow or deny all requests, with call tracking for assertions.\n */\n\nimport type {\n  RequestRateLimiter,\n  RateLimitConfig,\n  RateLimitResult,\n} from '@uniforge/platform-core/security';\n\nexport class MockRateLimiter implements RequestRateLimiter {\n  readonly config: RateLimitConfig;\n\n  /** Recorded keys passed to check(). */\n  checkCalls: string[] = [];\n\n  /** Recorded keys passed to reset(). */\n  resetCalls: string[] = [];\n\n  /** When true, all requests are allowed. When false, all are denied. */\n  allowAll = true;\n\n  constructor(config?: Partial<RateLimitConfig>) {\n    this.config = {\n      windowMs: config?.windowMs ?? 60000,\n      maxRequests: config?.maxRequests ?? 100,\n    };\n    if (config?.keyPrefix !== undefined) {\n      (this.config as { keyPrefix: string }).keyPrefix = config.keyPrefix;\n    }\n  }\n\n  async check(key: string): Promise<RateLimitResult> {\n    this.checkCalls.push(key);\n\n    if (this.allowAll) {\n      return {\n        allowed: true,\n        remaining: 10,\n        resetAt: Date.now() + 60000,\n      };\n    }\n\n    return {\n      allowed: false,\n      remaining: 0,\n      resetAt: Date.now() + 60000,\n      retryAfter: 30000,\n    };\n  }\n\n  async reset(key: string): Promise<void> {\n    this.resetCalls.push(key);\n  }\n\n  /** Reset all recorded calls and restore default behavior. */\n  _reset(): void {\n    this.checkCalls = [];\n    this.resetCalls = [];\n    this.allowAll = true;\n  }\n}\n"],"mappings":";AAgBO,SAAS,gCACd,WACuB;AACvB,QAAM,WAAkC;AAAA,IACtC,MAAM;AAAA,IACN,SAAS;AAAA,IACT,cAAc;AAAA,IACd,eAAe;AAAA,IACf,gBAAgB;AAAA,EAClB;AAEA,QAAM,SAAgC,EAAE,GAAG,UAAU,GAAG,UAAU;AAClE,SAAO;AACT;AAEO,SAAS,wBACd,WACe;AACf,QAAM,WAA0B;AAAA,IAC9B,YAAY,CAAC,QAAQ;AAAA,IACrB,WAAW,CAAC,QAAQ;AAAA,IACpB,UAAU,CAAC,QAAQ;AAAA,IACnB,QAAQ,CAAC,QAAQ;AAAA,IACjB,YAAY,CAAC,QAAQ;AAAA,IACrB,SAAS,CAAC,QAAQ;AAAA,IAClB,UAAU,CAAC,QAAQ;AAAA,IACnB,gBAAgB,CAAC,QAAQ;AAAA,EAC3B;AAEA,SAAO,EAAE,GAAG,UAAU,GAAG,UAAU;AACrC;AAEO,SAAS,0BACd,WACiB;AACjB,QAAM,WAA4B;AAAA,IAChC,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAEA,QAAM,SAA0B,EAAE,GAAG,SAAS;AAE9C,MAAI,WAAW,aAAa,QAAW;AACrC,WAAO,WAAW,UAAU;AAAA,EAC9B;AACA,MAAI,WAAW,gBAAgB,QAAW;AACxC,WAAO,cAAc,UAAU;AAAA,EACjC;AACA,MAAI,WAAW,cAAc,QAAW;AACtC,WAAO,YAAY,UAAU;AAAA,EAC/B;AAEA,SAAO;AACT;AAEO,SAAS,uBACd,WACsB;AACtB,QAAM,WAAiC;AAAA,IACrC,IAAI;AAAA,IACJ,UAAU;AAAA,IACV,UAAU;AAAA,IACV,OAAO;AAAA,IACP,aAAa;AAAA,IACb,gBAAgB;AAAA,EAClB;AAEA,SAAO,EAAE,GAAG,UAAU,GAAG,UAAU;AACrC;AAEO,SAAS,sBACd,WACqB;AACrB,QAAM,WAAgC;AAAA,IACpC,QAAQ;AAAA,IACR,OAAO;AAAA,IACP,UAAU,CAAC;AAAA,IACX,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,EACpC;AAEA,SAAO,EAAE,GAAG,UAAU,GAAG,UAAU;AACrC;AAEO,SAAS,yBACd,WACqB;AACrB,QAAM,WAAgC;AAAA,IACpC,OAAO;AAAA,IACP,MAAM;AAAA,EACR;AAEA,QAAM,SAA8B,EAAE,GAAG,SAAS;AAElD,MAAI,WAAW,UAAU,QAAW;AAClC,WAAO,QAAQ,UAAU;AAAA,EAC3B;AACA,MAAI,WAAW,SAAS,QAAW;AACjC,WAAO,OAAO,UAAU;AAAA,EAC1B;AACA,MAAI,WAAW,aAAa,QAAW;AACrC,WAAO,WAAW,UAAU;AAAA,EAC9B;AACA,MAAI,WAAW,cAAc,QAAW;AACtC,WAAO,YAAY,UAAU;AAAA,EAC/B;AACA,MAAI,WAAW,YAAY,QAAW;AACpC,WAAO,UAAU,UAAU;AAAA,EAC7B;AACA,MAAI,WAAW,YAAY,QAAW;AACpC,WAAO,UAAU,UAAU;AAAA,EAC7B;AAEA,SAAO;AACT;AAEO,SAAS,0BACd,WACiB;AACjB,QAAM,WAA4B;AAAA,IAChC,WAAW;AAAA,EACb;AAEA,QAAM,SAA0B,EAAE,GAAG,SAAS;AAE9C,MAAI,WAAW,cAAc,QAAW;AACtC,WAAO,YAAY,UAAU;AAAA,EAC/B;AACA,MAAI,WAAW,cAAc,QAAW;AACtC,WAAO,YAAY,UAAU;AAAA,EAC/B;AACA,MAAI,WAAW,mBAAmB,QAAW;AAC3C,WAAO,iBAAiB,UAAU;AAAA,EACpC;AAEA,SAAO;AACT;;;AC/HO,IAAM,qBAAN,MAAmD;AAAA;AAAA,EAExD,gBAAsC,CAAC;AAAA;AAAA,EAGvC,gBAAsC,CAAC;AAAA;AAAA,EAGvC,iBAAwC;AAAA,IACtC,OAAO;AAAA,IACP,QAAQ,CAAC;AAAA,IACT,WAAW,CAAC;AAAA,EACd;AAAA;AAAA,EAGA;AAAA,EAEA,SACE,OACA,OACuB;AACvB,SAAK,cAAc,KAAK,EAAE,OAAO,MAAM,CAAC;AACxC,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,SAAS,OAAe,SAAmC;AACzD,UAAM,aAAiC,EAAE,MAAM;AAC/C,QAAI,SAAS;AACX,iBAAW,UAAU;AAAA,IACvB;AACA,SAAK,cAAc,KAAK,UAAU;AAClC,QAAI,KAAK,wBAAwB,QAAW;AAC1C,aAAO,KAAK;AAAA,IACd;AACA,WAAO;AAAA,EACT;AAAA,EAEA,kBAAkB,QAAyB;AACzC,WAAO,OAAO,SAAS,gBAAgB;AAAA,EACzC;AAAA,EAEA,aAAa,OAAwB;AACnC,WAAO,MAAM,SAAS,GAAG;AAAA,EAC3B;AAAA,EAEA,WAAW,KAAsB;AAC/B,WAAO,IAAI,WAAW,MAAM;AAAA,EAC9B;AAAA,EAEA,cAAc,KAAsB;AAClC,WAAO,IAAI,UAAU;AAAA,EACvB;AAAA;AAAA,EAGA,SAAe;AACb,SAAK,gBAAgB,CAAC;AACtB,SAAK,gBAAgB,CAAC;AACtB,SAAK,iBAAiB,EAAE,OAAO,MAAM,QAAQ,CAAC,GAAG,WAAW,CAAC,EAAE;AAC/D,SAAK,sBAAsB;AAAA,EAC7B;AACF;;;ACvEO,IAAM,kBAAN,MAAoD;AAAA,EAChD;AAAA;AAAA,EAGT,aAAuB,CAAC;AAAA;AAAA,EAGxB,aAAuB,CAAC;AAAA;AAAA,EAGxB,WAAW;AAAA,EAEX,YAAY,QAAmC;AAC7C,SAAK,SAAS;AAAA,MACZ,UAAU,QAAQ,YAAY;AAAA,MAC9B,aAAa,QAAQ,eAAe;AAAA,IACtC;AACA,QAAI,QAAQ,cAAc,QAAW;AACnC,MAAC,KAAK,OAAiC,YAAY,OAAO;AAAA,IAC5D;AAAA,EACF;AAAA,EAEA,MAAM,MAAM,KAAuC;AACjD,SAAK,WAAW,KAAK,GAAG;AAExB,QAAI,KAAK,UAAU;AACjB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,WAAW;AAAA,QACX,SAAS,KAAK,IAAI,IAAI;AAAA,MACxB;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,WAAW;AAAA,MACX,SAAS,KAAK,IAAI,IAAI;AAAA,MACtB,YAAY;AAAA,IACd;AAAA,EACF;AAAA,EAEA,MAAM,MAAM,KAA4B;AACtC,SAAK,WAAW,KAAK,GAAG;AAAA,EAC1B;AAAA;AAAA,EAGA,SAAe;AACb,SAAK,aAAa,CAAC;AACnB,SAAK,aAAa,CAAC;AACnB,SAAK,WAAW;AAAA,EAClB;AACF;","names":[]}

package/dist/shopify-api/index.d.cts

@@ -0,0 +1,139 @@
+interface MockShopifyServerConfig {
+    port?: number;
+    apiVersion?: string;
+    defaultShop?: string;
+    latencyMs?: number;
+}
+interface MockServerRequest {
+    method: string;
+    path: string;
+    headers: Record<string, string>;
+    body: unknown;
+    query: Record<string, string>;
+    timestamp: Date;
+}
+interface GraphQLResponseConfig {
+    data?: unknown;
+    errors?: Array<{
+        message: string;
+        locations?: Array<{
+            line: number;
+            column: number;
+        }>;
+        path?: Array<string | number>;
+    }>;
+    extensions?: {
+        cost?: {
+            requestedQueryCost: number;
+            actualQueryCost: number;
+            throttleStatus: {
+                maximumAvailable: number;
+                currentlyAvailable: number;
+                restoreRate: number;
+            };
+        };
+    };
+}
+interface RESTResponseConfig {
+    status?: number;
+    body?: unknown;
+    headers?: Record<string, string>;
+}
+interface OAuthConfig {
+    accessToken?: string;
+    scope?: string;
+    expiresIn?: number;
+    associatedUser?: {
+        id: number;
+        firstName: string;
+        lastName: string;
+        email: string;
+        emailVerified: boolean;
+        accountOwner: boolean;
+        locale: string;
+        collaborator: boolean;
+    };
+}
+
+declare class GraphQLHandler {
+    private operations;
+    private sequences;
+    private queryPatterns;
+    private defaultResponse;
+    private rateLimitConfig;
+    onOperation(operationName: string, response: GraphQLResponseConfig): void;
+    onQuery(queryPattern: string | RegExp, response: GraphQLResponseConfig): void;
+    onOperationSequence(operationName: string, responses: GraphQLResponseConfig[]): void;
+    enableRateLimiting(config?: {
+        maxCost?: number;
+        restoreRate?: number;
+    }): void;
+    disableRateLimiting(): void;
+    setDefaultResponse(response: GraphQLResponseConfig): void;
+    handle(body: {
+        query: string;
+        variables?: Record<string, unknown>;
+        operationName?: string;
+    }): GraphQLResponseConfig;
+    reset(): void;
+    private extractOperationName;
+    private restoreBudget;
+    private applyRateLimiting;
+}
+
+declare class RESTHandler {
+    private routes;
+    onRequest(method: string, pathPattern: string | RegExp, response: RESTResponseConfig): void;
+    onGet(pathPattern: string | RegExp, response: RESTResponseConfig): void;
+    onPost(pathPattern: string | RegExp, response: RESTResponseConfig): void;
+    onPut(pathPattern: string | RegExp, response: RESTResponseConfig): void;
+    onDelete(pathPattern: string | RegExp, response: RESTResponseConfig): void;
+    handle(method: string, path: string, _body?: unknown): RESTResponseConfig;
+    reset(): void;
+}
+
+declare class OAuthHandler {
+    private config;
+    private generatedCodes;
+    constructor(config?: OAuthConfig);
+    configure(config: OAuthConfig): void;
+    handleAuthorize(query: Record<string, string>): {
+        redirectUrl: string;
+        code: string;
+    };
+    handleAccessToken(_body: Record<string, string>): {
+        status: number;
+        body: unknown;
+    };
+    handleTokenExchange(_body: Record<string, string>): {
+        status: number;
+        body: unknown;
+    };
+    reset(): void;
+}
+
+declare class MockShopifyServer {
+    readonly graphql: GraphQLHandler;
+    readonly rest: RESTHandler;
+    readonly oauth: OAuthHandler;
+    private server;
+    private serverPort;
+    private readonly config;
+    private requests;
+    constructor(config?: MockShopifyServerConfig);
+    start(): Promise<{
+        port: number;
+        url: string;
+    }>;
+    stop(): Promise<void>;
+    get url(): string;
+    get port(): number;
+    getRequests(): MockServerRequest[];
+    getLastRequest(): MockServerRequest | undefined;
+    getRequestsByPath(pathPattern: string | RegExp): MockServerRequest[];
+    clearRequests(): void;
+    reset(): void;
+    private handleRequest;
+}
+
+export { GraphQLHandler, type GraphQLResponseConfig, type MockServerRequest, MockShopifyServer, type MockShopifyServerConfig, type OAuthConfig, OAuthHandler, RESTHandler, type RESTResponseConfig };

package/dist/shopify-api/index.d.ts

@@ -0,0 +1,139 @@
+interface MockShopifyServerConfig {
+    port?: number;
+    apiVersion?: string;
+    defaultShop?: string;
+    latencyMs?: number;
+}
+interface MockServerRequest {
+    method: string;
+    path: string;
+    headers: Record<string, string>;
+    body: unknown;
+    query: Record<string, string>;
+    timestamp: Date;
+}
+interface GraphQLResponseConfig {
+    data?: unknown;
+    errors?: Array<{
+        message: string;
+        locations?: Array<{
+            line: number;
+            column: number;
+        }>;
+        path?: Array<string | number>;
+    }>;
+    extensions?: {
+        cost?: {
+            requestedQueryCost: number;
+            actualQueryCost: number;
+            throttleStatus: {
+                maximumAvailable: number;
+                currentlyAvailable: number;
+                restoreRate: number;
+            };
+        };
+    };
+}
+interface RESTResponseConfig {
+    status?: number;
+    body?: unknown;
+    headers?: Record<string, string>;
+}
+interface OAuthConfig {
+    accessToken?: string;
+    scope?: string;
+    expiresIn?: number;
+    associatedUser?: {
+        id: number;
+        firstName: string;
+        lastName: string;
+        email: string;
+        emailVerified: boolean;
+        accountOwner: boolean;
+        locale: string;
+        collaborator: boolean;
+    };
+}
+
+declare class GraphQLHandler {
+    private operations;
+    private sequences;
+    private queryPatterns;
+    private defaultResponse;
+    private rateLimitConfig;
+    onOperation(operationName: string, response: GraphQLResponseConfig): void;
+    onQuery(queryPattern: string | RegExp, response: GraphQLResponseConfig): void;
+    onOperationSequence(operationName: string, responses: GraphQLResponseConfig[]): void;
+    enableRateLimiting(config?: {
+        maxCost?: number;
+        restoreRate?: number;
+    }): void;
+    disableRateLimiting(): void;
+    setDefaultResponse(response: GraphQLResponseConfig): void;
+    handle(body: {
+        query: string;
+        variables?: Record<string, unknown>;
+        operationName?: string;
+    }): GraphQLResponseConfig;
+    reset(): void;
+    private extractOperationName;
+    private restoreBudget;
+    private applyRateLimiting;
+}
+
+declare class RESTHandler {
+    private routes;
+    onRequest(method: string, pathPattern: string | RegExp, response: RESTResponseConfig): void;
+    onGet(pathPattern: string | RegExp, response: RESTResponseConfig): void;
+    onPost(pathPattern: string | RegExp, response: RESTResponseConfig): void;
+    onPut(pathPattern: string | RegExp, response: RESTResponseConfig): void;
+    onDelete(pathPattern: string | RegExp, response: RESTResponseConfig): void;
+    handle(method: string, path: string, _body?: unknown): RESTResponseConfig;
+    reset(): void;
+}
+
+declare class OAuthHandler {
+    private config;
+    private generatedCodes;
+    constructor(config?: OAuthConfig);
+    configure(config: OAuthConfig): void;
+    handleAuthorize(query: Record<string, string>): {
+        redirectUrl: string;
+        code: string;
+    };
+    handleAccessToken(_body: Record<string, string>): {
+        status: number;
+        body: unknown;
+    };
+    handleTokenExchange(_body: Record<string, string>): {
+        status: number;
+        body: unknown;
+    };
+    reset(): void;
+}
+
+declare class MockShopifyServer {
+    readonly graphql: GraphQLHandler;
+    readonly rest: RESTHandler;
+    readonly oauth: OAuthHandler;
+    private server;
+    private serverPort;
+    private readonly config;
+    private requests;
+    constructor(config?: MockShopifyServerConfig);
+    start(): Promise<{
+        port: number;
+        url: string;
+    }>;
+    stop(): Promise<void>;
+    get url(): string;
+    get port(): number;
+    getRequests(): MockServerRequest[];
+    getLastRequest(): MockServerRequest | undefined;
+    getRequestsByPath(pathPattern: string | RegExp): MockServerRequest[];
+    clearRequests(): void;
+    reset(): void;
+    private handleRequest;
+}
+
+export { GraphQLHandler, type GraphQLResponseConfig, type MockServerRequest, MockShopifyServer, type MockShopifyServerConfig, type OAuthConfig, OAuthHandler, RESTHandler, type RESTResponseConfig };