@wix/cli-app 1.1.53 → 1.1.56

package/build/cloudflare-runtime/entry.js

@@ -1,12 +1,166 @@
+var __create = Object.create;
 var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __esm = (fn, res) => function __init() {
   return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
 };
+var __commonJS = (cb, mod) => function __require() {
+  return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
+};
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
 };
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+
+// ../../node_modules/serialize-error/index.js
+var require_serialize_error = __commonJS({
+  "../../node_modules/serialize-error/index.js"(exports, module) {
+    "use strict";
+    var NonError = class _NonError extends Error {
+      constructor(message2) {
+        super(_NonError._prepareSuperMessage(message2));
+        Object.defineProperty(this, "name", {
+          value: "NonError",
+          configurable: true,
+          writable: true
+        });
+        if (Error.captureStackTrace) {
+          Error.captureStackTrace(this, _NonError);
+        }
+      }
+      static _prepareSuperMessage(message2) {
+        try {
+          return JSON.stringify(message2);
+        } catch {
+          return String(message2);
+        }
+      }
+    };
+    var commonProperties = [
+      { property: "name", enumerable: false },
+      { property: "message", enumerable: false },
+      { property: "stack", enumerable: false },
+      { property: "code", enumerable: true }
+    ];
+    var isCalled = Symbol(".toJSON called");
+    var toJSON = (from) => {
+      from[isCalled] = true;
+      const json = from.toJSON();
+      delete from[isCalled];
+      return json;
+    };
+    var destroyCircular = ({
+      from,
+      seen,
+      to_,
+      forceEnumerable,
+      maxDepth,
+      depth
+    }) => {
+      const to = to_ || (Array.isArray(from) ? [] : {});
+      seen.push(from);
+      if (depth >= maxDepth) {
+        return to;
+      }
+      if (typeof from.toJSON === "function" && from[isCalled] !== true) {
+        return toJSON(from);
+      }
+      for (const [key, value] of Object.entries(from)) {
+        if (typeof Buffer === "function" && Buffer.isBuffer(value)) {
+          to[key] = "[object Buffer]";
+          continue;
+        }
+        if (typeof value === "function") {
+          continue;
+        }
+        if (!value || typeof value !== "object") {
+          to[key] = value;
+          continue;
+        }
+        if (!seen.includes(from[key])) {
+          depth++;
+          to[key] = destroyCircular({
+            from: from[key],
+            seen: seen.slice(),
+            forceEnumerable,
+            maxDepth,
+            depth
+          });
+          continue;
+        }
+        to[key] = "[Circular]";
+      }
+      for (const { property, enumerable } of commonProperties) {
+        if (typeof from[property] === "string") {
+          Object.defineProperty(to, property, {
+            value: from[property],
+            enumerable: forceEnumerable ? true : enumerable,
+            configurable: true,
+            writable: true
+          });
+        }
+      }
+      return to;
+    };
+    var serializeError2 = (value, options = {}) => {
+      const { maxDepth = Number.POSITIVE_INFINITY } = options;
+      if (typeof value === "object" && value !== null) {
+        return destroyCircular({
+          from: value,
+          seen: [],
+          forceEnumerable: true,
+          maxDepth,
+          depth: 0
+        });
+      }
+      if (typeof value === "function") {
+        return `[Function: ${value.name || "anonymous"}]`;
+      }
+      return value;
+    };
+    var deserializeError = (value, options = {}) => {
+      const { maxDepth = Number.POSITIVE_INFINITY } = options;
+      if (value instanceof Error) {
+        return value;
+      }
+      if (typeof value === "object" && value !== null && !Array.isArray(value)) {
+        const newError = new Error();
+        destroyCircular({
+          from: value,
+          seen: [],
+          to_: newError,
+          maxDepth,
+          depth: 0
+        });
+        return newError;
+      }
+      return new NonError(value);
+    };
+    module.exports = {
+      serializeError: serializeError2,
+      deserializeError
+    };
+  }
+});
 
 // ../../node_modules/jose/dist/browser/runtime/webcrypto.js
 var webcrypto_default, isCryptoKey;
@@ -4749,6 +4903,120 @@ function servicePluginsModules(authStrategy) {
   };
 }
 
+// ../../node_modules/@wix/sdk/build/web-method-modules.js
+var import_serialize_error = __toESM(require_serialize_error(), 1);
+
+// ../../node_modules/@wix/sdk/build/get-token-info.js
+async function getTokenInfo(token) {
+  const tokenInfoRes = await fetch("https://www.wixapis.com/oauth2/token-info", {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify({
+      token
+    })
+  });
+  if (tokenInfoRes.status !== 200) {
+    throw new Error(`Failed to get token info. Unexpected status code from Wix OAuth API: ${tokenInfoRes.status}`);
+  }
+  return await tokenInfoRes.json();
+}
+
+// ../../node_modules/@wix/sdk/build/web-method-modules.js
+var isWebMethodModules = (val) => val.__type === "web-method-module";
+var Permissions;
+(function(Permissions2) {
+  Permissions2["Anyone"] = "anyone";
+  Permissions2["Admin"] = "admin";
+  Permissions2["SiteMember"] = "site-member";
+})(Permissions || (Permissions = {}));
+async function checkPermission(request, permission) {
+  const accessToken = request.headers.get("Authorization");
+  if (!accessToken) {
+    throw new Error("Request is missing authentication data");
+  }
+  const { subjectType } = await getTokenInfo(accessToken);
+  switch (permission) {
+    case Permissions.Anyone: {
+      if (subjectType !== "VISITOR" && subjectType !== "MEMBER" && subjectType !== "USER") {
+        throw new Error("Insufficient permissions");
+      }
+      break;
+    }
+    case Permissions.SiteMember: {
+      if (subjectType !== "MEMBER" && subjectType !== "USER") {
+        throw new Error("Insufficient permissions");
+      }
+      break;
+    }
+    case Permissions.Admin: {
+      if (subjectType !== "USER") {
+        throw new Error("Insufficient permissions");
+      }
+      break;
+    }
+  }
+}
+var urlRegex = /\/_webMethods\/(.+\..+)\/(.+\..+)/;
+function extractUrlParts(url) {
+  const parts = url.match(urlRegex);
+  if (parts) {
+    return [parts[1], parts[2].replace(".ajax", "")];
+  }
+}
+function isRequestBodyValid(body) {
+  return !!body && typeof body === "object" && Array.isArray(body);
+}
+var productionErrorMessage = "Error: Unable to handle the request. Contact the site administrator or view site monitoring logs for more information.";
+function webMethodModules() {
+  const webMethods = {};
+  const client = {
+    async processRequest(request, devMode = false) {
+      const urlParts = extractUrlParts(request.url);
+      if (!urlParts) {
+        return new Response("invalid request", { status: 400 });
+      }
+      const [file, method] = urlParts;
+      const body = await request.json();
+      if (!isRequestBodyValid(body)) {
+        return new Response("invalid request", { status: 400 });
+      }
+      const loadWebMethodFile = webMethods[`/${file}`];
+      try {
+        if (!loadWebMethodFile) {
+          throw new Error(`Error loading web module ${file}: Cannot find module '${file}'`);
+        }
+        const webMethodFile = await loadWebMethodFile();
+        const webMethod = webMethodFile[method];
+        if (!webMethod) {
+          throw new Error(`Error loading function from web module ${file}: function '${method}' not found`);
+        }
+        await checkPermission(request, webMethod.permission);
+        return Response.json({
+          result: await webMethod.handler(...body)
+        });
+      } catch (error) {
+        const serializedError = (0, import_serialize_error.serializeError)(error, { maxDepth: 1 });
+        return Response.json({
+          result: devMode || !(error instanceof Error) ? serializedError : {
+            ...serializedError,
+            message: productionErrorMessage,
+            stack: productionErrorMessage
+          },
+          exception: true
+        });
+      }
+    }
+  };
+  return {
+    initModule(webMethodModule) {
+      Object.assign(webMethods, webMethodModule);
+    },
+    client
+  };
+}
+
 // ../../node_modules/@wix/sdk/build/wixClient.js
 function createClient(config) {
   const _headers = config.headers || { Authorization: "" };
@@ -4757,8 +5025,25 @@ function createClient(config) {
   };
   const boundGetAuthHeaders = authStrategy.getAuthHeaders.bind(void 0, config.host);
   authStrategy.getAuthHeaders = boundGetAuthHeaders;
+  const fetchWithAuth = async (urlOrRequest, requestInit) => {
+    if (typeof urlOrRequest === "string" || urlOrRequest instanceof URL) {
+      return fetch(urlOrRequest, {
+        ...requestInit,
+        headers: {
+          ...requestInit?.headers,
+          ...(await boundGetAuthHeaders()).headers
+        }
+      });
+    } else {
+      for (const [k, v] of Object.entries((await boundGetAuthHeaders()).headers)) {
+        urlOrRequest.headers.set(k, v);
+      }
+      return fetch(urlOrRequest, requestInit);
+    }
+  };
   const { client: servicePluginsClient, initModule: initServicePluginModule } = servicePluginsModules(authStrategy);
   const { client: eventHandlersClient, initModule: initEventHandlerModule } = eventHandlersModules(authStrategy);
+  const { client: webMethodClient, initModule } = webMethodModules();
   const boundFetch = async (url, options) => {
     const authHeaders = await boundGetAuthHeaders();
     const defaultContentTypeHeader = getDefaultContentHeader(options);
@@ -4780,6 +5065,8 @@ function createClient(config) {
       return initServicePluginModule(modules);
     } else if (isHostModule(modules) && config.host) {
       return buildHostModule(modules, config.host);
+    } else if (isWebMethodModules(modules)) {
+      return initModule(modules);
     } else if (typeof modules === "function") {
       if ("__type" in modules && modules.__type === SERVICE_PLUGIN_ERROR_TYPE) {
         return modules;
@@ -4846,22 +5133,7 @@ function createClient(config) {
       finalUrl.protocol = "https";
       return boundFetch(finalUrl.toString(), options);
     },
-    fetchWithAuth: async (urlOrRequest, requestInit) => {
-      if (typeof urlOrRequest === "string" || urlOrRequest instanceof URL) {
-        return fetch(urlOrRequest, {
-          ...requestInit,
-          headers: {
-            ...requestInit?.headers,
-            ...(await boundGetAuthHeaders()).headers
-          }
-        });
-      } else {
-        for (const [k, v] of Object.entries((await boundGetAuthHeaders()).headers)) {
-          urlOrRequest.headers.set(k, v);
-        }
-        return fetch(urlOrRequest, requestInit);
-      }
-    },
+    fetchWithAuth,
     async graphql(query, variables, opts = {
       apiVersion: "alpha"
     }) {
@@ -4880,13 +5152,13 @@ function createClient(config) {
       return { data: data ?? {}, errors };
     },
     webhooks: eventHandlersClient,
+    webMethods: webMethodClient,
     servicePlugins: servicePluginsClient
   };
 }
 
 // ../../node_modules/@wix/sdk/build/auth/AppStrategy.js
 function AppStrategy(opts) {
-  const authServerBaseUrl = opts.authServerBaseUrl ?? "https://www.wixapis.com";
   let refreshToken = "refreshToken" in opts ? opts.refreshToken : void 0;
   let cachedToken;
   return {
@@ -4916,8 +5188,7 @@ function AppStrategy(opts) {
       if (!code || !instanceId) {
         throw new Error("Invalid OAuth callback URL. Make sure you pass the url including the code and instanceId query params.");
       }
-      const tokenUrl = new URL("/oauth/access", authServerBaseUrl);
-      const tokensRes = await fetch(tokenUrl.href, {
+      const tokensRes = await fetch("https://www.wixapis.com/oauth/access", {
         method: "POST",
         headers: {
           "Content-Type": "application/json"
@@ -4950,10 +5221,9 @@ function AppStrategy(opts) {
       }
       if ("refreshToken" in opts || refreshToken) {
         if (!opts.appSecret) {
-          throw new Error("App secret is required for retrieveing app-level access tokens. Make sure to pass it to the AppStrategy");
+          throw new Error("App secret is required for retrieving app-level access tokens. Make sure to pass it to the AppStrategy");
         }
-        const tokenUrl = new URL("/oauth/access", authServerBaseUrl);
-        const tokensRes = await fetch(tokenUrl.href, {
+        const tokensRes = await fetch("https://www.wixapis.com/oauth/access", {
           method: "POST",
           headers: {
             "Content-Type": "application/json"
@@ -4977,10 +5247,9 @@ function AppStrategy(opts) {
         };
       } else if ("instanceId" in opts) {
         if (!opts.appSecret) {
-          throw new Error("App secret is required for retrieveing app-level access tokens. Make sure to pass it to the AppStrategy");
+          throw new Error("App secret is required for retrieving app-level access tokens. Make sure to pass it to the AppStrategy");
         }
-        const tokenUrl = new URL("/oauth2/token", authServerBaseUrl);
-        const tokensRes = await fetch(tokenUrl.href, {
+        const tokensRes = await fetch("https://www.wixapis.com/oauth2/token", {
           method: "POST",
           headers: {
             "Content-Type": "application/json"
@@ -5006,7 +5275,7 @@ function AppStrategy(opts) {
           }
         };
       } else if ("accessToken" in opts && opts.accessToken) {
-        const tokenRes = await fetch(new URL("/oauth2/token", authServerBaseUrl), {
+        const tokenRes = await fetch("https://www.wixapis.com/oauth2/token", {
           method: "POST",
           headers: {
             "Content-Type": "application/json"
@@ -5036,7 +5305,7 @@ function AppStrategy(opts) {
     },
     async elevated() {
       if ("accessToken" in opts && opts.accessToken) {
-        const tokenInfo = await getTokenInfo(opts.accessToken, authServerBaseUrl);
+        const tokenInfo = await getTokenInfo(opts.accessToken);
         if (tokenInfo.clientId !== opts.appId) {
           throw new Error(`Invalid access token. The token is not issued for the app with ID "${opts.appId}"`);
         }
@@ -5047,8 +5316,7 @@ function AppStrategy(opts) {
           appId: opts.appId,
           appSecret: opts.appSecret,
           publicKey: opts.publicKey,
-          instanceId: tokenInfo.instanceId,
-          authServerBaseUrl: opts.authServerBaseUrl
+          instanceId: tokenInfo.instanceId
         });
       } else {
         throw new Error("Providing an access token is required to perform elevation. Make sure to pass it to the AppStrategy");
@@ -5076,29 +5344,13 @@ function AppStrategy(opts) {
       if (!tokenToCheck) {
         throw new Error("Missing token to get info for. Either pass the token as an argument or provide it when initializing the AppStrategy");
       }
-      return getTokenInfo(tokenToCheck, authServerBaseUrl);
+      return getTokenInfo(tokenToCheck);
     },
     getActiveToken() {
       return "accessToken" in opts ? opts.accessToken : refreshToken;
     }
   };
 }
-async function getTokenInfo(token, authServerBaseUrl) {
-  const tokenInfoUrl = new URL("/oauth2/token-info", authServerBaseUrl);
-  const tokenInfoRes = await fetch(tokenInfoUrl.href, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify({
-      token
-    })
-  });
-  if (tokenInfoRes.status !== 200) {
-    throw new Error(`Failed to get token info. Unexpected status code from Wix OAuth API: ${tokenInfoRes.status}`);
-  }
-  return await tokenInfoRes.json();
-}
 
 // src/utils.ts
 var supportedMethods = ["GET", "POST", "PUT", "DELETE"];
@@ -5117,7 +5369,7 @@ function isMethodSupported(method) {
   return supportedMethods.includes(method);
 }
 function isAPI(value) {
-  return typeof value === "object" && value !== null && supportedMethods.some((method) => method in value);
+  return value != null && typeof value === "object" && supportedMethods.some((method) => method in value);
 }
 function formatError(error) {
   if (import.meta.env.DEV && error instanceof Error) {