@wix/sdk 1.12.6 → 1.12.8

package/build/auth/AppStrategy.d.ts

@@ -12,7 +12,23 @@ export type AppStrategy = AuthenticationStrategy<undefined> & {
         accessToken: string;
         refreshToken: string;
     }>;
+    /**
+     * Return a new instance of the AppStrategy which uses an elevated access token
+     */
     elevated(): Promise<AppStrategy>;
+    /**
+     * Returns infromation about the active token
+     */
+    getTokenInfo(): Promise<{
+        active: boolean;
+        subjectType: 'APP' | 'USER' | 'MEMBER' | 'VISITOR' | 'UNKNOWN';
+        subjectId: string;
+        exp: number;
+        iat: number;
+        clientId?: string;
+        siteId: string;
+        instanceId?: string;
+    }>;
 };
 /**
  * Creates an authentication strategy for Wix Apps OAuth installation process.
@@ -22,6 +38,7 @@ export type AppStrategy = AuthenticationStrategy<undefined> & {
  * @param opts.appSecret The Wix App Secret
  * @param opts.refreshToken An optional refresh token previously retrieved from Wix OAuth API
  * @param opts.instanceId An optional instance ID of the Wix App instance the client is making requests on behalf of
+ * @param opts.accessToken An optional access token previously retrieved from a client Wix Extension
  * @param opts.publicKey An optional public key for validating webhook requests (supports both PEM and base64 encoded keys)
  * @returns An authentication strategy that can be used with WixClient
  * @example
@@ -56,6 +73,7 @@ export declare function AppStrategy(opts: {
     appId: string;
     appSecret?: string;
     publicKey?: string;
+    authServerBaseUrl?: string;
 } & ({
     refreshToken?: string;
 } | {

package/build/auth/AppStrategy.js

@@ -7,6 +7,7 @@ import { parsePublicKeyIfEncoded } from '../helpers.js';
  * @param opts.appSecret The Wix App Secret
  * @param opts.refreshToken An optional refresh token previously retrieved from Wix OAuth API
  * @param opts.instanceId An optional instance ID of the Wix App instance the client is making requests on behalf of
+ * @param opts.accessToken An optional access token previously retrieved from a client Wix Extension
  * @param opts.publicKey An optional public key for validating webhook requests (supports both PEM and base64 encoded keys)
  * @returns An authentication strategy that can be used with WixClient
  * @example
@@ -39,6 +40,7 @@ import { parsePublicKeyIfEncoded } from '../helpers.js';
  */
 // eslint-disable-next-line @typescript-eslint/no-redeclare
 export function AppStrategy(opts) {
+    const authServerBaseUrl = opts.authServerBaseUrl ?? 'https://www.wixapis.com';
     let refreshToken = 'refreshToken' in opts ? opts.refreshToken : undefined;
     return {
         getInstallUrl({ redirectUrl, token, state }) {
@@ -67,7 +69,8 @@ export function AppStrategy(opts) {
             if (!code || !instanceId) {
                 throw new Error('Invalid OAuth callback URL. Make sure you pass the url including the code and instanceId query params.');
             }
-            const tokensRes = await fetch('https://www.wixapis.com/oauth/access', {
+            const tokenUrl = new URL('/oauth/access', authServerBaseUrl);
+            const tokensRes = await fetch(tokenUrl.href, {
                 method: 'POST',
                 headers: {
                     'Content-Type': 'application/json',
@@ -91,11 +94,12 @@ export function AppStrategy(opts) {
             };
         },
         async getAuthHeaders() {
-            if (!opts.appSecret) {
-                throw new Error('App secret is required for retrieveing app-level access tokens. Make sure to pass it to the AppStrategy');
-            }
             if ('refreshToken' in opts || refreshToken) {
-                const tokensRes = await fetch('https://www.wixapis.com/oauth/access', {
+                if (!opts.appSecret) {
+                    throw new Error('App secret is required for retrieveing app-level access tokens. Make sure to pass it to the AppStrategy');
+                }
+                const tokenUrl = new URL('/oauth/access', authServerBaseUrl);
+                const tokensRes = await fetch(tokenUrl.href, {
                     method: 'POST',
                     headers: {
                         'Content-Type': 'application/json',
@@ -119,7 +123,11 @@ export function AppStrategy(opts) {
                 };
             }
             else if ('instanceId' in opts) {
-                const tokensRes = await fetch('https://www.wixapis.com/oauth2/token', {
+                if (!opts.appSecret) {
+                    throw new Error('App secret is required for retrieveing app-level access tokens. Make sure to pass it to the AppStrategy');
+                }
+                const tokenUrl = new URL('/oauth2/token', authServerBaseUrl);
+                const tokensRes = await fetch(tokenUrl.href, {
                     method: 'POST',
                     headers: {
                         'Content-Type': 'application/json',
@@ -154,20 +162,8 @@ export function AppStrategy(opts) {
         },
         async elevated() {
             if ('accessToken' in opts && opts.accessToken) {
-                const tokenInfoRes = await fetch('https://www.wixapis.com/oauth2/token-info', {
-                    method: 'POST',
-                    headers: {
-                        'Content-Type': 'application/json',
-                    },
-                    body: JSON.stringify({
-                        token: opts.accessToken,
-                    }),
-                });
-                if (tokenInfoRes.status !== 200) {
-                    throw new Error(`Failed to get token info. Unexpected status code from Wix OAuth API: ${tokenInfoRes.status}`);
-                }
-                const tokenInfo = await tokenInfoRes.json();
-                if (tokenInfo.app_id !== opts.appId) {
+                const tokenInfo = await getTokenInfo(opts.accessToken, authServerBaseUrl);
+                if (tokenInfo.clientId !== opts.appId) {
                     throw new Error(`Invalid access token. The token is not issued for the app with ID "${opts.appId}"`);
                 }
                 if (!tokenInfo.instanceId) {
@@ -178,6 +174,7 @@ export function AppStrategy(opts) {
                     appSecret: opts.appSecret,
                     publicKey: opts.publicKey,
                     instanceId: tokenInfo.instanceId,
+                    authServerBaseUrl: opts.authServerBaseUrl,
                 });
             }
             else {
@@ -203,5 +200,28 @@ export function AppStrategy(opts) {
                 valid: true,
             };
         },
+        async getTokenInfo() {
+            const tokenToCheck = refreshToken ?? ('accessToken' in opts ? opts.accessToken : undefined);
+            if (!tokenToCheck) {
+                throw new Error('Missing token to get info for. Either pass the token as an argument or provide it when initializing the AppStrategy');
+            }
+            return getTokenInfo(tokenToCheck, authServerBaseUrl);
+        },
     };
 }
+async function getTokenInfo(token, authServerBaseUrl) {
+    const tokenInfoUrl = new URL('/oauth2/token-info', authServerBaseUrl);
+    const tokenInfoRes = await fetch(tokenInfoUrl.href, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({
+            token,
+        }),
+    });
+    if (tokenInfoRes.status !== 200) {
+        throw new Error(`Failed to get token info. Unexpected status code from Wix OAuth API: ${tokenInfoRes.status}`);
+    }
+    return (await tokenInfoRes.json());
+}

package/build/graphql.d.ts

@@ -1,4 +1,5 @@
 import { DocumentNode, GraphQLFormattedError } from 'graphql';
+import { RESTFunctionDescriptor } from '@wix/sdk-types';
 export type TypedQueryInput<Result = {
     [key: string]: any;
 }, Variables = {
@@ -15,14 +16,14 @@ export type TypedQueryInput<Result = {
      */
     __ensureTypesOfVariablesAndResultMatching?: (variables: Variables) => Result;
 };
-export declare const graphql: ((query: string | String | DocumentNode | TypedQueryInput<unknown, any>, variables?: any, opts?: {
+export declare const graphql: (<Result, Variables>(query: string | String | DocumentNode | TypedQueryInput<Result, Variables>, variables?: Variables | undefined, opts?: {
     apiVersion: string;
 }) => Promise<{
-    data: unknown;
+    data: Result;
     errors?: GraphQLFormattedError[] | undefined;
-}>) & ((restModuleOpts: import("@wix/sdk-types").HttpClient) => (query: string | String | DocumentNode | TypedQueryInput<unknown, any>, variables?: any, opts?: {
+}>) & RESTFunctionDescriptor<(<Result, Variables>(query: string | String | DocumentNode | TypedQueryInput<Result, Variables>, variables?: Variables | undefined, opts?: {
     apiVersion: string;
 }) => Promise<{
-    data: unknown;
+    data: Result;
     errors?: GraphQLFormattedError[] | undefined;
-}>);
+}>)>;

package/build/graphql.js

@@ -1,6 +1,6 @@
 import { createRESTModule } from '@wix/sdk-runtime/rest-modules';
 import { FetchErrorResponse } from './fetch-error.js';
-export const graphql = createRESTModule((restModuleOpts) => {
+export const graphql = createRESTModule(((restModuleOpts) => {
     // eslint-disable-next-line @typescript-eslint/no-shadow
     return async function graphql(query, variables, opts = {
         apiVersion: 'alpha',
@@ -18,4 +18,4 @@ export const graphql = createRESTModule((restModuleOpts) => {
         const { data, errors } = await res.json();
         return { data: data ?? {}, errors };
     };
-});
+}));

package/cjs/build/auth/AppStrategy.d.ts

@@ -12,7 +12,23 @@ export type AppStrategy = AuthenticationStrategy<undefined> & {
         accessToken: string;
         refreshToken: string;
     }>;
+    /**
+     * Return a new instance of the AppStrategy which uses an elevated access token
+     */
     elevated(): Promise<AppStrategy>;
+    /**
+     * Returns infromation about the active token
+     */
+    getTokenInfo(): Promise<{
+        active: boolean;
+        subjectType: 'APP' | 'USER' | 'MEMBER' | 'VISITOR' | 'UNKNOWN';
+        subjectId: string;
+        exp: number;
+        iat: number;
+        clientId?: string;
+        siteId: string;
+        instanceId?: string;
+    }>;
 };
 /**
  * Creates an authentication strategy for Wix Apps OAuth installation process.
@@ -22,6 +38,7 @@ export type AppStrategy = AuthenticationStrategy<undefined> & {
  * @param opts.appSecret The Wix App Secret
  * @param opts.refreshToken An optional refresh token previously retrieved from Wix OAuth API
  * @param opts.instanceId An optional instance ID of the Wix App instance the client is making requests on behalf of
+ * @param opts.accessToken An optional access token previously retrieved from a client Wix Extension
  * @param opts.publicKey An optional public key for validating webhook requests (supports both PEM and base64 encoded keys)
  * @returns An authentication strategy that can be used with WixClient
  * @example
@@ -56,6 +73,7 @@ export declare function AppStrategy(opts: {
     appId: string;
     appSecret?: string;
     publicKey?: string;
+    authServerBaseUrl?: string;
 } & ({
     refreshToken?: string;
 } | {

package/cjs/build/auth/AppStrategy.js

@@ -33,6 +33,7 @@ const helpers_js_1 = require("../helpers.js");
  * @param opts.appSecret The Wix App Secret
  * @param opts.refreshToken An optional refresh token previously retrieved from Wix OAuth API
  * @param opts.instanceId An optional instance ID of the Wix App instance the client is making requests on behalf of
+ * @param opts.accessToken An optional access token previously retrieved from a client Wix Extension
  * @param opts.publicKey An optional public key for validating webhook requests (supports both PEM and base64 encoded keys)
  * @returns An authentication strategy that can be used with WixClient
  * @example
@@ -65,6 +66,7 @@ const helpers_js_1 = require("../helpers.js");
  */
 // eslint-disable-next-line @typescript-eslint/no-redeclare
 function AppStrategy(opts) {
+    const authServerBaseUrl = opts.authServerBaseUrl ?? 'https://www.wixapis.com';
     let refreshToken = 'refreshToken' in opts ? opts.refreshToken : undefined;
     return {
         getInstallUrl({ redirectUrl, token, state }) {
@@ -93,7 +95,8 @@ function AppStrategy(opts) {
             if (!code || !instanceId) {
                 throw new Error('Invalid OAuth callback URL. Make sure you pass the url including the code and instanceId query params.');
             }
-            const tokensRes = await fetch('https://www.wixapis.com/oauth/access', {
+            const tokenUrl = new URL('/oauth/access', authServerBaseUrl);
+            const tokensRes = await fetch(tokenUrl.href, {
                 method: 'POST',
                 headers: {
                     'Content-Type': 'application/json',
@@ -117,11 +120,12 @@ function AppStrategy(opts) {
             };
         },
         async getAuthHeaders() {
-            if (!opts.appSecret) {
-                throw new Error('App secret is required for retrieveing app-level access tokens. Make sure to pass it to the AppStrategy');
-            }
             if ('refreshToken' in opts || refreshToken) {
-                const tokensRes = await fetch('https://www.wixapis.com/oauth/access', {
+                if (!opts.appSecret) {
+                    throw new Error('App secret is required for retrieveing app-level access tokens. Make sure to pass it to the AppStrategy');
+                }
+                const tokenUrl = new URL('/oauth/access', authServerBaseUrl);
+                const tokensRes = await fetch(tokenUrl.href, {
                     method: 'POST',
                     headers: {
                         'Content-Type': 'application/json',
@@ -145,7 +149,11 @@ function AppStrategy(opts) {
                 };
             }
             else if ('instanceId' in opts) {
-                const tokensRes = await fetch('https://www.wixapis.com/oauth2/token', {
+                if (!opts.appSecret) {
+                    throw new Error('App secret is required for retrieveing app-level access tokens. Make sure to pass it to the AppStrategy');
+                }
+                const tokenUrl = new URL('/oauth2/token', authServerBaseUrl);
+                const tokensRes = await fetch(tokenUrl.href, {
                     method: 'POST',
                     headers: {
                         'Content-Type': 'application/json',
@@ -180,20 +188,8 @@ function AppStrategy(opts) {
         },
         async elevated() {
             if ('accessToken' in opts && opts.accessToken) {
-                const tokenInfoRes = await fetch('https://www.wixapis.com/oauth2/token-info', {
-                    method: 'POST',
-                    headers: {
-                        'Content-Type': 'application/json',
-                    },
-                    body: JSON.stringify({
-                        token: opts.accessToken,
-                    }),
-                });
-                if (tokenInfoRes.status !== 200) {
-                    throw new Error(`Failed to get token info. Unexpected status code from Wix OAuth API: ${tokenInfoRes.status}`);
-                }
-                const tokenInfo = await tokenInfoRes.json();
-                if (tokenInfo.app_id !== opts.appId) {
+                const tokenInfo = await getTokenInfo(opts.accessToken, authServerBaseUrl);
+                if (tokenInfo.clientId !== opts.appId) {
                     throw new Error(`Invalid access token. The token is not issued for the app with ID "${opts.appId}"`);
                 }
                 if (!tokenInfo.instanceId) {
@@ -204,6 +200,7 @@ function AppStrategy(opts) {
                     appSecret: opts.appSecret,
                     publicKey: opts.publicKey,
                     instanceId: tokenInfo.instanceId,
+                    authServerBaseUrl: opts.authServerBaseUrl,
                 });
             }
             else {
@@ -229,6 +226,29 @@ function AppStrategy(opts) {
                 valid: true,
             };
         },
+        async getTokenInfo() {
+            const tokenToCheck = refreshToken ?? ('accessToken' in opts ? opts.accessToken : undefined);
+            if (!tokenToCheck) {
+                throw new Error('Missing token to get info for. Either pass the token as an argument or provide it when initializing the AppStrategy');
+            }
+            return getTokenInfo(tokenToCheck, authServerBaseUrl);
+        },
     };
 }
 exports.AppStrategy = AppStrategy;
+async function getTokenInfo(token, authServerBaseUrl) {
+    const tokenInfoUrl = new URL('/oauth2/token-info', authServerBaseUrl);
+    const tokenInfoRes = await fetch(tokenInfoUrl.href, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({
+            token,
+        }),
+    });
+    if (tokenInfoRes.status !== 200) {
+        throw new Error(`Failed to get token info. Unexpected status code from Wix OAuth API: ${tokenInfoRes.status}`);
+    }
+    return (await tokenInfoRes.json());
+}

package/cjs/build/graphql.d.ts

@@ -1,4 +1,5 @@
 import { DocumentNode, GraphQLFormattedError } from 'graphql';
+import { RESTFunctionDescriptor } from '@wix/sdk-types';
 export type TypedQueryInput<Result = {
     [key: string]: any;
 }, Variables = {
@@ -15,14 +16,14 @@ export type TypedQueryInput<Result = {
      */
     __ensureTypesOfVariablesAndResultMatching?: (variables: Variables) => Result;
 };
-export declare const graphql: ((query: string | String | DocumentNode | TypedQueryInput<unknown, any>, variables?: any, opts?: {
+export declare const graphql: (<Result, Variables>(query: string | String | DocumentNode | TypedQueryInput<Result, Variables>, variables?: Variables | undefined, opts?: {
     apiVersion: string;
 }) => Promise<{
-    data: unknown;
+    data: Result;
     errors?: GraphQLFormattedError[] | undefined;
-}>) & ((restModuleOpts: import("@wix/sdk-types").HttpClient) => (query: string | String | DocumentNode | TypedQueryInput<unknown, any>, variables?: any, opts?: {
+}>) & RESTFunctionDescriptor<(<Result, Variables>(query: string | String | DocumentNode | TypedQueryInput<Result, Variables>, variables?: Variables | undefined, opts?: {
     apiVersion: string;
 }) => Promise<{
-    data: unknown;
+    data: Result;
     errors?: GraphQLFormattedError[] | undefined;
-}>);
+}>)>;

package/cjs/build/graphql.js

@@ -3,7 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.graphql = void 0;
 const rest_modules_1 = require("@wix/sdk-runtime/rest-modules");
 const fetch_error_js_1 = require("./fetch-error.js");
-exports.graphql = (0, rest_modules_1.createRESTModule)((restModuleOpts) => {
+exports.graphql = (0, rest_modules_1.createRESTModule)(((restModuleOpts) => {
     // eslint-disable-next-line @typescript-eslint/no-shadow
     return async function graphql(query, variables, opts = {
         apiVersion: 'alpha',
@@ -21,4 +21,4 @@ exports.graphql = (0, rest_modules_1.createRESTModule)((restModuleOpts) => {
         const { data, errors } = await res.json();
         return { data: data ?? {}, errors };
     };
-});
+}));

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wix/sdk",
-  "version": "1.12.6",
+  "version": "1.12.8",
   "license": "UNLICENSED",
   "author": {
     "name": "Ronny Ringel",
@@ -65,10 +65,10 @@
   "dependencies": {
     "@babel/runtime": "^7.23.2",
     "@wix/identity": "^1.0.78",
-    "@wix/image-kit": "^1.73.0",
+    "@wix/image-kit": "^1.74.0",
     "@wix/redirects": "^1.0.41",
     "@wix/sdk-context": "^0.0.1",
-    "@wix/sdk-runtime": "0.3.11",
+    "@wix/sdk-runtime": "0.3.12",
     "@wix/sdk-types": "^1.9.2",
     "crypto-js": "^4.2.0",
     "jose": "^5.2.1",
@@ -88,7 +88,7 @@
     "@wix/events": "^1.0.179",
     "@wix/metro": "^1.0.73",
     "@wix/metro-runtime": "^1.1677.0",
-    "@wix/sdk-runtime": "0.3.11",
+    "@wix/sdk-runtime": "0.3.12",
     "eslint": "^8.56.0",
     "eslint-config-sdk": "0.0.0",
     "graphql": "^16.8.0",
@@ -122,5 +122,5 @@
   "wallaby": {
     "autoDetect": true
   },
-  "falconPackageHash": "434acd803ec3fa432e257e25fb88fe03020ccc7a9f729faeebd656b4"
+  "falconPackageHash": "4a3ca02dc12093515b122a61d87d631718a0d7de19fe8ad5a6ef4ab4"
 }