npm - @wix/sdk - Versions diffs - 1.21.2 → 1.21.4 - Mend

@wix/sdk 1.21.2 → 1.21.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/build/auth/oauth2/OAuthStrategy.d.ts +7 -1
package/build/auth/oauth2/OAuthStrategy.js +10 -3
package/build/auth/oauth2/types.d.ts +10 -0
package/build/rest-modules.d.ts +3 -1
package/build/rest-modules.js +2 -1
package/build/wixClient.js +3 -1
package/cjs/build/auth/oauth2/OAuthStrategy.d.ts +7 -1
package/cjs/build/auth/oauth2/OAuthStrategy.js +10 -3
package/cjs/build/auth/oauth2/types.d.ts +10 -0
package/cjs/build/rest-modules.d.ts +3 -1
package/cjs/build/rest-modules.js +2 -1
package/cjs/build/wixClient.js +3 -1
package/package.json +6 -6

package/build/auth/oauth2/OAuthStrategy.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { IOAuthStrategy, Tokens, TokenStorage } from './types.js';
+import { IOAuthStrategy, TokenRequestOptions, Tokens, TokenStorage } from './types.js';
 /**
  * OAuth authentication strategy for Wix SDK.
  * @param config - Configuration object
@@ -8,6 +8,8 @@ import { IOAuthStrategy, Tokens, TokenStorage } from './types.js';
  * @param config.tokenStorage - Custom storage implementation (mutually exclusive with `tokens`).
  *   When provided, the strategy delegates all token persistence to this storage.
  *   The storage's `getTokens()` must always return `Tokens` (use `EMPTY_TOKENS` as fallback).
+ * @param config.tokenRequestOptions - Optional request options (e.g., custom headers) for all token requests.
+ *   Useful for passing 'client-binding' header in public rendering flows.
  * @returns OAuth strategy instance
  * @example
  * // Default in-memory storage with initial tokens
@@ -15,10 +17,14 @@ import { IOAuthStrategy, Tokens, TokenStorage } from './types.js';
  * @example
  * // Custom storage (e.g., cookies)
  * OAuthStrategy({ clientId: 'xxx', tokenStorage: myCookieStorage })
+ * @example
+ * // With custom headers for all token requests
+ * OAuthStrategy({ clientId: 'xxx', tokenRequestOptions: { headers: { 'client-binding': '...' } } })
  */
 export declare function OAuthStrategy(config: {
     clientId: string;
     publicKey?: string;
+    tokenRequestOptions?: TokenRequestOptions;
 } & ({
     tokens?: Tokens;
     tokenStorage?: never;

package/build/auth/oauth2/OAuthStrategy.js CHANGED Viewed

@@ -20,6 +20,8 @@ const moduleWithTokens = { redirects, authentication, recovery, verification };
  * @param config.tokenStorage - Custom storage implementation (mutually exclusive with `tokens`).
  *   When provided, the strategy delegates all token persistence to this storage.
  *   The storage's `getTokens()` must always return `Tokens` (use `EMPTY_TOKENS` as fallback).
+ * @param config.tokenRequestOptions - Optional request options (e.g., custom headers) for all token requests.
+ *   Useful for passing 'client-binding' header in public rendering flows.
  * @returns OAuth strategy instance
  * @example
  * // Default in-memory storage with initial tokens
@@ -27,8 +29,12 @@ const moduleWithTokens = { redirects, authentication, recovery, verification };
  * @example
  * // Custom storage (e.g., cookies)
  * OAuthStrategy({ clientId: 'xxx', tokenStorage: myCookieStorage })
+ * @example
+ * // With custom headers for all token requests
+ * OAuthStrategy({ clientId: 'xxx', tokenRequestOptions: { headers: { 'client-binding': '...' } } })
  */
 export function OAuthStrategy(config) {
+    const _tokenRequestHeaders = config.tokenRequestOptions?.headers ?? {};
     const _tokenStorage = config.tokenStorage ??
         createLocalTokenStorage(config.tokens ?? EMPTY_TOKENS);
     const getTokens = () => _tokenStorage.getTokens();
@@ -81,7 +87,7 @@ export function OAuthStrategy(config) {
         const tokensResponse = await fetchTokens({
             clientId: config.clientId,
             grantType: 'anonymous',
-        });
+        }, _tokenRequestHeaders);
         return {
             accessToken: createAccessToken(tokensResponse.access_token, tokensResponse.expires_in),
             refreshToken: {
@@ -94,7 +100,7 @@ export function OAuthStrategy(config) {
         const tokensResponse = await fetchTokens({
             refreshToken: refreshToken.value,
             grantType: 'refresh_token',
-        });
+        }, _tokenRequestHeaders);
         const accessToken = createAccessToken(tokensResponse.access_token, tokensResponse.expires_in);
         return {
             accessToken,
@@ -175,7 +181,7 @@ export function OAuthStrategy(config) {
             ...(oauthData.redirectUri && { redirectUri: oauthData.redirectUri }),
             code,
             codeVerifier: oauthData.codeVerifier,
-        });
+        }, _tokenRequestHeaders);
         return {
             accessToken: createAccessToken(tokensResponse.access_token, tokensResponse.expires_in),
             refreshToken: {
@@ -350,6 +356,7 @@ export function OAuthStrategy(config) {
             member_id: memberId,
         }, {
             Authorization: getTokens().accessToken.value + ',' + apiKey,
+            ..._tokenRequestHeaders,
         });
         return {
             accessToken: createAccessToken(tokensResponse.access_token, tokensResponse.expires_in),

package/build/auth/oauth2/types.d.ts CHANGED Viewed

@@ -1,5 +1,15 @@
 import { authentication } from '@wix/identity';
 import { AuthenticationStrategy } from '@wix/sdk-types';
+/**
+ * Options for token-related API requests.
+ */
+export interface TokenRequestOptions {
+    /**
+     * Custom headers to include in the token request.
+     * Useful for passing 'client-binding' header in public rendering flows.
+     */
+    headers?: Record<string, string>;
+}
 export interface Tokens {
     accessToken: AccessToken;
     refreshToken: RefreshToken;

package/build/rest-modules.d.ts CHANGED Viewed

@@ -2,4 +2,6 @@ import { BuildRESTFunction, PublicMetadata, RESTFunctionDescriptor, WixClientErr
 export type RESTModuleOptions = {
     HTTPHost?: string;
 };
-export declare function buildRESTDescriptor<T extends RESTFunctionDescriptor>(origFunc: T, publicMetadata: PublicMetadata, boundFetch: typeof fetch, errorHandler: WixClientErrorHandler | undefined, wixAPIFetch: (relativeUrl: string, options: RequestInit) => Promise<Response>, getActiveToken?: () => string | undefined, options?: RESTModuleOptions, hostName?: string | undefined, useCDN?: boolean): BuildRESTFunction<T>;
+export declare function buildRESTDescriptor<T extends RESTFunctionDescriptor>(origFunc: T, publicMetadata: PublicMetadata, boundFetch: typeof fetch, errorHandler: WixClientErrorHandler | undefined, wixAPIFetch: (relativeUrl: string, options: RequestInit) => Promise<Response>, getActiveToken?: () => string | undefined, getAuthHeaders?: () => Promise<{
+    headers: Record<string, string>;
+}>, options?: RESTModuleOptions, hostName?: string | undefined, useCDN?: boolean): BuildRESTFunction<T>;

package/build/rest-modules.js CHANGED Viewed

@@ -2,7 +2,7 @@ import { biHeaderGenerator } from './bi/biHeaderGenerator.js';
 import { DEFAULT_API_URL, DEFAULT_EDGE_API_URL } from './common.js';
 import { runWithoutContext } from '@wix/sdk-runtime/context';
 import { transformError } from '@wix/sdk-runtime/transform-error';
-export function buildRESTDescriptor(origFunc, publicMetadata, boundFetch, errorHandler, wixAPIFetch, getActiveToken, options, hostName, useCDN) {
+export function buildRESTDescriptor(origFunc, publicMetadata, boundFetch, errorHandler, wixAPIFetch, getActiveToken, getAuthHeaders, options, hostName, useCDN) {
     return runWithoutContext(() => origFunc({
         request: async (factory) => {
             const requestOptions = factory({
@@ -82,6 +82,7 @@ export function buildRESTDescriptor(origFunc, publicMetadata, boundFetch, errorH
         fetchWithAuth: boundFetch,
         wixAPIFetch,
         getActiveToken,
+        getAuthHeaders,
     }));
 }
 class SDKError extends Error {

package/build/wixClient.js CHANGED Viewed

@@ -137,7 +137,9 @@ export function createClient(config) {
                 finalUrl.host = apiBaseUrl;
                 finalUrl.protocol = 'https';
                 return boundFetch(finalUrl.toString(), fetchOptions);
-            }, getAuthStrategy().getActiveToken, { HTTPHost: apiBaseUrl }, config.host?.name, shouldUseCDN);
+            }, getAuthStrategy().getActiveToken,
+            // async wrapper normalizes the sync/async union from AuthenticationStrategy.getAuthHeaders
+            async () => boundGetAuthHeaders(), { HTTPHost: apiBaseUrl }, config.host?.name, shouldUseCDN);
         }
         else if (isObject(modules)) {
             return Object.fromEntries(Object.entries(modules).map(([key, value]) => {

package/cjs/build/auth/oauth2/OAuthStrategy.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { IOAuthStrategy, Tokens, TokenStorage } from './types.js';
+import { IOAuthStrategy, TokenRequestOptions, Tokens, TokenStorage } from './types.js';
 /**
  * OAuth authentication strategy for Wix SDK.
  * @param config - Configuration object
@@ -8,6 +8,8 @@ import { IOAuthStrategy, Tokens, TokenStorage } from './types.js';
  * @param config.tokenStorage - Custom storage implementation (mutually exclusive with `tokens`).
  *   When provided, the strategy delegates all token persistence to this storage.
  *   The storage's `getTokens()` must always return `Tokens` (use `EMPTY_TOKENS` as fallback).
+ * @param config.tokenRequestOptions - Optional request options (e.g., custom headers) for all token requests.
+ *   Useful for passing 'client-binding' header in public rendering flows.
  * @returns OAuth strategy instance
  * @example
  * // Default in-memory storage with initial tokens
@@ -15,10 +17,14 @@ import { IOAuthStrategy, Tokens, TokenStorage } from './types.js';
  * @example
  * // Custom storage (e.g., cookies)
  * OAuthStrategy({ clientId: 'xxx', tokenStorage: myCookieStorage })
+ * @example
+ * // With custom headers for all token requests
+ * OAuthStrategy({ clientId: 'xxx', tokenRequestOptions: { headers: { 'client-binding': '...' } } })
  */
 export declare function OAuthStrategy(config: {
     clientId: string;
     publicKey?: string;
+    tokenRequestOptions?: TokenRequestOptions;
 } & ({
     tokens?: Tokens;
     tokenStorage?: never;

package/cjs/build/auth/oauth2/OAuthStrategy.js CHANGED Viewed

@@ -23,6 +23,8 @@ const moduleWithTokens = { redirects: redirects_1.redirects, authentication: ide
  * @param config.tokenStorage - Custom storage implementation (mutually exclusive with `tokens`).
  *   When provided, the strategy delegates all token persistence to this storage.
  *   The storage's `getTokens()` must always return `Tokens` (use `EMPTY_TOKENS` as fallback).
+ * @param config.tokenRequestOptions - Optional request options (e.g., custom headers) for all token requests.
+ *   Useful for passing 'client-binding' header in public rendering flows.
  * @returns OAuth strategy instance
  * @example
  * // Default in-memory storage with initial tokens
@@ -30,8 +32,12 @@ const moduleWithTokens = { redirects: redirects_1.redirects, authentication: ide
  * @example
  * // Custom storage (e.g., cookies)
  * OAuthStrategy({ clientId: 'xxx', tokenStorage: myCookieStorage })
+ * @example
+ * // With custom headers for all token requests
+ * OAuthStrategy({ clientId: 'xxx', tokenRequestOptions: { headers: { 'client-binding': '...' } } })
  */
 function OAuthStrategy(config) {
+    const _tokenRequestHeaders = config.tokenRequestOptions?.headers ?? {};
     const _tokenStorage = config.tokenStorage ??
         (0, token_storage_js_1.createLocalTokenStorage)(config.tokens ?? token_storage_js_1.EMPTY_TOKENS);
     const getTokens = () => _tokenStorage.getTokens();
@@ -84,7 +90,7 @@ function OAuthStrategy(config) {
         const tokensResponse = await fetchTokens({
             clientId: config.clientId,
             grantType: 'anonymous',
-        });
+        }, _tokenRequestHeaders);
         return {
             accessToken: (0, tokenHelpers_js_1.createAccessToken)(tokensResponse.access_token, tokensResponse.expires_in),
             refreshToken: {
@@ -97,7 +103,7 @@ function OAuthStrategy(config) {
         const tokensResponse = await fetchTokens({
             refreshToken: refreshToken.value,
             grantType: 'refresh_token',
-        });
+        }, _tokenRequestHeaders);
         const accessToken = (0, tokenHelpers_js_1.createAccessToken)(tokensResponse.access_token, tokensResponse.expires_in);
         return {
             accessToken,
@@ -178,7 +184,7 @@ function OAuthStrategy(config) {
             ...(oauthData.redirectUri && { redirectUri: oauthData.redirectUri }),
             code,
             codeVerifier: oauthData.codeVerifier,
-        });
+        }, _tokenRequestHeaders);
         return {
             accessToken: (0, tokenHelpers_js_1.createAccessToken)(tokensResponse.access_token, tokensResponse.expires_in),
             refreshToken: {
@@ -353,6 +359,7 @@ function OAuthStrategy(config) {
             member_id: memberId,
         }, {
             Authorization: getTokens().accessToken.value + ',' + apiKey,
+            ..._tokenRequestHeaders,
         });
         return {
             accessToken: (0, tokenHelpers_js_1.createAccessToken)(tokensResponse.access_token, tokensResponse.expires_in),

package/cjs/build/auth/oauth2/types.d.ts CHANGED Viewed

@@ -1,5 +1,15 @@
 import { authentication } from '@wix/identity';
 import { AuthenticationStrategy } from '@wix/sdk-types';
+/**
+ * Options for token-related API requests.
+ */
+export interface TokenRequestOptions {
+    /**
+     * Custom headers to include in the token request.
+     * Useful for passing 'client-binding' header in public rendering flows.
+     */
+    headers?: Record<string, string>;
+}
 export interface Tokens {
     accessToken: AccessToken;
     refreshToken: RefreshToken;

package/cjs/build/rest-modules.d.ts CHANGED Viewed

@@ -2,4 +2,6 @@ import { BuildRESTFunction, PublicMetadata, RESTFunctionDescriptor, WixClientErr
 export type RESTModuleOptions = {
     HTTPHost?: string;
 };
-export declare function buildRESTDescriptor<T extends RESTFunctionDescriptor>(origFunc: T, publicMetadata: PublicMetadata, boundFetch: typeof fetch, errorHandler: WixClientErrorHandler | undefined, wixAPIFetch: (relativeUrl: string, options: RequestInit) => Promise<Response>, getActiveToken?: () => string | undefined, options?: RESTModuleOptions, hostName?: string | undefined, useCDN?: boolean): BuildRESTFunction<T>;
+export declare function buildRESTDescriptor<T extends RESTFunctionDescriptor>(origFunc: T, publicMetadata: PublicMetadata, boundFetch: typeof fetch, errorHandler: WixClientErrorHandler | undefined, wixAPIFetch: (relativeUrl: string, options: RequestInit) => Promise<Response>, getActiveToken?: () => string | undefined, getAuthHeaders?: () => Promise<{
+    headers: Record<string, string>;
+}>, options?: RESTModuleOptions, hostName?: string | undefined, useCDN?: boolean): BuildRESTFunction<T>;

package/cjs/build/rest-modules.js CHANGED Viewed

@@ -5,7 +5,7 @@ const biHeaderGenerator_js_1 = require("./bi/biHeaderGenerator.js");
 const common_js_1 = require("./common.js");
 const context_1 = require("@wix/sdk-runtime/context");
 const transform_error_1 = require("@wix/sdk-runtime/transform-error");
-function buildRESTDescriptor(origFunc, publicMetadata, boundFetch, errorHandler, wixAPIFetch, getActiveToken, options, hostName, useCDN) {
+function buildRESTDescriptor(origFunc, publicMetadata, boundFetch, errorHandler, wixAPIFetch, getActiveToken, getAuthHeaders, options, hostName, useCDN) {
     return (0, context_1.runWithoutContext)(() => origFunc({
         request: async (factory) => {
             const requestOptions = factory({
@@ -85,6 +85,7 @@ function buildRESTDescriptor(origFunc, publicMetadata, boundFetch, errorHandler,
         fetchWithAuth: boundFetch,
         wixAPIFetch,
         getActiveToken,
+        getAuthHeaders,
     }));
 }
 class SDKError extends Error {

package/cjs/build/wixClient.js CHANGED Viewed

@@ -141,7 +141,9 @@ function createClient(config) {
                 finalUrl.host = apiBaseUrl;
                 finalUrl.protocol = 'https';
                 return boundFetch(finalUrl.toString(), fetchOptions);
-            }, getAuthStrategy().getActiveToken, { HTTPHost: apiBaseUrl }, config.host?.name, shouldUseCDN);
+            }, getAuthStrategy().getActiveToken,
+            // async wrapper normalizes the sync/async union from AuthenticationStrategy.getAuthHeaders
+            async () => boundGetAuthHeaders(), { HTTPHost: apiBaseUrl }, config.host?.name, shouldUseCDN);
         }
         else if ((0, helpers_js_1.isObject)(modules)) {
             return Object.fromEntries(Object.entries(modules).map(([key, value]) => {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@wix/sdk",
-  "version": "1.21.2",
+  "version": "1.21.4",
   "author": {
     "name": "Ronny Ringel",
     "email": "ronnyr@wix.com"
@@ -10,8 +10,8 @@
     "@wix/image-kit": "^1.114.0",
     "@wix/redirects": "^1.0.70",
     "@wix/sdk-context": "0.0.1",
-    "@wix/sdk-runtime": "1.0.4",
-    "@wix/sdk-types": "1.17.2",
+    "@wix/sdk-runtime": "1.0.9",
+    "@wix/sdk-types": "1.17.5",
     "jose": "^5.10.0",
     "type-fest": "^4.41.0"
   },
@@ -22,8 +22,8 @@
     "@wix/ecom": "^1.0.886",
     "@wix/events": "^1.0.382",
     "@wix/metro": "^1.0.93",
-    "@wix/metro-runtime": "^1.1891.0",
-    "@wix/sdk-runtime": "1.0.4",
+    "@wix/metro-runtime": "1.1891.0",
+    "@wix/sdk-runtime": "1.0.9",
     "eslint": "^8.57.1",
     "eslint-config-sdk": "1.0.0",
     "graphql": "^16.8.0",
@@ -126,5 +126,5 @@
   "yoshiFlowLibrary": {
     "buildEsmWithBabel": true
   },
-  "falconPackageHash": "6c3be1dc51c31ae28b5b8cf467d5d129452c7a7722dfce6898b929f2"
+  "falconPackageHash": "70bda4c4228f2ead0966aa46c8ffdcb308ad656a0797bb9f1b29002e"
 }