@wix/sdk 1.7.2 → 1.7.4

package/build/auth/WixAppOAuthStrategy.d.ts

@@ -1,7 +1,9 @@
 import { AuthenticationStrategy } from '@wix/sdk-types';
 export type WixAppOAuthStrategy = AuthenticationStrategy & {
-    getInstallUrl({ redirectUrl }: {
+    getInstallUrl(opts: {
         redirectUrl: string;
+        state?: string;
+        token?: string;
     }): string;
     handleOAuthCallback(url: string, opts?: {
         state: string;
@@ -18,7 +20,7 @@ export type WixAppOAuthStrategy = AuthenticationStrategy & {
  * @param opts.appId The Wix App ID
  * @param opts.appSecret The Wix App Secret
  * @param opts.refreshToken An optional refresh token previously retrieved from Wix OAuth API
- * @param opts.publicKey An optional public key for validating webhook requests
+ * @param opts.publicKey An optional public key for validating webhook requests (supports both PEM and base64 encoded keys)
  * @returns An authentication strategy that can be used with WixClient
  * @example
  * ```ts

package/build/auth/WixAppOAuthStrategy.js

@@ -1,4 +1,5 @@
 import { verify } from 'jsonwebtoken';
+import { parsePublicKeyIfEncoded } from '../helpers.js';
 /**
  * Creates an authentication strategy for Wix Apps OAuth installation process.
  * Use this authentication strategy when making requests to Wix APIs from your Wix App backend.
@@ -6,7 +7,7 @@ import { verify } from 'jsonwebtoken';
  * @param opts.appId The Wix App ID
  * @param opts.appSecret The Wix App Secret
  * @param opts.refreshToken An optional refresh token previously retrieved from Wix OAuth API
- * @param opts.publicKey An optional public key for validating webhook requests
+ * @param opts.publicKey An optional public key for validating webhook requests (supports both PEM and base64 encoded keys)
  * @returns An authentication strategy that can be used with WixClient
  * @example
  * ```ts
@@ -40,8 +41,17 @@ import { verify } from 'jsonwebtoken';
 export function WixAppOAuthStrategy(opts) {
     let refreshToken = opts.refreshToken;
     return {
-        getInstallUrl({ redirectUrl }) {
-            return `https://www.wix.com/installer/install?appId=${opts.appId}&redirectUrl=${redirectUrl}`;
+        getInstallUrl({ redirectUrl, token, state }) {
+            const params = new URLSearchParams();
+            params.set('redirectUrl', redirectUrl);
+            params.set('appId', opts.appId);
+            if (state) {
+                params.set('state', state);
+            }
+            if (token) {
+                params.set('token', token);
+            }
+            return `https://www.wix.com/installer/install?${params.toString()}`;
         },
         async handleOAuthCallback(url, oauthOpts) {
             if (!opts.appSecret) {
@@ -110,11 +120,17 @@ export function WixAppOAuthStrategy(opts) {
                 },
             };
         },
-        decodeJWT(token) {
+        decodeJWT(token, verifyCallerClaims = false) {
             if (!opts.publicKey) {
                 throw new Error('Missing public key. Make sure to pass it to the WixAppOAuthStrategy');
             }
-            const decoded = verify(token, opts.publicKey);
+            const publicKey = parsePublicKeyIfEncoded(opts.publicKey);
+            const decoded = verify(token, publicKey, verifyCallerClaims
+                ? {
+                    issuer: 'wix.com',
+                    audience: opts.appId,
+                }
+                : undefined);
             return {
                 decoded,
                 valid: true,

package/build/helpers.d.ts

@@ -2,3 +2,4 @@ export declare const getDefaultContentHeader: (options: RequestInit | undefined)
     'Content-Type'?: string;
 };
 export declare const isObject: (val: any) => val is Object;
+export declare function parsePublicKeyIfEncoded(publicKey: string): string;

package/build/helpers.js

@@ -9,3 +9,15 @@ export const getDefaultContentHeader = (options) => {
     return {};
 };
 export const isObject = (val) => val && typeof val === 'object' && !Array.isArray(val);
+export function parsePublicKeyIfEncoded(publicKey) {
+    if (publicKey.includes('\n') || publicKey.includes('\r')) {
+        // publicKey is multi-line string, can be used as is
+        return publicKey.trim();
+    }
+    else {
+        // publicKey is base64 encoded
+        return typeof btoa !== 'undefined'
+            ? btoa(publicKey)
+            : Buffer.from(publicKey, 'base64').toString('utf-8');
+    }
+}

package/build/wixClient.d.ts

@@ -1,4 +1,4 @@
-import { AuthenticationStrategy, BoundAuthenticationStrategy, BuildRESTFunction, Host, HostModule, HostModuleAPI, RESTFunctionDescriptor, EventDefinition } from '@wix/sdk-types';
+import { AuthenticationStrategy, BoundAuthenticationStrategy, BuildRESTFunction, Host, HostModule, HostModuleAPI, RESTFunctionDescriptor, EventDefinition, SPIDefinition } from '@wix/sdk-types';
 import { ConditionalExcept, EmptyObject } from 'type-fest';
 import { AmbassadorFunctionDescriptor, BuildAmbassadorFunction } from './ambassador-modules.js';
 import { PublicMetadata } from './common.js';
@@ -67,6 +67,20 @@ export type WixClient<H extends Host<any> | undefined = undefined, Z extends Aut
         processRequest<ExpectedEvents extends EventDefinition<any>[] = []>(request: Request, opts?: {
             expectedEvents: ExpectedEvents;
         }): Promise<ProcessedEvent<ExpectedEvents>>;
+        apps: {
+            AppInstalled: EventDefinition<{
+                appId: string;
+                originInstanceId: string;
+            }>;
+            AppRemoved: EventDefinition<{
+                appId: string;
+            }>;
+        };
+    };
+    spi: <S extends SPIDefinition<any, any>>() => {
+        process(jwt: string): S['__input'];
+        processRequest(request: Request): Promise<S['__input']>;
+        result(result: S['__result']): S['__result'];
     };
 } & BuildDescriptors<T, H>;
 type ResolvePossibleEvents<T extends EventDefinition<any>[]> = {

package/build/wixClient.js

@@ -116,6 +116,37 @@ export function createClient(config) {
                 const body = await request.text();
                 return this.process(body, opts);
             },
+            apps: {
+                AppInstalled: {
+                    type: 'AppInstalled',
+                    __payload: void 0,
+                },
+                AppRemoved: {
+                    type: 'AppRemoved',
+                    __payload: void 0,
+                },
+            },
+        },
+        spi() {
+            return {
+                process(jwt) {
+                    if (!authStrategy.decodeJWT) {
+                        throw new Error('decodeJWT is not supported by the authentication strategy');
+                    }
+                    const { decoded, valid } = authStrategy.decodeJWT(jwt, true);
+                    if (!valid) {
+                        throw new Error('JWT is not valid');
+                    }
+                    return decoded.data;
+                },
+                async processRequest(request) {
+                    const body = await request.text();
+                    return this.process(body);
+                },
+                result(result) {
+                    return result;
+                },
+            };
         },
     };
 }

package/cjs/build/auth/WixAppOAuthStrategy.d.ts

@@ -1,7 +1,9 @@
 import { AuthenticationStrategy } from '@wix/sdk-types';
 export type WixAppOAuthStrategy = AuthenticationStrategy & {
-    getInstallUrl({ redirectUrl }: {
+    getInstallUrl(opts: {
         redirectUrl: string;
+        state?: string;
+        token?: string;
     }): string;
     handleOAuthCallback(url: string, opts?: {
         state: string;
@@ -18,7 +20,7 @@ export type WixAppOAuthStrategy = AuthenticationStrategy & {
  * @param opts.appId The Wix App ID
  * @param opts.appSecret The Wix App Secret
  * @param opts.refreshToken An optional refresh token previously retrieved from Wix OAuth API
- * @param opts.publicKey An optional public key for validating webhook requests
+ * @param opts.publicKey An optional public key for validating webhook requests (supports both PEM and base64 encoded keys)
  * @returns An authentication strategy that can be used with WixClient
  * @example
  * ```ts

package/cjs/build/auth/WixAppOAuthStrategy.js

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.WixAppOAuthStrategy = void 0;
 const jsonwebtoken_1 = require("jsonwebtoken");
+const helpers_js_1 = require("../helpers.js");
 /**
  * Creates an authentication strategy for Wix Apps OAuth installation process.
  * Use this authentication strategy when making requests to Wix APIs from your Wix App backend.
@@ -9,7 +10,7 @@ const jsonwebtoken_1 = require("jsonwebtoken");
  * @param opts.appId The Wix App ID
  * @param opts.appSecret The Wix App Secret
  * @param opts.refreshToken An optional refresh token previously retrieved from Wix OAuth API
- * @param opts.publicKey An optional public key for validating webhook requests
+ * @param opts.publicKey An optional public key for validating webhook requests (supports both PEM and base64 encoded keys)
  * @returns An authentication strategy that can be used with WixClient
  * @example
  * ```ts
@@ -43,8 +44,17 @@ const jsonwebtoken_1 = require("jsonwebtoken");
 function WixAppOAuthStrategy(opts) {
     let refreshToken = opts.refreshToken;
     return {
-        getInstallUrl({ redirectUrl }) {
-            return `https://www.wix.com/installer/install?appId=${opts.appId}&redirectUrl=${redirectUrl}`;
+        getInstallUrl({ redirectUrl, token, state }) {
+            const params = new URLSearchParams();
+            params.set('redirectUrl', redirectUrl);
+            params.set('appId', opts.appId);
+            if (state) {
+                params.set('state', state);
+            }
+            if (token) {
+                params.set('token', token);
+            }
+            return `https://www.wix.com/installer/install?${params.toString()}`;
         },
         async handleOAuthCallback(url, oauthOpts) {
             if (!opts.appSecret) {
@@ -113,11 +123,17 @@ function WixAppOAuthStrategy(opts) {
                 },
             };
         },
-        decodeJWT(token) {
+        decodeJWT(token, verifyCallerClaims = false) {
             if (!opts.publicKey) {
                 throw new Error('Missing public key. Make sure to pass it to the WixAppOAuthStrategy');
             }
-            const decoded = (0, jsonwebtoken_1.verify)(token, opts.publicKey);
+            const publicKey = (0, helpers_js_1.parsePublicKeyIfEncoded)(opts.publicKey);
+            const decoded = (0, jsonwebtoken_1.verify)(token, publicKey, verifyCallerClaims
+                ? {
+                    issuer: 'wix.com',
+                    audience: opts.appId,
+                }
+                : undefined);
             return {
                 decoded,
                 valid: true,

package/cjs/build/helpers.d.ts

@@ -2,3 +2,4 @@ export declare const getDefaultContentHeader: (options: RequestInit | undefined)
     'Content-Type'?: string;
 };
 export declare const isObject: (val: any) => val is Object;
+export declare function parsePublicKeyIfEncoded(publicKey: string): string;

package/cjs/build/helpers.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isObject = exports.getDefaultContentHeader = void 0;
+exports.parsePublicKeyIfEncoded = exports.isObject = exports.getDefaultContentHeader = void 0;
 // we follow a simplified version of the axios convention
 // https://github.com/axios/axios/blob/649d739288c8e2c55829ac60e2345a0f3439c730/lib/defaults/index.js#L65
 const getDefaultContentHeader = (options) => {
@@ -14,3 +14,16 @@ const getDefaultContentHeader = (options) => {
 exports.getDefaultContentHeader = getDefaultContentHeader;
 const isObject = (val) => val && typeof val === 'object' && !Array.isArray(val);
 exports.isObject = isObject;
+function parsePublicKeyIfEncoded(publicKey) {
+    if (publicKey.includes('\n') || publicKey.includes('\r')) {
+        // publicKey is multi-line string, can be used as is
+        return publicKey.trim();
+    }
+    else {
+        // publicKey is base64 encoded
+        return typeof btoa !== 'undefined'
+            ? btoa(publicKey)
+            : Buffer.from(publicKey, 'base64').toString('utf-8');
+    }
+}
+exports.parsePublicKeyIfEncoded = parsePublicKeyIfEncoded;

package/cjs/build/wixClient.d.ts

@@ -1,4 +1,4 @@
-import { AuthenticationStrategy, BoundAuthenticationStrategy, BuildRESTFunction, Host, HostModule, HostModuleAPI, RESTFunctionDescriptor, EventDefinition } from '@wix/sdk-types';
+import { AuthenticationStrategy, BoundAuthenticationStrategy, BuildRESTFunction, Host, HostModule, HostModuleAPI, RESTFunctionDescriptor, EventDefinition, SPIDefinition } from '@wix/sdk-types';
 import { ConditionalExcept, EmptyObject } from 'type-fest';
 import { AmbassadorFunctionDescriptor, BuildAmbassadorFunction } from './ambassador-modules.js';
 import { PublicMetadata } from './common.js';
@@ -67,6 +67,20 @@ export type WixClient<H extends Host<any> | undefined = undefined, Z extends Aut
         processRequest<ExpectedEvents extends EventDefinition<any>[] = []>(request: Request, opts?: {
             expectedEvents: ExpectedEvents;
         }): Promise<ProcessedEvent<ExpectedEvents>>;
+        apps: {
+            AppInstalled: EventDefinition<{
+                appId: string;
+                originInstanceId: string;
+            }>;
+            AppRemoved: EventDefinition<{
+                appId: string;
+            }>;
+        };
+    };
+    spi: <S extends SPIDefinition<any, any>>() => {
+        process(jwt: string): S['__input'];
+        processRequest(request: Request): Promise<S['__input']>;
+        result(result: S['__result']): S['__result'];
     };
 } & BuildDescriptors<T, H>;
 type ResolvePossibleEvents<T extends EventDefinition<any>[]> = {

package/cjs/build/wixClient.js

@@ -119,6 +119,37 @@ function createClient(config) {
                 const body = await request.text();
                 return this.process(body, opts);
             },
+            apps: {
+                AppInstalled: {
+                    type: 'AppInstalled',
+                    __payload: void 0,
+                },
+                AppRemoved: {
+                    type: 'AppRemoved',
+                    __payload: void 0,
+                },
+            },
+        },
+        spi() {
+            return {
+                process(jwt) {
+                    if (!authStrategy.decodeJWT) {
+                        throw new Error('decodeJWT is not supported by the authentication strategy');
+                    }
+                    const { decoded, valid } = authStrategy.decodeJWT(jwt, true);
+                    if (!valid) {
+                        throw new Error('JWT is not valid');
+                    }
+                    return decoded.data;
+                },
+                async processRequest(request) {
+                    const body = await request.text();
+                    return this.process(body);
+                },
+                result(result) {
+                    return result;
+                },
+            };
         },
     };
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wix/sdk",
-  "version": "1.7.2",
+  "version": "1.7.4",
   "license": "UNLICENSED",
   "author": {
     "name": "Ronny Ringel",
@@ -62,7 +62,7 @@
     "@wix/identity": "^1.0.72",
     "@wix/image-kit": "^1.50.0",
     "@wix/redirects": "^1.0.32",
-    "@wix/sdk-types": "^1.5.5",
+    "@wix/sdk-types": "^1.5.6",
     "crypto-js": "^4.2.0",
     "jsonwebtoken": "^9.0.2",
     "pkce-challenge": "^3.1.0",
@@ -78,10 +78,11 @@
     "@types/jsonwebtoken": "^9.0.5",
     "@types/node": "^20.10.6",
     "@vitest/ui": "^1.1.3",
-    "@wix/ecom": "^1.0.473",
-    "@wix/events": "^1.0.144",
+    "@wix/ecom": "^1.0.474",
+    "@wix/events": "^1.0.145",
     "@wix/metro": "^1.0.73",
-    "@wix/metro-runtime": "^1.1616.0",
+    "@wix/metro-runtime": "^1.1618.0",
+    "@wix/sdk-runtime": "0.2.7",
     "eslint": "^8.56.0",
     "eslint-config-sdk": "0.0.0",
     "graphql": "^16.8.0",
@@ -115,5 +116,5 @@
   "wallaby": {
     "autoDetect": true
   },
-  "falconPackageHash": "c93d4242558d1559e8e7149680612d8aca349adb52ef06a00050f11d"
+  "falconPackageHash": "93a9673030401f9f114208015d7df832e9f3e9b1189763fcd4380c61"
 }