@zapier/zapier-sdk 0.15.4 → 0.15.9

package/CHANGELOG.md

@@ -1,5 +1,35 @@
 # @zapier/zapier-sdk
 
+## 0.15.9
+
+### Patch Changes
+
+- 450b009: Fix getAction to search across all paginated results
+
+## 0.15.8
+
+### Patch Changes
+
+- 371315e: Extract main logic/transformations of getAuthentication into temporary-internal-core to prepare for full migration
+
+## 0.15.7
+
+### Patch Changes
+
+- 9f3695b: Make sure path of base URL is used when overriding base URL.
+
+## 0.15.6
+
+### Patch Changes
+
+- 6a0e0db: Fix telemetry user context to use token from SDK options and Deduplicate JWT validation logic
+
+## 0.15.5
+
+### Patch Changes
+
+- 712c02b: Refactored temporary route override pattern
+
 ## 0.15.4
 
 ### Patch Changes

package/dist/api/auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/api/auth.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,wBAAgB,KAAK,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAW5C;AAED,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAO5D;AAED;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG;IACpD,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B,CAwCA"}
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/api/auth.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,wBAAgB,KAAK,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAW5C;AAaD,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAO5D;AAED;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG;IACpD,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B,CAwCA"}

package/dist/api/auth.js

@@ -15,6 +15,16 @@ export function isJwt(token) {
     const base64UrlPattern = /^[A-Za-z0-9_-]+$/;
     return parts.every((part) => part.length > 0 && base64UrlPattern.test(part));
 }
+/**
+ * Parse a JWT token into its three parts
+ * Returns the parts array if valid, null otherwise
+ */
+function parseJwt(token) {
+    if (!isJwt(token)) {
+        return null;
+    }
+    return token.split(".");
+}
 export function getAuthorizationHeader(token) {
     // Check if token is a JWT (has 3 parts separated by dots)
     if (isJwt(token)) {
@@ -30,11 +40,11 @@ export function getAuthorizationHeader(token) {
  * Returns null values on any failure (silent-by-design)
  */
 export function extractUserIdsFromJwt(token) {
+    const parts = parseJwt(token);
+    if (!parts) {
+        return { customuser_id: null, account_id: null };
+    }
     try {
-        const parts = token.split(".");
-        if (parts.length !== 3) {
-            return { customuser_id: null, account_id: null };
-        }
         const payload = JSON.parse(Buffer.from(parts[1], "base64url").toString("utf-8"));
         let actualPayload = payload;
         if (payload.sub_type === "service" && payload.njwt) {

package/dist/api/auth.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=auth.test.d.ts.map

package/dist/api/auth.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.test.d.ts","sourceRoot":"","sources":["../../src/api/auth.test.ts"],"names":[],"mappings":""}

package/dist/api/auth.test.js

@@ -0,0 +1,220 @@
+import { describe, it, expect } from "vitest";
+import { isJwt, getAuthorizationHeader, extractUserIdsFromJwt } from "./auth";
+describe("api/auth", () => {
+    describe("isJwt", () => {
+        it("should return true for valid JWT tokens", () => {
+            const validJwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c";
+            expect(isJwt(validJwt)).toBe(true);
+        });
+        it("should return true for JWT with minimal valid parts", () => {
+            const minimalJwt = "a.b.c";
+            expect(isJwt(minimalJwt)).toBe(true);
+        });
+        it("should return false for tokens with fewer than 3 parts", () => {
+            expect(isJwt("header.payload")).toBe(false);
+            expect(isJwt("onlyonepart")).toBe(false);
+            expect(isJwt("")).toBe(false);
+        });
+        it("should return false for tokens with more than 3 parts", () => {
+            expect(isJwt("part1.part2.part3.part4")).toBe(false);
+        });
+        it("should return false for tokens with empty parts", () => {
+            expect(isJwt("..")).toBe(false);
+            expect(isJwt(".payload.signature")).toBe(false);
+            expect(isJwt("header..signature")).toBe(false);
+            expect(isJwt("header.payload.")).toBe(false);
+        });
+        it("should return false for tokens with invalid base64url characters", () => {
+            expect(isJwt("header+plus.payload.signature")).toBe(false);
+            expect(isJwt("header.payload/slash.signature")).toBe(false);
+            expect(isJwt("header.payload=padding.signature")).toBe(false);
+            expect(isJwt("header.payload with space.signature")).toBe(false);
+        });
+        it("should accept valid base64url characters including dashes and underscores", () => {
+            const validBase64Url = "abc-123_XYZ.def-456_UVW.ghi-789_RST";
+            expect(isJwt(validBase64Url)).toBe(true);
+        });
+    });
+    describe("getAuthorizationHeader", () => {
+        it("should return JWT prefix for valid JWT tokens", () => {
+            const jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.dozjgNryP4J3jVmNHl0w5N_XgL0n3I9PlFUP0THsR8U";
+            expect(getAuthorizationHeader(jwt)).toBe(`JWT ${jwt}`);
+        });
+        it("should return Bearer prefix for non-JWT tokens", () => {
+            const apiKey = "sk_test_1234567890abcdef";
+            expect(getAuthorizationHeader(apiKey)).toBe(`Bearer ${apiKey}`);
+        });
+        it("should return Bearer prefix for tokens with wrong number of parts", () => {
+            expect(getAuthorizationHeader("header.payload")).toBe("Bearer header.payload");
+        });
+        it("should return Bearer prefix for empty string", () => {
+            expect(getAuthorizationHeader("")).toBe("Bearer ");
+        });
+    });
+    describe("extractUserIdsFromJwt", () => {
+        function createJwt(payload) {
+            const header = Buffer.from(JSON.stringify({ alg: "HS256", typ: "JWT" })).toString("base64url");
+            const payloadEncoded = Buffer.from(JSON.stringify(payload)).toString("base64url");
+            const signature = "fake_signature_for_testing";
+            return `${header}.${payloadEncoded}.${signature}`;
+        }
+        it("should return null values for invalid JWT tokens", () => {
+            expect(extractUserIdsFromJwt("not-a-jwt")).toEqual({
+                customuser_id: null,
+                account_id: null,
+            });
+        });
+        it("should return null values for JWT with invalid payload", () => {
+            const invalidJwt = "header.not-valid-base64!.signature";
+            expect(extractUserIdsFromJwt(invalidJwt)).toEqual({
+                customuser_id: null,
+                account_id: null,
+            });
+        });
+        it("should extract customuser_id and account_id from regular JWT", () => {
+            const payload = {
+                sub: "12345",
+                sub_type: "customuser",
+                "zap:acc": "67890",
+            };
+            const jwt = createJwt(payload);
+            expect(extractUserIdsFromJwt(jwt)).toEqual({
+                customuser_id: 12345,
+                account_id: 67890,
+            });
+        });
+        it("should handle numeric sub and zap:acc values", () => {
+            const payload = {
+                sub: 99999,
+                sub_type: "customuser",
+                "zap:acc": 11111,
+            };
+            const jwt = createJwt(payload);
+            expect(extractUserIdsFromJwt(jwt)).toEqual({
+                customuser_id: 99999,
+                account_id: 11111,
+            });
+        });
+        it("should return null customuser_id when sub_type is not customuser", () => {
+            const payload = {
+                sub: "12345",
+                sub_type: "other",
+                "zap:acc": "67890",
+            };
+            const jwt = createJwt(payload);
+            expect(extractUserIdsFromJwt(jwt)).toEqual({
+                customuser_id: null,
+                account_id: 67890,
+            });
+        });
+        it("should return null customuser_id when sub is missing", () => {
+            const payload = {
+                sub_type: "customuser",
+                "zap:acc": "67890",
+            };
+            const jwt = createJwt(payload);
+            expect(extractUserIdsFromJwt(jwt)).toEqual({
+                customuser_id: null,
+                account_id: 67890,
+            });
+        });
+        it("should return null account_id when zap:acc is missing", () => {
+            const payload = {
+                sub: "12345",
+                sub_type: "customuser",
+            };
+            const jwt = createJwt(payload);
+            expect(extractUserIdsFromJwt(jwt)).toEqual({
+                customuser_id: 12345,
+                account_id: null,
+            });
+        });
+        it("should return null values when both fields are missing", () => {
+            const payload = {
+                other_field: "value",
+            };
+            const jwt = createJwt(payload);
+            expect(extractUserIdsFromJwt(jwt)).toEqual({
+                customuser_id: null,
+                account_id: null,
+            });
+        });
+        it("should handle nested JWT for service tokens", () => {
+            const nestedPayload = {
+                sub: "12345",
+                sub_type: "customuser",
+                "zap:acc": "67890",
+            };
+            const nestedJwt = createJwt(nestedPayload);
+            const servicePayload = {
+                sub_type: "service",
+                njwt: nestedJwt,
+            };
+            const serviceJwt = createJwt(servicePayload);
+            expect(extractUserIdsFromJwt(serviceJwt)).toEqual({
+                customuser_id: 12345,
+                account_id: 67890,
+            });
+        });
+        it("should fall back to outer payload when nested JWT is invalid", () => {
+            const servicePayload = {
+                sub_type: "service",
+                njwt: "invalid.jwt",
+                "zap:acc": "99999",
+            };
+            const serviceJwt = createJwt(servicePayload);
+            expect(extractUserIdsFromJwt(serviceJwt)).toEqual({
+                customuser_id: null,
+                account_id: 99999,
+            });
+        });
+        it("should use outer payload when sub_type is service but njwt is missing", () => {
+            const servicePayload = {
+                sub: "12345",
+                sub_type: "service",
+                "zap:acc": "67890",
+            };
+            const serviceJwt = createJwt(servicePayload);
+            expect(extractUserIdsFromJwt(serviceJwt)).toEqual({
+                customuser_id: null,
+                account_id: 67890,
+            });
+        });
+        it("should return null for non-numeric sub values", () => {
+            const payload = {
+                sub: "not-a-number",
+                sub_type: "customuser",
+                "zap:acc": "67890",
+            };
+            const jwt = createJwt(payload);
+            expect(extractUserIdsFromJwt(jwt)).toEqual({
+                customuser_id: null,
+                account_id: 67890,
+            });
+        });
+        it("should return null for non-numeric zap:acc values", () => {
+            const payload = {
+                sub: "12345",
+                sub_type: "customuser",
+                "zap:acc": "not-a-number",
+            };
+            const jwt = createJwt(payload);
+            expect(extractUserIdsFromJwt(jwt)).toEqual({
+                customuser_id: 12345,
+                account_id: null,
+            });
+        });
+        it("should return null for values that parse to NaN", () => {
+            const payload = {
+                sub: "abc",
+                sub_type: "customuser",
+                "zap:acc": "xyz",
+            };
+            const jwt = createJwt(payload);
+            expect(extractUserIdsFromJwt(jwt)).toEqual({
+                customuser_id: null,
+                account_id: null,
+            });
+        });
+    });
+});

package/dist/api/client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/api/client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EACV,SAAS,EACT,gBAAgB,EAGjB,MAAM,SAAS,CAAC;AA2hBjB,eAAO,MAAM,eAAe,GAAI,SAAS,gBAAgB,KAAG,SAW3D,CAAC"}
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/api/client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EACV,SAAS,EACT,gBAAgB,EAGjB,MAAM,SAAS,CAAC;AAggBjB,eAAO,MAAM,eAAe,GAAI,SAAS,gBAAgB,KAAG,SAW3D,CAAC"}

package/dist/api/client.js

@@ -7,10 +7,10 @@
 import { getAuthorizationHeader } from "./auth";
 import { createDebugLogger, createDebugFetch } from "./debug";
 import { pollUntilComplete } from "./polling";
-import { getTokenFromEnvOrConfig } from "../auth";
+import { resolveAuthToken } from "../auth";
 import { getZapierBaseUrl } from "../utils/url-utils";
 import { ZapierApiError, ZapierAuthenticationError, ZapierValidationError, ZapierNotFoundError, } from "../types/errors";
-import { handleListApps } from "../temporary-internal-core";
+import { matchRoute } from "./router";
 // Configuration for paths
 const pathConfig = {
     // e.g. /relay -> https://sdkapi.zapier.com/api/v0/sdk/relay/...
@@ -23,9 +23,6 @@ const pathConfig = {
         authHeader: "Authorization",
         pathPrefix: "/api/v0/sdk/zapier",
     },
-    "/api/v0/apps": {
-        handlerOverride: handleListApps,
-    },
 };
 class ZapierApiClient {
     constructor(options) {
@@ -71,16 +68,9 @@ class ZapierApiClient {
     }
     // Helper to get a token from the different places it could be gotten
     async getAuthToken() {
-        if (this.options.token) {
-            return this.options.token;
-        }
-        if (this.options.getToken) {
-            const token = await this.options.getToken();
-            if (token) {
-                return token;
-            }
-        }
-        return getTokenFromEnvOrConfig({
+        return resolveAuthToken({
+            token: this.options.token,
+            getToken: this.options.getToken,
             onEvent: this.options.onEvent,
             fetch: this.options.fetch,
             baseUrl: this.options.baseUrl,
@@ -200,16 +190,6 @@ class ZapierApiClient {
         }
         return undefined;
     }
-    // Helper to check if a path config has a handler override
-    hasHandlerOverride(pathConfig) {
-        return (pathConfig !== undefined &&
-            "handlerOverride" in pathConfig &&
-            typeof pathConfig.handlerOverride === "function");
-    }
-    // Helper to check if a path config is a standard path config
-    isStandardPathConfig(pathConfig) {
-        return pathConfig !== undefined && !this.hasHandlerOverride(pathConfig);
-    }
     // Helper to parse API error response
     parseErrorResponse(errorInfo) {
         // If we can't parse data, use status text
@@ -275,8 +255,10 @@ class ZapierApiClient {
             };
         }
         // For a base URL that isn't a Zapier-inferred domain, use the whole base URL.
+        const baseUrl = new URL(this.options.baseUrl);
+        const fullPath = baseUrl.pathname.replace(/\/$/, "") + path;
         return {
-            url: new URL(path, this.options.baseUrl),
+            url: new URL(fullPath, baseUrl.origin),
             pathConfig: config,
         };
     }
@@ -299,7 +281,7 @@ class ZapierApiClient {
         // session!
         const authToken = await this.getAuthToken();
         if (authToken) {
-            const authHeaderName = this.isStandardPathConfig(pathConfig) && pathConfig.authHeader
+            const authHeaderName = pathConfig && pathConfig.authHeader
                 ? pathConfig.authHeader
                 : "Authorization";
             headers.set(authHeaderName, getAuthorizationHeader(authToken));
@@ -316,12 +298,16 @@ class ZapierApiClient {
     // Helper to perform HTTP requests with JSON handling
     async fetchJson(method, path, data, options = {}) {
         // Check if this path has a handler override
-        const { pathConfig } = this.buildUrl(path, options.searchParams);
-        if (this.hasHandlerOverride(pathConfig)) {
+        const routeMatch = matchRoute(method, path);
+        if (routeMatch) {
             // Invoke the handler instead of making an HTTP request
-            // Pass searchParams for GET requests, data for other methods
-            const handlerRequest = method === "GET" ? options.searchParams : data;
-            return pathConfig.handlerOverride({
+            // Merge params from all sources: body, searchParams, and route params
+            const handlerRequest = {
+                ...(typeof data === "object" ? data : {}),
+                ...options.searchParams,
+                ...routeMatch.params,
+            };
+            return routeMatch.handler({
                 request: handlerRequest,
                 deps: {
                     httpClient: this,

package/dist/api/client.methods.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=client.methods.test.d.ts.map

package/dist/api/client.methods.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.methods.test.d.ts","sourceRoot":"","sources":["../../src/api/client.methods.test.ts"],"names":[],"mappings":""}

package/dist/api/client.methods.test.js

@@ -0,0 +1,158 @@
+import { describe, it, expect, vi, beforeEach, } from "vitest";
+import { createZapierApi } from "./client";
+import * as router from "./router";
+vi.mock("./router");
+describe("ZapierApiClient Methods & Routing", () => {
+    let mockFetch;
+    let mockMatchRoute;
+    beforeEach(() => {
+        vi.clearAllMocks();
+        mockFetch = vi.fn();
+        mockMatchRoute = vi.mocked(router.matchRoute);
+        // Default fetch implementation
+        mockFetch.mockResolvedValue({
+            ok: true,
+            status: 200,
+            json: async () => ({ data: "default-response" }),
+        });
+    });
+    const createClient = () => createZapierApi({
+        baseUrl: "https://api.zapier.com",
+        token: "test-token",
+        fetch: mockFetch,
+    });
+    describe("GET requests", () => {
+        it("should route GET requests to handler when matched", async () => {
+            const client = createClient();
+            const mockHandler = vi.fn().mockResolvedValue({ id: 1, name: "Test" });
+            mockMatchRoute.mockReturnValue({
+                handler: mockHandler,
+                params: { id: "123" },
+            });
+            const result = await client.get("/api/resource/123", {
+                searchParams: { include: "details" },
+            });
+            expect(mockMatchRoute).toHaveBeenCalledWith("GET", "/api/resource/123");
+            expect(mockHandler).toHaveBeenCalledWith({
+                request: {
+                    id: "123",
+                    include: "details",
+                },
+                deps: expect.objectContaining({
+                    httpClient: expect.any(Object),
+                }),
+            });
+            expect(result).toEqual({ id: 1, name: "Test" });
+            expect(mockFetch).not.toHaveBeenCalled();
+        });
+        it("should fallback to plain fetch when no route matches", async () => {
+            const client = createClient();
+            mockMatchRoute.mockReturnValue(null);
+            await client.get("/api/unknown");
+            expect(mockMatchRoute).toHaveBeenCalledWith("GET", "/api/unknown");
+            expect(mockFetch).toHaveBeenCalledWith(expect.stringContaining("/api/unknown"), expect.objectContaining({
+                method: "GET",
+            }));
+        });
+    });
+    describe("POST requests", () => {
+        it("should route POST requests to handler with body", async () => {
+            const client = createClient();
+            const mockHandler = vi.fn().mockResolvedValue({ success: true });
+            const body = { name: "New Item" };
+            mockMatchRoute.mockReturnValue({
+                handler: mockHandler,
+                params: {},
+            });
+            await client.post("/api/resource", body);
+            expect(mockMatchRoute).toHaveBeenCalledWith("POST", "/api/resource");
+            expect(mockHandler).toHaveBeenCalledWith({
+                request: {
+                    name: "New Item",
+                },
+                deps: expect.objectContaining({
+                    httpClient: expect.any(Object),
+                }),
+            });
+            expect(mockFetch).not.toHaveBeenCalled();
+        });
+        it("should merge body, params, and query params for handler", async () => {
+            const client = createClient();
+            const mockHandler = vi.fn().mockResolvedValue({ success: true });
+            const body = { name: "Updated Item" };
+            mockMatchRoute.mockReturnValue({
+                handler: mockHandler,
+                params: { id: "456" },
+            });
+            await client.post("/api/resource/456", body, {
+                searchParams: { version: "2" },
+            });
+            expect(mockHandler).toHaveBeenCalledWith({
+                request: {
+                    name: "Updated Item", // from body
+                    id: "456", // from route params
+                    version: "2", // from query params
+                },
+                deps: expect.any(Object),
+            });
+        });
+    });
+    describe("PUT requests", () => {
+        it("should route PUT requests to handler", async () => {
+            const client = createClient();
+            const mockHandler = vi.fn().mockResolvedValue({ updated: true });
+            const body = { status: "active" };
+            mockMatchRoute.mockReturnValue({
+                handler: mockHandler,
+                params: { id: "789" },
+            });
+            await client.put("/api/resource/789", body);
+            expect(mockMatchRoute).toHaveBeenCalledWith("PUT", "/api/resource/789");
+            expect(mockHandler).toHaveBeenCalledWith({
+                request: {
+                    status: "active",
+                    id: "789",
+                },
+                deps: expect.any(Object),
+            });
+        });
+    });
+    describe("DELETE requests", () => {
+        it("should route DELETE requests to handler", async () => {
+            const client = createClient();
+            const mockHandler = vi.fn().mockResolvedValue({ deleted: true });
+            mockMatchRoute.mockReturnValue({
+                handler: mockHandler,
+                params: { id: "999" },
+            });
+            await client.delete("/api/resource/999");
+            expect(mockMatchRoute).toHaveBeenCalledWith("DELETE", "/api/resource/999");
+            expect(mockHandler).toHaveBeenCalledWith({
+                request: {
+                    id: "999",
+                },
+                deps: expect.any(Object),
+            });
+        });
+    });
+    describe("Header handling", () => {
+        it("should pass headers to plain fetch but NOT to handler request object (by default)", async () => {
+            const client = createClient();
+            const mockHandler = vi.fn().mockResolvedValue({});
+            mockMatchRoute.mockReturnValue({
+                handler: mockHandler,
+                params: {},
+            });
+            await client.get("/api/test", {
+                headers: { "X-Custom": "Value" },
+            });
+            // The handler request object only includes params/body, not headers
+            // based on client.ts implementation:
+            // const handlerRequest = { ...data, ...options.searchParams, ...routeMatch.params };
+            expect(mockHandler).toHaveBeenCalledWith({
+                request: {},
+                deps: expect.any(Object),
+            });
+        });
+    });
+});

package/dist/api/client.test.js

@@ -3,7 +3,7 @@ import { createZapierApi } from "./client";
 import * as auth from "../auth";
 vi.mock("../auth");
 describe("ApiClient", () => {
-    const mockGetTokenFromEnvOrConfig = vi.mocked(auth.getTokenFromEnvOrConfig);
+    const mockResolveAuthToken = vi.mocked(auth.resolveAuthToken);
     beforeEach(() => {
         vi.clearAllMocks();
         // Prevent any actual HTTP calls
@@ -14,8 +14,8 @@ describe("ApiClient", () => {
         });
     });
     describe("authentication token resolution", () => {
-        it("should pass authBaseUrl to getTokenFromEnvOrConfig when provided", async () => {
-            mockGetTokenFromEnvOrConfig.mockResolvedValue("test-token");
+        it("should pass authBaseUrl to resolveAuthToken when provided", async () => {
+            mockResolveAuthToken.mockResolvedValue("test-token");
             const client = createZapierApi({
                 baseUrl: "https://api.custom.zapier.dev",
                 authBaseUrl: "https://auth.custom.zapier.dev",
@@ -23,7 +23,9 @@ describe("ApiClient", () => {
             });
             // Make a request that would trigger token resolution
             await client.get("/test", { authRequired: true });
-            expect(mockGetTokenFromEnvOrConfig).toHaveBeenCalledWith({
+            expect(mockResolveAuthToken).toHaveBeenCalledWith({
+                token: undefined,
+                getToken: undefined,
                 onEvent: undefined,
                 fetch: expect.any(Function),
                 baseUrl: "https://api.custom.zapier.dev",
@@ -32,7 +34,7 @@ describe("ApiClient", () => {
             });
         });
         it("should pass undefined authBaseUrl when not provided", async () => {
-            mockGetTokenFromEnvOrConfig.mockResolvedValue("test-token");
+            mockResolveAuthToken.mockResolvedValue("test-token");
             const client = createZapierApi({
                 baseUrl: "https://api.custom.zapier.dev",
                 // authBaseUrl intentionally omitted
@@ -40,7 +42,9 @@ describe("ApiClient", () => {
             });
             // Make a request that would trigger token resolution
             await client.get("/test", { authRequired: true });
-            expect(mockGetTokenFromEnvOrConfig).toHaveBeenCalledWith({
+            expect(mockResolveAuthToken).toHaveBeenCalledWith({
+                token: undefined,
+                getToken: undefined,
                 onEvent: undefined,
                 fetch: expect.any(Function),
                 baseUrl: "https://api.custom.zapier.dev",
@@ -48,8 +52,8 @@ describe("ApiClient", () => {
                 authClientId: undefined,
             });
         });
-        it("should pass authClientId to getTokenFromEnvOrConfig when provided", async () => {
-            mockGetTokenFromEnvOrConfig.mockResolvedValue("test-token");
+        it("should pass authClientId to resolveAuthToken when provided", async () => {
+            mockResolveAuthToken.mockResolvedValue("test-token");
             const client = createZapierApi({
                 baseUrl: "https://api.custom.zapier.dev",
                 authClientId: "custom-client-id",
@@ -57,7 +61,9 @@ describe("ApiClient", () => {
             });
             // Make a request that would trigger token resolution
             await client.get("/test", { authRequired: true });
-            expect(mockGetTokenFromEnvOrConfig).toHaveBeenCalledWith({
+            expect(mockResolveAuthToken).toHaveBeenCalledWith({
+                token: undefined,
+                getToken: undefined,
                 onEvent: undefined,
                 fetch: expect.any(Function),
                 baseUrl: "https://api.custom.zapier.dev",
@@ -65,7 +71,8 @@ describe("ApiClient", () => {
                 authClientId: "custom-client-id",
             });
         });
-        it("should not call getTokenFromEnvOrConfig when token is provided directly", async () => {
+        it("should not call resolveAuthToken when token is provided directly", async () => {
+            mockResolveAuthToken.mockResolvedValue("direct-token");
             const client = createZapierApi({
                 token: "direct-token",
                 baseUrl: "https://api.custom.zapier.dev",
@@ -74,7 +81,16 @@ describe("ApiClient", () => {
             });
             // Make a request that would use the direct token
             await client.get("/test", { authRequired: true });
-            expect(mockGetTokenFromEnvOrConfig).not.toHaveBeenCalled();
+            // resolveAuthToken is still called, but it returns the direct token immediately
+            expect(mockResolveAuthToken).toHaveBeenCalledWith({
+                token: "direct-token",
+                getToken: undefined,
+                onEvent: undefined,
+                fetch: expect.any(Function),
+                baseUrl: "https://api.custom.zapier.dev",
+                authBaseUrl: "https://auth.custom.zapier.dev",
+                authClientId: undefined,
+            });
         });
     });
 });