@zapier/zapier-sdk 0.45.1 → 0.46.0

package/dist/cache.js

@@ -0,0 +1,47 @@
+/**
+ * Best-effort cache for the SDK.
+ *
+ * The SDK uses this to avoid re-fetching values it can recreate, primarily
+ * client_credentials access tokens. Cache entries may disappear at any time:
+ * a miss is normal and callers must be able to rebuild the value.
+ *
+ * The default cache is in-memory. When the CLI package is installed, the SDK
+ * can opportunistically use its filesystem + keychain cache. Browser and
+ * minimal server deployments fall back to memory unless a caller injects a
+ * Redis, database, or environment-specific cache.
+ *
+ * Secrets: adapters receive a `secret: true` flag on `set` and decide
+ * what to do with it (keychain for the filesystem adapter; ignored for
+ * the in-memory adapter; user adapters can throw, plaintext, encrypt —
+ * their call). The value returned by `get` is always the plain secret.
+ */
+/**
+ * Simplest possible adapter: a Map. No persistence, no locking (single
+ * process only), no differentiation between secrets and non-secrets.
+ * This is the default when cli-login isn't installed and no custom
+ * cache is provided.
+ */
+export function createMemoryCache() {
+    const store = new Map();
+    return {
+        async get(key) {
+            const entry = store.get(key);
+            if (!entry)
+                return undefined;
+            if (entry.expiresAt !== undefined && entry.expiresAt <= Date.now()) {
+                store.delete(key);
+                return undefined;
+            }
+            return { value: entry.value, expiresAt: entry.expiresAt };
+        },
+        async set(key, value, options) {
+            const expiresAt = options?.ttl
+                ? Date.now() + options.ttl * 1000
+                : undefined;
+            store.set(key, { value, expiresAt });
+        },
+        async delete(key) {
+            store.delete(key);
+        },
+    };
+}

package/dist/index.cjs

@@ -1546,7 +1546,9 @@ function createPaginatedFunction(coreFn, schema, telemetry, explicitFunctionName
   return namedFunctions[functionName];
 }
 var ListAppsSchema = apps.ListAppsQuerySchema.omit({
-  offset: true
+  offset: true,
+  app_keys: true,
+  page_size: true
 }).extend({
   // New name for appKeys
   apps: AppsPropertySchema.optional().describe(
@@ -1656,10 +1658,10 @@ var listAppsPlugin = (sdk) => {
     });
     return await api.get("/api/v0/apps", {
       searchParams: {
-        appKeys: implementationIds.join(","),
+        app_keys: implementationIds.join(","),
         ...options.search && { search: options.search },
         ...options.pageSize !== void 0 && {
-          pageSize: options.pageSize.toString()
+          page_size: options.pageSize.toString()
         },
         ...options.cursor && { offset: options.cursor }
       }
@@ -3599,7 +3601,8 @@ var listConnectionsPlugin = (sdk) => {
   };
 };
 var ListClientCredentialsQuerySchema = clientCredentials.ListClientCredentialsQuerySchema.omit({
-  offset: true
+  offset: true,
+  page_size: true
 }).extend({
   // Override pageSize to make optional
   pageSize: zod.z.number().min(1).optional().describe("Number of credentials per page"),
@@ -3657,7 +3660,7 @@ var listClientCredentialsPlugin = (sdk) => {
     const { api } = sdk.context;
     const searchParams = {};
     if (options.pageSize !== void 0) {
-      searchParams.pageSize = options.pageSize.toString();
+      searchParams.page_size = options.pageSize.toString();
     }
     if (options.cursor) {
       searchParams.offset = options.cursor;
@@ -3855,7 +3858,7 @@ var getAppPlugin = (sdk) => {
   async function getApp(options) {
     const appKey = "app" in options ? options.app : options.appKey;
     const appsIterable = sdk.listApps({
-      appKeys: [appKey]
+      apps: [appKey]
     }).items();
     for await (const app of appsIterable) {
       return {
@@ -5523,43 +5526,74 @@ function getClientIdFromCredentials(credentials) {
   return void 0;
 }
 
+// src/cache.ts
+function createMemoryCache() {
+  const store = /* @__PURE__ */ new Map();
+  return {
+    async get(key) {
+      const entry = store.get(key);
+      if (!entry) return void 0;
+      if (entry.expiresAt !== void 0 && entry.expiresAt <= Date.now()) {
+        store.delete(key);
+        return void 0;
+      }
+      return { value: entry.value, expiresAt: entry.expiresAt };
+    },
+    async set(key, value, options) {
+      const expiresAt = options?.ttl ? Date.now() + options.ttl * 1e3 : void 0;
+      store.set(key, { value, expiresAt });
+    },
+    async delete(key) {
+      store.delete(key);
+    }
+  };
+}
+
 // src/auth.ts
-var tokenCache = /* @__PURE__ */ new Map();
+var DEFAULT_AUTH_BASE_URL = "https://zapier.com";
 var pendingExchanges = /* @__PURE__ */ new Map();
-function buildCacheKey(clientId, scopes) {
-  const sortedScopes = [...scopes].sort().join(",");
-  return `${clientId}:${sortedScopes}`;
+var cachedDefaultCache;
+function buildCacheKey(options) {
+  const sortedScopes = [...options.scopes].sort().join(",");
+  return `zapier-sdk/client-credentials/${options.clientId}:${sortedScopes}:${options.baseUrl}`;
 }
 function clearTokenCache() {
-  tokenCache.clear();
   pendingExchanges.clear();
   cachedCliLogin = void 0;
+  cachedDefaultCache = void 0;
 }
-var TOKEN_EXPIRATION_BUFFER = 5 * 60 * 1e3;
-function getCachedToken(clientId, scopes) {
-  const cacheKey = buildCacheKey(clientId, scopes);
-  const cached = tokenCache.get(cacheKey);
-  if (!cached) return void 0;
-  if (cached.expiresAt > Date.now() + TOKEN_EXPIRATION_BUFFER) {
-    return cached.accessToken;
+var TOKEN_EXPIRATION_BUFFER_MS = 5 * 60 * 1e3;
+async function resolveCache(options) {
+  if (options.cache) return options.cache;
+  if (cachedDefaultCache !== void 0) return cachedDefaultCache;
+  const cliLogin = await getCliLogin();
+  if (cliLogin?.createCache) {
+    try {
+      const cache = cliLogin.createCache();
+      cachedDefaultCache = cache;
+      return cache;
+    } catch {
+    }
   }
-  tokenCache.delete(cacheKey);
-  return void 0;
+  const fallback = createMemoryCache();
+  cachedDefaultCache = fallback;
+  return fallback;
 }
-function cacheToken(clientId, scopes, accessToken, expiresIn) {
-  const cacheKey = buildCacheKey(clientId, scopes);
-  tokenCache.set(cacheKey, {
-    accessToken,
-    expiresAt: Date.now() + expiresIn * 1e3
-  });
+function entryIsValid(entry) {
+  if (entry.expiresAt === void 0) return true;
+  return entry.expiresAt > Date.now() + TOKEN_EXPIRATION_BUFFER_MS;
 }
-function invalidateCachedToken(clientId, scopes) {
-  const cacheKey = buildCacheKey(clientId, scopes);
-  tokenCache.delete(cacheKey);
+async function invalidateCachedToken(options) {
+  const cacheKey = buildCacheKey(options);
   pendingExchanges.delete(cacheKey);
+  const cache = await resolveCache({ cache: options.cache });
+  try {
+    await cache.delete(cacheKey);
+  } catch {
+  }
 }
 function getTokenEndpointUrl(baseUrl) {
-  const base = baseUrl || ZAPIER_BASE_URL;
+  const base = baseUrl || DEFAULT_AUTH_BASE_URL;
   return `${base}/oauth/token/`;
 }
 function mergeScopes(credentialsScope, requiredScopes) {
@@ -5626,8 +5660,6 @@ async function exchangeClientCredentials(options) {
   if (!data.access_token) {
     throw new Error("Client credentials response missing access_token");
   }
-  const expiresIn = data.expires_in || 3600;
-  cacheToken(clientId, mergedScopes, data.access_token, expiresIn);
   onEvent?.({
     type: "auth_success",
     payload: {
@@ -5636,7 +5668,10 @@ async function exchangeClientCredentials(options) {
     },
     timestamp: Date.now()
   });
-  return data.access_token;
+  return {
+    accessToken: data.access_token,
+    expiresIn: data.expires_in || 3600
+  };
 }
 var cachedCliLogin;
 async function getCliLogin() {
@@ -5651,14 +5686,6 @@ async function getCliLogin() {
     }
   } catch {
   }
-  try {
-    const mod = await import('@zapier/zapier-sdk-cli-login');
-    if (typeof mod.getToken === "function") {
-      cachedCliLogin = mod;
-      return cachedCliLogin;
-    }
-  } catch {
-  }
   cachedCliLogin = false;
   return void 0;
 }
@@ -5696,24 +5723,41 @@ async function resolveAuthTokenFromCredentials(credentials, options) {
   if (isClientCredentials(credentials)) {
     const { clientId } = credentials;
     const mergedScopes = mergeScopes(credentials.scope, options.requiredScopes);
-    const cacheKey = buildCacheKey(clientId, mergedScopes);
-    const cached = getCachedToken(clientId, mergedScopes);
-    if (cached) {
-      return cached;
+    const resolvedBaseUrl = credentials.baseUrl || options.baseUrl || DEFAULT_AUTH_BASE_URL;
+    const cacheKey = buildCacheKey({
+      clientId,
+      scopes: mergedScopes,
+      baseUrl: resolvedBaseUrl
+    });
+    const cache = await resolveCache(options);
+    const cached = await cache.get(cacheKey);
+    if (cached && entryIsValid(cached)) {
+      return cached.value;
     }
     const pending = pendingExchanges.get(cacheKey);
-    if (pending) {
-      return pending;
-    }
-    const exchangePromise = exchangeClientCredentials({
-      clientId: credentials.clientId,
-      clientSecret: credentials.clientSecret,
-      baseUrl: credentials.baseUrl || options.baseUrl,
-      scope: credentials.scope,
-      requiredScopes: options.requiredScopes,
-      fetch: options.fetch,
-      onEvent: options.onEvent
-    }).finally(() => {
+    if (pending) return pending;
+    const runLocked = async () => {
+      const recheck = await cache.get(cacheKey);
+      if (recheck && entryIsValid(recheck)) return recheck.value;
+      const { accessToken, expiresIn } = await exchangeClientCredentials({
+        clientId: credentials.clientId,
+        clientSecret: credentials.clientSecret,
+        baseUrl: credentials.baseUrl || options.baseUrl,
+        scope: credentials.scope,
+        requiredScopes: options.requiredScopes,
+        fetch: options.fetch,
+        onEvent: options.onEvent
+      });
+      try {
+        await cache.set(cacheKey, accessToken, {
+          secret: true,
+          ttl: expiresIn
+        });
+      } catch {
+      }
+      return accessToken;
+    };
+    const exchangePromise = (cache.withLock ? cache.withLock(cacheKey, runLocked) : runLocked()).finally(() => {
       pendingExchanges.delete(cacheKey);
     });
     pendingExchanges.set(cacheKey, exchangePromise);
@@ -5741,12 +5785,18 @@ async function invalidateCredentialsToken(options) {
   const clientId = getClientIdFromCredentials(resolved);
   if (clientId && isClientCredentials(resolved)) {
     const scopes = mergeScopes(resolved.scope, options.requiredScopes);
-    invalidateCachedToken(clientId, scopes);
+    const baseUrl = resolved.baseUrl || options.baseUrl || DEFAULT_AUTH_BASE_URL;
+    await invalidateCachedToken({
+      clientId,
+      scopes,
+      baseUrl,
+      cache: options.cache
+    });
   }
 }
 
 // src/sdk-version.ts
-var SDK_VERSION = (typeof process !== "undefined" && process.env ? "0.45.1" : void 0) || "unknown";
+var SDK_VERSION = (typeof process !== "undefined" && process.env ? "0.46.0" : void 0) || "unknown";
 
 // src/utils/open-url.ts
 var nodePrefix = "node:";
@@ -6093,7 +6143,8 @@ var ZapierApiClient = class {
       fetch: this.options.fetch,
       baseUrl: this.options.baseUrl,
       requiredScopes: options?.requiredScopes,
-      debug: this.options.debug
+      debug: this.options.debug,
+      cache: this.options.cache
     });
   }
   // Helper to handle responses
@@ -6144,7 +6195,9 @@ var ZapierApiClient = class {
         await invalidateCredentialsToken({
           credentials: this.options.credentials,
           token: this.options.token,
-          requiredScopes
+          baseUrl: this.options.baseUrl,
+          requiredScopes,
+          cache: this.options.cache
         });
       }
       throw new ZapierAuthenticationError(message, errorOptions);
@@ -9070,6 +9123,7 @@ var BaseSdkOptionsSchema = zod.z.object({
   fetch: zod.z.custom().optional().meta({ internal: true }),
   eventEmission: zod.z.custom().optional().meta({ internal: true }),
   callerPackage: zod.z.custom().optional().meta({ internal: true }),
+  cache: zod.z.custom().optional().meta({ internal: true }),
   canIncludeSharedConnections: zod.z.boolean().optional().describe("Allow listing shared connections."),
   canIncludeSharedTables: zod.z.boolean().optional().describe("Allow listing shared tables."),
   canDeleteTables: zod.z.boolean().optional().describe("Allow deleting tables."),
@@ -9168,6 +9222,7 @@ exports.connectionsPlugin = connectionsPlugin;
 exports.createBaseEvent = createBaseEvent;
 exports.createClientCredentialsPlugin = createClientCredentialsPlugin;
 exports.createFunction = createFunction;
+exports.createMemoryCache = createMemoryCache;
 exports.createOptionsPlugin = createOptionsPlugin;
 exports.createSdk = createSdk;
 exports.createTableFieldsPlugin = createTableFieldsPlugin;