oneentry 1.0.151 → 1.0.153

package/changelog.md

@@ -1,5 +1,25 @@
 # SDK Change Log
 
+## v.1.0.153
+
+### What's New
+
+- Pages > `IPositionBlock` — new optional `similarProducts` (`IProductsResponse`) and `products` (`IProductsEntity[]`) fields, populated for `similar_products_block` / `product_block` page blocks (when traffic-saving mode is off).
+
+### Bug Fixes
+
+- Pages > `getBlocksByPageUrl` — related products are now actually loaded for `product_block` (`products`) and `similar_products_block` (`similarProducts`) blocks. The block-type check ran against the response array instead of each block, so product loading never executed; it now runs per block. `similarProducts` is returned as the full `{ total, items }` response, consistent with `Blocks` block enrichment.
+
+- Orders > `getRefunds`, `createRefundRequest`, `cancelRefundRequest` — the base URL is now restored even if the refund request throws (wrapped in `try/finally`). Previously an exception left `_url` switched to `/orders`, which could misroute subsequent calls on the same instance.
+
+## v.1.0.152
+
+### Bug Fixes
+
+- Auth — eliminated the spurious `401` logged on every page load for a valid restored session. `browserResponse` now does a **proactive refresh** when a refresh token is present but there is no access token yet: it fetches the access token *before* the first request (clean `200`) instead of sending an unauthenticated request that is guaranteed to `401` and then reactively refreshing. After the proactive refresh it attaches `Authorization` and drops the `x-guest-id` scoping. The reactive `401 → refresh → retry` path is retained for mid-session token expiry.
+
+- Auth — `refreshToken` is now **single-flight**.
+
 ## v.1.0.151
 
 ### What's New

package/dist/admins/adminsApi.d.ts

@@ -40,12 +40,13 @@ export default class AdminsApi extends AsyncModules implements IAdmins {
         ]
      * @param {string} [body.attributeMarker] - Text identifier (marker) of the attribute in the set. Example: "num".
      * @param {string} [body.conditionMarker] - Text identifier (marker) of the condition in the set. Example: "mth".
-     * @param {string} [body.conditionValue] - Value of the condition. Example: 1.
+     * @param {number | string | null} [body.conditionValue] - Value of the condition. Example: "new".
      * @param {string} [langCode] - Language code. Default: "en_US".
      * @param {number} [offset] - Parameter for pagination. Default: 0.
      * @param {number} [limit] - Parameter for pagination. Default: 30.
      * @returns {Promise<IAdminEntity[] | IError>} Returns an array of admin objects.
      * @throws {IError} When isShell=false and an error occurs during the fetch
+     * @see {@link https://js-sdk.oneentry.cloud/docs/admins/getAdminsInfo getAdminsInfo} documentation.
      */
     getAdminsInfo(body?: IFilterParams[], langCode?: string, offset?: number, limit?: number): Promise<IAdminEntity[] | IError>;
 }

package/dist/admins/adminsApi.js

@@ -43,12 +43,13 @@ class AdminsApi extends asyncModules_1.default {
         ]
      * @param {string} [body.attributeMarker] - Text identifier (marker) of the attribute in the set. Example: "num".
      * @param {string} [body.conditionMarker] - Text identifier (marker) of the condition in the set. Example: "mth".
-     * @param {string} [body.conditionValue] - Value of the condition. Example: 1.
+     * @param {number | string | null} [body.conditionValue] - Value of the condition. Example: "new".
      * @param {string} [langCode] - Language code. Default: "en_US".
      * @param {number} [offset] - Parameter for pagination. Default: 0.
      * @param {number} [limit] - Parameter for pagination. Default: 30.
      * @returns {Promise<IAdminEntity[] | IError>} Returns an array of admin objects.
      * @throws {IError} When isShell=false and an error occurs during the fetch
+     * @see {@link https://js-sdk.oneentry.cloud/docs/admins/getAdminsInfo getAdminsInfo} documentation.
      */
     async getAdminsInfo(body = [], langCode = this.state.lang, offset = 0, limit = 30) {
         const query = {

package/dist/admins/adminsInterfaces.d.ts

@@ -25,7 +25,7 @@ interface IAdmins {
         ]
      * @param {string} [body.attributeMarker] - Text identifier (marker) of the attribute in the set. Example: "num".
      * @param {string} [body.conditionMarker] - Text identifier (marker) of the condition in the set. Example: "mth".
-     * @param {string} [body.conditionValue] - Value of the condition. Example: 1.
+     * @param {number | string | null} [body.conditionValue] - Value of the condition. Example: "new".
      * @param {string} [langCode] - Language code. Default: "en_US".
      * @param {number} [offset] - Parameter for pagination. Default: 0.
      * @param {number} [limit] - Parameter for pagination. Default: 30.

package/dist/attribute-sets/attributeSetsApi.d.ts

@@ -30,6 +30,7 @@ export default class AttributesSetsApi extends AsyncModules implements IAttribut
      * @param {string} [sortBy] - identifier of the attribute set type. Default: "id".
      * @returns {Promise<IAttributesSetsResponse | IError>} Returns object with array of IAttributeSetsEntity and total items count.
      * @throws {IError} When isShell=false and an error occurs during the fetch
+     * @see {@link https://js-sdk.oneentry.cloud/docs/attribute-sets/getAttributes getAttributes} documentation.
      */
     getAttributes(langCode?: string, offset?: number, limit?: number, typeId?: any, sortBy?: string): Promise<IAttributesSetsResponse | IError>;
     /**
@@ -39,6 +40,7 @@ export default class AttributesSetsApi extends AsyncModules implements IAttribut
      * @param {string} [langCode] - Language code. Default: "en_US".
      * @returns {Promise<IAttributeSetsEntity[] | IError>} Returns an array of Attributes objects.
      * @throws {IError} When isShell=false and an error occurs during the fetch
+     * @see {@link https://js-sdk.oneentry.cloud/docs/attribute-sets/getAttributesByMarker getAttributesByMarker} documentation.
      */
     getAttributesByMarker(marker: string, langCode?: string): Promise<IAttributeSetsEntity[] | IError>;
     /**
@@ -49,6 +51,7 @@ export default class AttributesSetsApi extends AsyncModules implements IAttribut
      * @param {string} [langCode] - Language code. Default: "en_US".
      * @returns {Promise<IAttributesSetsEntity | IError>} Returns a single attribute object from the attribute set.
      * @throws {IError} When isShell=false and an error occurs during the fetch
+     * @see {@link https://js-sdk.oneentry.cloud/docs/attribute-sets/getSingleAttributeByMarkerSet getSingleAttributeByMarkerSet} documentation.
      */
     getSingleAttributeByMarkerSet(setMarker: string, attributeMarker: string, langCode?: string): Promise<IAttributesSetsEntity | IError>;
     /**
@@ -58,6 +61,7 @@ export default class AttributesSetsApi extends AsyncModules implements IAttribut
      * @param {string} [langCode] - Language code. Default: "en_US".
      * @returns {Promise<IAttributeSetsEntity | IError>} Returns one object of the attribute set.
      * @throws {IError} When isShell=false and an error occurs during the fetch
+     * @see {@link https://js-sdk.oneentry.cloud/docs/attribute-sets/getAttributeSetByMarker getAttributeSetByMarker} documentation.
      */
     getAttributeSetByMarker(marker: string, langCode?: string): Promise<IAttributeSetsEntity | IError>;
 }

package/dist/attribute-sets/attributeSetsApi.js

@@ -34,6 +34,7 @@ class AttributesSetsApi extends asyncModules_1.default {
      * @param {string} [sortBy] - identifier of the attribute set type. Default: "id".
      * @returns {Promise<IAttributesSetsResponse | IError>} Returns object with array of IAttributeSetsEntity and total items count.
      * @throws {IError} When isShell=false and an error occurs during the fetch
+     * @see {@link https://js-sdk.oneentry.cloud/docs/attribute-sets/getAttributes getAttributes} documentation.
      */
     async getAttributes(langCode = this.state.lang, offset = 0, limit = 30, 
     // eslint-disable-next-line @typescript-eslint/no-explicit-any
@@ -58,6 +59,7 @@ class AttributesSetsApi extends asyncModules_1.default {
      * @param {string} [langCode] - Language code. Default: "en_US".
      * @returns {Promise<IAttributeSetsEntity[] | IError>} Returns an array of Attributes objects.
      * @throws {IError} When isShell=false and an error occurs during the fetch
+     * @see {@link https://js-sdk.oneentry.cloud/docs/attribute-sets/getAttributesByMarker getAttributesByMarker} documentation.
      */
     async getAttributesByMarker(marker, langCode = this.state.lang) {
         const result = await this._fetchGet(`/${marker}/attributes?langCode=${langCode}`);
@@ -73,6 +75,7 @@ class AttributesSetsApi extends asyncModules_1.default {
      * @param {string} [langCode] - Language code. Default: "en_US".
      * @returns {Promise<IAttributesSetsEntity | IError>} Returns a single attribute object from the attribute set.
      * @throws {IError} When isShell=false and an error occurs during the fetch
+     * @see {@link https://js-sdk.oneentry.cloud/docs/attribute-sets/getSingleAttributeByMarkerSet getSingleAttributeByMarkerSet} documentation.
      */
     async getSingleAttributeByMarkerSet(setMarker, attributeMarker, langCode = this.state.lang) {
         const result = await this._fetchGet(`/${setMarker}/attributes/${attributeMarker}?langCode=${langCode}`);
@@ -87,6 +90,7 @@ class AttributesSetsApi extends asyncModules_1.default {
      * @param {string} [langCode] - Language code. Default: "en_US".
      * @returns {Promise<IAttributeSetsEntity | IError>} Returns one object of the attribute set.
      * @throws {IError} When isShell=false and an error occurs during the fetch
+     * @see {@link https://js-sdk.oneentry.cloud/docs/attribute-sets/getAttributeSetByMarker getAttributeSetByMarker} documentation.
      */
     async getAttributeSetByMarker(marker, langCode = this.state.lang) {
         const result = await this._fetchGet(`/marker/${marker}?langCode=${langCode}`);

package/dist/auth-provider/authProviderApi.d.ts

@@ -82,6 +82,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @returns {Promise<ISignUpEntity | IError>} Returns a user object.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User registration (❗️For a provider with user activation, the activation code is sent through the corresponding user notification method).
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/signUp signUp} documentation.
      */
     signUp(marker: string, body: ISignUpData, langCode?: string): Promise<ISignUpEntity | IError>;
     /**
@@ -93,6 +94,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @returns {Promise<void | IError>} Returns void if the code is successfully generated, or an error object if there was an issue.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description Obtaining a code to activate the user.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/generateCode generateCode} documentation.
      */
     generateCode(marker: string, userIdentifier: string, eventIdentifier: string): Promise<void | IError>;
     /**
@@ -105,6 +107,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @returns {Promise<boolean | IError>} Returns true if the code is correct, or an error object if there was an issue.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description Checking the user activation code
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/checkCode checkCode} documentation.
      */
     checkCode(marker: string, userIdentifier: string, eventIdentifier: string, code: string): Promise<boolean | IError>;
     /**
@@ -116,6 +119,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @returns {Promise<boolean | IError>} Returns true if the user was successfully activated, or an error object if there was an issue.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User activation.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/activateUser activateUser} documentation.
      */
     activateUser(marker: string, userIdentifier: string, code: string): Promise<boolean | IError>;
     /**
@@ -149,6 +153,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @returns {Promise<IAuthEntity | IError>} Returns an auth entity object.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User authorization.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/auth auth} documentation.
      */
     auth(marker: string, body: IAuthPostBody): Promise<IAuthEntity | IError>;
     /**
@@ -159,6 +164,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @returns {Promise<IAuthEntity | IError>} Returns an auth entity object with the following values: accessToken, refreshToken, user, and other auth-related data.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User token refresh.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/refresh refresh} documentation.
      */
     refresh(marker: string, token: string): Promise<IAuthEntity | IError>;
     /**
@@ -170,6 +176,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description This method requires user authorization.
      * @see For more information about configuring the {@link https://js-sdk.oneentry.cloud/docs/category/authprovider authorization module}, see the documentation in the  {@link https://js-sdk.oneentry.cloud/docs/category/authprovider configuration settings section of the SDK}.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/logout logout} documentation.
      */
     logout(marker: string, token: string): Promise<boolean | IError>;
     /**
@@ -180,6 +187,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description This method requires user authorization.
      * @see For more information about configuring the {@link https://js-sdk.oneentry.cloud/docs/category/authprovider authorization module}, see the documentation in the  {@link https://js-sdk.oneentry.cloud/docs/category/authprovider configuration settings section of the SDK}.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/logoutAll logoutAll} documentation.
      */
     logoutAll(marker: string): Promise<boolean | IError>;
     /**
@@ -188,13 +196,14 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @param {string} marker - The text identifier of the authorization provider. Example: "email".
      * @param {string} userIdentifier - The text identifier of the user's object (user login). Example: "example@oneentry.cloud".
      * @param {string} eventIdentifier - The text identifier of the event. Example: "reg".
-     * @param {string} type - Operation type (1 - for changing password, 2 - for recovery). Example: 1.
+     * @param {number} type - Operation type (1 - for changing password, 2 - for recovery). Example: 1.
      * @param {string} code - Service code. Example: "123456".
      * @param {string} newPassword - New password. Example: "newPassword123".
      * @param {string} [repeatPassword] - Optional variable contains repeat new password for validation. Example: "newPassword123".
      * @returns {Promise<boolean | IError>} Returns true if the password was successfully changed, or an error object if there was an issue.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User password change (only for tariffs with account activation and the Activation feature enabled).
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/changePassword changePassword} documentation.
      */
     changePassword(marker: string, userIdentifier: string, eventIdentifier: string, type: number, code: string, newPassword: string, repeatPassword?: string): Promise<boolean | IError>;
     /**
@@ -206,6 +215,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @returns {Promise<IAuthProvidersEntity[] | IError>} Returns an array of auth provider objects.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description Getting all objects of authorization providers.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/getAuthProviders getAuthProviders} documentation.
      */
     getAuthProviders(langCode?: string, offset?: number, limit?: number): Promise<IAuthProvidersEntity[] | IError>;
     /**
@@ -216,6 +226,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @returns {Promise<IAuthProvidersEntity | IError>} Returns an auth provider object.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description Getting a single authorization provider object by marker.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/getAuthProviderByMarker getAuthProviderByMarker} documentation.
      */
     getAuthProviderByMarker(marker: string, langCode?: string): Promise<IAuthProvidersEntity | IError>;
     /**
@@ -225,6 +236,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @returns {Promise<IActiveSession[] | IError>} Returns an auth provider object.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description Getting a single authorization provider object by marker.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/getActiveSessionsByMarker getActiveSessionsByMarker} documentation.
      */
     getActiveSessionsByMarker(marker: string): Promise<IActiveSession[] | IError>;
     /**
@@ -244,6 +256,7 @@ export default class AuthProviderApi extends AsyncModules implements IAuthProvid
      * @returns {Promise<ISignUpEntity | IError>} Returns a user object.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User registration (authorization) via OAUTH.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/oauth oauth} documentation.
      */
     oauth(marker: string, body: IOauthData, langCode?: string): Promise<IAuthEntity | IError>;
 }

package/dist/auth-provider/authProviderApi.js

@@ -87,6 +87,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @returns {Promise<ISignUpEntity | IError>} Returns a user object.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User registration (❗️For a provider with user activation, the activation code is sent through the corresponding user notification method).
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/signUp signUp} documentation.
      */
     async signUp(marker, body, langCode = this.state.lang) {
         body['langCode'] = langCode;
@@ -104,6 +105,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @returns {Promise<void | IError>} Returns void if the code is successfully generated, or an error object if there was an issue.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description Obtaining a code to activate the user.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/generateCode generateCode} documentation.
      */
     async generateCode(marker, userIdentifier, eventIdentifier) {
         const data = {
@@ -123,6 +125,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @returns {Promise<boolean | IError>} Returns true if the code is correct, or an error object if there was an issue.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description Checking the user activation code
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/checkCode checkCode} documentation.
      */
     async checkCode(marker, userIdentifier, eventIdentifier, code) {
         const data = {
@@ -142,6 +145,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @returns {Promise<boolean | IError>} Returns true if the user was successfully activated, or an error object if there was an issue.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User activation.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/activateUser activateUser} documentation.
      */
     async activateUser(marker, userIdentifier, code) {
         const data = {
@@ -182,6 +186,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @returns {Promise<IAuthEntity | IError>} Returns an auth entity object.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User authorization.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/auth auth} documentation.
      */
     async auth(marker, body) {
         const result = await this._fetchPost(`/marker/${marker}/users/auth`, body);
@@ -204,6 +209,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @returns {Promise<IAuthEntity | IError>} Returns an auth entity object with the following values: accessToken, refreshToken, user, and other auth-related data.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User token refresh.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/refresh refresh} documentation.
      */
     async refresh(marker, token) {
         const data = { refreshToken: token };
@@ -226,6 +232,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description This method requires user authorization.
      * @see For more information about configuring the {@link https://js-sdk.oneentry.cloud/docs/category/authprovider authorization module}, see the documentation in the  {@link https://js-sdk.oneentry.cloud/docs/category/authprovider configuration settings section of the SDK}.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/logout logout} documentation.
      */
     async logout(marker, token) {
         const data = {
@@ -249,6 +256,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description This method requires user authorization.
      * @see For more information about configuring the {@link https://js-sdk.oneentry.cloud/docs/category/authprovider authorization module}, see the documentation in the  {@link https://js-sdk.oneentry.cloud/docs/category/authprovider configuration settings section of the SDK}.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/logoutAll logoutAll} documentation.
      */
     async logoutAll(marker) {
         const result = await this._fetchPost(`/marker/${marker}/users/logout-all`);
@@ -267,13 +275,14 @@ class AuthProviderApi extends asyncModules_1.default {
      * @param {string} marker - The text identifier of the authorization provider. Example: "email".
      * @param {string} userIdentifier - The text identifier of the user's object (user login). Example: "example@oneentry.cloud".
      * @param {string} eventIdentifier - The text identifier of the event. Example: "reg".
-     * @param {string} type - Operation type (1 - for changing password, 2 - for recovery). Example: 1.
+     * @param {number} type - Operation type (1 - for changing password, 2 - for recovery). Example: 1.
      * @param {string} code - Service code. Example: "123456".
      * @param {string} newPassword - New password. Example: "newPassword123".
      * @param {string} [repeatPassword] - Optional variable contains repeat new password for validation. Example: "newPassword123".
      * @returns {Promise<boolean | IError>} Returns true if the password was successfully changed, or an error object if there was an issue.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User password change (only for tariffs with account activation and the Activation feature enabled).
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/changePassword changePassword} documentation.
      */
     async changePassword(marker, userIdentifier, eventIdentifier, type, code, newPassword, repeatPassword) {
         const data = {
@@ -296,6 +305,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @returns {Promise<IAuthProvidersEntity[] | IError>} Returns an array of auth provider objects.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description Getting all objects of authorization providers.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/getAuthProviders getAuthProviders} documentation.
      */
     async getAuthProviders(langCode = this.state.lang, offset = 0, limit = 30) {
         const result = await this._fetchGet(`?langCode=${langCode}&offset=${offset}&limit=${limit}`);
@@ -311,6 +321,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @returns {Promise<IAuthProvidersEntity | IError>} Returns an auth provider object.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description Getting a single authorization provider object by marker.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/getAuthProviderByMarker getAuthProviderByMarker} documentation.
      */
     async getAuthProviderByMarker(marker, langCode = this.state.lang) {
         const result = await this._fetchGet(`/marker/${marker}?langCode=${langCode}`);
@@ -323,6 +334,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @returns {Promise<IActiveSession[] | IError>} Returns an auth provider object.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description Getting a single authorization provider object by marker.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/getActiveSessionsByMarker getActiveSessionsByMarker} documentation.
      */
     async getActiveSessionsByMarker(marker) {
         const result = await this._fetchGet(`/marker/${marker}/users/sessions`);
@@ -345,6 +357,7 @@ class AuthProviderApi extends asyncModules_1.default {
      * @returns {Promise<ISignUpEntity | IError>} Returns a user object.
      * @throws {IError} When isShell=false and an error occurs during the fetch
      * @description User registration (authorization) via OAUTH.
+     * @see {@link https://js-sdk.oneentry.cloud/docs/auth-provider/oauth oauth} documentation.
      */
     async oauth(marker, body, langCode = this.state.lang) {
         const result = await this._fetchPost(`/marker/${marker}/oauth`, this._normalizePostBody(body, langCode));

package/dist/base/asyncModules.d.ts

@@ -57,11 +57,28 @@ export default abstract class AsyncModules extends SyncModules {
      */
     protected _fetchDelete<T = unknown>(path: string, body?: unknown): Promise<T>;
     /**
-     * Refreshes the authentication token.
+     * Wraps a fetch call whose only meaningful outcome is success or failure.
+     *
+     * Several endpoints (cancel/recover subscription, subscribe/unsubscribe to
+     * events) return no useful body — callers only care whether the request
+     * succeeded. This helper resolves to `true` on success and to the caught
+     * error (as IError) on failure, centralizing the repeated try/catch.
+     * @param {() => Promise<unknown>} request - Thunk performing the fetch call.
+     * @returns {Promise<boolean | IError>} `true` on success, IError on failure.
+     */
+    protected _fetchBoolean(request: () => Promise<unknown>): Promise<boolean | IError>;
+    /**
+     * Refreshes the authentication token (single-flight).
      * @returns {Promise<boolean>} A promise resolving to a boolean indicating success or failure.
-     * @description Define an asynchronous method 'refreshToken' that attempts to refresh the authentication token
+     * @description De-duplicates concurrent refreshes — the refresh token is single-use, so parallel requests must share one refresh call instead of each burning a rotated token.
      */
     protected refreshToken(): Promise<boolean>;
+    /**
+     * Performs the actual token refresh request (without de-duplication).
+     * @returns {Promise<boolean>} A promise resolving to a boolean indicating success or failure.
+     * @description Sends POST /users/refresh and, on success, stores the rotated access/refresh tokens and calls saveFunction.
+     */
+    private _performRefresh;
     /**
      * Creates options for HTTP requests.
      * @param {string} method - The HTTP method (GET, POST, PUT, DELETE, etc.).

package/dist/base/asyncModules.js

@@ -282,11 +282,52 @@ class AsyncModules extends syncModules_1.default {
         }
     }
     /**
-     * Refreshes the authentication token.
+     * Wraps a fetch call whose only meaningful outcome is success or failure.
+     *
+     * Several endpoints (cancel/recover subscription, subscribe/unsubscribe to
+     * events) return no useful body — callers only care whether the request
+     * succeeded. This helper resolves to `true` on success and to the caught
+     * error (as IError) on failure, centralizing the repeated try/catch.
+     * @param {() => Promise<unknown>} request - Thunk performing the fetch call.
+     * @returns {Promise<boolean | IError>} `true` on success, IError on failure.
+     */
+    async _fetchBoolean(request) {
+        try {
+            await request();
+            return true;
+        }
+        catch (e) {
+            return e;
+        }
+    }
+    /**
+     * Refreshes the authentication token (single-flight).
      * @returns {Promise<boolean>} A promise resolving to a boolean indicating success or failure.
-     * @description Define an asynchronous method 'refreshToken' that attempts to refresh the authentication token
+     * @description De-duplicates concurrent refreshes — the refresh token is single-use, so parallel requests must share one refresh call instead of each burning a rotated token.
      */
     async refreshToken() {
+        // Reuse an in-flight refresh if one is already running (shared via state
+        // across all module instances). Prevents parallel requests from each firing
+        // their own refresh and invalidating the single-use refresh token.
+        if (this.state._refreshPromise) {
+            return this.state._refreshPromise;
+        }
+        const promise = this._performRefresh();
+        this.state._refreshPromise = promise;
+        try {
+            return await promise;
+        }
+        finally {
+            // Clear so the next genuine 401 (e.g. mid-session expiry) can refresh again.
+            this.state._refreshPromise = null;
+        }
+    }
+    /**
+     * Performs the actual token refresh request (without de-duplication).
+     * @returns {Promise<boolean>} A promise resolving to a boolean indicating success or failure.
+     * @description Sends POST /users/refresh and, on success, stores the rotated access/refresh tokens and calls saveFunction.
+     */
+    async _performRefresh() {
         const url = this.state.url +
             `/api/content/users-auth-providers/marker/` +
             this.state.providerMarker +
@@ -396,7 +437,32 @@ class AsyncModules extends syncModules_1.default {
      * @description Define an asynchronous method 'browserResponse' that takes a path and options as parameters
      */
     async browserResponse(path, options) {
+        // Set when a proactive refresh ran and failed (dead/expired refresh token):
+        // used below to skip the reactive refresh so we don't fire a second,
+        // equally-doomed refresh on the 401 that the request is about to return.
+        let proactiveRefreshFailed = false;
         try {
+            // Proactive (eager) refresh: a session restored from storage has a refresh
+            // token but no access token yet. Sending the first authenticated request
+            // without an access token GUARANTEES a 401 (then a reactive refresh + retry)
+            // — a spurious 401 logged on every page load even for a perfectly valid
+            // session. Obtaining the access token up-front turns that into a clean 200.
+            // Fires at most once per session (skipped once accessToken is set), and is
+            // off for custom-auth callers who manage tokens themselves.
+            if (!this.state.accessToken &&
+                this.state.refreshToken &&
+                !this.state.customAuth) {
+                const refreshed = await this.refreshToken();
+                if (refreshed) {
+                    // Authenticated now — attach the bearer and drop the guest scoping
+                    // that makeOptions added while no access token was present.
+                    options.headers['Authorization'] = 'Bearer ' + this.state.accessToken;
+                    delete options.headers['x-guest-id'];
+                }
+                else {
+                    proactiveRefreshFailed = true;
+                }
+            }
             // Perform a fetch request using the full URL obtained from '_getFullPath' and the provided options
             const response = await fetch(this._getFullPath(path), options);
             // Check if the response status is OK (status code 200-299)
@@ -415,8 +481,12 @@ class AsyncModules extends syncModules_1.default {
             }
             else {
                 // Handle non-OK responses
-                // Check if the status is 401 (Unauthorized) and custom authentication is not used
-                if (response.status === 401 && !this.state.customAuth) {
+                // Reactive refresh for mid-session expiry: access token was present but
+                // the server rejected it. Skipped when a proactive refresh already ran
+                // and failed (the refresh token is dead — retrying would 400 again).
+                if (response.status === 401 &&
+                    !this.state.customAuth &&
+                    !proactiveRefreshFailed) {
                     // Attempt to refresh the access token
                     const refresh = await this.refreshToken();
                     if (refresh) {

package/dist/base/stateModule.d.ts

@@ -11,6 +11,7 @@ export default class StateModule {
     accessToken: string | undefined;
     traficLimit: boolean;
     refreshToken: string | undefined;
+    _refreshPromise: Promise<boolean> | null;
     providerMarker: string;
     customAuth: boolean;
     _NO_FETCH: boolean;

package/dist/base/stateModule.js

@@ -46,6 +46,10 @@ class StateModule {
      */
     constructor(url, config) {
         var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s, _t, _u, _v, _w, _x, _y, _z, _0, _1;
+        // In-flight token refresh, shared across all module instances (they share this
+        // state object). De-duplicates concurrent refreshes so the single-use refresh
+        // token is not burned by parallel requests. Null when no refresh is running.
+        this._refreshPromise = null;
         this.url = url;
         this.lang = (_a = config.langCode) !== null && _a !== void 0 ? _a : 'en_US';
         this.token = config.token;