pryv 3.0.1 → 3.0.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pryv",
-  "version": "3.0.1",
+  "version": "3.0.2",
   "description": "Pryv JavaScript library",
   "keywords": [
     "Pryv",

package/src/lib/getEventStreamed.js

@@ -59,7 +59,7 @@ async function getEventStreamed (conn, queryParam, parser) {
   }
 
   if (errResult) {
-    throw new Error(errResult);
+    throw new Error(errResult?.message + ' ' + errResult?.rawResponse);
   }
 
   // We're done!

package/test/Accesses.test.js

@@ -0,0 +1,126 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, before, after, expect, pryv, testData */
+
+const { createId: cuid } = require('@paralleldrive/cuid2');
+
+let conn = null;
+const testStreamId = 'acc-' + cuid().slice(0, 8);
+let createdAccessId = null;
+let createdAccessToken = null;
+
+describe('[ACSX] Accesses', () => {
+  before(async function () {
+    this.timeout(15000);
+    await testData.prepare();
+    conn = new pryv.Connection(testData.apiEndpointWithToken);
+
+    // Create a test stream for permissions
+    await conn.api([{
+      method: 'streams.create',
+      params: { id: testStreamId, name: 'Access Test Stream' }
+    }]);
+  });
+
+  describe('[ACRX] accesses.create', function () {
+    it('[ACRA] create a shared access', async () => {
+      const res = await conn.api([{
+        method: 'accesses.create',
+        params: {
+          name: 'test-shared-' + cuid().slice(0, 8),
+          type: 'shared',
+          permissions: [{ streamId: testStreamId, level: 'read' }]
+        }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].access).to.exist;
+      expect(res[0].access.token).to.exist;
+      expect(res[0].access.type).to.equal('shared');
+      createdAccessId = res[0].access.id;
+      createdAccessToken = res[0].access.token;
+    });
+
+    it('[ACRB] create an app access', async () => {
+      const res = await conn.api([{
+        method: 'accesses.create',
+        params: {
+          name: 'test-app-' + cuid().slice(0, 8),
+          type: 'app',
+          permissions: [{ streamId: testStreamId, level: 'contribute' }]
+        }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].access).to.exist;
+      expect(res[0].access.type).to.equal('app');
+    });
+
+    it('[ACRC] reject access with invalid permission level', async () => {
+      const res = await conn.api([{
+        method: 'accesses.create',
+        params: {
+          name: 'bad-access',
+          type: 'shared',
+          permissions: [{ streamId: testStreamId, level: 'bogus' }]
+        }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].error).to.exist;
+    });
+  });
+
+  describe('[AGTX] accesses.get', function () {
+    it('[AGTA] list accesses', async () => {
+      const res = await conn.api([{
+        method: 'accesses.get',
+        params: {}
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].accesses).to.exist;
+      expect(Array.isArray(res[0].accesses)).to.equal(true);
+      expect(res[0].accesses.length).to.be.gt(0);
+    });
+
+    it('[AGTB] created access is in the list', async () => {
+      const res = await conn.api([{
+        method: 'accesses.get',
+        params: {}
+      }]);
+      const found = res[0].accesses.find(a => a.id === createdAccessId);
+      expect(found).to.exist;
+      expect(found.token).to.equal(createdAccessToken);
+    });
+  });
+
+  describe('[ADLX] accesses.delete', function () {
+    it('[ADLA] delete (revoke) an access', async () => {
+      expect(createdAccessId).to.exist;
+      const res = await conn.api([{
+        method: 'accesses.delete',
+        params: { id: createdAccessId }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].accessDeletion).to.exist;
+      expect(res[0].accessDeletion.id).to.equal(createdAccessId);
+    });
+
+    it('[ADLB] deleted access is no longer in the list', async () => {
+      const res = await conn.api([{
+        method: 'accesses.get',
+        params: {}
+      }]);
+      const found = res[0].accesses.find(a => a.id === createdAccessId);
+      expect(found).to.not.exist;
+    });
+  });
+
+  // Cleanup
+  after(async () => {
+    if (!conn) return;
+    await conn.api([
+      { method: 'streams.delete', params: { id: testStreamId } },
+      { method: 'streams.delete', params: { id: testStreamId } }
+    ]);
+  });
+});

package/test/Account.test.js

@@ -0,0 +1,73 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, before, expect, pryv, testData */
+
+let conn = null;
+
+describe('[ACTX] Account', () => {
+  before(async function () {
+    this.timeout(15000);
+    await testData.prepare();
+    conn = new pryv.Connection(testData.apiEndpointWithToken);
+  });
+
+  describe('[AINX] account.get', function () {
+    it('[AINA] get account info', async () => {
+      const res = await conn.api([{
+        method: 'account.get',
+        params: {}
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].account).to.exist;
+      expect(res[0].account.username).to.equal(testData.username);
+      expect(res[0].account.email).to.exist;
+    });
+  });
+
+  describe('[ASUX] account.get storageUsed', function () {
+    it('[ASUA] storageUsed has expected fields', async () => {
+      const res = await conn.api([{
+        method: 'account.get',
+        params: {}
+      }]);
+      const account = res[0].account;
+      expect(account.storageUsed).to.exist;
+      expect(account.storageUsed.dbDocuments).to.be.a('number');
+      expect(account.storageUsed.attachedFiles).to.be.a('number');
+    });
+  });
+
+  describe('[ACPX] account.changePassword', function () {
+    it('[ACPA] change password and change back', async () => {
+      const oldPassword = testData.password;
+      const newPassword = oldPassword + '-new';
+
+      // Change to new password
+      const res1 = await conn.api([{
+        method: 'account.changePassword',
+        params: { oldPassword, newPassword }
+      }]);
+      expect(res1[0]).to.exist;
+      expect(res1[0].error).to.not.exist;
+
+      // Change back to original
+      const res2 = await conn.api([{
+        method: 'account.changePassword',
+        params: { oldPassword: newPassword, newPassword: oldPassword }
+      }]);
+      expect(res2[0]).to.exist;
+      expect(res2[0].error).to.not.exist;
+    });
+
+    it('[ACPB] reject wrong old password', async () => {
+      const res = await conn.api([{
+        method: 'account.changePassword',
+        params: { oldPassword: 'wrong-password', newPassword: 'new-password' }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].error).to.exist;
+    });
+  });
+});

package/test/AuthController.test.js

@@ -0,0 +1,193 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, before, after, expect, JSDOM, testData */
+
+const AuthController = require('../src/Auth/AuthController');
+const AuthStates = require('../src/Auth/AuthStates');
+const Service = require('../src/Service');
+
+describe('[ACNX] AuthController', function () {
+  this.timeout(15000);
+
+  let service;
+  let cleanupDom = false;
+
+  before(async function () {
+    await testData.prepare();
+    service = new Service(testData.serviceInfoUrl);
+    await service.info();
+  });
+
+  before(async () => {
+    if (typeof document !== 'undefined') return;
+    cleanupDom = true;
+    const dom = new JSDOM('<!DOCTYPE html>', {
+      url: 'http://localhost/'
+    });
+    global.document = dom.window.document;
+    global.window = dom.window;
+    global.location = dom.window.location;
+    global.navigator = { userAgent: 'Safari' };
+  });
+
+  after(async () => {
+    if (!cleanupDom) return;
+    delete global.document;
+    delete global.window;
+    delete global.location;
+  });
+
+  describe('[ACVX] Validation', function () {
+    it('[ACVA] throws error when settings is null', function () {
+      expect(() => new AuthController(null, service)).to.throw('settings cannot be null');
+    });
+
+    it('[ACVB] throws error when authRequest is missing', function () {
+      expect(() => new AuthController({}, service)).to.throw('Missing settings.authRequest');
+    });
+
+    it('[ACVC] throws error when requestingAppId is missing', function () {
+      expect(() => new AuthController({
+        authRequest: { requestedPermissions: [] }
+      }, service)).to.throw('Missing settings.authRequest.requestingAppId');
+    });
+
+    it('[ACVD] throws error when requestedPermissions is missing', function () {
+      expect(() => new AuthController({
+        authRequest: { requestingAppId: 'test-app' }
+      }, service)).to.throw('Missing settings.authRequest.requestedPermissions');
+    });
+  });
+
+  describe('[ACLX] Listeners', function () {
+    it('[ACLA] calls onStateChange listener when state changes', async function () {
+      const stateChanges = [];
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        },
+        onStateChange: (state) => stateChanges.push(state)
+      }, service);
+
+      await auth.init();
+      expect(stateChanges.length).to.be.greaterThan(0);
+      expect(stateChanges[0].status).to.equal(AuthStates.LOADING);
+    });
+
+    it('[ACLB] handles listener errors gracefully', async function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        },
+        onStateChange: () => { throw new Error('Listener error'); }
+      }, service);
+
+      // Should not throw
+      await auth.init();
+      expect(auth.state).to.exist;
+    });
+  });
+
+  describe('[ACHX] handleClick', function () {
+    it('[ACHA] triggers SIGNOUT when authorized', async function () {
+      const stateChanges = [];
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        },
+        onStateChange: (state) => stateChanges.push(state)
+      }, service);
+
+      await auth.init();
+
+      // Simulate authorized state
+      auth._state = { status: AuthStates.AUTHORIZED };
+
+      await auth.handleClick();
+      const lastState = stateChanges[stateChanges.length - 1];
+      expect(lastState.status).to.equal(AuthStates.SIGNOUT);
+    });
+
+    it('[ACHB] handles NEED_SIGNIN click (reopens popup)', async function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      }, service);
+
+      await auth.init();
+
+      // Simulate NEED_SIGNIN state
+      const needSigninState = { status: AuthStates.NEED_SIGNIN, authUrl: 'http://test.url' };
+      auth._state = needSigninState;
+
+      await auth.handleClick();
+      // Should trigger state change with same state
+      expect(auth.state.status).to.equal(AuthStates.NEED_SIGNIN);
+    });
+  });
+
+  describe('[ACSX] stopAuthRequest', function () {
+    it('[ACSA] sets error state with message', async function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      }, service);
+
+      await auth.init();
+      auth.stopAuthRequest('Test error message');
+
+      expect(auth.state.status).to.equal(AuthStates.ERROR);
+      expect(auth.state.message).to.equal('Test error message');
+    });
+  });
+
+  describe('[ACRX] returnURL', function () {
+    it('[ACRA] throws on invalid returnURL trailer', function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      }, service);
+
+      expect(() => auth.getReturnURL('http://example.com')).to.throw('Last character');
+    });
+
+    it('[ACRB] handles null/undefined returnURL', function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      }, service);
+
+      // Desktop browser (Safari) returns false for auto mode
+      const result = auth.getReturnURL(undefined, 'http://test.com', { userAgent: 'Safari' });
+      expect(result).to.equal(false);
+    });
+  });
+
+  describe('[AIST] State', function () {
+    it('[AISA] state getter and setter work correctly', async function () {
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      }, service);
+
+      auth.state = { status: AuthStates.LOADING };
+      expect(auth.state.status).to.equal(AuthStates.LOADING);
+      expect(auth.state.id).to.equal(AuthStates.LOADING); // retro-compatibility
+    });
+  });
+});

package/test/Connection.edge-cases.test.js

@@ -0,0 +1,102 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, before, expect, pryv, testData */
+
+describe('[CECX] Connection Edge Cases', function () {
+  this.timeout(15000);
+
+  let conn;
+
+  before(async function () {
+    await testData.prepare();
+    conn = new pryv.Connection(testData.apiEndpointWithToken);
+  });
+
+  describe('[CERX] Error handling', function () {
+    it('[CERA] api() throws on non-array input', async function () {
+      let error = null;
+      try {
+        await conn.api({ method: 'events.get' });
+      } catch (e) {
+        error = e;
+      }
+      expect(error).to.exist;
+      expect(error.message).to.include('array');
+    });
+
+    it('[CERB] apiOne() throws on error response', async function () {
+      let error = null;
+      try {
+        await conn.apiOne('invalid.method', {});
+      } catch (e) {
+        error = e;
+      }
+      expect(error).to.exist;
+    });
+
+    it('[CERC] constructor throws on invalid service param', function () {
+      let error = null;
+      try {
+        const _conn = new pryv.Connection(testData.apiEndpointWithToken, { notAService: true });
+        expect(_conn).to.not.exist; // Should not reach here
+      } catch (e) {
+        error = e;
+      }
+      expect(error).to.exist;
+      expect(error.message).to.include('Invalid service');
+    });
+
+    it('[CERD] _handleMeta throws on missing meta', async function () {
+      let error = null;
+      try {
+        conn._handleMeta({}, Date.now() / 1000);
+      } catch (e) {
+        error = e;
+      }
+      expect(error).to.exist;
+      expect(error.message).to.include('meta');
+    });
+
+    it('[CERE] _handleMeta throws on missing serverTime', async function () {
+      let error = null;
+      try {
+        conn._handleMeta({ meta: {} }, Date.now() / 1000);
+      } catch (e) {
+        error = e;
+      }
+      expect(error).to.exist;
+      expect(error.message).to.include('serverTime');
+    });
+  });
+
+  describe('[CSCX] Service getter', function () {
+    it('[CSCA] creates service when not provided', function () {
+      const conn2 = new pryv.Connection(testData.apiEndpoint);
+      const service = conn2.service;
+      expect(service).to.exist;
+      // Second access returns same instance
+      expect(conn2.service).to.equal(service);
+    });
+
+    it('[CSCB] uses provided service', async function () {
+      const service = new pryv.Service(testData.serviceInfoUrl);
+      await service.info();
+      const conn2 = new pryv.Connection(testData.apiEndpoint, service);
+      expect(conn2.service).to.equal(service);
+    });
+  });
+
+  describe('[CGEX] get() method', function () {
+    it('[CGEA] get() without query params', async function () {
+      const result = await conn.get('access-info');
+      expect(result).to.exist;
+    });
+
+    it('[CGEB] get() with null query params', async function () {
+      const result = await conn.get('access-info', null);
+      expect(result).to.exist;
+    });
+  });
+});

package/test/Connection.test.js

@@ -5,7 +5,7 @@
 /* global describe, it, before, after, beforeEach, afterEach, expect, JSDOM, pryv, Blob, FormData */
 
 // URL and URLSearchParams are native in Node.js and browsers
-const cuid = require('cuid');
+const { createId: cuid } = require('@paralleldrive/cuid2');
 const testData = require('../../../test/test-data');
 
 let conn = null;
@@ -23,9 +23,9 @@ describe('[CONX] Connection', () => {
     await testData.prepare();
     conn = new pryv.Connection(testData.apiEndpointWithToken);
 
-    // create some events
-    const toBeDeletedId = cuid();
-    const toBeTrashed = cuid();
+    // create some events (prefix with 'c' for v2 event ID pattern)
+    const toBeDeletedId = 'c' + cuid();
+    const toBeTrashed = 'c' + cuid();
     await conn.api([
       {
         method: 'events.create',
@@ -359,7 +359,34 @@ describe('[CONX] Connection', () => {
         expect(eventsCount).to.equal(res.eventsCount);
       });
 
+      it('[CSNY] streaming with roneous query params', async () => {
+        const queryParams = { fromTime: 0, toTime: Date.now() / 1000, limit: 10000, types: ['note/txt'], streams: ['bogus', 'bogus2'] };
+        let eventsCount = 0;
+        function forEachEvent (event) {
+          eventsCount++;
+        }
+        try {
+          const res = await conn.getEventsStreamed(queryParams, forEachEvent);
+          expect(eventsCount).to.equal(res.eventsCount);
+        } catch (e) {
+          return;
+        }
+        throw new Error('Should fail');
+      });
+
       it('[CSNB] streaming includesDeletion', async () => {
+        // Create, trash, and delete events to ensure we have all three states
+        const trashId = 'c' + cuid();
+        const deleteId = 'c' + cuid();
+        const setupRes = await conn.api([
+          { method: 'events.create', params: { id: trashId, streamIds: ['data'], type: 'note/txt', content: 'to trash' } },
+          { method: 'events.create', params: { id: deleteId, streamIds: ['data'], type: 'note/txt', content: 'to delete' } },
+          { method: 'events.delete', params: { id: trashId } },
+          { method: 'events.delete', params: { id: deleteId } },
+          { method: 'events.delete', params: { id: deleteId } }
+        ]);
+        // Verify setup succeeded
+        expect(setupRes[0].event, 'event creation failed: ' + JSON.stringify(setupRes[0].error)).to.exist;
         const queryParams = { fromTime: 0, toTime: now, limit: 10000, includeDeletions: true, modifiedSince: 0, state: 'all' };
         let eventsCount = 0;
         let trashedCount = 0;

package/test/CookieUtils.test.js

@@ -0,0 +1,69 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, before, after, expect, JSDOM */
+
+const CookieUtils = require('../src/Browser/CookieUtils');
+
+describe('[COKX] CookieUtils', function () {
+  let cleanupDom = false;
+
+  before(async () => {
+    if (typeof document !== 'undefined') return; // in browser
+    cleanupDom = true;
+    const dom = new JSDOM('<!DOCTYPE html>', {
+      url: 'http://localhost/'
+    });
+    global.document = dom.window.document;
+    global.window = dom.window;
+  });
+
+  after(async () => {
+    if (!cleanupDom) return;
+    delete global.document;
+    delete global.window;
+  });
+
+  it('[COKA] set() and get() cookie', async function () {
+    const testKey = 'test-cookie-key';
+    const testValue = { foo: 'bar', num: 123 };
+    CookieUtils.set(testKey, testValue);
+    const retrieved = CookieUtils.get(testKey);
+    expect(retrieved).to.deep.equal(testValue);
+  });
+
+  it('[COKB] get() returns undefined for non-existent cookie', async function () {
+    const result = CookieUtils.get('non-existent-cookie-key');
+    expect(result).to.be.undefined;
+  });
+
+  it('[COKC] del() removes cookie', async function () {
+    const testKey = 'cookie-to-delete';
+    CookieUtils.set(testKey, { data: 'test' });
+    expect(CookieUtils.get(testKey)).to.exist;
+    CookieUtils.del(testKey);
+    // After deletion, the cookie is set to { deleted: true } with expiration in the past
+    // The cookie may still exist but with deleted flag
+    const afterDel = CookieUtils.get(testKey);
+    if (afterDel) {
+      expect(afterDel.deleted).to.be.true;
+    }
+  });
+
+  it('[COKD] set() with custom expiration', async function () {
+    const testKey = 'cookie-with-expiry';
+    const testValue = 'expires-soon';
+    CookieUtils.set(testKey, testValue, 30);
+    const retrieved = CookieUtils.get(testKey);
+    expect(retrieved).to.equal(testValue);
+  });
+
+  it('[COKE] handles special characters in values', async function () {
+    const testKey = 'special-chars';
+    const testValue = { text: 'hello=world&foo=bar', unicode: '日本語' };
+    CookieUtils.set(testKey, testValue);
+    const retrieved = CookieUtils.get(testKey);
+    expect(retrieved).to.deep.equal(testValue);
+  });
+});

package/test/LoginButton.test.js

@@ -0,0 +1,196 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, before, after, expect, JSDOM, testData */
+
+const LoginButton = require('../src/Browser/LoginButton');
+const Service = require('../src/Service');
+const AuthStates = require('../src/Auth/AuthStates');
+
+describe('[LBTX] LoginButton', function () {
+  this.timeout(20000);
+
+  let service;
+  let cleanupDom = false;
+  let dom;
+
+  before(async function () {
+    await testData.prepare();
+    service = new Service(testData.serviceInfoUrl);
+    await service.info();
+  });
+
+  before(async () => {
+    if (typeof document !== 'undefined') return;
+    cleanupDom = true;
+    dom = new JSDOM('<!DOCTYPE html><body><span id="loginButton"></span></body>', {
+      url: 'http://localhost/'
+    });
+    global.document = dom.window.document;
+    global.window = dom.window;
+    global.location = dom.window.location;
+    global.navigator = { userAgent: 'Safari' };
+    global.confirm = () => true;
+  });
+
+  after(async () => {
+    if (!cleanupDom) return;
+    delete global.document;
+    delete global.window;
+    delete global.location;
+    delete global.confirm;
+  });
+
+  describe('[LBCX] Constructor and Init', function () {
+    it('[LBCA] creates LoginButton with valid settings', async function () {
+      const settings = {
+        spanButtonID: 'loginButton',
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      };
+      const loginBtn = new LoginButton(settings, service);
+      expect(loginBtn.authSettings).to.equal(settings);
+      expect(loginBtn.service).to.equal(service);
+    });
+
+    it('[LBCB] init() sets up button and auth controller', async function () {
+      const settings = {
+        spanButtonID: 'loginButton',
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        }
+      };
+      const loginBtn = new LoginButton(settings, service);
+      await loginBtn.init();
+      expect(loginBtn.auth).to.exist;
+      expect(loginBtn._cookieKey).to.include('pryv-libjs-');
+    });
+  });
+
+  describe('[LBAX] Authorization data', function () {
+    let loginBtn;
+
+    before(async function () {
+      const settings = {
+        spanButtonID: 'loginButton',
+        authRequest: {
+          requestingAppId: 'test-app-auth',
+          requestedPermissions: []
+        }
+      };
+      loginBtn = new LoginButton(settings, service);
+      await loginBtn.init();
+    });
+
+    it('[LBAA] saveAuthorizationData and getAuthorizationData work', function () {
+      const authData = { apiEndpoint: 'https://test.pryv.me', username: 'testuser' };
+      loginBtn.saveAuthorizationData(authData);
+      const retrieved = loginBtn.getAuthorizationData();
+      expect(retrieved).to.deep.equal(authData);
+    });
+
+    it('[LBAB] deleteAuthorizationData removes data', async function () {
+      loginBtn.saveAuthorizationData({ test: 'data' });
+      await loginBtn.deleteAuthorizationData();
+      const retrieved = loginBtn.getAuthorizationData();
+      // After deletion, either undefined or has deleted flag
+      if (retrieved) {
+        expect(retrieved.deleted).to.be.true;
+      }
+    });
+  });
+
+  describe('[LBOX] onClick', function () {
+    it('[LBOA] onClick calls auth.handleClick', async function () {
+      const settings = {
+        spanButtonID: 'loginButton',
+        authRequest: {
+          requestingAppId: 'test-app-click',
+          requestedPermissions: []
+        }
+      };
+      const loginBtn = new LoginButton(settings, service);
+      await loginBtn.init();
+
+      let handleClickCalled = false;
+      loginBtn.auth.handleClick = function () { handleClickCalled = true; };
+
+      loginBtn.onClick();
+      expect(handleClickCalled).to.be.true;
+    });
+  });
+
+  describe('[LBSX] onStateChange', function () {
+    let loginBtn;
+
+    before(async function () {
+      const settings = {
+        spanButtonID: 'loginButton',
+        authRequest: {
+          requestingAppId: 'test-app-state',
+          requestedPermissions: []
+        }
+      };
+      loginBtn = new LoginButton(settings, service);
+      await loginBtn.init();
+    });
+
+    it('[LBSA] handles LOADING state', async function () {
+      await loginBtn.onStateChange({ status: AuthStates.LOADING });
+      expect(loginBtn.text).to.equal('...');
+    });
+
+    it('[LBSB] handles INITIALIZED state', async function () {
+      await loginBtn.onStateChange({ status: AuthStates.INITIALIZED });
+      expect(loginBtn.text).to.include('Signin');
+    });
+
+    it('[LBSC] handles AUTHORIZED state', async function () {
+      await loginBtn.onStateChange({
+        status: AuthStates.AUTHORIZED,
+        username: 'testuser',
+        apiEndpoint: 'https://test.pryv.me'
+      });
+      expect(loginBtn.text).to.equal('testuser');
+    });
+
+    it('[LBSD] handles ERROR state', async function () {
+      await loginBtn.onStateChange({
+        status: AuthStates.ERROR,
+        message: 'Test error'
+      });
+      expect(loginBtn.text).to.include('Error');
+      expect(loginBtn.text).to.include('Test error');
+    });
+
+    it('[LBSE] handles SIGNOUT state when confirmed', async function () {
+      // Save some auth data first
+      loginBtn.saveAuthorizationData({ test: 'data' });
+      await loginBtn.onStateChange({ status: AuthStates.SIGNOUT });
+      // Confirm is mocked to return true
+    });
+
+    it('[LBSF] handles unknown state gracefully', async function () {
+      // Should log warning but not throw
+      await loginBtn.onStateChange({ status: 'UNKNOWN_STATE' });
+    });
+  });
+
+  describe('[LBWX] Without spanButtonID', function () {
+    it('[LBWA] init works without span (logs warning)', async function () {
+      const settings = {
+        authRequest: {
+          requestingAppId: 'test-app-no-span',
+          requestedPermissions: []
+        }
+      };
+      const loginBtn = new LoginButton(settings, service);
+      await loginBtn.init();
+      expect(loginBtn.loginButtonSpan).to.be.null;
+    });
+  });
+});

package/test/LoginMessages.test.js

@@ -0,0 +1,48 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, expect */
+
+const Messages = require('../src/Auth/LoginMessages');
+
+describe('[MSGX] LoginMessages', function () {
+  it('[MSGA] returns English messages by default', function () {
+    const msgs = Messages('en');
+    expect(msgs.LOADING).to.equal('...');
+    expect(msgs.ERROR).to.equal('Error');
+    expect(msgs.LOGIN).to.equal('Signin');
+    expect(msgs.SIGNOUT_CONFIRM).to.equal('Logout?');
+  });
+
+  it('[MSGB] returns French messages when available', function () {
+    const msgs = Messages('fr');
+    expect(msgs.ERROR).to.equal('Erreur');
+    expect(msgs.LOGIN).to.equal('Login');
+    expect(msgs.SIGNOUT_CONFIRM).to.equal('Se déconnecter ?');
+  });
+
+  it('[MSGC] falls back to English for unavailable language', function () {
+    const msgs = Messages('de');
+    expect(msgs.LOADING).to.equal('...');
+    expect(msgs.ERROR).to.equal('Error');
+  });
+
+  it('[MSGD] uses custom definitions when provided', function () {
+    const customDefs = {
+      LOADING: { en: 'Loading...', fr: 'Chargement...' },
+      CUSTOM: { en: 'Custom Message', fr: 'Message personnalisé' }
+    };
+    const msgs = Messages('en', customDefs);
+    expect(msgs.LOADING).to.equal('Loading...');
+    expect(msgs.CUSTOM).to.equal('Custom Message');
+  });
+
+  it('[MSGE] custom definitions fall back to English', function () {
+    const customDefs = {
+      TEST: { en: 'English only' }
+    };
+    const msgs = Messages('fr', customDefs);
+    expect(msgs.TEST).to.equal('English only');
+  });
+});

package/test/PryvError.test.js

@@ -0,0 +1,40 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, expect */
+
+const PryvError = require('../src/lib/PryvError');
+
+describe('[PERX] PryvError', function () {
+  it('[PERA] creates error with message', function () {
+    const error = new PryvError('Test error message');
+    expect(error.message).to.equal('Test error message');
+    expect(error.name).to.equal('PryvError');
+    expect(error).to.be.instanceOf(Error);
+    expect(error).to.be.instanceOf(PryvError);
+  });
+
+  it('[PERB] includes innerObject when provided', function () {
+    const innerError = new Error('Inner error');
+    const error = new PryvError('Outer message', innerError);
+    expect(error.innerObject).to.equal(innerError);
+  });
+
+  it('[PERC] accepts object as innerObject', function () {
+    const innerObj = { code: 'ERR_001', details: 'some details' };
+    const error = new PryvError('Error with object', innerObj);
+    expect(error.innerObject).to.deep.equal(innerObj);
+  });
+
+  it('[PERD] has proper stack trace', function () {
+    const error = new PryvError('Stack test');
+    expect(error.stack).to.exist;
+    expect(error.stack).to.include('PryvError');
+  });
+
+  it('[PERE] innerObject is undefined when not provided', function () {
+    const error = new PryvError('No inner');
+    expect(error.innerObject).to.be.undefined;
+  });
+});

package/test/Streams.test.js

@@ -0,0 +1,135 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, before, after, expect, pryv, testData */
+
+const { createId: cuid } = require('@paralleldrive/cuid2');
+
+let conn = null;
+const suffix = cuid().slice(0, 8);
+const testStreamId = 'str-' + suffix;
+const childStreamId = 'str-child-' + suffix;
+const testStreamName = 'Test Stream ' + suffix;
+const childStreamName = 'Child Stream ' + suffix;
+
+describe('[STRX] Streams', () => {
+  before(async function () {
+    this.timeout(15000);
+    await testData.prepare();
+    conn = new pryv.Connection(testData.apiEndpointWithToken);
+  });
+
+  describe('[SCRX] streams.create', function () {
+    it('[SCRA] create a root stream', async () => {
+      const res = await conn.api([{
+        method: 'streams.create',
+        params: { id: testStreamId, name: testStreamName }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].stream).to.exist;
+      expect(res[0].stream.id).to.equal(testStreamId);
+      expect(res[0].stream.name).to.equal(testStreamName);
+    });
+
+    it('[SCRB] create a child stream', async () => {
+      const res = await conn.api([{
+        method: 'streams.create',
+        params: { id: childStreamId, name: childStreamName, parentId: testStreamId }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].stream).to.exist;
+      expect(res[0].stream.parentId).to.equal(testStreamId);
+    });
+
+    it('[SCRC] reject duplicate stream id', async () => {
+      const res = await conn.api([{
+        method: 'streams.create',
+        params: { id: testStreamId, name: 'Duplicate ' + suffix }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].error).to.exist;
+      expect(res[0].error.id).to.equal('item-already-exists');
+    });
+  });
+
+  describe('[SGTX] streams.get', function () {
+    it('[SGTA] get all streams', async () => {
+      const res = await conn.api([{
+        method: 'streams.get',
+        params: {}
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].streams).to.exist;
+      expect(Array.isArray(res[0].streams)).to.equal(true);
+      expect(res[0].streams.length).to.be.gt(0);
+    });
+
+    it('[SGTB] get stream tree includes parent and child', async () => {
+      const res = await conn.api([{
+        method: 'streams.get',
+        params: {}
+      }]);
+      const streams = res[0].streams;
+      const parent = findStream(streams, testStreamId);
+      expect(parent).to.exist;
+      expect(parent.children).to.exist;
+      const child = parent.children.find(s => s.id === childStreamId);
+      expect(child).to.exist;
+    });
+  });
+
+  describe('[SUPX] streams.update', function () {
+    it('[SUPA] rename a stream', async () => {
+      const res = await conn.api([{
+        method: 'streams.update',
+        params: { id: childStreamId, update: { name: 'Renamed ' + suffix } }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].stream).to.exist;
+      expect(res[0].stream.name).to.equal('Renamed ' + suffix);
+    });
+  });
+
+  describe('[SDLX] streams.delete', function () {
+    it('[SDLA] trash a stream (first delete)', async () => {
+      const res = await conn.api([{
+        method: 'streams.delete',
+        params: { id: childStreamId }
+      }]);
+      expect(res[0]).to.exist;
+      expect(res[0].stream).to.exist;
+      expect(res[0].stream.trashed).to.equal(true);
+    });
+
+    it('[SDLB] delete a trashed stream (second delete)', async () => {
+      const res = await conn.api([{
+        method: 'streams.delete',
+        params: { id: childStreamId }
+      }]);
+      expect(res[0]).to.exist;
+      // After second delete, stream is gone
+      expect(res[0].streamDeletion).to.exist;
+    });
+  });
+
+  // Cleanup parent stream
+  after(async () => {
+    if (!conn) return;
+    await conn.api([
+      { method: 'streams.delete', params: { id: testStreamId } },
+      { method: 'streams.delete', params: { id: testStreamId } }
+    ]);
+  });
+});
+
+function findStream (streams, id) {
+  for (const s of streams) {
+    if (s.id === id) return s;
+    if (s.children) {
+      const found = findStream(s.children, id);
+      if (found) return found;
+    }
+  }
+  return null;
+}

package/test/buildSearchParams.test.js

@@ -0,0 +1,61 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, expect */
+
+const buildSearchParams = require('../src/lib/buildSearchParams');
+
+describe('[BSPX] buildSearchParams', function () {
+  it('[BSPA] builds params from simple object', function () {
+    const result = buildSearchParams({ foo: 'bar', num: 123 });
+    expect(result).to.equal('foo=bar&num=123');
+  });
+
+  it('[BSPB] handles arrays as repeated keys', function () {
+    const result = buildSearchParams({ tags: ['a', 'b', 'c'] });
+    expect(result).to.equal('tags=a&tags=b&tags=c');
+  });
+
+  it('[BSPC] handles mixed arrays and values', function () {
+    const result = buildSearchParams({
+      name: 'test',
+      ids: ['id1', 'id2'],
+      limit: 10
+    });
+    expect(result).to.include('name=test');
+    expect(result).to.include('ids=id1');
+    expect(result).to.include('ids=id2');
+    expect(result).to.include('limit=10');
+  });
+
+  it('[BSPD] ignores null and undefined values', function () {
+    const result = buildSearchParams({
+      valid: 'yes',
+      nullVal: null,
+      undefVal: undefined
+    });
+    expect(result).to.equal('valid=yes');
+  });
+
+  it('[BSPE] handles empty object', function () {
+    const result = buildSearchParams({});
+    expect(result).to.equal('');
+  });
+
+  it('[BSPF] encodes special characters', function () {
+    const result = buildSearchParams({ query: 'hello world', special: 'a=b&c=d' });
+    expect(result).to.include('query=hello+world');
+    expect(result).to.include('special=a%3Db%26c%3Dd');
+  });
+
+  it('[BSPG] handles boolean values', function () {
+    const result = buildSearchParams({ active: true, disabled: false });
+    expect(result).to.equal('active=true&disabled=false');
+  });
+
+  it('[BSPH] handles empty arrays', function () {
+    const result = buildSearchParams({ tags: [], name: 'test' });
+    expect(result).to.equal('name=test');
+  });
+});

package/test/json-parser.test.js

@@ -0,0 +1,198 @@
+/**
+ * @license
+ * [BSD-3-Clause](https://github.com/pryv/lib-js/blob/master/LICENSE)
+ */
+/* global describe, it, expect */
+
+const jsonParser = require('../src/lib/json-parser');
+const { EventEmitter } = require('events');
+
+// Helper to create a mock response stream
+function createMockResponse (chunks) {
+  const emitter = new EventEmitter();
+  emitter.setEncoding = function () {};
+
+  // Emit chunks asynchronously
+  setTimeout(() => {
+    chunks.forEach(chunk => emitter.emit('data', chunk));
+    emitter.emit('end');
+  }, 0);
+
+  return emitter;
+}
+
+describe('[JPSX] json-parser', function () {
+  it('[JPSA] parses single event correctly', function (done) {
+    const events = [];
+    const parser = jsonParser((event) => events.push(event), false);
+
+    const jsonData = '{"events":[{"id":"evt1","type":"note/txt"}],"meta":{"serverTime":1234567890}}';
+    const mockRes = createMockResponse([jsonData]);
+    mockRes.statusCode = 200;
+
+    parser(mockRes, (err, body) => {
+      expect(err).to.be.undefined;
+      expect(events).to.have.lengthOf(1);
+      expect(events[0].id).to.equal('evt1');
+      expect(body.eventsCount).to.equal(1);
+      done();
+    });
+  });
+
+  it('[JPSB] parses multiple events', function (done) {
+    const events = [];
+    const parser = jsonParser((event) => events.push(event), false);
+
+    const jsonData = '{"events":[{"id":"e1"},{"id":"e2"},{"id":"e3"}],"meta":{"serverTime":123}}';
+    const mockRes = createMockResponse([jsonData]);
+    mockRes.statusCode = 200;
+
+    parser(mockRes, (err, body) => {
+      expect(err).to.be.undefined;
+      expect(events).to.have.lengthOf(3);
+      expect(body.eventsCount).to.equal(3);
+      done();
+    });
+  });
+
+  it('[JPSC] handles chunked data', function (done) {
+    const events = [];
+    const parser = jsonParser((event) => events.push(event), false);
+
+    // Split JSON across multiple chunks
+    const chunks = [
+      '{"events":[{"id":"ev',
+      '1","type":"test"},{"i',
+      'd":"ev2"}],"meta":{"serverTime":1}}'
+    ];
+    const mockRes = createMockResponse(chunks);
+    mockRes.statusCode = 200;
+
+    parser(mockRes, (err, body) => {
+      expect(err).to.be.undefined;
+      expect(events).to.have.lengthOf(2);
+      expect(events[0].id).to.equal('ev1');
+      expect(events[1].id).to.equal('ev2');
+      done();
+    });
+  });
+
+  it('[JPSD] handles empty events array', function (done) {
+    const events = [];
+    const parser = jsonParser((event) => events.push(event), false);
+
+    const jsonData = '{"events":[],"meta":{"serverTime":123}}';
+    const mockRes = createMockResponse([jsonData]);
+    mockRes.statusCode = 200;
+
+    parser(mockRes, (err, body) => {
+      expect(err).to.be.undefined;
+      expect(events).to.have.lengthOf(0);
+      expect(body.eventsCount).to.equal(0);
+      done();
+    });
+  });
+
+  it('[JPSE] handles events with nested objects', function (done) {
+    const events = [];
+    const parser = jsonParser((event) => events.push(event), false);
+
+    const jsonData = '{"events":[{"id":"e1","content":{"nested":{"deep":"value"}}}],"meta":{"serverTime":1}}';
+    const mockRes = createMockResponse([jsonData]);
+    mockRes.statusCode = 200;
+
+    parser(mockRes, (err, body) => {
+      expect(err).to.be.undefined;
+      expect(events).to.have.lengthOf(1);
+      expect(events[0].content.nested.deep).to.equal('value');
+      done();
+    });
+  });
+
+  it('[JPSF] handles events with strings containing special chars', function (done) {
+    const events = [];
+    const parser = jsonParser((event) => events.push(event), false);
+
+    const jsonData = '{"events":[{"id":"e1","content":"line1\\nline2\\twith\\\\backslash"}],"meta":{"serverTime":1}}';
+    const mockRes = createMockResponse([jsonData]);
+    mockRes.statusCode = 200;
+
+    parser(mockRes, (err, body) => {
+      expect(err).to.be.undefined;
+      expect(events).to.have.lengthOf(1);
+      expect(events[0].content).to.include('line1');
+      done();
+    });
+  });
+
+  it('[JPSG] includes eventDeletions when includeDeletions is true', function (done) {
+    const events = [];
+    const parser = jsonParser((event) => events.push(event), true);
+
+    // Split data into chunks to simulate real HTTP streaming
+    // The parser needs multiple data events to process state transitions correctly
+    const chunks = [
+      '{"events":[{"id":"e1"}]',
+      ',"eventDeletions":[{"id":"del1"}]',
+      ',"meta":{"serverTime":1}}'
+    ];
+    const mockRes = createMockResponse(chunks);
+    mockRes.statusCode = 200;
+
+    parser(mockRes, (err, body) => {
+      expect(err).to.be.undefined;
+      expect(events).to.have.lengthOf(2);
+      expect(body.eventsCount).to.equal(1);
+      expect(body.eventDeletionsCount).to.equal(1);
+      done();
+    });
+  });
+
+  it('[JPSH] handles invalid JSON gracefully', function (done) {
+    const events = [];
+    const parser = jsonParser((event) => events.push(event), false);
+
+    const jsonData = 'not valid json';
+    const mockRes = createMockResponse([jsonData]);
+    mockRes.statusCode = 200;
+
+    parser(mockRes, (err, body) => {
+      expect(err).to.exist;
+      expect(err.rawResponse).to.exist;
+      expect(err.statusCode).to.equal(200);
+      done();
+    });
+  });
+
+  it('[JPSI] handles events with quoted strings containing brackets', function (done) {
+    const events = [];
+    const parser = jsonParser((event) => events.push(event), false);
+
+    const jsonData = '{"events":[{"id":"e1","content":"text with {braces} and [brackets]"}],"meta":{"serverTime":1}}';
+    const mockRes = createMockResponse([jsonData]);
+    mockRes.statusCode = 200;
+
+    parser(mockRes, (err, body) => {
+      expect(err).to.be.undefined;
+      expect(events).to.have.lengthOf(1);
+      expect(events[0].content).to.include('{braces}');
+      done();
+    });
+  });
+
+  it('[JPSJ] preserves meta and other root properties', function (done) {
+    const events = [];
+    const parser = jsonParser((event) => events.push(event), false);
+
+    const jsonData = '{"someProperty":"value","events":[{"id":"e1"}],"meta":{"serverTime":123,"apiVersion":"1.2.3"}}';
+    const mockRes = createMockResponse([jsonData]);
+    mockRes.statusCode = 200;
+
+    parser(mockRes, (err, body) => {
+      expect(err).to.be.undefined;
+      expect(body.someProperty).to.equal('value');
+      expect(body.meta.apiVersion).to.equal('1.2.3');
+      done();
+    });
+  });
+});