pryv 3.4.0 → 3.5.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pryv",
-  "version": "3.4.0",
+  "version": "3.5.0",
   "description": "Pryv JavaScript library",
   "keywords": [
     "Pryv",

package/src/Auth/AuthController.js

@@ -22,8 +22,15 @@ class AuthController {
     validateSettings.call(this, settings);
 
     this.stateChangeListeners = [];
+    // External `onStateChange` callers only see `{ status, id, key, serviceInfo? }`
+    // on AUTHORIZED — credentials (`username`, `token`, `apiEndpoint`) stay
+    // inside the lib. Internal listeners (e.g. LoginButton, for cookie
+    // autologin) get the full unfiltered state.
     if (this.settings.onStateChange) {
-      this.stateChangeListeners.push(this.settings.onStateChange);
+      const externalListener = this.settings.onStateChange;
+      this.stateChangeListeners.push(function (state) {
+        externalListener(filterForExternalListener(state));
+      });
     }
     this.service = service;
 
@@ -166,6 +173,10 @@ class AuthController {
   async startAuthRequest () {
     // @ts-ignore - postAccess uses .call(this) for context
     this.state = await postAccess.call(this);
+    // Remember the polling key so listeners on the terminal AUTHORIZED
+    // state can be handed `{ key, serviceInfo? }` (the polling response
+    // itself doesn't echo `key` back).
+    this._authFlowKey = this.state?.key;
 
     await doPolling.call(this);
 
@@ -205,6 +216,11 @@ class AuthController {
         // @ts-ignore - this is bound via .call()
         setTimeout(await doPolling.bind(this), this.state?.poll_rate_ms);
       } else {
+        // Carry the key forward — listeners on the narrow public surface
+        // need it, and the server doesn't echo it back on ACCEPTED.
+        if (this._authFlowKey != null && pollResponse.key == null) {
+          pollResponse.key = this._authFlowKey;
+        }
         this.state = pollResponse;
       }
 
@@ -245,6 +261,38 @@ class AuthController {
 
 // ----------- private methods -------------
 
+/**
+ * Narrow the state passed to *external* `onStateChange` callers so the
+ * calling app sees only `{ status, id, key, serviceInfo? }` on the
+ * terminal AUTHORIZED state reached through the auth-flow polling path.
+ * `username` / `token` / `apiEndpoint` are kept inside the lib; the
+ * calling app uses `pryv.connectFromKey(key, serviceInfoUrl)` to obtain
+ * a `Connection`.
+ *
+ * The cookie-autologin path (no fresh `key` available, restored from
+ * `LoginButton.getAuthorizationData()`) passes through unchanged so
+ * existing pages that build a `Connection` directly from the restored
+ * state on page load keep working.
+ *
+ * Non-AUTHORIZED states pass through unchanged so error messages /
+ * loading flags / etc. still reach the listener.
+ *
+ * @param {Object} state - full internal state
+ * @returns {Object} narrowed state
+ */
+function filterForExternalListener (state) {
+  if (state == null || state.status !== AuthStates.AUTHORIZED) {
+    return state;
+  }
+  // No key → cookie-autologin path; preserve existing shape.
+  if (state.key == null) {
+    return state;
+  }
+  const out = { status: state.status, id: state.id, key: state.key };
+  if (state.serviceInfo != null) out.serviceInfo = state.serviceInfo;
+  return out;
+}
+
 async function checkAutoLogin (authController) {
   const loginButton = authController.loginButton;
   if (loginButton == null) {

package/src/Connection.js

@@ -77,8 +77,8 @@ class Connection {
    * caches the result; subsequent calls return the cached copy in O(1).
    * Pass `forceRefresh: true` to invalidate the cache and fetch a fresh
    * copy from the server — used internally by `connection.socket` to
-   * react to Plan 66 `accessUpdated` server-push events. A failed
-   * server fetch leaves any prior cached value intact.
+   * react to `accessUpdated` server-push events. A failed server
+   * fetch leaves any prior cached value intact.
    *
    * @param {boolean} [forceRefresh=false] - bypass + refresh the cache
    * @returns {Promise<AccessInfo>} Promise resolving to the access info
@@ -429,10 +429,10 @@ class Connection {
   }
 
   /**
-   * Plan 66 (open-pryv.io ≥ 2.0.0-pre.X): update an access by composite id.
-   * Wraps `accesses.update` and translates the 409 `stale-resource` response
-   * into a typed `StaleAccessIdError` so callers can `instanceof`-test and
-   * refetch + retry without re-parsing the inner error.
+   * Update an access by composite id (Pryv.io ≥ 2.0.0-pre.X). Wraps
+   * `accesses.update` and translates the 409 `stale-resource` response
+   * into a typed `StaleAccessIdError` so callers can `instanceof`-test
+   * and refetch + retry without re-parsing the inner error.
    *
    * Pass `id` as the wire-format reference returned by the server — bare
    * cuid on a never-updated access, composite `<base>:<serial>` otherwise.
@@ -456,8 +456,8 @@ class Connection {
   }
 
   /**
-   * Plan 66: fetch an access by composite id including its full version
-   * history (oldest first). Server: `accesses.getOne ?includeHistory=true`.
+   * Fetch an access by composite id including its full version history
+   * (oldest first). Server: `accesses.getOne ?includeHistory=true`.
    *
    * Useful for audit views. Pass the composite `<base>:<serial>` to
    * inspect a specific past version (the result's `current` field then

package/src/Service.js

@@ -521,6 +521,40 @@ class Service {
     return body;
   }
 
+  /**
+   * Resolve a completed auth-flow polling key into a `Connection`.
+   *
+   * Pairs with `Service.startAccessRequest` / `Service.pollAccessRequest`
+   * and the headless polling pattern: the calling app holds only the
+   * `key` returned by the auth-flow (not the underlying token /
+   * apiEndpoint), and uses this method to build a working `Connection`.
+   *
+   * The implementation polls `<access>/<key>` once; the call MUST be
+   * made while the access is still in the ACCEPTED state (which
+   * persists until expiry — see `expireAfter` on the access request).
+   *
+   * @param {string} key - polling key from `startAccessRequest`
+   * @returns {Promise<Connection>}
+   * @throws {PryvError} if the key is not ACCEPTED (NEED_SIGNIN, REFUSED, ERROR)
+   */
+  async connectFromKey (key) {
+    if (!key) {
+      throw new PryvError('connectFromKey requires a key');
+    }
+    const body = await this.pollAccessRequest(key);
+    if (body.status !== 'ACCEPTED') {
+      throw new PryvError(
+        'connectFromKey: access is not ACCEPTED (status=' + body.status + ')'
+      );
+    }
+    if (!body.apiEndpoint) {
+      throw new PryvError(
+        'connectFromKey: ACCEPTED response missing apiEndpoint'
+      );
+    }
+    return new Connection(body.apiEndpoint, this);
+  }
+
   /**
    * Set a new password using a reset token (from the reset email).
    * Pre-auth — no login token required.

package/src/index.d.ts

@@ -725,9 +725,9 @@ declare module 'pryv' {
     ): Promise<HFSeriesAddResult>;
     /** Memoized; pass `forceRefresh: true` to bypass + refresh the cache. */
     accessInfo(forceRefresh?: boolean): Promise<AccessInfo>;
-    /** Plan 66: update an access by composite id. */
+    /** Update an access by composite id. */
     updateAccess(id: string, changes: object): Promise<object>;
-    /** Plan 66: fetch an access including its full version history. */
+    /** Fetch an access including its full version history. */
     getAccessWithHistory(id: string): Promise<{ access: object, current?: string, history?: object[] }>;
     revoke(throwOnFail?: boolean, usingConnection?: Connection): Promise<any>;
     readonly deltaTime: number;

package/src/index.js

@@ -11,11 +11,13 @@
  * @property {pryv.utils} utils - Exposes some utils for HTTP calls and tools to manipulate Pryv's API endpoints
  * @property {pryv.PryvError} PryvError - Custom error class with innerObject + structured API-error fields
  * @property {pryv.MfaRequiredError} MfaRequiredError - Thrown by Service.login when the platform returns an mfaToken instead of a token. Carries `.mfaToken`.
- * @property {pryv.StaleAccessIdError} StaleAccessIdError - Plan 66: thrown when a Pryv.io server rejects an `accesses.update` / `accesses.delete` with a 409 stale-resource. Refetch + retry.
+ * @property {pryv.StaleAccessIdError} StaleAccessIdError - Thrown when a Pryv.io server rejects an `accesses.update` / `accesses.delete` with a 409 stale-resource. Refetch + retry.
  * @property {Object} ERRORS - Catalogue of Pryv API error ids (mirrors open-pryv.io/components/errors)
  */
+const Service = require('./Service');
+
 module.exports = {
-  Service: require('./Service'),
+  Service,
   Connection: require('./Connection'),
   Auth: require('./Auth'),
   Browser: require('./Browser'),
@@ -24,5 +26,25 @@ module.exports = {
   MfaRequiredError: require('./lib/MfaRequiredError'),
   StaleAccessIdError: require('./lib/StaleAccessIdError'),
   ERRORS: require('./lib/errorIds'),
-  version: require('../package.json').version
+  version: require('../package.json').version,
+  connectFromKey
 };
+
+/**
+ * Module-level convenience over `Service#connectFromKey` — builds a
+ * `Service` on the fly, fetches its info, and resolves the given
+ * auth-flow polling key into a working `Connection`.
+ *
+ * Mirrors the `pryv.connectFromKey(key, serviceInfoUrl)` shape the
+ * headless polling pattern documents.
+ *
+ * @param {string} key - polling key from `Service.startAccessRequest`
+ * @param {string} serviceInfoUrl - URL of the platform's `/service/info`
+ * @param {Object} [serviceCustomizations] - same shape as `new Service(url, customizations)`
+ * @returns {Promise<import('./Connection')>}
+ */
+async function connectFromKey (key, serviceInfoUrl, serviceCustomizations) {
+  const service = new Service(serviceInfoUrl, serviceCustomizations);
+  await service.info();
+  return service.connectFromKey(key);
+}

package/src/lib/StaleAccessIdError.js

@@ -6,9 +6,9 @@
 const PryvError = require('./PryvError');
 
 /**
- * Plan 66: typed error surfaced when a Pryv.io server (≥ 2.0.0-pre.X)
- * rejects an `accesses.update` or `accesses.delete` call with a
- * 409 `stale-resource` response.
+ * Typed error surfaced when a Pryv.io server (≥ 2.0.0-pre.X) rejects
+ * an `accesses.update` or `accesses.delete` call with a 409
+ * `stale-resource` response.
  *
  * The composite access id `<base>:<serial>` carries the version the
  * caller last observed. If the access has since been updated, the

package/src/utils.js

@@ -226,11 +226,11 @@ const utils = module.exports = {
   },
 
   /**
-   * Plan 66 (open-pryv.io ≥ 2.0.0-pre.X): parse a wire-format access
-   * reference into `{ base, serial }`. Accepts both bare cuid
-   * (`"abc123"` → `{ base: 'abc123', serial: null }`) and composite
-   * (`"abc123:3"` → `{ base: 'abc123', serial: 3 }`). Throws on
-   * malformed input. Apply this to `access.id`, `access.createdBy`,
+   * Parse a wire-format access reference into `{ base, serial }`
+   * (Pryv.io ≥ 2.0.0-pre.X). Accepts both bare cuid (`"abc123"` →
+   * `{ base: 'abc123', serial: null }`) and composite (`"abc123:3"` →
+   * `{ base: 'abc123', serial: 3 }`). Throws on malformed input.
+   * Apply this to `access.id`, `access.createdBy`,
    * `access.modifiedBy`, and `streamIds` entries of the form
    * `access-<base>:<serial>` from audit events.
    * @memberof pryv.utils
@@ -256,9 +256,9 @@ const utils = module.exports = {
   },
 
   /**
-   * Plan 66: render an `{ base, serial }` pair back to the wire
-   * format. Bare cuid when serial is null/undefined; `<base>:<serial>`
-   * otherwise. Mostly used to construct the composite id when calling
+   * Render an `{ base, serial }` pair back to the wire format. Bare
+   * cuid when serial is null/undefined; `<base>:<serial>` otherwise.
+   * Mostly used to construct the composite id when calling
    * `connection.api()` for `accesses.update` / `accesses.delete`.
    * @memberof pryv.utils
    * @param {{ base: string, serial?: number | null }} ref

package/test/AuthController.test.js

@@ -190,4 +190,78 @@ describe('[ACNX] AuthController', function () {
       expect(auth.state.id).to.equal(AuthStates.LOADING); // retro-compatibility
     });
   });
+
+  describe('[AFLT] External listener filtering', function () {
+    it('[AFLA] AUTHORIZED state passes only { status, id, key, serviceInfo } to onStateChange', function () {
+      const seen = [];
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        },
+        onStateChange: (state) => seen.push(state)
+      }, service);
+
+      auth.state = {
+        status: AuthStates.AUTHORIZED,
+        key: 'abc123',
+        serviceInfo: { name: 'Test' },
+        apiEndpoint: 'https://token@example.com/',
+        username: 'alice',
+        token: 'secret-token'
+      };
+
+      const last = seen[seen.length - 1];
+      expect(last.status).to.equal(AuthStates.AUTHORIZED);
+      expect(last.id).to.equal(AuthStates.AUTHORIZED);
+      expect(last.key).to.equal('abc123');
+      expect(last.serviceInfo).to.deep.equal({ name: 'Test' });
+      // Credentials must not leak to the calling app.
+      expect(last.apiEndpoint).to.equal(undefined);
+      expect(last.username).to.equal(undefined);
+      expect(last.token).to.equal(undefined);
+    });
+
+    it('[AFLC] AUTHORIZED state from cookie-autologin (no key) passes through unchanged', function () {
+      // Mirrors `checkAutoLogin()`'s state shape: it spreads stored
+      // credentials into the AUTHORIZED state without a key, since the
+      // key is not persisted.
+      const seen = [];
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        },
+        onStateChange: (state) => seen.push(state)
+      }, service);
+
+      auth.state = {
+        status: AuthStates.AUTHORIZED,
+        apiEndpoint: 'https://token@example.com/',
+        username: 'alice'
+      };
+
+      const last = seen[seen.length - 1];
+      // Backwards-compat: existing pages building Connection directly
+      // from `state.apiEndpoint` on page reload keep working.
+      expect(last.apiEndpoint).to.equal('https://token@example.com/');
+      expect(last.username).to.equal('alice');
+    });
+
+    it('[AFLB] non-AUTHORIZED states pass through unchanged', function () {
+      const seen = [];
+      const auth = new AuthController({
+        authRequest: {
+          requestingAppId: 'test-app',
+          requestedPermissions: []
+        },
+        onStateChange: (state) => seen.push(state)
+      }, service);
+
+      auth.state = { status: AuthStates.ERROR, message: 'boom', error: new Error('e') };
+      const last = seen[seen.length - 1];
+      expect(last.status).to.equal(AuthStates.ERROR);
+      expect(last.message).to.equal('boom');
+    });
+  });
 });

package/test/Connection.test.js

@@ -500,7 +500,7 @@ describe('[CONX] Connection', () => {
       expect(newUser.access.token).to.equal(accessInfoUser.token);
     });
 
-    // Plan 66 — accessInfo caching + forceRefresh.
+    // accessInfo caching + forceRefresh.
 
     it('[CAIC] accessInfo() memoizes — second call returns the same object reference', async () => {
       const regexAPIandToken = /(.+):\/\/(.+)/gm;

package/test/Service.accessRequest.test.js

@@ -38,6 +38,30 @@ describe('[ARQX] Service access-request init', function () {
     });
   });
 
+  describe('[CFKX] Service.connectFromKey', function () {
+    it('[CFKA] rejects when key is missing', async function () {
+      let caught;
+      try { await service.connectFromKey(); } catch (e) { caught = e; }
+      expect(caught).to.be.instanceOf(pryv.PryvError);
+    });
+
+    it('[CFKB] throws when the access is still NEED_SIGNIN', async function () {
+      this.timeout(15000);
+      const env = await service.startAccessRequest({
+        requestingAppId: 'jslib-test',
+        requestedPermissions: [{
+          streamId: 'data',
+          level: 'read',
+          defaultName: 'Test'
+        }]
+      });
+      let caught;
+      try { await service.connectFromKey(env.key); } catch (e) { caught = e; }
+      expect(caught).to.be.instanceOf(pryv.PryvError);
+      expect(caught.message).to.include('NEED_SIGNIN');
+    });
+  });
+
   describe('[APRX] Service.pollAccessRequest', function () {
     it('[APRA] rejects when key is missing', async function () {
       let caught;

package/test/utils.test.js

@@ -60,7 +60,7 @@ describe('[UTLX] utils', function () {
     done();
   });
 
-  // Plan 66 — composite access references.
+  // Composite access references.
 
   it('[UTLF] parseAccessRef on a bare cuid returns { base, serial: null }', function () {
     const ref = pryv.utils.parseAccessRef('abc123def456');