radar-sdk-js 5.0.0-beta.9 → 5.1.0-beta.0

package/README.md

@@ -46,10 +46,8 @@ Then import and initialize:
 ```js
 import Radar from 'radar-sdk-js';
 
-// initialize with your test or live publishable key
-Radar.initialize('prj_test_pk_...', {
-  /* options */
-});
+// initialize with your publishable key
+Radar.initialize({ publishableKey: 'prj_test_pk_...' });
 ```
 
 ### With a script tag
@@ -57,12 +55,10 @@ Radar.initialize('prj_test_pk_...', {
 Add the following to your HTML:
 
 ```html
-<script src="https://js.radar.com/v5.0.0-beta.9/radar.min.js"></script>
+<script src="https://js.radar.com/v5.1.0-beta.0/radar.min.js"></script>
 
 <script>
-  Radar.initialize('prj_test_pk_...', {
-    /* options */
-  });
+  Radar.initialize({ publishableKey: 'prj_test_pk_...' });
 </script>
 ```
 
@@ -84,7 +80,7 @@ import { createMapsPlugin } from '@radarlabs/plugin-maps';
 import '@radarlabs/plugin-maps/dist/radar-maps.css';
 
 Radar.registerPlugin(createMapsPlugin());
-Radar.initialize('prj_test_pk_...');
+Radar.initialize({ publishableKey: 'prj_test_pk_...' });
 
 const map = Radar.ui.map({
   container: 'map',
@@ -103,7 +99,7 @@ import { createAutocompletePlugin } from '@radarlabs/plugin-autocomplete';
 import '@radarlabs/plugin-autocomplete/dist/radar-autocomplete.css';
 
 Radar.registerPlugin(createAutocompletePlugin());
-Radar.initialize('prj_test_pk_...');
+Radar.initialize({ publishableKey: 'prj_test_pk_...' });
 
 Radar.ui.autocomplete({
   container: 'autocomplete',
@@ -124,7 +120,7 @@ import Radar from 'radar-sdk-js';
 import { createFraudPlugin } from '@radarlabs/plugin-fraud';
 
 Radar.registerPlugin(createFraudPlugin());
-Radar.initialize('prj_live_pk_...');
+Radar.initialize({ publishableKey: 'prj_live_pk_...' });
 
 const { token, user, events } = await Radar.fraud.trackVerified();
 ```
@@ -135,13 +131,13 @@ Plugin CDN bundles auto-register with the core SDK when loaded. Load
 the core SDK first, then any plugins you need:
 
 ```html
-<link href="https://js.radar.com/maps/v5.0.0-beta.4/radar-maps.css" rel="stylesheet" />
-<link href="https://js.radar.com/autocomplete/v5.0.0-beta.4/radar-autocomplete.css" rel="stylesheet" />
+<link href="https://js.radar.com/maps/v1.0.0/radar-maps.css" rel="stylesheet" />
+<link href="https://js.radar.com/autocomplete/v1.1.0/radar-autocomplete.css" rel="stylesheet" />
 
-<script src="https://js.radar.com/v5.0.0-beta.9/radar.min.js"></script>
-<script src="https://js.radar.com/maps/v5.0.0-beta.4/radar-maps.min.js"></script>
-<script src="https://js.radar.com/autocomplete/v5.0.0-beta.4/radar-autocomplete.min.js"></script>
-<script src="https://js.radar.com/fraud/v5.0.0-beta.1/radar-fraud.min.js"></script>
+<script src="https://js.radar.com/v5.1.0-beta.0/radar.min.js"></script>
+<script src="https://js.radar.com/maps/v1.0.0/radar-maps.min.js"></script>
+<script src="https://js.radar.com/autocomplete/v1.1.0/radar-autocomplete.min.js"></script>
+<script src="https://js.radar.com/fraud/v1.0.0/radar-fraud.min.js"></script>
 ```
 
 ## Quickstart
@@ -154,16 +150,16 @@ by ID or element reference.
 ```html
 <html>
   <head>
-    <link href="https://js.radar.com/maps/v5.0.0-beta.4/radar-maps.css" rel="stylesheet" />
-    <script src="https://js.radar.com/v5.0.0-beta.9/radar.min.js"></script>
-    <script src="https://js.radar.com/maps/v5.0.0-beta.4/radar-maps.min.js"></script>
+    <link href="https://js.radar.com/maps/v1.0.0/radar-maps.css" rel="stylesheet" />
+    <script src="https://js.radar.com/v5.1.0-beta.0/radar.min.js"></script>
+    <script src="https://js.radar.com/maps/v1.0.0/radar-maps.min.js"></script>
   </head>
 
   <body>
     <div id="map" style="width: 100%; height: 500px;" />
 
     <script>
-      Radar.initialize('<RADAR_PUBLISHABLE_KEY>');
+      Radar.initialize({ publishableKey: '<RADAR_PUBLISHABLE_KEY>' });
 
       const map = Radar.ui.map({
         container: 'map', // OR document.getElementById('map')
@@ -181,16 +177,16 @@ by ID or element reference.
 ```html
 <html>
   <head>
-    <link href="https://js.radar.com/autocomplete/v5.0.0-beta.4/radar-autocomplete.css" rel="stylesheet" />
-    <script src="https://js.radar.com/v5.0.0-beta.9/radar.min.js"></script>
-    <script src="https://js.radar.com/autocomplete/v5.0.0-beta.4/radar-autocomplete.min.js"></script>
+    <link href="https://js.radar.com/autocomplete/v1.1.0/radar-autocomplete.css" rel="stylesheet" />
+    <script src="https://js.radar.com/v5.1.0-beta.0/radar.min.js"></script>
+    <script src="https://js.radar.com/autocomplete/v1.1.0/radar-autocomplete.min.js"></script>
   </head>
 
   <body>
     <div id="autocomplete" />
 
     <script>
-      Radar.initialize('<RADAR_PUBLISHABLE_KEY>');
+      Radar.initialize({ publishableKey: '<RADAR_PUBLISHABLE_KEY>' });
 
       // create autocomplete widget
       Radar.ui.autocomplete({
@@ -215,12 +211,12 @@ are needed for geofencing.
 ```html
 <html>
   <head>
-    <script src="https://js.radar.com/v5.0.0-beta.9/radar.min.js"></script>
+    <script src="https://js.radar.com/v5.1.0-beta.0/radar.min.js"></script>
   </head>
 
   <body>
     <script>
-      Radar.initialize('<RADAR_PUBLISHABLE_KEY>');
+      Radar.initialize({ publishableKey: '<RADAR_PUBLISHABLE_KEY>' });
 
       Radar.trackOnce({ userId: 'example-user-id' }).then(({ location, user, events }) => {
         // do something with user location or events
@@ -254,7 +250,7 @@ import { createFraudPlugin } from '@radarlabs/plugin-fraud';
 Radar.registerPlugin(createMapsPlugin());
 Radar.registerPlugin(createAutocompletePlugin());
 Radar.registerPlugin(createFraudPlugin());
-Radar.initialize('prj_test_pk_...');
+Radar.initialize({ publishableKey: 'prj_test_pk_...' });
 ```
 
 If you're building a custom plugin, import the plugin types from the

package/dist/api.d.ts

@@ -1,13 +1,13 @@
 import * as errors from './errors';
 import type { RadarError } from './errors';
 import type { RadarPlugin } from './plugin';
-import type { Location, NavigatorPosition, RadarAutocompleteParams, RadarAutocompleteResponse, RadarContextResponse, RadarConversionParams, RadarConversionResponse, RadarDistanceParams, RadarForwardGeocodeParams, RadarGeocodeResponse, RadarIPGeocodeResponse, RadarMatrixParams, RadarMatrixResponse, RadarMetadata, RadarOptions, RadarReverseGeocodeParams, RadarRouteResponse, RadarSearchGeofencesParams, RadarSearchGeofencesResponse, RadarSearchPlacesParams, RadarSearchPlacesResponse, RadarTrackParams, RadarTrackResponse, RadarTripOptions, RadarTripResponse, RadarValidateAddressParams, RadarValidateAddressResponse } from './types';
+import type { Location, NavigatorPosition, RadarAutocompleteParams, RadarAutocompleteResponse, RadarContextResponse, RadarConversionParams, RadarConversionResponse, RadarDistanceParams, RadarForwardGeocodeParams, RadarGeocodeResponse, RadarIPGeocodeResponse, RadarMatrixParams, RadarMatrixResponse, RadarMetadata, RadarInitOptions, RadarOptions, RadarReverseGeocodeParams, RadarRouteResponse, RadarSearchGeofencesParams, RadarSearchGeofencesResponse, RadarSearchPlacesParams, RadarSearchPlacesResponse, RadarTrackParams, RadarTrackResponse, RadarTripOptions, RadarTripResponse, RadarValidateAddressParams, RadarValidateAddressResponse } from './types';
 /**
  * main entry point for the Radar SDK. all methods are static — do not instantiate.
  *
  * @example
  * ```ts
- * Radar.initialize('prj_test_pk_...');
+ * Radar.initialize({ publishableKey: 'prj_test_pk_...' });
  * const { user, events } = await Radar.trackOnce();
  * ```
  */
@@ -20,7 +20,13 @@ declare class Radar {
     static registerPlugin(...plugins: RadarPlugin[]): void;
     private static _getPluginContext;
     /**
-     * initialize the SDK with a publishable key. must be called before any other method.
+     * initialize the SDK with an authToken or publishable key via options object.
+     * @param options - SDK configuration with `authToken` or `publishableKey`
+     * @throws {RadarPublishableKeyError} if credentials are missing or invalid
+     */
+    static initialize(options: RadarInitOptions): void;
+    /**
+     * initialize the SDK with a publishable key string.
      * @param publishableKey - your Radar publishable key (starts with `prj_test_pk_` or `prj_live_pk_`)
      * @param options - optional SDK configuration
      * @throws {RadarPublishableKeyError} if the key is missing or is a secret key

package/dist/config.d.ts

@@ -24,5 +24,9 @@ declare class Config {
     static onError(callback: (error: RadarError) => void): void;
     /** dispatch an error to the registered callback */
     static sendError(error: any): void;
+    /** build standard Radar request headers (Authorization, Device-Type, SDK-Version).
+     * Callers must ensure credentials are set before calling (e.g. via Radar.initialize).
+     * */
+    static getDefaultHeaders(): Record<string, string>;
 }
 export default Config;

package/dist/http.d.ts

@@ -43,7 +43,7 @@ declare class Http {
      * send an HTTP request to the Radar API
      * @param options - request configuration
      * @returns parsed response body, typed as `T`
-     * @throws {RadarPublishableKeyError} if publishable key is not set
+     * @throws {RadarPublishableKeyError} if neither publishable key nor authToken is set
      * @throws {RadarBadRequestError} on 400 responses
      * @throws {RadarUnauthorizedError} on 401 responses
      * @throws {RadarNetworkError} on network failures

package/dist/radar.js

@@ -1,3 +1,5 @@
+var SDK_VERSION = '5.1.0-beta.0';
+
 /** global SDK configuration singleton */
 class Config {
     /** store SDK options (called by Radar.initialize) */
@@ -23,6 +25,26 @@ class Config {
             Config.errorCallback(error);
         }
     }
+    /** build standard Radar request headers (Authorization, Device-Type, SDK-Version).
+     * Callers must ensure credentials are set before calling (e.g. via Radar.initialize).
+     * */
+    static getDefaultHeaders() {
+        const { publishableKey, authToken, getRequestHeaders: getHeaders } = Config.get();
+        const headers = {
+            'X-Radar-Device-Type': 'Web',
+            'X-Radar-SDK-Version': SDK_VERSION,
+        };
+        if (authToken) {
+            headers.Authorization = `Bearer ${authToken}`;
+        }
+        else if (publishableKey) {
+            headers.Authorization = publishableKey;
+        }
+        if (typeof getHeaders === 'function') {
+            Object.assign(headers, getHeaders());
+        }
+        return headers;
+    }
 }
 /** registered error callback, if any */
 Config.errorCallback = null;
@@ -180,17 +202,11 @@ const LOG_LEVELS = {
 // get the numeric level for logLevel option
 const getLevel = () => {
     // disable logging in tests
-    if (window && window.RADAR_TEST_ENV) {
+    if (typeof window !== 'undefined' && window.RADAR_TEST_ENV) {
         return LOG_LEVELS.none;
     }
-    const { logLevel, debug } = Config.get();
-    if (debug) {
-        return LOG_LEVELS.debug;
-    }
-    if (logLevel) {
-        return LOG_LEVELS[logLevel];
-    }
-    return LOG_LEVELS.error; // default to error-level logging if not set
+    const { logLevel } = Config.get();
+    return logLevel ? LOG_LEVELS[logLevel] : LOG_LEVELS.error;
 };
 /** leveled console logger controlled by SDK config */
 class Logger {
@@ -451,8 +467,6 @@ class Navigator {
     }
 }
 
-var SDK_VERSION = '5.0.0-beta.9';
-
 const inFlightRequests = new Map();
 /** fetch-based HTTP client for Radar API requests */
 class Http {
@@ -466,9 +480,9 @@ class Http {
     }
     static async request({ method, path, data, host, version, headers = {}, responseType, requestId, }) {
         const options = Config.get();
-        const publishableKey = options.publishableKey;
-        if (!publishableKey) {
-            throw new RadarPublishableKeyError('publishableKey not set.');
+        const { publishableKey, authToken } = options;
+        if (!publishableKey && !authToken) {
+            throw new RadarPublishableKeyError('publishableKey or authToken not set.');
         }
         const urlHost = host || options.host;
         const urlVersion = version || options.version;
@@ -494,17 +508,11 @@ class Http {
         if (requestId) {
             inFlightRequests.set(requestId, abortController);
         }
-        const defaultHeaders = {
-            Authorization: publishableKey,
+        const allHeaders = {
             'Content-Type': 'application/json',
-            'X-Radar-Device-Type': 'Web',
-            'X-Radar-SDK-Version': SDK_VERSION,
+            ...Config.getDefaultHeaders(),
+            ...headers,
         };
-        let configHeaders = {};
-        if (typeof options.getRequestHeaders === 'function') {
-            configHeaders = options.getRequestHeaders();
-        }
-        const allHeaders = { ...defaultHeaders, ...configHeaders, ...headers };
         let response;
         try {
             response = await fetch(url, {
@@ -1351,12 +1359,20 @@ class TrackAPI {
 
 const isSecretKey = (key) => key.includes('_sk_');
 const isLiveKey = (key) => key.includes('_live_');
+const isJWTShape = (value) => {
+    // NOTE(jasonl): keep this check lightweight since we're doing real validation server-side
+    if (!value.startsWith('eyJ')) {
+        return false;
+    }
+    const parts = value.split('.');
+    return parts.length === 3 && parts.every((s) => s.length > 0);
+};
 /**
  * main entry point for the Radar SDK. all methods are static — do not instantiate.
  *
  * @example
  * ```ts
- * Radar.initialize('prj_test_pk_...');
+ * Radar.initialize({ publishableKey: 'prj_test_pk_...' });
  * const { user, events } = await Radar.trackOnce();
  * ```
  */
@@ -1400,34 +1416,38 @@ class Radar {
             },
         };
     }
-    /**
-     * initialize the SDK with a publishable key. must be called before any other method.
-     * @param publishableKey - your Radar publishable key (starts with `prj_test_pk_` or `prj_live_pk_`)
-     * @param options - optional SDK configuration
-     * @throws {RadarPublishableKeyError} if the key is missing or is a secret key
-     */
-    static initialize(publishableKey, options = {}) {
-        if (!publishableKey) {
-            throw new RadarPublishableKeyError('Publishable key required in initialization.');
-        }
-        if (isSecretKey(publishableKey)) {
-            throw new RadarPublishableKeyError('Secret keys are not allowed. Please use your Radar publishable key.');
-        }
-        // store settings in global config
-        const live = isLiveKey(publishableKey);
-        const logLevel = live ? 'error' : 'info';
-        const debug = !live;
-        const radarOptions = Object.assign(Config.defaultOptions, {
-            publishableKey,
-            live,
-            logLevel,
-            debug,
-        }, options);
-        Config.setup(radarOptions);
-        Logger.info(`initialized with ${live ? 'live' : 'test'} publishableKey.`);
-        if (options.debug) {
-            Logger.debug('using options', options);
+    static initialize(publishableKeyOrOptions, extraOptions = {}) {
+        // NOTE(jasonl): shim the string signature into the options object to handle both cases
+        const options = typeof publishableKeyOrOptions === 'string'
+            ? { ...extraOptions, publishableKey: publishableKeyOrOptions }
+            : { ...publishableKeyOrOptions };
+        if (options.publishableKey && options.authToken) {
+            throw new RadarPublishableKeyError('Token and publishableKey are mutually exclusive.');
+        }
+        let credentialLabel;
+        if (options.publishableKey) {
+            if (isSecretKey(options.publishableKey)) {
+                throw new RadarPublishableKeyError('Secret keys are not allowed. Please use your Radar publishable key.');
+            }
+            options.live = isLiveKey(options.publishableKey);
+            credentialLabel = 'publishableKey';
+        }
+        else if (options.authToken) {
+            if (!isJWTShape(options.authToken)) {
+                throw new RadarPublishableKeyError('Invalid authToken format. Expected a JWT.');
+            }
+            credentialLabel = 'authToken';
         }
+        else {
+            throw new RadarPublishableKeyError('Publishable key or authToken required in initialization.');
+        }
+        // NOTE(jasonl): for backwards compat with the old `live` option - if `debug` isn't explicitly set, we'll set it to the inverse of `live`
+        options.debug = options.debug ?? (options.live !== undefined ? !options.live : false);
+        options.logLevel = options.logLevel ?? (options.debug ? 'debug' : 'error');
+        const radarOptions = Object.assign({}, Config.defaultOptions, options);
+        Config.setup(radarOptions);
+        Logger.info(`initialized with ${credentialLabel}.`);
+        Logger.debug('using options', options);
         // NOTE(jasonl): this allows us to run jest tests
         // without having to mock the ConfigAPI.getConfig call
         if (!window?.RADAR_TEST_ENV) {