woodsportal-client-sdk 4.0.7 → 4.0.8-dev.1

package/dist/{chunk-7J265W43.js → chunk-NDDE6ZZ3.js}

@@ -1,6 +1,8 @@
-import { isCookieExpired, getStorageKeys, getCookie, isCorruptCookieRawValue, stringifyCookieValue, setCookie, parseCookieJson, removeCookie } from './chunk-WSUXZOHL.js';
-import { WP_STORAGE_KEYS, wpClientIframeRefreshKey, wpClientIframeRefreshExpKey } from './chunk-EFEBZBMU.js';
-import axios from 'axios';
+import { isCookieExpired, getStorageKeys, getCookie, isCorruptCookieRawValue, stringifyCookieValue, setCookie, removeCookie, parseCookieJson } from './chunk-KPHAQNS2.js';
+import { getSessionStorageAdapter, writeSessionScopedItem, readSessionScopedItem, removeSessionScopedItem } from './chunk-DB6W3CJT.js';
+import { WP_STORAGE_KEYS, wpClientIframeRefreshKey, wpClientIframeRefreshExpKey } from './chunk-UDAPRD7Z.js';
+import { AuthErrorCode, parseApiErrorPayload } from './chunk-COHBSTHF.js';
+import axios2 from 'axios';
 
 // src/main/core/utils/constants.ts
 WP_STORAGE_KEYS.c.auth.login;
@@ -95,7 +97,9 @@ var config = {
     return readStorageField(DEV_PORTAL_ID) || getRuntimeHttpClientDevPortalId();
   },
   get portalId() {
-    return readStorageField(PORTAL_ID);
+    const portal = readStorageField(PORTAL_ID);
+    if (portal) return portal;
+    return readStorageField(DEV_PORTAL_ID) || getRuntimeHttpClientDevPortalId();
   },
   get devApiUrl() {
     return readStorageField(DEV_API_URL) || getRuntimeHttpClientDevApiUrl();
@@ -245,7 +249,7 @@ function defaultWarn(context, message, meta) {
   console.warn(formatPrefix(context), message);
 }
 function defaultError(context, error, meta) {
-  if (axios.isAxiosError(error)) {
+  if (axios2.isAxiosError(error)) {
     const payload = {
       message: error.message,
       status: error.response?.status,
@@ -322,68 +326,41 @@ function readExpiresAt(raw) {
   const parsed = Number(raw);
   return Number.isFinite(parsed) ? parsed : null;
 }
-function getSessionStorage() {
-  if (typeof globalThis === "undefined") {
-    return null;
-  }
-  try {
-    if (globalThis.sessionStorage != null) {
-      return globalThis.sessionStorage;
-    }
-    const win = globalThis.window;
-    return win?.sessionStorage ?? null;
-  } catch {
-    return null;
-  }
+function readScoped(key) {
+  return readSessionScopedItem(key);
+}
+function writeScoped(key, value) {
+  writeSessionScopedItem(key, value);
+}
+function removeScoped(key) {
+  removeSessionScopedItem(key);
 }
 function storeMfaPendingAccessToken(token, expiresInSeconds, lane = "c") {
-  const storage2 = getSessionStorage();
-  if (!storage2) {
-    return;
-  }
   if (!token || typeof token !== "string") {
     return;
   }
   const keys = keysForLane(lane);
   const expiresAt = typeof expiresInSeconds === "number" && expiresInSeconds > 0 ? Date.now() + expiresInSeconds * 1e3 : Date.now() + 15 * 60 * 1e3;
-  try {
-    storage2.setItem(keys.token, token);
-    storage2.setItem(keys.exp, String(expiresAt));
-  } catch {
-  }
+  writeScoped(keys.token, token);
+  writeScoped(keys.exp, String(expiresAt));
 }
 function readMfaPendingAccessToken(lane = "c") {
-  const storage2 = getSessionStorage();
-  if (!storage2) {
+  const keys = keysForLane(lane);
+  const token = readScoped(keys.token);
+  if (!token) {
     return null;
   }
-  const keys = keysForLane(lane);
-  try {
-    const token = storage2.getItem(keys.token);
-    if (!token) {
-      return null;
-    }
-    const expiresAt = readExpiresAt(storage2.getItem(keys.exp));
-    if (expiresAt == null || Date.now() >= expiresAt) {
-      clearMfaPendingAccessToken(lane);
-      return null;
-    }
-    return { token, expiresAt };
-  } catch {
+  const expiresAt = readExpiresAt(readScoped(keys.exp));
+  if (expiresAt == null || Date.now() >= expiresAt) {
+    clearMfaPendingAccessToken(lane);
     return null;
   }
+  return { token, expiresAt };
 }
 function clearMfaPendingAccessToken(lane = "c") {
-  const storage2 = getSessionStorage();
-  if (!storage2) {
-    return;
-  }
   const keys = keysForLane(lane);
-  try {
-    storage2.removeItem(keys.token);
-    storage2.removeItem(keys.exp);
-  } catch {
-  }
+  removeScoped(keys.token);
+  removeScoped(keys.exp);
 }
 function isMfaPendingAccessSession(lane = "c") {
   return readMfaPendingAccessToken(lane) != null;
@@ -456,6 +433,118 @@ async function withRefreshLock(fn) {
     }
   });
 }
+var SERVICE_UNAVAILABLE_MESSAGE = "Service temporarily unavailable. Please try again in a few minutes.";
+var SERVICE_UNAVAILABLE_STATUSES = /* @__PURE__ */ new Set([502, 503, 504]);
+function classifyHttpError(error) {
+  if (!axios2.isAxiosError(error)) {
+    return "unknown";
+  }
+  const status = error.response?.status;
+  if (status != null) {
+    if (SERVICE_UNAVAILABLE_STATUSES.has(status)) return "service_unavailable";
+    if (status === 401 || status === 403) return "auth";
+    if (status >= 400 && status < 500) return "client";
+    if (status >= 500) return "server";
+  }
+  if (error.code === "ECONNABORTED" || error.message.toLowerCase().includes("timeout")) {
+    return "timeout";
+  }
+  if (error.code === "ERR_NETWORK" || error.message === "Network Error") {
+    return "service_unavailable";
+  }
+  return "network";
+}
+function isServiceUnavailableError(error) {
+  return classifyHttpError(error) === "service_unavailable";
+}
+function getHttpErrorMessage(error) {
+  const kind = classifyHttpError(error);
+  switch (kind) {
+    case "service_unavailable":
+      return SERVICE_UNAVAILABLE_MESSAGE;
+    case "timeout":
+      return "The request timed out. Please check your connection and try again.";
+    case "auth":
+      return "Your session has expired. Please sign in again.";
+    case "network":
+      return "Unable to reach the server. Please check your connection and try again.";
+    case "client":
+    case "server":
+    case "unknown": {
+      if (axios2.isAxiosError(error)) {
+        const payload = error.response?.data;
+        const apiMessage = payload?.errorMessage ?? payload?.message;
+        if (typeof apiMessage === "string" && apiMessage.trim() !== "") {
+          return apiMessage;
+        }
+      }
+      return "Something went wrong. Please try again.";
+    }
+  }
+}
+
+// src/main/core/http/refresh-failure-policy.ts
+var DEFINITIVE_REFRESH_AUTH_CODES = /* @__PURE__ */ new Set([
+  AuthErrorCode.TOKEN_INVALID,
+  AuthErrorCode.TOKEN_EXPIRED,
+  AuthErrorCode.MISSING_REFRESH_TOKEN,
+  AuthErrorCode.AUTHENTICATION_FAILED,
+  AuthErrorCode.INVALID_CREDENTIALS,
+  AuthErrorCode.ACCOUNT_LOCKED,
+  AuthErrorCode.ACCOUNT_DISABLED
+]);
+function isDefinitiveRefreshAuthError(errorCode, status) {
+  const code = (errorCode ?? "").trim().toUpperCase();
+  if (code && DEFINITIVE_REFRESH_AUTH_CODES.has(code)) {
+    return true;
+  }
+  if (status === 401 && !code) {
+    return true;
+  }
+  return false;
+}
+function classifyRefreshHttpError(error) {
+  if (!axios2.isAxiosError(error)) {
+    return "transient";
+  }
+  const status = error.response?.status;
+  const payload = parseApiErrorPayload(error.response?.data);
+  if (status === 429) {
+    return "transient";
+  }
+  if (status != null && status >= 500) {
+    return "transient";
+  }
+  const httpKind = classifyHttpError(error);
+  if (httpKind === "network" || httpKind === "timeout" || httpKind === "service_unavailable") {
+    return "transient";
+  }
+  if (status === 401 || status === 403) {
+    if (isDefinitiveRefreshAuthError(payload.errorCode, status)) {
+      return "auth_invalid";
+    }
+    return "transient";
+  }
+  return "transient";
+}
+function classifyRefreshResponseWithoutToken(response) {
+  if (!response || typeof response !== "object") {
+    return "transient";
+  }
+  const record = response;
+  const status = record.status;
+  const payload = parseApiErrorPayload(record.data);
+  if (isDefinitiveRefreshAuthError(payload.errorCode, status)) {
+    return "auth_invalid";
+  }
+  return "transient";
+}
+function isTransientRefreshFailure(kind) {
+  return kind === "transient" || kind === "missing_context";
+}
+function shouldLogoutAfterRefreshFailure(kind) {
+  return kind === "auth_invalid" || kind === "missing_refresh_token";
+}
 
 // src/main/core/http/token-store.ts
 var accessToken = null;
@@ -469,6 +558,13 @@ var lastSuccessfulRefreshAt = null;
 var sessionLifecycleListener = null;
 var MIN_SHORT_TTL_BUFFER_MS = 5e3;
 var MIN_PROACTIVE_REFRESH_INTERVAL_MS = 3e4;
+var REFRESH_RETRY_BACKOFF_MS = [0, 500, 1500];
+var REFRESH_MAX_ATTEMPTS = 3;
+function delay(ms) {
+  return new Promise((resolve) => {
+    setTimeout(resolve, ms);
+  });
+}
 function getEffectiveBufferMs(ttlMs) {
   const capMs = refreshBufferSeconds * 1e3;
   let buffer;
@@ -499,29 +595,20 @@ function notifySessionLifecycleChange() {
   }
 }
 function persistRefreshExhausted() {
-  if (typeof window === "undefined" || !window.sessionStorage) {
-    return;
-  }
   try {
-    window.sessionStorage.setItem(WP_STORAGE_KEYS.c.auth.refreshExhausted, JSON.stringify({ ts: Date.now() }));
+    writeSessionScopedItem(WP_STORAGE_KEYS.c.auth.refreshExhausted, JSON.stringify({ ts: Date.now() }));
   } catch {
   }
 }
 function clearPersistedRefreshExhausted() {
-  if (typeof window === "undefined" || !window.sessionStorage) {
-    return;
-  }
   try {
-    window.sessionStorage.removeItem(WP_STORAGE_KEYS.c.auth.refreshExhausted);
+    removeSessionScopedItem(WP_STORAGE_KEYS.c.auth.refreshExhausted);
   } catch {
   }
 }
 function readPersistedRefreshExhausted() {
-  if (typeof window === "undefined" || !window.sessionStorage) {
-    return false;
-  }
   try {
-    return Boolean(window.sessionStorage.getItem(WP_STORAGE_KEYS.c.auth.refreshExhausted));
+    return Boolean(readSessionScopedItem(WP_STORAGE_KEYS.c.auth.refreshExhausted));
   } catch {
     return false;
   }
@@ -604,7 +691,7 @@ async function refreshSession(options = {}) {
   if (!refreshPromise) {
     refreshPromise = (async () => {
       await withRefreshLock(async () => {
-        const { getRefreshToken: getRefreshToken2 } = await import('./auth-utils-CPO4LG4K.js');
+        const { getRefreshToken: getRefreshToken2 } = await import('./auth-utils-T4FIBK3O.js');
         const refreshToken = getRefreshToken2();
         if (!refreshToken) {
           markRefreshFailed();
@@ -618,13 +705,27 @@ async function refreshSession(options = {}) {
           });
           throw new Error("Session expired: missing refresh token");
         }
-        const result = await refreshCallback(refreshToken);
-        if (!result.success || !result.token) {
+        let lastFailureKind;
+        for (let attempt = 0; attempt < REFRESH_MAX_ATTEMPTS; attempt += 1) {
+          if (attempt > 0) {
+            await delay(REFRESH_RETRY_BACKOFF_MS[attempt] ?? REFRESH_RETRY_BACKOFF_MS.at(-1));
+          }
+          const result = await refreshCallback(refreshToken);
+          if (result.success && result.token) {
+            lastRefreshFailed = false;
+            lastSuccessfulRefreshAt = Date.now();
+            return;
+          }
+          lastFailureKind = result.failureKind;
+          if (!isTransientRefreshFailure(result.failureKind)) {
+            break;
+          }
+        }
+        if (shouldLogoutAfterRefreshFailure(lastFailureKind)) {
           markRefreshFailed();
           throw new Error("Session refresh failed");
         }
-        lastRefreshFailed = false;
-        lastSuccessfulRefreshAt = Date.now();
+        throw new Error("Session refresh deferred");
       });
     })().finally(() => {
       refreshPromise = null;
@@ -636,6 +737,9 @@ async function ensureValidRefresh() {
   if (isMfaPendingAccessSession("c") || isMfaPendingAccessSession("a")) {
     return;
   }
+  if (!getAccessToken() && !hasRefreshSession()) {
+    return;
+  }
   if (!isExpiresAccessToken()) {
     return;
   }
@@ -649,6 +753,12 @@ function isAuthenticateApp() {
       return true;
     }
   }
+  if (getSessionStorageAdapter()) {
+    if (hasRefreshSession()) {
+      return true;
+    }
+    return false;
+  }
   if (!isCookieExpired(getStorageKeys().refreshToken)) {
     if (lastRefreshFailed && !token) {
       return false;
@@ -667,12 +777,19 @@ function hasRefreshSession() {
   if (isSessionRefreshExhausted() && !accessToken) {
     return false;
   }
-  const refreshKey = getStorageKeys().refreshToken;
-  if (!refreshKey || isCookieExpired(refreshKey)) {
-    return false;
-  }
-  if (!readRefreshTokenValue()) {
-    return false;
+  const adapter = getSessionStorageAdapter();
+  if (adapter) {
+    if (!adapter.getRefreshToken()) {
+      return false;
+    }
+  } else {
+    const refreshKey = getStorageKeys().refreshToken;
+    if (!refreshKey || isCookieExpired(refreshKey)) {
+      return false;
+    }
+    if (!readRefreshTokenValue()) {
+      return false;
+    }
   }
   if (lastRefreshFailed && !accessToken) {
     return false;
@@ -680,6 +797,10 @@ function hasRefreshSession() {
   return true;
 }
 function readRefreshTokenValue() {
+  const adapter = getSessionStorageAdapter();
+  if (adapter) {
+    return adapter.getRefreshToken();
+  }
   const key = getStorageKeys().refreshToken;
   const raw = getCookie(key);
   if (!isCorruptCookieRawValue(raw)) {
@@ -695,6 +816,27 @@ function hasValidAccessToken() {
 }
 
 // src/main/core/http/auth-utils.ts
+function readStoredJson(key) {
+  if (key == null || key === "") {
+    return null;
+  }
+  const adapter = getSessionStorageAdapter();
+  if (adapter) {
+    const raw = adapter.getItem(key);
+    if (isCorruptCookieRawValue(raw)) {
+      if (raw === "undefined" || raw === "null") {
+        adapter.removeItem(key);
+      }
+      return null;
+    }
+    try {
+      return JSON.parse(raw);
+    } catch {
+      return raw;
+    }
+  }
+  return parseCookieJson(key);
+}
 function writeJsonCookie(key, data, expire) {
   if (!key) {
     return;
@@ -703,6 +845,11 @@ function writeJsonCookie(key, data, expire) {
   if (serialized == null) {
     return;
   }
+  const adapter = getSessionStorageAdapter();
+  if (adapter) {
+    adapter.setItem(key, serialized);
+    return;
+  }
   setCookie(key, serialized, expire);
 }
 var setLoggedInDetails = async (data) => {
@@ -721,19 +868,27 @@ var setProfileDetails = async (data) => {
     resolve();
   });
 };
+function resolveRefreshExpiryMs(expiresAt) {
+  if (typeof expiresAt === "number" && expiresAt > 1e12) {
+    return expiresAt;
+  }
+  if (typeof expiresAt === "number" && expiresAt > 1e9) {
+    return expiresAt * 1e3;
+  }
+  return Date.now() + (expiresAt || 0) * 1e3;
+}
 function setRefreshToken(token, expiresAt) {
   return new Promise((resolve) => {
     if (!token || typeof token !== "string") {
       resolve();
       return;
     }
-    let expiresMs;
-    if (typeof expiresAt === "number" && expiresAt > 1e12) {
-      expiresMs = expiresAt;
-    } else if (typeof expiresAt === "number" && expiresAt > 1e9) {
-      expiresMs = expiresAt * 1e3;
-    } else {
-      expiresMs = Date.now() + (expiresAt || 0) * 1e3;
+    const expiresMs = resolveRefreshExpiryMs(expiresAt);
+    const adapter = getSessionStorageAdapter();
+    if (adapter) {
+      adapter.setRefreshToken(token, expiresMs);
+      resolve();
+      return;
     }
     const serialized = stringifyCookieValue(token);
     if (serialized != null) {
@@ -764,9 +919,13 @@ var setSubscriptionType = async (data) => {
   });
 };
 function getProfile() {
-  return parseCookieJson(getStorageKeys().loginDetails);
+  return readStoredJson(getStorageKeys().loginDetails);
 }
 function getRefreshToken() {
+  const adapter = getSessionStorageAdapter();
+  if (adapter) {
+    return adapter.getRefreshToken();
+  }
   const raw = getCookie(getStorageKeys().refreshToken);
   if (!isCorruptCookieRawValue(raw)) {
     return raw;
@@ -777,6 +936,11 @@ function getRefreshToken() {
   return null;
 }
 function clearRefreshToken() {
+  const adapter = getSessionStorageAdapter();
+  if (adapter) {
+    adapter.removeRefreshToken();
+    return;
+  }
   const key = getStorageKeys().refreshToken;
   if (key) {
     removeCookie(key);
@@ -786,12 +950,34 @@ function clearRefreshToken() {
   }
 }
 function getPortal() {
-  return parseCookieJson(getStorageKeys().portal);
+  return readStoredJson(getStorageKeys().portal);
 }
 function getSubscriptionType() {
-  return parseCookieJson(getStorageKeys().subscriptionType);
+  return readStoredJson(getStorageKeys().subscriptionType);
+}
+function clearAdapterSessionData() {
+  const adapter = getSessionStorageAdapter();
+  if (!adapter) {
+    return;
+  }
+  const keys = getStorageKeys();
+  adapter.removeRefreshToken();
+  for (const key of [
+    keys.loginDetails,
+    keys.portal,
+    keys.subscriptionType,
+    keys.authUser,
+    WP_STORAGE_KEYS.c.mfa.pendingToken,
+    WP_STORAGE_KEYS.c.mfa.pendingTokenExp,
+    WP_STORAGE_KEYS.c.auth.refreshExhausted,
+    WP_STORAGE_KEYS.c.auth.err
+  ]) {
+    if (key) {
+      adapter.removeItem(key);
+    }
+  }
 }
 
-export { DEV_API_URL, DEV_PORTAL_ID, HUBSPOT_DATA, HUB_ID, clearAccessToken, clearMfaPendingAccessToken, clearRefreshToken, clearSessionRefreshExhaustedState, config, configureLogger, didLastRefreshFail, ensureValidRefresh, getAccessToken, getPortal, getProfile, getRefreshToken, getSubscriptionType, hasRefreshSession, hasValidAccessToken, hydrateMfaPendingAccessToken, hydrateSessionRefreshState, isAccessTokenExpired, isAuthenticateApp, isAuthenticated, isExpiresAccessToken, isHttpTracingEnabled, isMfaPendingAccessSession, isRefreshInFlight, isSessionRefreshExhausted, logger, readMfaPendingAccessToken, refreshSession, resetSessionAuthState, sanitizeAxiosErrorData, setAccessToken, setConfig, setIframeStorageMode, setLoggedInDetails, setPortal, setProfileDetails, setRefreshBufferSeconds, setRefreshCallback, setRefreshToken, setRuntimeHttpClientHubContext, setSessionLifecycleListener, setSubscriptionType, storAccessToken, storage, storeMfaPendingAccessToken };
-//# sourceMappingURL=chunk-7J265W43.js.map
-//# sourceMappingURL=chunk-7J265W43.js.map
+export { DEV_API_URL, DEV_PORTAL_ID, HUBSPOT_DATA, HUB_ID, PORTAL_ID, SERVICE_UNAVAILABLE_MESSAGE, classifyHttpError, classifyRefreshHttpError, classifyRefreshResponseWithoutToken, clearAccessToken, clearAdapterSessionData, clearMfaPendingAccessToken, clearRefreshToken, clearSessionRefreshExhaustedState, config, configureLogger, didLastRefreshFail, ensureValidRefresh, getAccessToken, getHttpErrorMessage, getPortal, getProfile, getRefreshToken, getSubscriptionType, hasRefreshSession, hasValidAccessToken, hydrateMfaPendingAccessToken, hydrateSessionRefreshState, isAccessTokenExpired, isAuthenticateApp, isAuthenticated, isExpiresAccessToken, isHttpTracingEnabled, isMfaPendingAccessSession, isRefreshInFlight, isServiceUnavailableError, isSessionRefreshExhausted, logger, readMfaPendingAccessToken, refreshSession, resetSessionAuthState, sanitizeAxiosErrorData, setAccessToken, setConfig, setIframeStorageMode, setLoggedInDetails, setPortal, setProfileDetails, setRefreshBufferSeconds, setRefreshCallback, setRefreshToken, setRuntimeHttpClientHubContext, setSessionLifecycleListener, setSubscriptionType, shouldLogoutAfterRefreshFailure, storAccessToken, storage, storeMfaPendingAccessToken };
+//# sourceMappingURL=chunk-NDDE6ZZ3.js.map
+//# sourceMappingURL=chunk-NDDE6ZZ3.js.map