@wix/sdk - npm Package Compare versions

Comparing version 1.7.4 to 1.7.5

build/auth/oauth2/OAuthStrategy.js

@@ -121,3 +121,3 @@ import { createClient } from '../../wixClient.js';
     }) => {
-        return getAuthorizationUrlWithOptions(oauthData, opts.responseMode ?? 'fragment', opts.prompt ?? 'login');
+        return getAuthorizationUrlWithOptions(oauthData, opts.responseMode ?? 'fragment', opts.prompt ?? 'login', opts.sessionToken);
     };
@@ -124,0 +124,0 @@ const parseFromUrl = (url, responseMode = 'fragment') => {

build/auth/WixAppOAuthStrategy.js

@@ -1,2 +0,2 @@
-import { verify } from 'jsonwebtoken';
+import { jwtVerify, importSPKI } from 'jose';
 import { parsePublicKeyIfEncoded } from '../helpers.js';
@@ -123,8 +123,8 @@ /**
         },
-        decodeJWT(token, verifyCallerClaims = false) {
+        async decodeJWT(token, verifyCallerClaims = false) {
             if (!opts.publicKey) {
                 throw new Error('Missing public key. Make sure to pass it to the WixAppOAuthStrategy');
             }
-            const publicKey = parsePublicKeyIfEncoded(opts.publicKey);
-            const decoded = verify(token, publicKey, verifyCallerClaims
+            const publicKey = await importSPKI(parsePublicKeyIfEncoded(opts.publicKey), 'RS256');
+            const decoded = await jwtVerify(token, publicKey, verifyCallerClaims
                 ? {
@@ -136,3 +136,5 @@ issuer: 'wix.com',
             return {
-                decoded,
+                decoded: {
+                    data: decoded.payload.data,
+                },
                 valid: true,
@@ -139,0 +141,0 @@ };

build/wixClient.d.ts

@@ -1,2 +0,2 @@
-import { AuthenticationStrategy, BoundAuthenticationStrategy, BuildRESTFunction, Host, HostModule, HostModuleAPI, RESTFunctionDescriptor, EventDefinition, SPIDefinition } from '@wix/sdk-types';
+import { AuthenticationStrategy, BoundAuthenticationStrategy, BuildRESTFunction, Host, HostModule, HostModuleAPI, RESTFunctionDescriptor, SPIDefinition, EventDefinition } from '@wix/sdk-types';
 import { ConditionalExcept, EmptyObject } from 'type-fest';
@@ -66,3 +66,3 @@ import { AmbassadorFunctionDescriptor, BuildAmbassadorFunction } from './ambassador-modules.js';
             expectedEvents: ExpectedEvents;
-        }): ProcessedEvent<ExpectedEvents>;
+        }): Promise<ProcessedEvent<ExpectedEvents>>;
         processRequest<ExpectedEvents extends EventDefinition<any>[] = []>(request: Request, opts?: {
@@ -75,10 +75,10 @@ expectedEvents: ExpectedEvents;
                 originInstanceId: string;
-            }>;
+            }, 'AppInstalled'>;
             AppRemoved: EventDefinition<{
                 appId: string;
-            }>;
+            }, 'AppRemoved'>;
         };
     };
     spi: <S extends SPIDefinition<any, any>>() => {
-        process(jwt: string): S['__input'];
+        process(jwt: string): Promise<S['__input']>;
         processRequest(request: Request): Promise<S['__input']>;
@@ -85,0 +85,0 @@ result(result: S['__result']): S['__result'];

build/wixClient.js

@@ -0,1 +1,2 @@
+import { EventDefinition, } from '@wix/sdk-types';
 import { toHTTPModule, isAmbassadorModule, ambassadorModuleOptions, } from './ambassador-modules.js';
@@ -89,3 +90,3 @@ import { API_URL, PUBLIC_METADATA_KEY } from './common.js';
         webhooks: {
-            process: (jwt, opts = {
+            process: async (jwt, opts = {
                 expectedEvents: [],
@@ -96,3 +97,3 @@ }) => {
                 }
-                const { decoded, valid } = authStrategy.decodeJWT(jwt);
+                const { decoded, valid } = await authStrategy.decodeJWT(jwt);
                 if (!valid) {
@@ -122,10 +123,4 @@ throw new Error('JWT is not valid');
             apps: {
-                AppInstalled: {
-                    type: 'AppInstalled',
-                    __payload: void 0,
-                },
-                AppRemoved: {
-                    type: 'AppRemoved',
-                    __payload: void 0,
-                },
+                AppInstalled: EventDefinition('AppInstalled')(),
+                AppRemoved: EventDefinition('AppRemoved')(),
             },
@@ -135,7 +130,7 @@ },
             return {
-                process(jwt) {
+                async process(jwt) {
                     if (!authStrategy.decodeJWT) {
                         throw new Error('decodeJWT is not supported by the authentication strategy');
                     }
-                    const { decoded, valid } = authStrategy.decodeJWT(jwt, true);
+                    const { decoded, valid } = await authStrategy.decodeJWT(jwt, true);
                     if (!valid) {
@@ -142,0 +137,0 @@ throw new Error('JWT is not valid');

cjs/build/auth/oauth2/OAuthStrategy.js

@@ -124,3 +124,3 @@ "use strict";
     }) => {
-        return getAuthorizationUrlWithOptions(oauthData, opts.responseMode ?? 'fragment', opts.prompt ?? 'login');
+        return getAuthorizationUrlWithOptions(oauthData, opts.responseMode ?? 'fragment', opts.prompt ?? 'login', opts.sessionToken);
     };
@@ -127,0 +127,0 @@ const parseFromUrl = (url, responseMode = 'fragment') => {

cjs/build/auth/WixAppOAuthStrategy.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.WixAppOAuthStrategy = void 0;
-const jsonwebtoken_1 = require("jsonwebtoken");
+const jose_1 = require("jose");
 const helpers_js_1 = require("../helpers.js");
@@ -126,8 +126,8 @@ /**
         },
-        decodeJWT(token, verifyCallerClaims = false) {
+        async decodeJWT(token, verifyCallerClaims = false) {
             if (!opts.publicKey) {
                 throw new Error('Missing public key. Make sure to pass it to the WixAppOAuthStrategy');
             }
-            const publicKey = (0, helpers_js_1.parsePublicKeyIfEncoded)(opts.publicKey);
-            const decoded = (0, jsonwebtoken_1.verify)(token, publicKey, verifyCallerClaims
+            const publicKey = await (0, jose_1.importSPKI)((0, helpers_js_1.parsePublicKeyIfEncoded)(opts.publicKey), 'RS256');
+            const decoded = await (0, jose_1.jwtVerify)(token, publicKey, verifyCallerClaims
                 ? {
@@ -139,3 +139,5 @@ issuer: 'wix.com',
             return {
-                decoded,
+                decoded: {
+                    data: decoded.payload.data,
+                },
                 valid: true,
@@ -142,0 +144,0 @@ };

cjs/build/wixClient.d.ts

@@ -1,2 +0,2 @@
-import { AuthenticationStrategy, BoundAuthenticationStrategy, BuildRESTFunction, Host, HostModule, HostModuleAPI, RESTFunctionDescriptor, EventDefinition, SPIDefinition } from '@wix/sdk-types';
+import { AuthenticationStrategy, BoundAuthenticationStrategy, BuildRESTFunction, Host, HostModule, HostModuleAPI, RESTFunctionDescriptor, SPIDefinition, EventDefinition } from '@wix/sdk-types';
 import { ConditionalExcept, EmptyObject } from 'type-fest';
@@ -66,3 +66,3 @@ import { AmbassadorFunctionDescriptor, BuildAmbassadorFunction } from './ambassador-modules.js';
             expectedEvents: ExpectedEvents;
-        }): ProcessedEvent<ExpectedEvents>;
+        }): Promise<ProcessedEvent<ExpectedEvents>>;
         processRequest<ExpectedEvents extends EventDefinition<any>[] = []>(request: Request, opts?: {
@@ -75,10 +75,10 @@ expectedEvents: ExpectedEvents;
                 originInstanceId: string;
-            }>;
+            }, 'AppInstalled'>;
             AppRemoved: EventDefinition<{
                 appId: string;
-            }>;
+            }, 'AppRemoved'>;
         };
     };
     spi: <S extends SPIDefinition<any, any>>() => {
-        process(jwt: string): S['__input'];
+        process(jwt: string): Promise<S['__input']>;
         processRequest(request: Request): Promise<S['__input']>;
@@ -85,0 +85,0 @@ result(result: S['__result']): S['__result'];

cjs/build/wixClient.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createClient = void 0;
+const sdk_types_1 = require("@wix/sdk-types");
 const ambassador_modules_js_1 = require("./ambassador-modules.js");
@@ -92,3 +93,3 @@ const common_js_1 = require("./common.js");
         webhooks: {
-            process: (jwt, opts = {
+            process: async (jwt, opts = {
                 expectedEvents: [],
@@ -99,3 +100,3 @@ }) => {
                 }
-                const { decoded, valid } = authStrategy.decodeJWT(jwt);
+                const { decoded, valid } = await authStrategy.decodeJWT(jwt);
                 if (!valid) {
@@ -125,10 +126,4 @@ throw new Error('JWT is not valid');
             apps: {
-                AppInstalled: {
-                    type: 'AppInstalled',
-                    __payload: void 0,
-                },
-                AppRemoved: {
-                    type: 'AppRemoved',
-                    __payload: void 0,
-                },
+                AppInstalled: (0, sdk_types_1.EventDefinition)('AppInstalled')(),
+                AppRemoved: (0, sdk_types_1.EventDefinition)('AppRemoved')(),
             },
@@ -138,7 +133,7 @@ },
             return {
-                process(jwt) {
+                async process(jwt) {
                     if (!authStrategy.decodeJWT) {
                         throw new Error('decodeJWT is not supported by the authentication strategy');
                     }
-                    const { decoded, valid } = authStrategy.decodeJWT(jwt, true);
+                    const { decoded, valid } = await authStrategy.decodeJWT(jwt, true);
                     if (!valid) {
@@ -145,0 +140,0 @@ throw new Error('JWT is not valid');

package.json

 {
   "name": "@wix/sdk",
-  "version": "1.7.4",
+  "version": "1.7.5",
   "license": "UNLICENSED",
@@ -62,8 +62,8 @@ "author": {
     "@babel/runtime": "^7.23.2",
-    "@wix/identity": "^1.0.72",
-    "@wix/image-kit": "^1.50.0",
+    "@wix/identity": "^1.0.73",
+    "@wix/image-kit": "^1.53.0",
     "@wix/redirects": "^1.0.32",
-    "@wix/sdk-types": "^1.5.6",
+    "@wix/sdk-types": "^1.5.8",
     "crypto-js": "^4.2.0",
-    "jsonwebtoken": "^9.0.2",
+    "jose": "^5.2.1",
     "pkce-challenge": "^3.1.0",
@@ -79,9 +79,8 @@ "querystring": "^0.2.1",
     "@types/is-ci": "^3.0.4",
-    "@types/jsonwebtoken": "^9.0.5",
     "@types/node": "^20.10.6",
     "@vitest/ui": "^1.1.3",
-    "@wix/ecom": "^1.0.474",
+    "@wix/ecom": "^1.0.477",
     "@wix/events": "^1.0.145",
     "@wix/metro": "^1.0.73",
-    "@wix/metro-runtime": "^1.1618.0",
+    "@wix/metro-runtime": "^1.1626.0",
     "@wix/sdk-runtime": "0.2.7",
@@ -121,3 +120,3 @@ "eslint": "^8.56.0",
   },
-  "falconPackageHash": "93a9673030401f9f114208015d7df832e9f3e9b1189763fcd4380c61"
+  "falconPackageHash": "f4e811e8bf2062b6ed3e27ff0f6c8f3e16dad175c63a2b0a37dccf38"
 }

No alert changes

Improved metrics

Total package byte prevSize

139371

0.16%

Dev dependency count

18

-5.26%

Worsened metrics

Lines of code

3447

-0.17%

Dependency changes

• + Added

  jose@^5.2.1

• + Added

  jose@5.10.0
  (transitive)

• - Removed

  jsonwebtoken@^9.0.2

• - Removed

  buffer-equal-constant-time@1.0.1
  (transitive)

• - Removed

  ecdsa-sig-formatter@1.0.11
  (transitive)

• - Removed

  jsonwebtoken@9.0.2
  (transitive)

• - Removed

  jwa@1.4.1
  (transitive)

• - Removed

  jws@3.2.2
  (transitive)

• - Removed

  lodash.includes@4.3.0
  (transitive)

• - Removed

  lodash.isboolean@3.0.3
  (transitive)

• - Removed

  lodash.isinteger@4.0.4
  (transitive)

• - Removed

  lodash.isnumber@3.0.3
  (transitive)

• - Removed

  lodash.isplainobject@4.0.6
  (transitive)

• - Removed

  lodash.isstring@4.0.1
  (transitive)

• - Removed

  lodash.once@4.1.1
  (transitive)

• - Removed

  ms@2.1.3
  (transitive)

• - Removed

  safe-buffer@5.2.1
  (transitive)

• - Removed

  semver@7.7.1
  (transitive)

• Updated

  @wix/identity@^1.0.73

• Updated

  @wix/image-kit@^1.53.0

• Updated

  @wix/sdk-types@^1.5.8