sfcc-api
2.4.1ri:link
Patch Changesri:link
- cf80bcc: - FIXED Handle an undocumented change to the SLAS getPasswordResetToken and resetPassword endpoints. By default our integration adds the current customer's JWT as a bearer token in the authentication of all requests, but at some point these two endpoints have started failing when an authorization header is present; we've removed the authorization header from requests to these two endpoints so they can continue functioning as expected.
- FIXED Handle invalidated JWTs after the customer's password is updated. A customer's active JWT token may be invalidated after their password is updated, resulting in failing requests from that point onward in the session. The release notes only mention OCAPI JWTs, but it can also affect SLAS JWTs. We've included an additional sign in call immediately after a password update, in the context of the same request to the Alokai middleware, which generates a fresh JWT and refresh token pair.
2.4.0ri:link
Minor Changesri:link
- 3ab14a3: Integrate with the getUrlMapping SCAPI endpoint
Patch Changesri:link
- Updated dependencies 3ab14a3
- Updated dependencies cf3a63d
- @vsf-enterprise/sfcc-types@1.5.0
2.3.1ri:link
Patch Changesri:link
- e0f8d8e: FIXED - regression on the customer context creation endpoint, which causes it to fail
2.3.0ri:link
Minor Changesri:link
- b04ab3e: Integrates the Omnichannel Inventory endpoints that can be used on the storefront to check a product's availability, reserve stock, update, transfer or release reservations
Patch Changesri:link
- Updated dependencies b04ab3e
- @vsf-enterprise/sfcc-types@1.4.0
2.2.0ri:link
Minor Changesri:link
- cb3687b: CHANGED Replaced
sdkLogger
from commerce-sdk with Alokai Logger. To learn more about logger, visit Alokai Logger. - ece6587: ADDED
cookieOptions
config. This option allows you to customize the cookie options which are set for a given cookie name.
Example:{ integrations: { sfcc: { location: "@vsf-enterprise/sfcc-api/server", configuration: { // ... cookieOptions: { "x-vsf-sfcc-ocapi-token": { secure: process.env.NODE_ENV === 'production', sameSite: process.env.NODE_ENV === 'production' ? 'none' : 'strict', } } }, }, }, }
2.1.1ri:link
Patch Changesri:link
- c941a40: Resolve an error in the sign out flow which crashes the middleware
2.1.0ri:link
Minor Changesri:link
- 7446123: Exposes SDK methods and API endpoints for the shopper context functionality
Patch Changesri:link
- Updated dependencies 7446123
- @vsf-enterprise/sfcc-types@1.3.0
2.0.0ri:link
Major Changesri:link
- 01bf358: CHANGED - update middleware to 5.1.0
1.2.0ri:link
Minor Changesri:link
- bc2883a: Improve error handling and allow retries of the order update method
Patch Changesri:link
- Updated dependencies bc2883a
- @vsf-enterprise/sfcc-types@1.2.0
1.1.0ri:link
Minor Changesri:link
- 6fd908e: - Expose an SDK method and API endpoint
ensureAccessTokenValidity
. It accepts no parameter and has no response body, its purpose is to be the first called method in the consumer app's lifecycle. If there are no JWTs in the request headers (either in cookies or custom headers), guest JWTs will be generated and returned as cookies; if there are preexisting tokens, they will go through validation and will be refreshed if needed. This will allow any following requests that happen in parallel during the first page request to reuse the same token instead of each one generating its own.- Enable long-lived logins using refresh tokens. Controlled by the optional opt-out
disableLongLivedLogin
setting in the middleware configuration. When enabled, guest tokens will always be refreshed when a refresh token is available. This mirrors the default functionality of the official SLAS plugin for SFCC. - Removes the USID parameter from refresh token calls, per instructions from the SFCC SLAS team
- Completely disables OCAPI authentication when the SLAS token will be used for OCAPI calls. Until now we were generating both tokens even if only one of them would be used.
- Enable long-lived logins using refresh tokens. Controlled by the optional opt-out
Patch Changesri:link
- Updated dependencies 6fd908e
- @vsf-enterprise/sfcc-types@1.1.0
1.0.0ri:link
Major Changesri:link
- cdf19fc: CHANGED Updated
@vue-storefront/middleware
version to4.x.x
. CHANGED Removed support for Node versions before 18. - e747f29: Stable release of SalesForce integration
Minor Changesri:link
- 9ca0a56: Add a parameter to the product search endpoint which can be used to forward a response header that contains the search-drive redirect URL to the response body
- e796642: Adds a SCAPI implenentation for the getOrder method of the orders facade
- 659607e: Replace all sensitive values in JWT tokens with generic placeholders before exposing them to the SDK consumer
- a1a1d23: Add support for SLAS JWTs on OCAPI calls
- f621a97: Add an option to always get a basket by ID rather than using the customer baskets endpoint
- d75751b: Adds a sign out SDK method to invalidate authenticated JWTs
- 411b1d5: Implement the order place flow in the SCAPI order facade with a fallback to OCAPI for other statuses
- 659607e: Add option to serve encrypted JWTs
- 8c52a1f: Ensure the order is patched with all other request properties after getting placed with a new or open status
- adf70e3: Changes the middleware config so that the OCAPI settings (ocapiClientId) and the SCAPI settings (scapiClientId, slasClientId, slasClientSecret) are optional. This has the following effects:
- If no settings are provided for OCAPI and/or SCAPI, the respective client will not be used, meaning no auth tokens will be generated and all calls will be directed to the other client, if available.
- If no SLAS secret is provided, we'll assume that the SLAS client in use is public, and the public flows will be used for guest tokens, signing in and password resets.
- e823b4e: Added GetCustomerOrder endpoint for fetching data about selected customer's order
- 411b1d5: Adds support for placing orders in the updateOrder method
- b2c76da: Add a method to update an order
Patch Changesri:link
- f78c60d: Fixes unsafe access to optional API clients in the auth facade
- dd21832: Adds basic logging and log level configuration
- 5f06e1c: Prevents the same cookie from being present twice in the response Set-Cookie header; this in turn prevents header overflow situations when the accumulation of duplicate cookies causes the header size to go over the node limit
- d40bfa3: FIXED
signOut
method randomly failing with 400 error - b05b5a3: CHANGED SFCCIntegrationContext from type to interface to allow declaration merging.
- 1be2f39: CHANGED several API methods have been refactored to improve docs and API reference.
- 0bdc007: Improve the consistency and readability of the types used in the interface of the callback called after a password reset token is generated
- 7cb9f9f: Refactor API endpoints to follow the standartized universal module exports interface
- f86fffe: Fixed the handling token - added getting token values from cookies in the config extension, as well as updating cookies on the set.
- 3c75dec: Fixes incorrectly constructed refinement parameters in OCAPI product search call
- Updated dependencies 9ca0a56
- Updated dependencies e747f29
- Updated dependencies f621a97
- Updated dependencies d75751b
- Updated dependencies 0bdc007
- Updated dependencies e823b4e
- Updated dependencies 411b1d5
- Updated dependencies b2c76da
- @vsf-enterprise/sfcc-types@1.0.0
1.0.0-rc.21ri:link
Minor Changesri:link
- 9ca0a56: Add a parameter to the product search endpoint which can be used to forward a response header that contains the search-drive redirect URL to the response body
Patch Changesri:link
- Updated dependencies 9ca0a56
- @vsf-enterprise/sfcc-types@1.0.0-rc.7
1.0.0-rc.20ri:link
Major Changesri:link
- cdf19fc: CHANGED Updated
@vue-storefront/middleware
version to4.x.x
. CHANGED Removed support for Node versions before 18.
1.0.0-rc.19ri:link
Patch Changesri:link
- 5f06e1c: Prevents the same cookie from being present twice in the response Set-Cookie header; this in turn prevents header overflow situations when the accumulation of duplicate cookies causes the header size to go over the node limit
1.0.0-rc.18ri:link
Minor Changesri:link
- 8c52a1f: Ensure the order is patched with all other request properties after getting placed with a new or open status
1.0.0-rc.17ri:link
Minor Changesri:link
- a1a1d23: Add support for SLAS JWTs on OCAPI calls
1.0.0-rc.16ri:link
Minor Changesri:link
- 411b1d5: Implement the order place flow in the SCAPI order facade with a fallback to OCAPI for other statuses
- 411b1d5: Adds support for placing orders in the updateOrder method
Patch Changesri:link
- Updated dependencies 411b1d5
- @vsf-enterprise/sfcc-types@1.0.0-rc.6
1.0.0-rc.15ri:link
Minor Changesri:link
- f621a97: Add an option to always get a basket by ID rather than using the customer baskets endpoint
Patch Changesri:link
- Updated dependencies f621a97
- @vsf-enterprise/sfcc-types@1.0.0-rc.5
1.0.0-rc.14ri:link
Patch Changesri:link
- 1be2f39: CHANGED several API methods have been refactored to improve docs and API reference.
1.0.0-rc.13ri:link
Major Changesri:link
- CHANGED
Endpoints
interface. Previously, each endpoint containedcontext
param, which is internal and shouldn't be exposed in the final interface. Now,Endpoints
interface properties don't containcontext
param. If you need to usecontext
param, you should useApiMethods
type.
- import { Endpoints } from '@vsf-enterprise/sfcc-api';
+ import { ApiMethods } from '@vsf-enterprise/sfcc-api';
- REMOVED
ContextualizedEndpoints
type. UseEndpoints
instead.
- import { ContextualizedEndpoints } from '@vsf-enterprise/sfcc-api';
+ import { Endpoints } from '@vsf-enterprise/sfcc-api';
1.0.0-rc.11, 1.0.0-rc.12ri:link
Patch Changesri:link
- FIXED
signOut
method randomly failing with 400 error
1.0.0-rc.10ri:link
Patch Changesri:link
- CHANGED SFCCIntegrationContext from type to interface to allow declaration merging.
1.0.0-rc.9ri:link
Minor Changesri:link
- Adds a SCAPI implenentation for the getOrder method of the orders facade
- Add a method to update an order
Patch Changesri:link
- Updated dependencies
- @vsf-enterprise/sfcc-types@1.0.0-rc.4
1.0.0-rc.8ri:link
Patch Changesri:link
- Improve the consistency and readability of the types used in the interface of the callback called after a password reset token is generated
- Updated dependencies
- @vsf-enterprise/sfcc-types@1.0.0-rc.3
1.0.0-rc.7ri:link
Minor Changesri:link
- Replace all sensitive values in JWT tokens with generic placeholders before exposing them to the SDK consumer
- Add option to serve encrypted JWTs
1.0.0-rc.6ri:link
Patch Changesri:link
- Fixes unsafe access to optional API clients in the auth facade
- Adds basic logging and log level configuration
1.0.0-rc.5ri:link
Patch Changesri:link
- Fixes incorrectly constructed refinement parameters in OCAPI product search call
1.0.0-rc.4ri:link
Minor Changesri:link
- Changes the middleware config so that the OCAPI settings (ocapiClientId) and the SCAPI settings (scapiClientId, slasClientId, slasClientSecret) are optional. This has the following effects:
- If no settings are provided for OCAPI and/or SCAPI, the respective client will not be used, meaning no auth tokens will be generated and all calls will be directed to the other client, if available.
- If no SLAS secret is provided, we'll assume that the SLAS client in use is public, and the public flows will be used for guest tokens, signing in and password resets.
1.0.0-rc.3ri:link
Minor Changesri:link
- Added GetCustomerOrder endpoint for fetching data about selected customer's order
Patch Changesri:link
- Updated dependencies
- @vsf-enterprise/sfcc-types@1.0.0-rc.2
1.0.0-rc.2ri:link
Patch Changesri:link
- Fixed the handling token - added getting token values from cookies in the config extension, as well as updating cookies on the set.
1.0.0-rc.1ri:link
Minor Changesri:link
- added a sign out SDK method to invalidate authenticated JWTs
Patch Changesri:link
- Updated dependencies: @vsf-enterprise/sfcc-types@1.0.0-rc.1
1.0.0-rc.0ri:link
Major Changesri:link
- Stable release of SalesForce integration
Patch Changesri:link
- Updated dependencies: @vsf-enterprise/sfcc-types@1.0.0-rc.0