All host origin patterns required for this supplier to function.
Automatically includes baseURL and, if defined, apiURL. Used by the
factory to check chrome permissions before querying.
Creates a new instance of the supplier base class. Initializes the supplier with query parameters, request limits, and abort controller. Sets up logging and default product values.
The search term to query products for
The maximum number of results to return (default: 5)
Optionalcontroller: AbortControllerAbortController instance for managing request cancellation
// Create a supplier with default limit
const supplier = new MySupplier("sodium chloride", undefined, new AbortController());
// Create a supplier with custom limit
const supplier = new MySupplier("acetone", 10, new AbortController());
// Create a supplier and handle cancellation
const controller = new AbortController();
const supplier = new MySupplier("ethanol", 5, controller);
// Later, to cancel all pending requests:
controller.abort();
Initializes the cache for the supplier. This is called after construction to ensure supplierName is set.
The cache is initialized with the supplier's name and is used to store both query results and product data. This method should be called after the supplier's name is set to ensure proper cache key generation.
class MySupplier extends SupplierBase<Product> {
constructor() {
super("acetone", 5);
// supplierName is set here
this.initCache(); // Initialize cache after supplierName is set
}
}
public initCache(
enabled: boolean = true,
doNotCacheEmptyResults: boolean = false,
cacheTtlMinutes: number = 0,
): void {
this.cache = new SupplierCache(
this.supplierName,
this.constructor.name,
enabled,
doNotCacheEmptyResults,
cacheTtlMinutes,
);
}
Applies (or clears) a runtime override for the fuzz scorer. Driven by
userSettings.fuzzScorerOverride — when the user picks a scorer in the
Advanced drawer section, SupplierFactory calls this on each instance
so the choice takes effect uniformly across every supplier.
Silently ignores unknown names so an outdated / corrupted setting can't blow up the search flow — callers fall back to the subclass default.
Name of a scorer from FUZZ_SCORERS, or undefined to
clear the override and use the subclass default.
const supplier = new MySupplier("acetone", 5, controller);
supplier.setFuzzScorerOverride("token_set_ratio");
// fuzzyFilter now uses token_set_ratio regardless of MySupplier's default
supplier.setFuzzScorerOverride(undefined);
// back to MySupplier's default
public setFuzzScorerOverride(name: string | undefined): void {
if (isFuzzScorerName(name)) {
this.fuzzScorerOverride = FUZZ_SCORERS[name];
} else {
this.fuzzScorerOverride = undefined;
}
}
ProtectedhttpRetrieves HTTP headers from a URL using a HEAD request. Useful for checking content types, caching headers, and other metadata without downloading the full response.
The URL to fetch headers from
Promise resolving to the response headers or void if request fails
// Basic usage
const headers = await supplier.httpGetHeaders('https://example.com/product/123');
if (headers) {
console.log('Content-Type:', headers['content-type']);
}
// With error handling
try {
const headers = await supplier.httpGetHeaders('https://example.com/product/123');
if (headers) {
console.log('Headers:', headers);
}
} catch (err) {
console.error('Failed to fetch headers:', err);
}
protected async httpGetHeaders(url: string | URL): Promise<Maybe<HeadersInit>> {
const requestObj = new Request(this.href(url), {
signal: this.controller.signal,
headers: new Headers(this.headers),
referrer: this.baseURL,
referrerPolicy: "strict-origin-when-cross-origin",
body: null,
method: "HEAD",
mode: "cors",
credentials: "include",
});
try {
const httpResponse = await this.fetch(requestObj);
return Object.fromEntries(httpResponse.headers.entries()) satisfies HeadersInit;
} catch (error: unknown) {
if (error instanceof Error && error.name === "AbortError") {
this.logger.warn("Request was aborted", { error, signal: this.controller.signal });
this.controller.abort();
} else {
this.logger.error("Error received during fetch:", {
error,
signal: this.controller.signal,
});
}
return;
}
}
ProtectedhttpSends a POST request to the given URL with the given body and headers. Handles request setup, error handling, and response caching.
The request configuration options
Promise resolving to the Response object or void if request fails
// Basic POST request
const response = await supplier.httpPost({
path: '/api/v1/products',
body: { name: 'Test Chemical' }
});
// POST with custom headers
const response = await supplier.httpPost({
path: '/api/v1/products',
body: { name: 'Test Chemical' },
headers: {
'Authorization': 'Bearer token123',
'Content-Type': 'application/json'
}
});
// POST with custom host and params
const response = await supplier.httpPost({
path: '/api/v1/products',
host: 'api.example.com',
body: { name: 'Test Chemical' },
params: { version: '2' }
});
// Error handling
try {
const response = await supplier.httpPost({ path: '/api/v1/products', body: { name: 'Test' } });
if (response && response.ok) {
const data = await response.json();
console.log('Created:', data);
}
} catch (err) {
console.error('POST failed:', err);
}
protected async httpPost({
path,
host,
body,
params,
headers,
}: RequestOptions): Promise<Maybe<Response>> {
const method = "POST";
const mode = "cors";
const referrer = this.baseURL;
const referrerPolicy = "strict-origin-when-cross-origin";
const signal = this.controller.signal;
const bodyStr = typeof body === "string" ? body : (JSON.stringify(body) ?? null);
const headersObj = new Headers({
...this.headers,
...headers,
});
const url = this.href(path, params, host);
const requestObj = new Request(url, {
signal,
headers: headersObj,
referrer,
referrerPolicy,
body: bodyStr,
method,
mode,
credentials: "include",
});
// Fetch the goods
const httpResponse = await this.fetch(requestObj);
if (!isHttpResponse(httpResponse) || !httpResponse.ok) {
const badResponse = await httpResponse.text();
this.logger.error("Invalid POST response: ", badResponse);
throw new TypeError(`Invalid POST response: ${httpResponse?.toString()}`);
}
return httpResponse;
}
ProtectedhttpSends a POST request and returns the response as a JSON object.
The parameters for the POST request.
The response from the POST request as a JSON object.
// Basic usage
const data = await supplier.httpPostJson({
path: '/api/v1/products',
body: { name: 'John' }
});
// With custom headers and error handling
try {
const data = await supplier.httpPostJson({
path: '/api/v1/products',
body: { name: 'John' },
headers: { 'Authorization': 'Bearer token123' }
});
if (data) {
console.log('Created:', data);
}
} catch (err) {
console.error('POST JSON failed:', err);
}
protected async httpPostJson({
path,
host,
body,
params,
headers,
}: RequestOptions): Promise<Maybe<JsonValue>> {
const httpResponse = await this.httpPost({ path, host, body, params, headers });
if (!isJsonResponse(httpResponse) || !httpResponse.ok) {
this.logger.error("httpPostJson| Invalid POST response: ", {
httpResponse,
path,
host,
body,
params,
headers,
});
throw new TypeError(`httpPostJson| Invalid POST response: ${httpResponse}`);
}
return await httpResponse.json();
}
ProtectedhttpSends a POST request and returns the response as a HTML string.
The request configuration options
Promise resolving to the HTML response as a string or void if request fails
TypeError - If the response is not valid HTML content
// Basic usage
const html = await supplier.httpPostHtml({
path: '/api/v1/products',
body: { name: 'John' }
});
protected async httpPostHtml({
path,
host,
body,
params,
headers,
}: RequestOptions): Promise<Maybe<string>> {
const httpResponse = await this.httpPost({ path, host, body, params, headers });
if (!isHtmlResponse(httpResponse)) {
throw new TypeError(`httpPostHtml| Invalid POST response: ${httpResponse}`);
}
return await httpResponse.text();
}
ProtectedhttpSends a GET request to the given URL with the specified options. Handles request setup, error handling, and response caching.
The request configuration options
Promise resolving to the Response object or void if request fails
// Basic GET request
const response = await supplier.httpGet({
path: '/products/search',
params: { query: 'sodium chloride' }
});
// GET with custom headers
const response = await supplier.httpGet({
path: '/products/search',
headers: { 'Accept': 'application/json' }
});
// GET with custom host
const response = await supplier.httpGet({
path: '/products/search',
host: 'api.example.com',
params: { category: 'chemicals' }
});
// Error handling
try {
const response = await supplier.httpGet({ path: '/products/search' });
if (response && response.ok) {
const data = await response.json();
console.log('Products:', data);
}
} catch (err) {
console.error('GET failed:', err);
}
protected async httpGet({
path,
params,
headers,
host,
}: RequestOptions): Promise<Maybe<Response>> {
// Check if the request has been aborted before proceeding
if (this.controller.signal.aborted) {
this.logger.warn("Request was aborted before fetch", {
signal: this.controller.signal,
});
return;
}
const headersRaw = { ...this.headers };
Object.assign(headersRaw, {
accept: [
"text/html",
"application/xhtml+xml",
"application/xml;q=0.9",
"image/avif",
"image/webp",
"image/apng",
"*/*;q=0.8",
].join(","),
...(headers ?? {}),
});
const requestObj = new Request(this.href(path, params, host), {
signal: this.controller.signal,
headers: new Headers(headersRaw),
referrer: this.baseURL,
referrerPolicy: "no-referrer",
body: null,
method: "GET",
mode: "cors",
credentials: "include",
redirect: "follow",
});
try {
// Fetch the goods
const httpResponse = await this.fetch(requestObj.url, requestObj);
const responseHeaders = Object.fromEntries(
httpResponse.headers.entries(),
) satisfies HeadersInit;
this.logger.debug("responseHeaders:", responseHeaders);
this.logger.debug("responseHeaders.location:", responseHeaders.location);
return httpResponse;
} catch (error: unknown) {
if (error instanceof Error && error.name === "AbortError") {
this.logger.warn("Request was aborted", { error, signal: this.controller.signal });
this.controller.abort();
} else {
this.logger.error("Error received during fetch:", {
error,
signal: this.controller.signal,
});
}
return;
}
}
ProtectedfuzzyFilters an array of data using fuzzy string matching to find items that closely match a query string. Uses the WRatio algorithm from fuzzball for string similarity comparison.
The search string to match against
Array of data objects to search through
Minimum match percentage (0-100) for a match to be included (default: 55)
Array of matching data objects with added fuzzy match metadata
// Example with simple string array
const products = [
{ title: "Sodium Chloride", price: 29.99 },
{ title: "Sodium Hydroxide", price: 39.99 },
{ title: "Potassium Chloride", price: 19.99 }
];
const matches = this.fuzzyFilter("sodium chloride", products);
// Returns: [
// {
// title: "Sodium Chloride",
// price: 29.99,
// _fuzz: { score: 100, idx: 0 }
// },
// {
// title: "Sodium Hydroxide",
// price: 39.99,
// _fuzz: { score: 85, idx: 1 }
// }
// ]
// Example with custom minMatchPercentage
const strictMatches = this.fuzzyFilter("sodium chloride", products, 90);
// Returns only exact matches with score >= 90
// Example with different data structure
const chemicals = [
{ name: "NaCl", formula: "Sodium Chloride" },
{ name: "NaOH", formula: "Sodium Hydroxide" }
];
// Override titleSelector to use formula field
this.titleSelector = (data) => data.formula;
const formulaMatches = this.fuzzyFilter("sodium chloride", chemicals);
protected fuzzyFilter<X>(
query: string,
data: X[],
minMatchPercentage: number = this.minMatchPercentage,
): X[] {
// User's Advanced-settings override wins over the subclass default.
const activeScorer = this.fuzzScorerOverride ?? this.fuzzScorer;
// console.log(
// `[fuzzyFilter] ${this.supplierName} query="${query}" — scorer comparison (cutoff=${minMatchPercentage})`,
// );
if (IS_DEV_BUILD) {
this.showFuzzScorerComparisonTable(query, data);
}
const results = extract(query, data, {
scorer: activeScorer,
processor: this.titleSelector,
cutoff: minMatchPercentage,
sortBySimilarity: true,
}).reduce<FuzzyMatchResult<X>[]>((acc, [obj, score, idx]) => {
if (score < minMatchPercentage) {
this.logger.debug("fuzzyFilter: score below minimum match percentage, excluding product", {
product: obj,
score,
idx,
minMatchPercentage: minMatchPercentage,
});
return acc;
}
// eslint-disable-next-line @typescript-eslint/naming-convention
acc[idx] = Object.assign(obj, { _fuzz: { score, idx }, matchPercentage: score });
return acc;
}, []);
this.logger.debug("[fuzzyFilter]", {
supplierName: this.supplierName,
query,
minMatchPercentage,
activeScorer,
results,
});
// Get rid of any empty items that didn't match closely enough
return results.filter((item) => !!item);
}
ProtectedhttpMakes an HTTP GET request and returns the response as a string. Handles request configuration, error handling, and HTML parsing.
The request configuration options
Promise resolving to the HTML response as a string or void if request fails
TypeError - If the response is not valid HTML content
// Basic GET request
const html = await this.httpGetHtml({
path: "/api/products",
params: { search: "sodium" }
});
// GET request with custom headers
const html = await this.httpGetHtml({
path: "/api/products",
headers: {
"Authorization": "Bearer token123",
"Accept": "text/html"
}
});
// GET request with custom host
const html = await this.httpGetHtml({
path: "/products",
host: "api.supplier.com",
params: { limit: 10 }
});
protected async httpGetHtml({
path,
params,
headers,
host,
}: RequestOptions): Promise<Maybe<string>> {
const httpResponse = await this.httpGet({ path, params, headers, host });
if (!isHtmlResponse(httpResponse)) {
throw new TypeError(`httpGetHtml| Invalid GET response: ${httpResponse}`);
}
return await httpResponse.text();
}
ProtectedhttpMakes an HTTP GET request and returns the response as parsed JSON. Handles request configuration, error handling, and JSON parsing.
The request configuration options
Promise resolving to the parsed JSON response or void if request fails
TypeError - If the response is not valid JSON content
// Basic GET request
const data = await supplier.httpGetJson({ path: '/api/products', params: { search: 'sodium' } });
// GET request with custom headers
const data = await supplier.httpGetJson({
path: '/api/products',
headers: {
'Authorization': 'Bearer token123',
'Accept': 'application/json'
}
});
// GET request with custom host
const data = await supplier.httpGetJson({
path: '/products',
host: 'api.supplier.com',
params: { limit: 10 }
});
// Error handling
try {
const data = await supplier.httpGetJson({ path: '/api/products' });
if (data) {
console.log('Products:', data);
}
} catch (error) {
console.error('Failed to fetch products:', error);
}
protected async httpGetJson({
path,
params,
headers,
host,
}: RequestOptions): Promise<Maybe<JsonValue>> {
const httpRequest = await this.httpGet({ path, params, headers, host });
if (!isJsonResponse(httpRequest)) {
const badResponse = isHttpResponse(httpRequest) ? await httpRequest.text() : undefined;
this.logger.error("Invalid HTTP GET JSON response:", {
badResponse,
httpRequest,
path,
params,
headers,
host,
});
return;
}
return await httpRequest.json();
}
ProtectedqueryExecutes a product search query with caching support. First checks the cache for existing results, then falls back to the actual query if needed. The limit parameter is only used for the actual query and doesn't affect caching.
The search term to query products for
The maximum number of results to return (defaults to instance limit)
Promise resolving to array of product builders or void if search fails
// Basic usage with default limit
const results = await supplier.queryProductsWithCache("acetone");
if (results) {
console.log(`Found ${results.length} products`);
}
// With custom limit
const results = await supplier.queryProductsWithCache("acetone", 10);
if (results) {
for (const builder of results) {
const product = await builder.build();
console.log(product.title, product.price);
}
}
protected async queryProductsWithCache(
query: string,
limit: number = this.limit,
): Promise<ProductBuilder<T>[] | void> {
// Check cache first (processed product data)
this.logger.debug(
"queryProductsWithCache: called for",
this.supplierName,
"query:",
query,
"limit:",
limit,
);
const key = this.cache.generateCacheKey(query);
const cached = await this.cache.getCachedQueryEntry(key);
this.logger.debug("queryProductsWithCache: cache hit:", !!cached, "key:", key);
if (cached) {
// If the cached limit is less than the requested limit, invalidate the cache
if (
typeof cached.__cacheMetadata.limit === "number" &&
cached.__cacheMetadata.limit < limit
) {
this.logger.debug("Invalidating query cache due to insufficient limit", {
cachedLimit: cached.__cacheMetadata.limit,
requestedLimit: limit,
});
await deleteSupplierQueryCacheEntry(key);
} else {
this.logger.debug("Returning cached query results");
// Re-initialize product builders from cached processed data
return ProductBuilder.createFromCache<T>(this.baseURL, cached.data.slice(0, limit));
}
}
// If not in cache, perform the actual query. Run setup first so any
// subclass state it mutates (headers, localStorage, tokens, etc.) is
// in place before `queryProducts` reads it. Memoized, so this is cheap
// on repeat calls within the same supplier instance.
await this.ensureSetup();
const results = await this.queryProducts(query, limit);
if (results) {
// Store processed results in cache (dumped/serialized form) and the limit used
await this.cache.cacheQueryResults(
query,
results.map((b) => b.dump()),
limit,
);
}
return results;
}
Executes the supplier's search query and returns the results. This method will execute all results concurrently (to the limits set in the supplier class), and resolve to an array of product objects.
Promise resolving to an array of products
This method is used to execute the supplier's search query and return the results.
public async *execute(): AsyncGenerator<T, void, undefined> {
// setup() is not called eagerly here — it's run lazily from the
// phase-boundary gates inside `queryProductsWithCache` and
// `getProductData` / `getProductDataWithCache`. A fully cached search
// never reaches those gates, so setup's token/cookie/permission
// requests are skipped entirely.
// Snapshot the user's ignore list once per search. Any product whose
// exclusion key matches an entry here is dropped before the detail phase
// runs (see the filter after queryProductsWithCache below).
this.excludedProductKeys = await loadExcludedProductKeys();
// Over-fetch by the number of previously-ignored products belonging to
// this supplier so that, in the worst case where every ignored product
// appears in the top of the query result set, we still end up with
// `this.limit` survivors after filtering. The queryProductsWithCache
// cache invalidates itself when the requested limit exceeds the cached
// limit, so this is safe.
const excludedForSupplier = await countExcludedProductsForSupplier(this.supplierName);
const fetchLimit = this.limit + excludedForSupplier;
incrementSearchQueryCount(this.supplierName);
const results = await this.queryProductsWithCache(this.query, fetchLimit);
if (!results || results.length === 0) {
this.logger.log(`No query results found`);
return;
}
// Drop any products the user has ignored, then slice back down to the
// user-visible limit. Uses the same key shape as getProductData so
// whichever side catches the exclusion first, the check is consistent.
const survivors: ProductBuilder<T>[] = [];
for (const builder of results) {
if (survivors.length >= this.limit) break;
const rawUrl = builder.get("url");
if (typeof rawUrl !== "string") {
survivors.push(builder);
continue;
}
const exclusionUrl = this.href(rawUrl);
const exclusionKey = getProductExclusionKey(exclusionUrl, this.supplierName);
if (this.excludedProductKeys.has(exclusionKey)) {
this.logger.debug("Skipping excluded product (pre-detail)", {
url: rawUrl,
exclusionUrl,
exclusionKey,
});
continue;
}
survivors.push(builder);
}
this.products = survivors;
const queue = new Queue(this.maxConcurrentRequests, this.minConcurrentCycle);
// Create an array of promises, each yielding a product as soon as it's ready
const tasks = this.products.map((product) =>
queue.run(async () => {
try {
this.logger.debug(`Product data for ${this.supplierName}:`, product);
const builder = await this.getProductData(product);
if (!builder) return;
this.logger.debug(`Builder data for ${this.supplierName}:`, builder);
const finished = await this.finishProduct(builder);
this.logger.debug(`Finished product data for ${this.supplierName}:`, finished);
if (finished) {
return finished;
}
} catch (e: unknown) {
this.logger.error("Error processing product", { error: e, product });
incrementParseError(this.supplierName);
}
}),
);
// As each promise resolves, yield the product
const resultsSet = new Set(tasks);
while (resultsSet.size > 0) {
const finished = await Promise.race(resultsSet);
// Remove the finished promise from the set
for (const t of resultsSet) {
if ((await Promise.resolve(t)) === finished) {
resultsSet.delete(t);
break;
}
}
if (finished) {
yield finished;
}
}
}
ProtectedfinishFinalizes a partial product by adding computed properties and validating the result. This method:
The ProductBuilder instance containing the partial product to finalize
Promise resolving to a complete Product object or void if validation fails
// Example with a valid partial product
const builder = new ProductBuilder<Product>(this.baseURL);
builder
.setBasicInfo("Sodium Chloride", "/products/nacl", "ChemSupplier")
.setPricing(29.99, "USD", "$")
.setQuantity(500, "g");
const finishedProduct = await this.finishProduct(builder);
if (finishedProduct) {
console.log("Finalized product:", {
title: finishedProduct.title,
price: finishedProduct.price,
quantity: finishedProduct.quantity,
uom: finishedProduct.uom,
usdPrice: finishedProduct.usdPrice,
baseQuantity: finishedProduct.baseQuantity
});
}
// Example with an invalid partial product
const invalidBuilder = new ProductBuilder<Product>(this.baseURL);
invalidBuilder.setBasicInfo("Sodium Chloride", "/products/nacl", "ChemSupplier");
// Missing required fields
const invalidProduct = await this.finishProduct(invalidBuilder);
if (!invalidProduct) {
console.log("Failed to finalize product - missing required fields");
}
protected async finishProduct(product: ProductBuilder<T>): Promise<Maybe<T>> {
if (!isMinimalProduct(product.dump())) {
this.logger.warn("Unable to finish product - Minimum data not set", { product });
return;
}
// Set the country and shipping scope of the supplier
// have different restrictions on different products or countries.
product.setSupplierCountry(this.country);
product.setSupplierShipping(this.shipping);
if (this.paymentMethods.length > 0) {
product.setSupplierPaymentMethods(this.paymentMethods);
}
const built = await product.build();
return built;
}
ProtectedhrefTakes in either a relative or absolute URL and returns an absolute URL. This is useful for when you aren't sure if the link (retrieved from parsed text, a setting, an element, an anchor value, etc) is absolute or not. Using relative links will result in http://chrome-extension://... being added to the link.
URL object or string
Optionalparams: Maybe<RequestParams>The parameters to add to the URL.
Optionalhost: stringThe host to use for overrides (eg: needing to call a different host for an API)
absolute URL
this.href('/some/path')
// https://supplier_base_url.com/some/path
this.href('https://supplier_base_url.com/some/path', null, 'another_host.com')
// https://another_host.com/some/path
this.href('/some/path', { a: 'b', c: 'd' }, 'another_host.com')
// http://another_host.com/some/path?a=b&c=d
this.href('https://supplier_base_url.com/some/path')
// https://supplier_base_url.com/some/path
this.href(new URL('https://supplier_base_url.com/some/path'))
// https://supplier_base_url.com/some/path
this.href('/some/path', { a: 'b', c: 'd' })
// https://supplier_base_url.com/some/path?a=b&c=d
this.href('https://supplier_base_url.com/some/path', new URLSearchParams({ a: 'b', c: 'd' }))
// https://supplier_base_url.com/some/path?a=b&c=d
protected href(path: string | URL, params?: Maybe<RequestParams>, host?: string): string {
const href = new URL(path, this.baseURL);
if (host) {
href.host = host;
}
if (params && Object.keys(params).length > 0) {
href.search = new URLSearchParams(
Object.entries(params).reduce<QueryParams>((acc, [key, value]) => {
acc[key] = String(value);
return acc;
}, {}),
).toString();
}
return href.toString();
}
ProtectedgetRetrieves product data with caching support. Similar to getProductData but allows for additional parameters to be included in the cache key.
The ProductBuilder instance to get data for
The function to use for fetching product data
Optionalparams: QueryParamsOptional parameters to include in the cache key
Promise resolving to the updated ProductBuilder or void if fetch fails
const builder = new ProductBuilder<Product>(this.baseURL);
builder.setBasicInfo("Acetone", "/products/acetone", "ChemSupplier");
// Use custom fetcher with additional params
const updatedBuilder = await supplier.getProductDataWithCache(
builder,
async (b) => {
// Custom fetching logic
return b;
},
{ version: "2.0" }
);
protected async getProductDataWithCache(
product: ProductBuilder<T>,
fetcher: (builder: ProductBuilder<T>) => Promise<ProductBuilder<T> | void>,
params?: QueryParams,
): Promise<ProductBuilder<T> | void> {
const url = product.get("url");
if (typeof url !== "string") {
this.logger.error("Invalid URL in product:", { url });
return undefined;
}
// See getProductData above: normalize only for the exclusion key so it
// lines up with the absolute URL the UI context menu stores.
const exclusionUrl = this.href(url);
const shouldExclude = await shouldExcludeProduct(exclusionUrl, this.supplierName);
if (shouldExclude) {
this.logger.debug("Skipping excluded product", {
url,
exclusionUrl,
supplierName: this.supplierName,
});
return undefined;
}
const cacheKey = this.cache.getProductDataCacheKey(url, params);
this.logger.debug("[SupplierBase] Product detail cache key:", cacheKey, "for url:", url);
try {
const cachedData = await this.cache.getCachedProductData(cacheKey);
if (cachedData) {
// Safe: cache only stores values previously produced by ProductBuilder<T>.dump(),
// so the round-tripped shape is structurally a Partial<T>.
product.setData(cachedData as Partial<T>);
return product;
}
// Cache miss: run setup (memoized) so any state subclasses rely on is
// ready before the fetcher reads it, then call the fetcher.
await this.ensureSetup();
let resultBuilder: ProductBuilder<T> | void = undefined;
try {
resultBuilder = await fetcher(product);
} catch (err: unknown) {
this.logger.error("Error in product detail fetcher:", err);
incrementParseError(this.supplierName);
return undefined;
}
if (resultBuilder) {
incrementProductCount(this.supplierName);
await this.cache.cacheProductData(cacheKey, resultBuilder.dump());
}
return resultBuilder;
} catch (outerErr: unknown) {
this.logger.error("Error in getProductDataWithCache:", outerErr);
incrementParseError(this.supplierName);
return undefined;
}
}
ProtectedgroupGroups variants of a product by their title
Array of product listings from search results
Array of product listings with grouped variants
Create a generic method for this, the same method is used in Synthetika and could be of use with LoudWolf.
const results = await this.queryProducts("sodium chloride");
const grouped = this.groupVariants(results);
// grouped is an array of product listings with grouped variants
protected groupVariants<R>(data: R[]): R[] {
const variants: GroupedItem<R>[] = data
.map((item) => {
const title = this.titleSelector(item);
if (!title) {
this.logger.error("No title found in product:", { item });
return undefined;
}
const groupId = stripQuantityFromString(title.replace(/(?<=\d{1,3})\s(?=\d{3})/g, ""));
const groupIdWithoutSpaces = groupId.replace(/[\s-]/g, "");
return { ...item, groupId: groupIdWithoutSpaces };
})
.filter((item): item is GroupedItem<R> => item !== undefined);
const products = Object.groupBy(variants, (item) => item.groupId);
return Object.values(products)
.filter((product): product is GroupedItem<R>[] => product !== undefined)
.map((product) => {
const main = product.splice(0, 1)[0];
// eslint-disable-next-line @typescript-eslint/no-unused-vars
const { groupId, ...newObject } = main;
newObject.variants = product as GroupedItem<R>["variants"];
return newObject;
})
.filter((item): item is GroupedItem<R> => item !== undefined);
}
ProtectedfetchInternal fetch method with request counting and decorator. Tracks request count and enforces hard limits on HTTP requests.
Arguments to pass to fetchDecorator (usually a Request or URL and options)
The response from the fetchDecorator
Error if request count exceeds hard limit
// Example usage inside a subclass:
const response = await this.fetch(new Request('https://example.com'));
if (response.ok) {
const data = await response.json();
console.log(data);
}
// With custom request options
const response = await this.fetch(
new Request('https://example.com', {
headers: { 'Accept': 'application/json' }
})
);
protected async fetch(
...args: Parameters<typeof fetchDecorator>
): Promise<FetchDecoratorResponse> {
const [input] = args;
this.logger.debug(`Fetching: ${input}`);
// One initial attempt plus up to `challengeRetryLimit` retries. A 403 from
// a WAF cookie handshake plants a cookie on the first hit (stored because
// credentials:"include"); the retry sends it back and usually passes.
const maxAttempts = 1 + Math.max(0, this.challengeRetryLimit);
for (let attempt = 1; attempt <= maxAttempts; attempt++) {
// Each attempt is a real network request, so it counts toward the hard
// limit. For non-retrying suppliers (maxAttempts === 1) this is
// identical to the previous single increment.
this.requestCount++;
if (this.requestCount > this.httpRequestHardLimit) {
this.logger.warn("Request count exceeded hard limit", { requestCount: this.requestCount });
incrementFailure(this.supplierName);
throw new Error("Request count exceeded hard limit");
}
try {
const response = await fetchDecorator(...args);
this.logger.debug(`Response Status: ${response.status}`);
this.logger.debug("response hash:", response.requestHash);
if (typeof response.data === "string" && response.data?.length === 0) {
throw new EmptyResponseError(`Invalid response: ${response.data}`);
}
incrementSuccess(this.supplierName);
return response;
} catch (error: unknown) {
if (this.shouldRetryChallenge(error) && attempt < maxAttempts) {
this.logger.warn("Retrying after 403 (WAF cookie handshake)", {
attempt,
maxAttempts,
input,
});
await new Promise((resolve) => setTimeout(resolve, this.challengeRetryDelayMs));
continue;
}
incrementFailure(this.supplierName);
throw error;
}
}
// Unreachable: the loop always returns on success or throws on the final
// failed attempt. Present only to satisfy the return-type checker.
throw new Error("fetch: exhausted retries without resolving");
}
ProtectedsetupSets up the Macklin API client by:
void
MacklinApiError If the timestamp request fails or response is invalid
protected async setup(): Promise<void> {
await this.validateAndUpdateTimestamp();
if (!this.localStorage.soleId) {
this.localStorage.soleId = this.generateString(16);
}
if (!this.localStorage.MklUserToken) {
this.localStorage.MklUserToken = "";
}
// Update headers to match api-client.js exactly, using defensive string conversion
this.headers = {
/* eslint-disable @typescript-eslint/naming-convention */
"X-Agent": "web",
"X-User-Token": this.ensureStringHeader(this.localStorage.MklUserToken),
"X-Device-Id": this.ensureStringHeader(this.localStorage.soleId),
"X-Language": "en",
"X-Timestamp": "",
/* eslint-enable @typescript-eslint/naming-convention */
};
}
ProtectedqueryQueries the Macklin API for products matching the search term. Handles the complex response structure where products are grouped by CAS number and may have multiple variants per CAS number.
The search term to find products
Maximum number of products to return (after fuzzy filtering a search limited to 90 results))
Array of ProductBuilder instances or void if the request fails
MacklinApiError if the API request fails or response is invalid
protected async queryProducts(
query: string,
limit: number = this.limit,
): Promise<ProductBuilder<Product>[] | void> {
this.limit = limit;
const searchRequest: unknown = await this.request<MacklinSearchResultProducts>(
`/api/item/search`,
{
params: { keyword: query, limit: 90, page: 1 },
},
);
if (!isMacklinSearchResult<MacklinSearchResultProducts>(searchRequest)) {
this.logger.warn("Invalid API response format");
return;
}
// Flatten the array of arrays into a single array of products
const products = Object.values(searchRequest.list).map((item) => item[0]);
const fuzzFiltered = this.fuzzyFilter<MacklinProductVariant>(query, products);
this.logger.debug("fuzzFiltered:", { query, searchRequest, products, fuzzFiltered });
const processed = fuzzFiltered.slice(0, limit);
return this.initProductBuilders(processed);
}
ProtectedtitleExtracts the English name from a Macklin product variant. Used by the base class to display product titles.
The product variant to extract the title from
The English name of the product
protected titleSelector(data: MacklinProductVariant): string {
return data.item_en_name;
}
ProtectedgetFetches detailed product information from the Macklin API. This includes pricing, stock levels, and delivery information that isn't available in the search results.
The ProductBuilder instance to enrich with details
The enriched ProductBuilder or void if the request fails
MacklinApiError if the API request fails or response is invalid
protected async getProductData(
product: ProductBuilder<Product>,
): Promise<ProductBuilder<Product> | void> {
const params = { code: product.get("uuid") };
return this.getProductDataWithCache(
product,
async (builder) => {
const response = await this.request<MacklinProductDetails>("/api/product/list", { params });
if (!isMacklinProductDetailsResponse(response)) {
this.logger.warn("Invalid API response format for product:", product.get("uuid"));
return builder;
}
const variant = response.list[0];
builder.setPricing(variant?.product_price, "CNY", CURRENCY_SYMBOL_MAP.CNY);
builder.setQuantity(variant?.product_pack);
builder.setUOM(variant?.product_unit);
// I think Macklin uses the variant?.product_stock property to determine availability,
// But every one of them say "0.00", even if they have it in stock on their website.
// Defaulting to IN_STOCK for now.
builder.setAvailability(AVAILABILITY.IN_STOCK);
builder.setDescription(variant?.item_en_specification);
return builder;
},
params,
);
}
ProtectedinitCreates ProductBuilder instances from Macklin product variants. This is the final step in the product search process, converting the API response into a format that can be used by the rest of the application.
Array of product variants to convert
Array of ProductBuilder instances
protected initProductBuilders(data: MacklinProductVariant[]): ProductBuilder<Product>[] {
return mapDefined(data, (product) => {
return (
new ProductBuilder(this.baseURL)
//.addRawData(product)
.setBasicInfo(
product.item_en_name,
`${this.baseURL}/en/products/${product.item_code}`,
this.supplierName,
)
///.setDescription(product.description)
.setID(product.item_id)
//.setAvailability(product.available)
.setUUID(product.item_code)
//.setPricing(product.price.price, product?.currency as string, CURRENCY_SYMBOL_MAP.EUR)
.setCAS(product.cas)
);
});
}
PrivategenerateGenerates a random string for use in device IDs and user tokens. Can operate in two modes:
Optionallength: numberOptional length for random string mode
OptionalcharSetSize: numberOptional size of character set to use
A random string
const string = this.generateString(20);
// "5Wf70hQ0y1akc8rTQ8ps"
const uuid = this.generateString();
// "550e8400-e29b-41d4-a716-446655440000"
private generateString(length?: number, charSetSize?: number): string {
const chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
const size = charSetSize || chars.length;
if (length) {
// Random string mode
return Array.from({ length }, () => chars[Math.floor(Math.random() * size)]).join("");
}
// UUID mode
const uuid = new Array(36).fill("");
uuid[8] = uuid[13] = uuid[18] = uuid[23] = "-";
uuid[14] = "4";
for (let i = 0; i < 36; i++) {
if (!uuid[i]) {
const random = Math.floor(16 * Math.random());
uuid[i] = chars[19 === i ? (3 & random) | 8 : random];
}
}
return uuid.join("");
}
PrivatesignStep 1 & 2: Signature Generation Implements the core signature generation process by:
Request headers to sign
Request parameters to sign
The final request signature
private signRequest(headers: MacklinRequestHeaders, params: RequestParams): string {
// Sort and filter headers exactly like api-client.js
const headerString =
Object.entries(headers)
.filter(([key, value]) => {
return (
key !== "Content-Type" && value !== "" && value != null && typeof value !== "object"
);
})
.sort(([a], [b]) => a.toLowerCase().localeCompare(b.toLowerCase()))
.map(([key, value]) => `${key.toLowerCase()}=${value}`)
.join("&") + `&salt=${this.SALT}`;
// Sort and filter params exactly like api-client.js
const paramString =
Object.entries(params)
.filter(([, value]) => {
return value !== "" && value != null && typeof value !== "object";
})
.sort(([a], [b]) => a.toLowerCase().localeCompare(b.toLowerCase()))
.map(([key, value]) => `${key}=${String(value).trim()}`)
.join("&") + `&salt=${this.SALT}`;
// Debug logging to match api-client.js
this.logger.debug("Headers for signing:", headers);
this.logger.debug("Params for signing:", params);
this.logger.debug("Header string:", headerString.toLowerCase());
this.logger.debug("Param string:", paramString.toLowerCase());
const headerHash = md5(headerString.toLowerCase());
const paramHash = md5(paramString.toLowerCase());
const finalSignature = headerHash + paramHash;
this.logger.debug("Header hash:", headerHash);
this.logger.debug("Param hash:", paramHash);
this.logger.debug("Final signature:", finalSignature);
return finalSignature;
}
PrivaterequestStep 3: Request Processing The main request handler that:
The API endpoint to call
Request configuration
The API response
ApiError If the request fails or response is invalid
TimeoutError If the request times out
private async request<T>(path: string, options: MacklinApiRequestOptions = {}): Promise<T> {
try {
if (!isTimestampStorage(this.localStorage.MklTmKey)) {
throw new Error("Missing or invalid timestamp in localStorage");
}
const timestamp = this.localStorage.MklTmKey.serverTm;
// Create a fresh headers object to avoid any potential array concatenation
const headers: MacklinRequestHeaders = {
/* eslint-disable @typescript-eslint/naming-convention */
"X-Agent": "web",
"X-User-Token": this.ensureStringHeader(this.localStorage.MklUserToken),
"X-Device-Id": this.ensureStringHeader(this.localStorage.soleId),
"X-Language": "en",
"X-Timestamp": this.ensureStringHeader(timestamp),
/* eslint-enable @typescript-eslint/naming-convention */
};
// Handle auth headers exactly like api-client.js
if (isAuthRequiredEndpoint(path)) {
headers["X-User-Token"] = this.ensureStringHeader(this.localStorage.MklUserToken);
}
// Handle language parameter exactly like api-client.js
if (options.params?.lang) {
headers["X-Language"] = this.ensureStringHeader(options.params.lang);
}
// Add any additional headers from options, ensuring they're strings
if (options.headers) {
Object.entries(options.headers).forEach(([key, value]) => {
headers[key] = this.ensureStringHeader(value);
});
}
// Add timestamp to request exactly like api-client.js
const requestTimestamp = this.generateRequestTimestamp();
const params: RequestParams = { ...options.params };
let body = options.body;
if (options.method === "GET" || !options.method) {
params.timestampe = requestTimestamp;
} else if (body) {
body = { ...body, timestampe: requestTimestamp };
}
// Sign the request
const signature = this.signRequest(
headers,
options.method === "GET" || !options.method ? params : (body ?? {}),
);
headers.sign = signature;
this.lastSignature = signature;
// Debug logging to match api-client.js
this.logger.debug("Full request URL:", this.href(path, params, this.apiURL));
this.logger.debug("Request headers:", headers);
this.logger.debug("Request params:", params);
this.logger.debug("Request body:", body);
const response: unknown = await this.httpGetJson({
path,
headers,
params,
body: body ? JSON.stringify(body) : undefined,
host: this.apiURL,
});
if (!isMacklinApiResponse<T>(response)) {
throw new MacklinApiError("Invalid API response format");
}
// Handle authentication errors exactly like api-client.js
if (isAuthCheckEndpoint(path) && response.code === 1005) {
throw new MacklinApiError("Authentication required");
}
return response.data;
} catch (error) {
if (error instanceof TimeoutError) {
throw error;
}
if (error instanceof MacklinApiError) {
throw error;
}
throw new MacklinApiError("API request failed", undefined, undefined, error);
}
}
PrivatefetchStep 4.1: Server Timestamp Management Fetches and stores the server timestamp to maintain time synchronization. Called when local timestamp is missing or expired (over 800 seconds old, or 13 minutes).
The server timestamp
Add the timestamp to the chrome.storage.local
MacklinApiError If the timestamp request fails or response is invalid
private async fetchServerTimestamp(): Promise<number> {
const response = await this.httpGetJson({
path: `/api/timestamp`,
host: this.apiURL,
});
if (!isMacklinApiResponse<TimestampResponse>(response)) {
throw new MacklinApiError("Invalid API response format");
}
this.logger.debug("serverTimestamp response:", response);
const clientTime = Math.round(Date.now() / 1000);
const timestampData: TimestampStorage = {
serverTm: response.data.timestamp,
clientTm: clientTime,
};
this.localStorage.MklTmKey = timestampData;
return timestampData.serverTm;
}
PrivategenerateStep 4.2: Request Timestamp Generation Generates a unique timestamp for each request using either:
A unique timestamp string for the request
private generateRequestTimestamp(): number {
if (this.lastSignature) {
const digits = this.lastSignature.match(/\d+/g);
return Date.now() + (digits ? Number(digits.join("")) : 1);
}
return Date.now() + Math.floor(Math.random()) + Math.ceil(Math.random());
}
PrivatevalidateStep 4.3: Timestamp Validation and Update Manages the timestamp lifecycle:
The current valid timestamp as a string
private async validateAndUpdateTimestamp(): Promise<string> {
const currentTime = Math.round(Date.now() / 1000);
const storedTimestamp = isTimestampStorage(this.localStorage.MklTmKey)
? this.localStorage.MklTmKey
: null;
if (
!storedTimestamp ||
currentTime > storedTimestamp.clientTm + this.TIMESTAMP_REFRESH_THRESHOLD
) {
delete this.localStorage.MklTmKey;
return String(await this.fetchServerTimestamp());
}
return String(storedTimestamp.serverTm);
}
PrivateensureEnsures header values are always strings, handling arrays and null values. This prevents issues with header concatenation and type mismatches.
The header value to convert
A string representation of the value
this.ensureStringHeader(["value"]) // "value"
this.ensureStringHeader(null) // ""
this.ensureStringHeader(123) // "123"
private ensureStringHeader(value: unknown): string {
if (Array.isArray(value)) {
// If it's an array, take the first value
return String(value[0] || "");
}
return String(value || "");
}
Protected ReadonlyminThe minimum match percentage for a product to be considered a match.
Protected ReadonlyfuzzFuzz scorer used by fuzzyFilter to score each candidate's title against
the query. Any function from fuzzball with the
(str1, str2, opts?) => number shape works. Subclasses override this when
a supplier's title format needs a different scorer (e.g. a catalog that
pads titles with boilerplate might prefer partial_ratio). Defaults to
ratio.
Overridable at runtime from userSettings.fuzzScorerOverride — see
setFuzzScorerOverride and fuzzyFilter below. The user's Advanced
settings selection wins over this subclass default when set.
Protected OptionalfuzzRuntime override resolved from userSettings.fuzzScorerOverride. When
set, fuzzyFilter uses this instead of this.fuzzScorer. Undefined
(the default) means "use whatever the supplier class picked". Mutated
by setFuzzScorerOverride so it can't be readonly.
ProtectedqueryString to query for (product name, CAS, etc.). The search term that will be used to find products. Set during construction and used throughout the supplier's lifecycle.
ProtectedbaseThe base search parameters that are always included in search requests. These parameters are merged with any additional search parameters when making requests to the supplier's API.
class MySupplier extends SupplierBase<Product> {
constructor() {
super();
this.baseSearchParams = {
format: "json",
version: "2.0"
};
}
}
protected baseSearchParams: Record<string, string | number> = {};
ProtectedcontrollerThe AbortController instance used to manage and cancel ongoing requests. This allows for cancellation of in-flight requests when needed, such as when a new search is started or the supplier is disposed.
const controller = new AbortController();
const supplier = new MySupplier("acetone", 5, controller);
// Later, to cancel all pending requests:
controller.abort();
protected controller: AbortController;
ProtectedlimitThe maximum number of results to return for a search query. This is not a limit on HTTP requests, but rather the number of products that will be returned to the caller.
const supplier = new MySupplier("acetone", 5); // Limit to 5 results
for await (const product of supplier) {
// Will yield at most 5 products
}
protected limit: number;
ProtectedproductsThe products that are currently being built by the supplier. This array holds ProductBuilder instances that are in the process of being transformed into complete Product objects.
await supplier.queryProducts("acetone");
console.log(`Building ${supplier.products.length} products`);
for (const builder of supplier.products) {
const product = await builder.build();
console.log("Built product:", product.title);
}
protected products: ProductBuilder<T>[] = [];
ProtectedhttpMaximum number of HTTP requests allowed per search query. This is a hard limit to prevent excessive requests to the supplier's API. If this limit is reached, the supplier will stop making new requests.
50
class MySupplier extends SupplierBase<Product> {
constructor() {
super();
this.httpRequestHardLimit = 100; // Allow more requests
}
}
protected httpRequestHardLimit: number = 50;
ProtectedrequestCounter for HTTP requests made during the current query execution. This is used to track the number of requests and ensure we don't exceed the httpRequestHardLimit.
0
await supplier.queryProducts("acetone");
console.log(`Made ${supplier.requestCount} requests`);
if (supplier.requestCount >= supplier.httpRequestHardLimit) {
console.log("Reached request limit");
}
protected requestCount: number = 0;
ProtectedmaxNumber of requests to process in parallel when fetching product details. This controls the batch size for concurrent requests to avoid overwhelming the supplier's API and the user's bandwidth.
10
class MySupplier extends SupplierBase<Product> {
constructor() {
super();
// Process 5 requests at a time
this.maxConcurrentRequests = 5;
}
}
protected maxConcurrentRequests: number = 3;
ProtectedminMinimum number of milliseconds between two consecutive tasks
protected minConcurrentCycle: number = 100;
Protected ReadonlyrequiredCookies that must be written into the browser jar before any request runs
— e.g. a currency or session-preference cookie the backend reads. Seeded
once per instance by ensureSetup (before setup) via chrome.cookies,
since the Cookie request header is on the fetch-forbidden list and can't
be set through this.headers. Each entry's url defaults to baseURL.
Subclasses override this instead of hand-rolling a setup that calls
chrome.cookies.set directly.
[]
class MySupplier extends SupplierBase<Partial<Product>, Product> {
protected readonly requiredCookies: SupplierCookieSeed[] = [
{ name: "currency", value: "2" },
];
}
protected readonly requiredCookies: SupplierCookieSeed[] = [];
Protected ReadonlychallengeNumber of times fetch retries a request that comes back 403. Some
suppliers sit behind a WAF that 403s the first hit while planting a
session cookie (a "cookie handshake"); because every request now sets
credentials: "include", that cookie lands in the jar and the retry
carries it back, usually passing. We can't gate on the Set-Cookie
header (it's fetch-forbidden and invisible to JS), so this per-supplier
flag is the gate — 0 (the default) means never retry. Only enable it
for suppliers known to do this handshake.
0
protected readonly challengeRetryLimit: number = 0;
Protected ReadonlychallengeDelay in milliseconds between 403 challenge retries. Gives the WAF a
brief beat before re-requesting with the freshly-planted cookie.
300
protected readonly challengeRetryDelayMs: number = 300;
ProtectedloggerLogger for the supplier. Initialized in the constructor with the name of the inheriting class.
ProtectedproductDefault values for products. These will get overridden if they're found in the product data.
ProtectedcacheCache instance for this supplier.
Initialized after construction by initCache() (called from
SupplierFactory once supplierName is set). The ! assertion is safe
here because every code path that reads this.cache
(queryProductsWithCache, getProductData, getProductDataWithCache)
runs only after execute() is called on a factory-built instance, and the
factory always calls initCache() before handing the instance out.
ProtectedexcludedProduct-data cache keys the user has explicitly excluded via the "Ignore
Product" context menu action. Loaded once per execute() from
storage.local so membership checks are synchronous on the hot path
(see getProductData). Newly-ignored products take effect on the next
search, which matches the stated feature requirement.
ReadonlysupplierName of supplier (for display purposes)
ReadonlybaseBase URL for HTTP(s) requests
ReadonlyapiThe host of the Macklin API.
ReadonlyshippingShipping scope for Macklin
ReadonlycountryThe country code of the supplier.
ReadonlypaymentThe payment methods accepted by the supplier. Used to determine the payment methods accepted by the supplier.
ProtectedqueryOverride the type of queryResults to use our specific type
ProtectedhttpUsed to keep track of how many requests have been made to the supplier.
Private ReadonlyTIMESTAMP_Private ReadonlySALTThe salt used to sign requests.
Private ReadonlyDEFAULT_PrivatelocalLocal storage object for the Macklin API client.
Add the timestamp to the chrome.storage.local
private localStorage: Record<string, unknown> = {};
PrivatelastThe last signature used for the request
ProtectedheadersHTTP headers used as a basis for all queries.
Macklin is a Chineese based chemical supply company. This module handles API requests with custom authentication and request signing for every call.
Remarks
Macklins client side code is very different from the other platforms. Looking at the API structure and authentication pattern, this appears to be a custom implementation rather than a standard ecommerce platform or CMS. The
/api/timestampendpoint with the specific authentication flow (using device IDs, custom signing with salt, and timestamp synchronization) is not a common pattern in major platforms. The specific implementation (withMklTmKeyinlocalStorage, the saltndksyr9834@#$32ndsfu, and the custom MD5-like transformation) suggests this is a custom-built platform, likely Macklin's own ecommerce system, rather than a standard off-the-shelf solution.Request Signature Generation Process
The Macklin API requires a custom signature for each request to ensure authenticity. The signature is generated through the following steps:
Step 1: Header String Generation
Step 2: Parameter String Generation
Step 3: Final Signature
Step 4: Timestamp Handling
Example
Source