@authorizerdev/authorizer-js 1.1.4 → 1.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +17 -0
- package/lib/authorizer.min.js +1 -15
- package/lib/authorizer.min.js.map +1 -1
- package/lib/cjs/index.d.ts +6 -6
- package/lib/cjs/index.js +67 -91
- package/lib/cjs/index.js.map +1 -1
- package/lib/cjs/types.d.ts +51 -51
- package/lib/constants.d.ts +3 -0
- package/lib/esm/index.d.ts +6 -6
- package/lib/esm/index.js +66 -90
- package/lib/esm/index.js.map +1 -1
- package/lib/esm/types.d.ts +51 -51
- package/lib/index.d.ts +29 -0
- package/lib/types.d.ts +185 -0
- package/lib/utils.d.ts +13 -0
- package/package.json +50 -46
- package/src/constants.ts +3 -3
- package/src/index.ts +464 -458
- package/src/types.ts +198 -198
- package/src/utils.ts +125 -127
package/lib/cjs/types.d.ts
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
export
|
|
1
|
+
export interface ConfigType {
|
|
2
2
|
authorizerURL: string;
|
|
3
3
|
redirectURL: string;
|
|
4
4
|
clientID: string;
|
|
5
5
|
extraHeaders?: Record<string, string>;
|
|
6
|
-
}
|
|
7
|
-
export
|
|
6
|
+
}
|
|
7
|
+
export interface User {
|
|
8
8
|
id: string;
|
|
9
9
|
email: string;
|
|
10
10
|
preferred_username: string;
|
|
@@ -23,8 +23,8 @@ export declare type User = {
|
|
|
23
23
|
created_at: number;
|
|
24
24
|
updated_at: number;
|
|
25
25
|
is_multi_factor_auth_enabled?: boolean;
|
|
26
|
-
}
|
|
27
|
-
export
|
|
26
|
+
}
|
|
27
|
+
export interface AuthToken {
|
|
28
28
|
message?: string;
|
|
29
29
|
access_token: string;
|
|
30
30
|
expires_in: number;
|
|
@@ -32,19 +32,19 @@ export declare type AuthToken = {
|
|
|
32
32
|
refresh_token?: string;
|
|
33
33
|
user?: User;
|
|
34
34
|
should_show_otp_screen?: boolean;
|
|
35
|
-
}
|
|
36
|
-
export
|
|
35
|
+
}
|
|
36
|
+
export interface Response {
|
|
37
37
|
message: string;
|
|
38
|
-
}
|
|
39
|
-
export
|
|
40
|
-
export
|
|
38
|
+
}
|
|
39
|
+
export type Headers = Record<string, string>;
|
|
40
|
+
export interface LoginInput {
|
|
41
41
|
email: string;
|
|
42
42
|
password: string;
|
|
43
43
|
roles?: string[];
|
|
44
44
|
scope?: string[];
|
|
45
45
|
state?: string;
|
|
46
|
-
}
|
|
47
|
-
export
|
|
46
|
+
}
|
|
47
|
+
export interface SignupInput {
|
|
48
48
|
email: string;
|
|
49
49
|
password: string;
|
|
50
50
|
confirm_password: string;
|
|
@@ -61,32 +61,32 @@ export declare type SignupInput = {
|
|
|
61
61
|
redirect_uri?: string;
|
|
62
62
|
is_multi_factor_auth_enabled?: boolean;
|
|
63
63
|
state?: string;
|
|
64
|
-
}
|
|
65
|
-
export
|
|
64
|
+
}
|
|
65
|
+
export interface MagicLinkLoginInput {
|
|
66
66
|
email: string;
|
|
67
67
|
roles?: string[];
|
|
68
68
|
scopes?: string[];
|
|
69
69
|
state?: string;
|
|
70
70
|
redirect_uri?: string;
|
|
71
|
-
}
|
|
72
|
-
export
|
|
71
|
+
}
|
|
72
|
+
export interface VerifyEmailInput {
|
|
73
73
|
token: string;
|
|
74
74
|
state?: string;
|
|
75
|
-
}
|
|
76
|
-
export
|
|
75
|
+
}
|
|
76
|
+
export interface VerifyOtpInput {
|
|
77
77
|
email: string;
|
|
78
78
|
otp: string;
|
|
79
79
|
state?: string;
|
|
80
|
-
}
|
|
81
|
-
export
|
|
80
|
+
}
|
|
81
|
+
export interface ResendOtpInput {
|
|
82
82
|
email: string;
|
|
83
|
-
}
|
|
84
|
-
export
|
|
83
|
+
}
|
|
84
|
+
export interface GraphqlQueryInput {
|
|
85
85
|
query: string;
|
|
86
86
|
variables?: Record<string, any>;
|
|
87
87
|
headers?: Headers;
|
|
88
|
-
}
|
|
89
|
-
export
|
|
88
|
+
}
|
|
89
|
+
export interface MetaData {
|
|
90
90
|
version: string;
|
|
91
91
|
client_id: string;
|
|
92
92
|
is_google_login_enabled: boolean;
|
|
@@ -101,8 +101,8 @@ export declare type MetaData = {
|
|
|
101
101
|
is_magic_link_login_enabled: boolean;
|
|
102
102
|
is_sign_up_enabled: boolean;
|
|
103
103
|
is_strong_password_enabled: boolean;
|
|
104
|
-
}
|
|
105
|
-
export
|
|
104
|
+
}
|
|
105
|
+
export interface UpdateProfileInput {
|
|
106
106
|
old_password?: string;
|
|
107
107
|
new_password?: string;
|
|
108
108
|
confirm_new_password?: string;
|
|
@@ -116,28 +116,28 @@ export declare type UpdateProfileInput = {
|
|
|
116
116
|
phone_number?: string;
|
|
117
117
|
picture?: string;
|
|
118
118
|
is_multi_factor_auth_enabled?: boolean;
|
|
119
|
-
}
|
|
120
|
-
export
|
|
119
|
+
}
|
|
120
|
+
export interface ForgotPasswordInput {
|
|
121
121
|
email: string;
|
|
122
122
|
state?: string;
|
|
123
123
|
redirect_uri?: string;
|
|
124
|
-
}
|
|
125
|
-
export
|
|
124
|
+
}
|
|
125
|
+
export interface ResetPasswordInput {
|
|
126
126
|
token: string;
|
|
127
127
|
password: string;
|
|
128
128
|
confirm_password: string;
|
|
129
|
-
}
|
|
130
|
-
export
|
|
129
|
+
}
|
|
130
|
+
export interface SessionQueryInput {
|
|
131
131
|
roles?: string[];
|
|
132
|
-
}
|
|
133
|
-
export
|
|
132
|
+
}
|
|
133
|
+
export interface IsValidJWTQueryInput {
|
|
134
134
|
jwt: string;
|
|
135
135
|
roles?: string[];
|
|
136
|
-
}
|
|
137
|
-
export
|
|
136
|
+
}
|
|
137
|
+
export interface ValidJWTResponse {
|
|
138
138
|
valid: string;
|
|
139
139
|
message: string;
|
|
140
|
-
}
|
|
140
|
+
}
|
|
141
141
|
export declare enum OAuthProviders {
|
|
142
142
|
Apple = "apple",
|
|
143
143
|
Github = "github",
|
|
@@ -149,37 +149,37 @@ export declare enum ResponseTypes {
|
|
|
149
149
|
Code = "code",
|
|
150
150
|
Token = "token"
|
|
151
151
|
}
|
|
152
|
-
export
|
|
152
|
+
export interface AuthorizeInput {
|
|
153
153
|
response_type: ResponseTypes;
|
|
154
154
|
use_refresh_token?: boolean;
|
|
155
155
|
response_mode?: string;
|
|
156
|
-
}
|
|
157
|
-
export
|
|
156
|
+
}
|
|
157
|
+
export interface AuthorizeResponse {
|
|
158
158
|
state: string;
|
|
159
159
|
code?: string;
|
|
160
160
|
error?: string;
|
|
161
161
|
error_description?: string;
|
|
162
|
-
}
|
|
163
|
-
export
|
|
162
|
+
}
|
|
163
|
+
export interface RevokeTokenInput {
|
|
164
164
|
refresh_token: string;
|
|
165
|
-
}
|
|
166
|
-
export
|
|
165
|
+
}
|
|
166
|
+
export interface GetTokenInput {
|
|
167
167
|
code?: string;
|
|
168
168
|
grant_type?: string;
|
|
169
169
|
refresh_token?: string;
|
|
170
|
-
}
|
|
171
|
-
export
|
|
170
|
+
}
|
|
171
|
+
export interface GetTokenResponse {
|
|
172
172
|
access_token: string;
|
|
173
173
|
expires_in: number;
|
|
174
174
|
id_token: string;
|
|
175
175
|
refresh_token?: string;
|
|
176
|
-
}
|
|
177
|
-
export
|
|
176
|
+
}
|
|
177
|
+
export interface ValidateJWTTokenInput {
|
|
178
178
|
token_type: 'access_token' | 'id_token' | 'refresh_token';
|
|
179
179
|
token: string;
|
|
180
180
|
roles?: string[];
|
|
181
|
-
}
|
|
182
|
-
export
|
|
181
|
+
}
|
|
182
|
+
export interface ValidateJWTTokenResponse {
|
|
183
183
|
is_valid: boolean;
|
|
184
184
|
claims: Record<string, any>;
|
|
185
|
-
}
|
|
185
|
+
}
|
package/lib/esm/index.d.ts
CHANGED
|
@@ -8,22 +8,22 @@ export declare class Authorizer {
|
|
|
8
8
|
browserLogin: () => Promise<Types.AuthToken | void>;
|
|
9
9
|
forgotPassword: (data: Types.ForgotPasswordInput) => Promise<Types.Response | void>;
|
|
10
10
|
getMetaData: () => Promise<Types.MetaData | void>;
|
|
11
|
-
getProfile: (headers?: Types.Headers
|
|
12
|
-
getSession: (headers?: Types.Headers
|
|
11
|
+
getProfile: (headers?: Types.Headers) => Promise<Types.User | void>;
|
|
12
|
+
getSession: (headers?: Types.Headers, params?: Types.SessionQueryInput) => Promise<Types.AuthToken>;
|
|
13
13
|
getToken: (data: Types.GetTokenInput) => Promise<Types.GetTokenResponse>;
|
|
14
14
|
graphqlQuery: (data: Types.GraphqlQueryInput) => Promise<any>;
|
|
15
15
|
login: (data: Types.LoginInput) => Promise<Types.AuthToken | void>;
|
|
16
|
-
logout: (headers?: Types.Headers
|
|
16
|
+
logout: (headers?: Types.Headers) => Promise<Types.Response | void>;
|
|
17
17
|
magicLinkLogin: (data: Types.MagicLinkLoginInput) => Promise<Types.Response>;
|
|
18
|
-
oauthLogin: (oauthProvider: string, roles?: string[]
|
|
18
|
+
oauthLogin: (oauthProvider: string, roles?: string[], redirect_uri?: string, state?: string) => Promise<void>;
|
|
19
19
|
resendOtp: (data: Types.ResendOtpInput) => Promise<Types.Response | void>;
|
|
20
20
|
resetPassword: (data: Types.ResetPasswordInput) => Promise<Types.Response | void>;
|
|
21
21
|
revokeToken: (data: {
|
|
22
22
|
refresh_token: string;
|
|
23
23
|
}) => Promise<any>;
|
|
24
24
|
signup: (data: Types.SignupInput) => Promise<Types.AuthToken | void>;
|
|
25
|
-
updateProfile: (data: Types.UpdateProfileInput, headers?: Types.Headers
|
|
26
|
-
validateJWTToken: (params?: Types.ValidateJWTTokenInput
|
|
25
|
+
updateProfile: (data: Types.UpdateProfileInput, headers?: Types.Headers) => Promise<Types.Response | void>;
|
|
26
|
+
validateJWTToken: (params?: Types.ValidateJWTTokenInput) => Promise<Types.ValidateJWTTokenResponse>;
|
|
27
27
|
verifyEmail: (data: Types.VerifyEmailInput) => Promise<Types.AuthToken | void>;
|
|
28
28
|
verifyOtp: (data: Types.VerifyOtpInput) => Promise<Types.AuthToken | void>;
|
|
29
29
|
}
|
package/lib/esm/index.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import crossFetch from 'cross-fetch';
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
/******************************************************************************
|
|
4
4
|
Copyright (c) Microsoft Corporation.
|
|
5
5
|
|
|
6
6
|
Permission to use, copy, modify, and/or distribute this software for any
|
|
@@ -46,12 +46,8 @@ const hasWindow = () => typeof window !== 'undefined';
|
|
|
46
46
|
const trimURL = (url) => {
|
|
47
47
|
let trimmedData = url.trim();
|
|
48
48
|
const lastChar = trimmedData[trimmedData.length - 1];
|
|
49
|
-
if (lastChar === '/')
|
|
49
|
+
if (lastChar === '/')
|
|
50
50
|
trimmedData = trimmedData.slice(0, -1);
|
|
51
|
-
}
|
|
52
|
-
else {
|
|
53
|
-
trimmedData = trimmedData;
|
|
54
|
-
}
|
|
55
51
|
return trimmedData;
|
|
56
52
|
};
|
|
57
53
|
const getCrypto = () => {
|
|
@@ -69,29 +65,29 @@ const createRandomString = () => {
|
|
|
69
65
|
const crypto = getCrypto();
|
|
70
66
|
if (crypto) {
|
|
71
67
|
const randomValues = Array.from(crypto.getRandomValues(new Uint8Array(43)));
|
|
72
|
-
randomValues.forEach(
|
|
68
|
+
randomValues.forEach(v => (random += charset[v % charset.length]));
|
|
73
69
|
}
|
|
74
70
|
return random;
|
|
75
71
|
};
|
|
76
72
|
const encode = (value) => hasWindow() ? btoa(value) : Buffer.from(value).toString('base64');
|
|
77
73
|
const createQueryParams = (params) => {
|
|
78
74
|
return Object.keys(params)
|
|
79
|
-
.filter(
|
|
80
|
-
.map(
|
|
75
|
+
.filter(k => typeof params[k] !== 'undefined')
|
|
76
|
+
.map(k => `${encodeURIComponent(k)}=${encodeURIComponent(params[k])}`)
|
|
81
77
|
.join('&');
|
|
82
78
|
};
|
|
83
79
|
const sha256 = (s) => __awaiter(void 0, void 0, void 0, function* () {
|
|
84
80
|
const digestOp = getCryptoSubtle().digest({ name: 'SHA-256' }, new TextEncoder().encode(s));
|
|
85
81
|
if (window.msCrypto) {
|
|
86
|
-
return new Promise((
|
|
82
|
+
return new Promise((resolve, reject) => {
|
|
87
83
|
digestOp.oncomplete = (e) => {
|
|
88
|
-
|
|
84
|
+
resolve(e.target.result);
|
|
89
85
|
};
|
|
90
86
|
digestOp.onerror = (e) => {
|
|
91
|
-
|
|
87
|
+
reject(e.error);
|
|
92
88
|
};
|
|
93
89
|
digestOp.onabort = () => {
|
|
94
|
-
|
|
90
|
+
reject(new Error('The digest operation was aborted'));
|
|
95
91
|
};
|
|
96
92
|
});
|
|
97
93
|
}
|
|
@@ -106,32 +102,31 @@ const bufferToBase64UrlEncoded = (input) => {
|
|
|
106
102
|
return urlEncodeB64(window.btoa(String.fromCharCode(...Array.from(ie11SafeInput))));
|
|
107
103
|
};
|
|
108
104
|
const executeIframe = (authorizeUrl, eventOrigin, timeoutInSeconds = DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS) => {
|
|
109
|
-
return new Promise((
|
|
105
|
+
return new Promise((resolve, reject) => {
|
|
110
106
|
const iframe = window.document.createElement('iframe');
|
|
111
107
|
iframe.setAttribute('id', 'authorizer-iframe');
|
|
112
108
|
iframe.setAttribute('width', '0');
|
|
113
109
|
iframe.setAttribute('height', '0');
|
|
114
110
|
iframe.style.display = 'none';
|
|
111
|
+
let iframeEventHandler;
|
|
115
112
|
const removeIframe = () => {
|
|
116
113
|
if (window.document.body.contains(iframe)) {
|
|
117
114
|
window.document.body.removeChild(iframe);
|
|
118
115
|
window.removeEventListener('message', iframeEventHandler, false);
|
|
119
116
|
}
|
|
120
117
|
};
|
|
121
|
-
let iframeEventHandler;
|
|
122
118
|
const timeoutSetTimeoutId = setTimeout(() => {
|
|
123
119
|
removeIframe();
|
|
124
120
|
}, timeoutInSeconds * 1000);
|
|
125
121
|
iframeEventHandler = function (e) {
|
|
126
|
-
if (e.origin
|
|
122
|
+
if (e.origin !== eventOrigin)
|
|
127
123
|
return;
|
|
128
124
|
if (!e.data || !e.data.response)
|
|
129
125
|
return;
|
|
130
126
|
const eventSource = e.source;
|
|
131
|
-
if (eventSource)
|
|
127
|
+
if (eventSource)
|
|
132
128
|
eventSource.close();
|
|
133
|
-
|
|
134
|
-
e.data.response.error ? rej(e.data.response) : res(e.data.response);
|
|
129
|
+
e.data.response.error ? reject(e.data.response) : resolve(e.data.response);
|
|
135
130
|
clearTimeout(timeoutSetTimeoutId);
|
|
136
131
|
window.removeEventListener('message', iframeEventHandler, false);
|
|
137
132
|
setTimeout(removeIframe, CLEANUP_IFRAME_TIMEOUT_IN_SECONDS * 1000);
|
|
@@ -142,19 +137,17 @@ const executeIframe = (authorizeUrl, eventOrigin, timeoutInSeconds = DEFAULT_AUT
|
|
|
142
137
|
});
|
|
143
138
|
};
|
|
144
139
|
|
|
145
|
-
const userFragment =
|
|
140
|
+
const userFragment = 'id email email_verified given_name family_name middle_name nickname preferred_username picture signup_methods gender birthdate phone_number phone_number_verified roles created_at updated_at is_multi_factor_auth_enabled ';
|
|
146
141
|
const authTokenFragment = `message access_token expires_in refresh_token id_token should_show_otp_screen user { ${userFragment} }`;
|
|
147
142
|
const getFetcher = () => (hasWindow() ? window.fetch : crossFetch);
|
|
148
143
|
class Authorizer {
|
|
149
144
|
constructor(config) {
|
|
150
145
|
this.authorize = (data) => __awaiter(this, void 0, void 0, function* () {
|
|
151
|
-
if (!hasWindow())
|
|
152
|
-
throw new Error(
|
|
153
|
-
}
|
|
146
|
+
if (!hasWindow())
|
|
147
|
+
throw new Error('this feature is only supported in browser');
|
|
154
148
|
const scopes = ['openid', 'profile', 'email'];
|
|
155
|
-
if (data.use_refresh_token)
|
|
149
|
+
if (data.use_refresh_token)
|
|
156
150
|
scopes.push('offline_access');
|
|
157
|
-
}
|
|
158
151
|
const requestData = {
|
|
159
152
|
redirect_uri: this.config.redirectURL,
|
|
160
153
|
response_mode: data.response_mode || 'web_message',
|
|
@@ -196,22 +189,19 @@ class Authorizer {
|
|
|
196
189
|
return token;
|
|
197
190
|
}
|
|
198
191
|
catch (err) {
|
|
199
|
-
if (!hasWindow())
|
|
200
|
-
throw new Error(
|
|
201
|
-
}
|
|
192
|
+
if (!hasWindow())
|
|
193
|
+
throw new Error('browserLogin is only supported for browsers');
|
|
202
194
|
window.location.replace(`${this.config.authorizerURL}/app?state=${encode(JSON.stringify(this.config))}&redirect_uri=${this.config.redirectURL}`);
|
|
203
195
|
}
|
|
204
196
|
});
|
|
205
197
|
this.forgotPassword = (data) => __awaiter(this, void 0, void 0, function* () {
|
|
206
|
-
if (!data.state)
|
|
198
|
+
if (!data.state)
|
|
207
199
|
data.state = encode(createRandomString());
|
|
208
|
-
|
|
209
|
-
if (!data.redirect_uri) {
|
|
200
|
+
if (!data.redirect_uri)
|
|
210
201
|
data.redirect_uri = this.config.redirectURL;
|
|
211
|
-
}
|
|
212
202
|
try {
|
|
213
203
|
const forgotPasswordRes = yield this.graphqlQuery({
|
|
214
|
-
query:
|
|
204
|
+
query: 'mutation forgotPassword($data: ForgotPasswordInput!) { forgot_password(params: $data) { message } }',
|
|
215
205
|
variables: {
|
|
216
206
|
data,
|
|
217
207
|
},
|
|
@@ -219,18 +209,18 @@ class Authorizer {
|
|
|
219
209
|
return forgotPasswordRes.forgot_password;
|
|
220
210
|
}
|
|
221
211
|
catch (error) {
|
|
222
|
-
throw error;
|
|
212
|
+
throw new Error(error);
|
|
223
213
|
}
|
|
224
214
|
});
|
|
225
215
|
this.getMetaData = () => __awaiter(this, void 0, void 0, function* () {
|
|
226
216
|
try {
|
|
227
217
|
const res = yield this.graphqlQuery({
|
|
228
|
-
query:
|
|
218
|
+
query: 'query { meta { version is_google_login_enabled is_facebook_login_enabled is_github_login_enabled is_linkedin_login_enabled is_apple_login_enabled is_twitter_login_enabled is_microsoft_login_enabled is_email_verification_enabled is_basic_authentication_enabled is_magic_link_login_enabled is_sign_up_enabled is_strong_password_enabled } }',
|
|
229
219
|
});
|
|
230
220
|
return res.meta;
|
|
231
221
|
}
|
|
232
222
|
catch (err) {
|
|
233
|
-
throw err;
|
|
223
|
+
throw new Error(err);
|
|
234
224
|
}
|
|
235
225
|
});
|
|
236
226
|
this.getProfile = (headers) => __awaiter(this, void 0, void 0, function* () {
|
|
@@ -242,7 +232,7 @@ class Authorizer {
|
|
|
242
232
|
return profileRes.profile;
|
|
243
233
|
}
|
|
244
234
|
catch (error) {
|
|
245
|
-
throw error;
|
|
235
|
+
throw new Error(error);
|
|
246
236
|
}
|
|
247
237
|
});
|
|
248
238
|
this.getSession = (headers, params) => __awaiter(this, void 0, void 0, function* () {
|
|
@@ -257,19 +247,16 @@ class Authorizer {
|
|
|
257
247
|
return res.session;
|
|
258
248
|
}
|
|
259
249
|
catch (err) {
|
|
260
|
-
throw err;
|
|
250
|
+
throw new Error(err);
|
|
261
251
|
}
|
|
262
252
|
});
|
|
263
253
|
this.getToken = (data) => __awaiter(this, void 0, void 0, function* () {
|
|
264
|
-
if (!data.grant_type)
|
|
254
|
+
if (!data.grant_type)
|
|
265
255
|
data.grant_type = 'authorization_code';
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
if (data.grant_type === 'authorization_code' && !this.codeVerifier) {
|
|
271
|
-
throw new Error(`Invalid code verifier`);
|
|
272
|
-
}
|
|
256
|
+
if (data.grant_type === 'refresh_token' && !data.refresh_token)
|
|
257
|
+
throw new Error('Invalid refresh_token');
|
|
258
|
+
if (data.grant_type === 'authorization_code' && !this.codeVerifier)
|
|
259
|
+
throw new Error('Invalid code verifier');
|
|
273
260
|
const requestData = {
|
|
274
261
|
client_id: this.config.clientID,
|
|
275
262
|
code: data.code || '',
|
|
@@ -286,18 +273,17 @@ class Authorizer {
|
|
|
286
273
|
credentials: 'include',
|
|
287
274
|
});
|
|
288
275
|
const json = yield res.json();
|
|
289
|
-
if (res.status >= 400)
|
|
276
|
+
if (res.status >= 400)
|
|
290
277
|
throw new Error(json);
|
|
291
|
-
}
|
|
292
278
|
return json;
|
|
293
279
|
}
|
|
294
280
|
catch (err) {
|
|
295
|
-
throw err;
|
|
281
|
+
throw new Error(err);
|
|
296
282
|
}
|
|
297
283
|
});
|
|
298
284
|
this.graphqlQuery = (data) => __awaiter(this, void 0, void 0, function* () {
|
|
299
285
|
const fetcher = getFetcher();
|
|
300
|
-
const res = yield fetcher(this.config.authorizerURL
|
|
286
|
+
const res = yield fetcher(`${this.config.authorizerURL}/graphql`, {
|
|
301
287
|
method: 'POST',
|
|
302
288
|
body: JSON.stringify({
|
|
303
289
|
query: data.query,
|
|
@@ -324,13 +310,13 @@ class Authorizer {
|
|
|
324
310
|
return res.login;
|
|
325
311
|
}
|
|
326
312
|
catch (err) {
|
|
327
|
-
throw err;
|
|
313
|
+
throw new Error(err);
|
|
328
314
|
}
|
|
329
315
|
});
|
|
330
316
|
this.logout = (headers) => __awaiter(this, void 0, void 0, function* () {
|
|
331
317
|
try {
|
|
332
318
|
const res = yield this.graphqlQuery({
|
|
333
|
-
query:
|
|
319
|
+
query: ' mutation { logout { message } } ',
|
|
334
320
|
headers,
|
|
335
321
|
});
|
|
336
322
|
return res.logout;
|
|
@@ -341,12 +327,10 @@ class Authorizer {
|
|
|
341
327
|
});
|
|
342
328
|
this.magicLinkLogin = (data) => __awaiter(this, void 0, void 0, function* () {
|
|
343
329
|
try {
|
|
344
|
-
if (!data.state)
|
|
330
|
+
if (!data.state)
|
|
345
331
|
data.state = encode(createRandomString());
|
|
346
|
-
|
|
347
|
-
if (!data.redirect_uri) {
|
|
332
|
+
if (!data.redirect_uri)
|
|
348
333
|
data.redirect_uri = this.config.redirectURL;
|
|
349
|
-
}
|
|
350
334
|
const res = yield this.graphqlQuery({
|
|
351
335
|
query: `
|
|
352
336
|
mutation magicLinkLogin($data: MagicLinkLoginInput!) { magic_link_login(params: $data) { message }}
|
|
@@ -356,21 +340,19 @@ class Authorizer {
|
|
|
356
340
|
return res.magic_link_login;
|
|
357
341
|
}
|
|
358
342
|
catch (err) {
|
|
359
|
-
throw err;
|
|
343
|
+
throw new Error(err);
|
|
360
344
|
}
|
|
361
345
|
});
|
|
362
346
|
this.oauthLogin = (oauthProvider, roles, redirect_uri, state) => __awaiter(this, void 0, void 0, function* () {
|
|
363
347
|
let urlState = state;
|
|
364
|
-
if (!urlState)
|
|
348
|
+
if (!urlState)
|
|
365
349
|
urlState = encode(createRandomString());
|
|
366
|
-
}
|
|
367
350
|
if (!Object.values(OAuthProviders).includes(oauthProvider)) {
|
|
368
351
|
throw new Error(`only following oauth providers are supported: ${Object.values(oauthProvider).toString()}`);
|
|
369
352
|
}
|
|
370
|
-
if (!hasWindow())
|
|
371
|
-
throw new Error(
|
|
372
|
-
}
|
|
373
|
-
window.location.replace(`${this.config.authorizerURL}/oauth_login/${oauthProvider}?redirect_uri=${redirect_uri || this.config.redirectURL}&state=${urlState}${roles && roles.length ? `&roles=${roles.join(',')}` : ``}`);
|
|
353
|
+
if (!hasWindow())
|
|
354
|
+
throw new Error('oauthLogin is only supported for browsers');
|
|
355
|
+
window.location.replace(`${this.config.authorizerURL}/oauth_login/${oauthProvider}?redirect_uri=${redirect_uri || this.config.redirectURL}&state=${urlState}${(roles && roles.length) ? `&roles=${roles.join(',')}` : ''}`);
|
|
374
356
|
});
|
|
375
357
|
this.resendOtp = (data) => __awaiter(this, void 0, void 0, function* () {
|
|
376
358
|
try {
|
|
@@ -383,13 +365,13 @@ class Authorizer {
|
|
|
383
365
|
return res.resend_otp;
|
|
384
366
|
}
|
|
385
367
|
catch (err) {
|
|
386
|
-
throw err;
|
|
368
|
+
throw new Error(err);
|
|
387
369
|
}
|
|
388
370
|
});
|
|
389
371
|
this.resetPassword = (data) => __awaiter(this, void 0, void 0, function* () {
|
|
390
372
|
try {
|
|
391
373
|
const resetPasswordRes = yield this.graphqlQuery({
|
|
392
|
-
query:
|
|
374
|
+
query: 'mutation resetPassword($data: ResetPasswordInput!) { reset_password(params: $data) { message } }',
|
|
393
375
|
variables: {
|
|
394
376
|
data,
|
|
395
377
|
},
|
|
@@ -397,15 +379,14 @@ class Authorizer {
|
|
|
397
379
|
return resetPasswordRes.reset_password;
|
|
398
380
|
}
|
|
399
381
|
catch (error) {
|
|
400
|
-
throw error;
|
|
382
|
+
throw new Error(error);
|
|
401
383
|
}
|
|
402
384
|
});
|
|
403
385
|
this.revokeToken = (data) => __awaiter(this, void 0, void 0, function* () {
|
|
404
|
-
if (!data.refresh_token && !data.refresh_token.trim())
|
|
405
|
-
throw new Error(
|
|
406
|
-
}
|
|
386
|
+
if (!data.refresh_token && !data.refresh_token.trim())
|
|
387
|
+
throw new Error('Invalid refresh_token');
|
|
407
388
|
const fetcher = getFetcher();
|
|
408
|
-
const res = yield fetcher(this.config.authorizerURL
|
|
389
|
+
const res = yield fetcher(`${this.config.authorizerURL}/oauth/revoke`, {
|
|
409
390
|
method: 'POST',
|
|
410
391
|
headers: Object.assign({}, this.config.extraHeaders),
|
|
411
392
|
body: JSON.stringify({
|
|
@@ -426,13 +407,13 @@ class Authorizer {
|
|
|
426
407
|
return res.signup;
|
|
427
408
|
}
|
|
428
409
|
catch (err) {
|
|
429
|
-
throw err;
|
|
410
|
+
throw new Error(err);
|
|
430
411
|
}
|
|
431
412
|
});
|
|
432
413
|
this.updateProfile = (data, headers) => __awaiter(this, void 0, void 0, function* () {
|
|
433
414
|
try {
|
|
434
415
|
const updateProfileRes = yield this.graphqlQuery({
|
|
435
|
-
query:
|
|
416
|
+
query: 'mutation updateProfile($data: UpdateProfileInput!) { update_profile(params: $data) { message } }',
|
|
436
417
|
headers,
|
|
437
418
|
variables: {
|
|
438
419
|
data,
|
|
@@ -441,13 +422,13 @@ class Authorizer {
|
|
|
441
422
|
return updateProfileRes.update_profile;
|
|
442
423
|
}
|
|
443
424
|
catch (error) {
|
|
444
|
-
throw error;
|
|
425
|
+
throw new Error(error);
|
|
445
426
|
}
|
|
446
427
|
});
|
|
447
428
|
this.validateJWTToken = (params) => __awaiter(this, void 0, void 0, function* () {
|
|
448
429
|
try {
|
|
449
430
|
const res = yield this.graphqlQuery({
|
|
450
|
-
query:
|
|
431
|
+
query: 'query validateJWTToken($params: ValidateJWTTokenInput!){validate_jwt_token(params: $params) { is_valid claims } }',
|
|
451
432
|
variables: {
|
|
452
433
|
params,
|
|
453
434
|
},
|
|
@@ -455,7 +436,7 @@ class Authorizer {
|
|
|
455
436
|
return res.validate_jwt_token;
|
|
456
437
|
}
|
|
457
438
|
catch (error) {
|
|
458
|
-
throw error;
|
|
439
|
+
throw new Error(error);
|
|
459
440
|
}
|
|
460
441
|
});
|
|
461
442
|
this.verifyEmail = (data) => __awaiter(this, void 0, void 0, function* () {
|
|
@@ -469,7 +450,7 @@ class Authorizer {
|
|
|
469
450
|
return res.verify_email;
|
|
470
451
|
}
|
|
471
452
|
catch (err) {
|
|
472
|
-
throw err;
|
|
453
|
+
throw new Error(err);
|
|
473
454
|
}
|
|
474
455
|
});
|
|
475
456
|
this.verifyOtp = (data) => __awaiter(this, void 0, void 0, function* () {
|
|
@@ -483,25 +464,20 @@ class Authorizer {
|
|
|
483
464
|
return res.verify_otp;
|
|
484
465
|
}
|
|
485
466
|
catch (err) {
|
|
486
|
-
throw err;
|
|
467
|
+
throw new Error(err);
|
|
487
468
|
}
|
|
488
469
|
});
|
|
489
|
-
if (!config)
|
|
490
|
-
throw new Error(
|
|
491
|
-
}
|
|
470
|
+
if (!config)
|
|
471
|
+
throw new Error('Configuration is required');
|
|
492
472
|
this.config = config;
|
|
493
|
-
if (!config.authorizerURL && !config.authorizerURL.trim())
|
|
494
|
-
throw new Error(
|
|
495
|
-
|
|
496
|
-
if (config.authorizerURL) {
|
|
473
|
+
if (!config.authorizerURL && !config.authorizerURL.trim())
|
|
474
|
+
throw new Error('Invalid authorizerURL');
|
|
475
|
+
if (config.authorizerURL)
|
|
497
476
|
this.config.authorizerURL = trimURL(config.authorizerURL);
|
|
498
|
-
|
|
499
|
-
|
|
500
|
-
|
|
501
|
-
}
|
|
502
|
-
else {
|
|
477
|
+
if (!config.redirectURL && !config.redirectURL.trim())
|
|
478
|
+
throw new Error('Invalid redirectURL');
|
|
479
|
+
else
|
|
503
480
|
this.config.redirectURL = trimURL(config.redirectURL);
|
|
504
|
-
}
|
|
505
481
|
this.config.extraHeaders = Object.assign(Object.assign({}, (config.extraHeaders || {})), { 'x-authorizer-url': this.config.authorizerURL, 'Content-Type': 'application/json' });
|
|
506
482
|
this.config.clientID = config.clientID.trim();
|
|
507
483
|
}
|