@authress/login 2.2.196

package/index.d.ts

@@ -0,0 +1,174 @@
+interface Settings {
+  /** Your Authress custom domain - see https://authress.io/app/#/setup?focus=domain */
+  authressLoginHostUrl: string;
+  /** The Authress applicationId for this app - see https://authress.io/app/#/manage?focus=applications */
+  applicationId: string;
+}
+
+interface AuthenticationParameters {
+  /** Specify which provider connection that user would like to use to log in - see https://authress.io/app/#/manage?focus=connections */
+  connectionId?: string;
+  /** Instead of connectionId, specify the tenant lookup identifier to log the user with the mapped tenant - see https://authress.io/app/#/manage?focus=tenants */
+  tenantLookupIdentifier?: string;
+  /** Store the credentials response in the specified location. Options are either 'cookie' or 'query'. (Default: **cookie**) */
+  responseLocation?: string;
+  /** The type of credentials returned in the response. The list of options is any of 'code token id_token' separated by a space. Select token to receive an access_token, id_token to return the user identity in an JWT, and code for the authorization_code grant_type flow. (Default: **token id_token**) */
+  flowType?: string;
+  /** Specify where the provider should redirect the user to in your application. If not specified, will be the current location href. Must be a valid redirect url matching what is defined in the application in the Authress Management portal. (Default: **window.location.href**) */
+  redirectUrl?: string;
+  /** Connection specific properties to pass to the identity provider. Can be used to override default scopes for example. */
+  connectionProperties?: Record<string, string>;
+  /** Force getting new credentials. (Default: **false** - only get new credentials if none exist.) */
+  force?: boolean;
+  /** Enable multi-account login. The user will be prompted to login with their other account, if they are not logged in already. (Default: **false** - the current session is validated and no login is displayed) */
+  multiAccount?: boolean;
+  /** Remove all cookies, LocalStorage, and SessionStorage related data before logging in. In most cases, this helps prevent corrupted browser state from affecting your user's experience. (Default: **true**) */
+  clearUserDataBeforeLogin?: boolean;
+}
+
+interface LinkIdentityParameters {
+  /** Specify which provider connection that user would like to use to log in - see https://authress.io/app/#/manage?focus=connections */
+  connectionId?: string;
+  /** Instead of connectionId, specify the tenant lookup identifier to log the user with the mapped tenant - see https://authress.io/app/#/manage?focus=tenants */
+  tenantLookupIdentifier?: string;
+  /** Specify where the provider should redirect the user to in your application. If not specified, will be the current location href. Must be a valid redirect url matching what is defined in the application in the Authress Management portal. (Default: **window.location.href**) */
+  redirectUrl?: string;
+  /** Connection specific properties to pass to the identity provider. Can be used to override default scopes for example. */
+  connectionProperties?: Record<string, string>;
+}
+
+interface ExtensionAuthenticationParameters {
+  /** The redirect to your login screen will contain two query parameters `state`. Pass the state into this method. (Default: **window.location.query.state**) */
+  state?: string;
+  /** Specify which provider connection that user would like to use to log in - see https://authress.io/app/#/manage?focus=connections */
+  connectionId?: string;
+  /** Instead of connectionId, specify the tenant lookup identifier to log the user with the mapped tenant - see https://authress.io/app/#/manage?focus=tenants */
+  tenantLookupIdentifier?: string;
+  /** Connection specific properties to pass to the identity provider. Can be used to override default scopes for example. */
+  connectionProperties?: Record<string, string>;
+}
+
+/** Options for getting a token including timeout configuration. */
+interface TokenParameters {
+  /** Timeout waiting for user token to populate. After this time an error will be thrown. (Default: **5000**) */
+  timeoutInMillis?: number;
+}
+
+interface UserCredentials {
+  /** User access token generated credentials for the connected provider used to log in */
+  accessToken: string;
+}
+
+export class LoginClient {
+  /**
+   * @constructor constructs the LoginClient with a given configuration
+   * @param {Settings} settings Authress LoginClient settings
+   * @param {Object} [logger] a configured logger object, optionally `console`, which can used to display debug and warning messages.
+   */
+  // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
+  constructor(settings: Settings, logger?: unknown);
+
+  /**
+   * @description Gets the user's profile data and returns it if it exists. Should be called after {@link userSessionExists} or it will be empty.
+   * @return {Object} The user identity which contains a userData object.
+   */
+  getUserIdentity(): Record<string, unknown>;
+
+  /**
+   * @description Gets the user's credentials that were generated as part of the connection provider. These credentials work directly with that provider.
+   * @return {Promise<UserCredentials?>} The user's connection credentials.
+   */
+  getConnectionCredentials(): Promise<UserCredentials | null>;
+
+  /**
+   * @description Async wait for a user session to exist. Will block until {@link userSessionExists} or {@link authenticate} is called.
+   * @return {Promise<void>}
+   */
+  waitForUserSession(): Promise<void>;
+
+  /**
+   * @description Call this function on every route change. It will check if the user just logged in or is still logged in.
+   * @return {Promise<boolean>} Returns truthy if there a valid existing session, falsy otherwise.
+   */
+  userSessionExists(): Promise<boolean>;
+
+  /**
+   * @description When a platform extension attempts to log a user in, the Authress Login page will redirect to your Platform defaultAuthenticationUrl. At this point, show the user the login screen, and then pass the results of the login to this method.
+   * @param {ExtensionAuthenticationParameters} settings Parameters for controlling how and when users should be authenticated for the app.
+   * @return {Promise<boolean>} Is there a valid existing session.
+   */
+  updateExtensionAuthenticationRequest(settings: ExtensionAuthenticationParameters): Promise<void>;
+
+  /**
+   * @description Unlink an identity from the user's account.
+   * @param {String} identityId Specify the provider connection id or the user id of that connection that user would like to unlink - see https://authress.io/app/#/manage?focus=connections
+   * @return {Promise<void>} Throws an error if identity cannot be unlinked.
+   */
+  unlinkIdentity(identityId: string): Promise<void>;
+
+  /**
+   * @description Link a new identity to the currently logged in user. The user will be asked to authenticate to a new connection.
+   * @param {LinkIdentityParameters} settings Parameters for selecting which identity of a user should be linked.
+   * @return {Promise<void>}
+   */
+  linkIdentity(settings: LinkIdentityParameters): Promise<void>;
+
+  /**
+   * @description Logs a user in, if the user is not logged in, will redirect the user to their selected connection/provider and then redirect back to the {@link redirectUrl}. If neither the {@link connectionId} nor the {@link tenantLookupIdentifier} is specified the user will be directed to the Authress hosted login page to select their preferred login method.
+   * @param {AuthenticationParameters} [settings] Parameters for controlling how and when users should be authenticated for the app.
+   * @return {Promise<boolean>} Is there a valid existing session.
+   */
+  authenticate(settings?: AuthenticationParameters): Promise<boolean>;
+
+  /**
+   * @description Ensures the user's bearer token exists. To be used in the Authorization header as a Bearer token. This method blocks on a valid user session being created, and expects {@link authenticate} to have been called first. Additionally, if the application configuration specifies that tokens should be secured from javascript, the token will be a hidden cookie only visible to service APIs and will not be returned. If the token is expired and the session is still valid, then it will automatically generate a new token directly from Authress.
+   * @param {TokenParameters} [settings] Optional token parameters to constrain how the existing token is retreived.
+   * @return {Promise<string>} The Authorization Bearer token.
+   */
+  ensureToken(settings?: TokenParameters): Promise<string>;
+
+  /**
+   * @description Log the user out removing the current user's session. If the user is not logged in this has no effect. If the user is logged in via secure session, the the redirect url will be ignored. If the user is logged in without a secure session the user agent will be redirected to the hosted login and then redirected to the {@link redirectUrl}.
+   * @param {string} [redirectUrl='window.location.href'] Optional redirect location to return the user to after logout. Will only be used for cross domain sessions.
+   */
+  logout(redirectUri?: string): Promise<void>;
+}
+
+interface RequestTokenParameters {
+  /** The redirect to your login screen will contain two query parameters `state` and `flow`. Pass the state into this method. */
+  code?: string;
+}
+
+interface TokenResponse {
+  /** The user access token to be used with the platform */
+  accessToken: string;
+}
+
+export class ExtensionClient {
+  /**
+   * @constructor constructs an ExtensionClient to be embedded in your platform SDK to enable extension easy login
+   * @param {string} authressCustomDomain Your Authress custom domain - see https://authress.io/app/#/manage?focus=domain
+   * @param {string} extensionId The platform extensionId for this app - see https://authress.io/app/#/manage?focus=extensions
+   */
+  // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
+  constructor(authressCustomDomain: string, extensionId: string);
+
+  /**
+   * @description Gets the user's profile data and returns it if it exists. Should be called after {@link userSessionExists} or it will be empty.
+   * @return {Promise<Record<string, unknown>>} The user identity which contains a userData object.
+   */
+  getUserIdentity(): Promise<Record<string, unknown>>;
+
+  /**
+   * @description When a platform extension attempts to log a user in, the Authress Login page will redirect to your Platform defaultAuthenticationUrl. At this point, show the user the login screen, and then pass the results of the login to this method.
+   * @param {String} [code] The redirect to your login screen will contain two query parameters `state` and `flow`. Pass the state into this method.
+   */
+  requestToken(options?: RequestTokenParameters): Promise<TokenResponse>;
+
+  /**
+      * @description Logs a user in, if the user is logged in, will return the token response, if the user is not logged in, will redirect the user to their selected connection/provider and then redirect back to the {@link redirectUrl}.
+   * @param {String} [redirectUrl=${window.location.href}] Specify where the provider should redirect to the user to in your application. If not specified, the default is the current location href. Must be a valid redirect url matching what is defined in the application in the Authress Management portal. Only used if the user is not logged in.
+   * @return {Promise<TokenResponse>} Returns the token if the user is logged in otherwise redirects the user
+   */
+  login(redirectUrl?: string): Promise<TokenResponse>;
+}

package/package.json

@@ -0,0 +1,88 @@
+{
+  "name": "@authress/login",
+  "version": "2.2.196",
+  "description": "Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.",
+  "main": "./src/index.js",
+  "types": "./index.d.ts",
+  "files": [
+    "index.d.ts",
+    "src",
+    "dist"
+  ],
+  "scripts": {
+    "build": "node make.js build && NODE_ENV=production webpack --mode=production",
+    "lint": "eslint --ext .js,.ts src tests make.js index.d.ts",
+    "test": "check-dts index.d.ts && mocha tests/**/*.test.js -R spec"
+  },
+  "dependencies": {
+    "axios": "^0.21",
+    "cookie": "^0.4.1",
+    "lodash.take": "^4.1.1"
+  },
+  "devDependencies": {
+    "@babel/core": "^7.17.5",
+    "@babel/preset-env": "^7.16.11",
+    "@types/node": "^14.14.35",
+    "@typescript-eslint/eslint-plugin": "^3.1.0",
+    "@typescript-eslint/parser": "^3.1.0",
+    "babel-loader": "^8.2.3",
+    "chai": "^4.2.0",
+    "check-dts": "^0.4.4",
+    "ci-build-tools": "^1.0.13",
+    "commander": "^4.0.1",
+    "compression-webpack-plugin": "^9.2.0",
+    "eslint": "^7.12.1",
+    "eslint-config-cimpress-atsquad": "^1.0.67",
+    "eslint-loader": "^4.0.2",
+    "eslint-plugin-mocha": "^7.0.1",
+    "eslint-plugin-node": "^11.1.0",
+    "eslint-plugin-promise": "^6.1.1",
+    "fs-extra": "^8.1.0",
+    "glob": "^7.1.6",
+    "mocha": "^10.1.0",
+    "path-browserify": "^1.0.1",
+    "sinon": "^7.5.0",
+    "sinon-chai": "^3.3.0",
+    "terser-webpack-plugin": "^5.3.1",
+    "typescript": "^3.9.5",
+    "webpack": "^5.69.1",
+    "webpack-cli": "^4.9.2"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Authress/authress-login.js"
+  },
+  "keywords": [
+    "authentication",
+    "authentication as a service",
+    "Login",
+    "Login Client",
+    "universal login",
+    "auth",
+    "federated login",
+    "secure login",
+    "application security",
+    "IDaaS",
+    "authentication",
+    "user authentication",
+    "user identity",
+    "Oauth2",
+    "Oauth2.1",
+    "Oauth3",
+    "platform",
+    "platform login",
+    "extension",
+    "Authress",
+    "Authress client",
+    "user security"
+  ],
+  "author": "Authress Developers <developers@authress.io> (https://authress.io)",
+  "license": "Apache-2.0",
+  "bugs": {
+    "url": "https://github.com/Authress/authress-login.js/issues"
+  },
+  "homepage": "https://authress.io",
+  "engines": {
+    "node": ">=14"
+  }
+}

package/src/base64url.js

@@ -0,0 +1,32 @@
+function percentToByte(p) {
+  return String.fromCharCode(parseInt(p.slice(1), 16));
+}
+
+function encodeBase64(str) {
+  return btoa(encodeURIComponent(str).replace(/%[0-9A-F]{2}/g, percentToByte));
+}
+
+function byteToPercent(b) {
+  return `%${`00${b.charCodeAt(0).toString(16)}`.slice(-2)}`;
+}
+
+function decodeBase64(str) {
+  return decodeURIComponent(Array.from(atob(str), byteToPercent).join(''));
+}
+
+module.exports.decode = function decode(str) {
+  return decodeBase64(str.replace(/-/g, '+').replace(/_/g, '/'));
+};
+
+module.exports.encode = function encode(str) {
+  if (str && typeof str === 'object') {
+    return btoa(String.fromCharCode(...new Uint8Array(str))).replace(/\//g, '_')
+    .replace(/\+/g, '-')
+    .replace(/=+$/, '');
+  }
+
+  return encodeBase64(str)
+  .replace(/\//g, '_')
+  .replace(/\+/g, '-')
+  .replace(/=+$/, '');
+};

package/src/extensionClient.js

@@ -0,0 +1,153 @@
+const base64url = require('./base64url');
+
+const jwtManager = require('./jwtManager');
+
+const AuthenticationRequestNonceKey = 'ExtensionRequestNonce';
+
+let userSessionSequencePromise = null;
+
+class ExtensionClient {
+  /**
+   * @constructor constructs an ExtensionClient to be embedded in your platform SDK to enable extension easy login
+   * @param {string} authressCustomDomain Your Authress custom domain - see https://authress.io/app/#/manage?focus=domain
+   * @param {string} extensionId The platform extensionId for this app - see https://authress.io/app/#/manage?focus=extensions
+   */
+  constructor(authressCustomDomain, extensionId) {
+    this.extensionId = extensionId;
+
+    if (!authressCustomDomain) {
+      throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');
+    }
+
+    if (!extensionId) {
+      throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');
+    }
+
+    this.authressCustomDomain = `https://${authressCustomDomain.replace(/^(https?:\/+)/, '')}`;
+    this.accessToken = null;
+
+    window.onload = async () => {
+      await this.requestToken({ silent: true });
+    };
+  }
+
+  /**
+   * @description Gets the user's profile data and returns it if it exists. Should be called after {@link userSessionExists} or it will be empty.
+   * @return {Promise<Record<string, unknown>>} The user data object.
+   */
+  async getUserIdentity() {
+    const userData = await this.accessToken && jwtManager.decode(this.accessToken);
+    if (!userData) {
+      return null;
+    }
+
+    if (userData.exp * 1000 < Date.now()) {
+      this.accessToken = null;
+      return null;
+    }
+
+    return userData;
+  }
+
+  async getTokenResponse() {
+    const isLoggedIn = await this.getUserIdentity();
+    if (!isLoggedIn) {
+      return null;
+    }
+
+    return { accessToken: this.accessToken };
+  }
+
+  /**
+   * @description When a platform extension attempts to log a user in, the Authress Login page will redirect to your Platform defaultAuthenticationUrl. At this point, show the user the login screen, and then pass the results of the login to this method.
+   * @param {String} [options.code] The redirect to your login screen will contain two query parameters `state` and `flow`. Pass the state into this method.
+   * @return {Promise<TokenResponse>} Returns the token if the user is logged in otherwise redirects the user
+   */
+  requestToken(options = { code: null, silent: false }) {
+    if (userSessionSequencePromise) {
+      return userSessionSequencePromise = userSessionSequencePromise
+      .catch(() => { /* ignore since we always want to continue even after a failure */ })
+      .then(() => this.requestTokenContinuation(options));
+    }
+    const nextContinuation = this.requestTokenContinuation(options);
+    nextContinuation.catch(() => { /* This prevents an uncaught promise rejection in the running process */ });
+    return userSessionSequencePromise = nextContinuation;
+  }
+
+  async requestTokenContinuation(options = { code: null, silent: false }) {
+    const code = options && options.code || new URLSearchParams(window.location.search).get('code');
+    if (!code) {
+      if (!options || !options.silent) {
+        const e = Error('OAuth Authorization code is required');
+        e.code = 'InvalidAuthorizationCode';
+        throw e;
+      }
+      return this.getTokenResponse();
+    }
+
+    const url = new URL(this.authressCustomDomain);
+    url.pathname = '/api/authentication/oauth/tokens';
+    const { codeVerifier, redirectUrl } = JSON.parse(localStorage.getItem(AuthenticationRequestNonceKey) || '{}');
+    const result = await fetch(url.toString(), {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        code_verifier: codeVerifier,
+        code,
+        grant_type: 'authorization_code',
+        client_id: this.extensionId,
+        redirect_uri: redirectUrl
+      })
+    });
+
+    const tokenResponse = await result.json();
+    this.accessToken = tokenResponse.access_token;
+
+    const newUrl = new URL(window.location);
+    newUrl.searchParams.delete('code');
+    newUrl.searchParams.delete('iss');
+    newUrl.searchParams.delete('nonce');
+    newUrl.searchParams.delete('expires_in');
+    newUrl.searchParams.delete('access_token');
+    newUrl.searchParams.delete('id_token');
+    history.replaceState({}, undefined, newUrl.toString());
+
+    return this.getTokenResponse();
+  }
+
+  /**
+   * @description Logs a user in, if the user is logged in, will return the token response, if the user is not logged in, will redirect the user to their selected connection/provider and then redirect back to the {@link redirectUrl}.
+   * @param {String} [redirectUrl=${window.location.href}] Specify where the provider should redirect to the user to in your application. If not specified, the default is the current location href. Must be a valid redirect url matching what is defined in the application in the Authress Management portal.
+   * @return {Promise<TokenResponse>} Returns the token if the user is logged in otherwise redirects the user
+   */
+  async login(redirectUrlOverride) {
+    const tokenResponse = await this.getTokenResponse();
+    if (tokenResponse) {
+      return tokenResponse;
+    }
+    const completeLoginResult = await this.requestToken({ silent: true });
+    if (completeLoginResult) {
+      return completeLoginResult;
+    }
+    const url = new URL(this.authressCustomDomain);
+
+    const codeVerifier = base64url.encode((window.crypto || window.msCrypto).getRandomValues(new Uint32Array(16)).toString());
+    // https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest
+    const hashBuffer = await (window.crypto || window.msCrypto).subtle.digest('SHA-256', new TextEncoder().encode(codeVerifier));
+    const codeChallenge = base64url.encode(hashBuffer);
+
+    const redirectUrl = redirectUrlOverride || window.location.href;
+    localStorage.setItem(AuthenticationRequestNonceKey, JSON.stringify({ codeVerifier, redirectUrl }));
+    url.searchParams.set('client_id', this.extensionId);
+    url.searchParams.set('code_challenge', codeChallenge);
+    url.searchParams.set('code_challenge_method', 'S256');
+    url.searchParams.set('redirect_uri', redirectUrl);
+    window.location.assign(url.toString());
+
+    // Prevent the current UI from taking any action once we decided we need to log in.
+    await new Promise(resolve => setTimeout(resolve, 5000));
+    return null;
+  }
+}
+
+module.exports = ExtensionClient;

package/src/httpClient.js

@@ -0,0 +1,166 @@
+/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
+const axios = require('axios');
+
+const defaultHeaders = {
+  'Content-Type': 'application/json'
+};
+
+async function retryExecutor(func) {
+  let lastError = null;
+  for (let iteration = 0; iteration < 5; iteration++) {
+    try {
+      const result = await func();
+      return result;
+    } catch (error) {
+      lastError = error;
+      if (error.code === 'EPIPE' || error.code === 'ECONNABORTED' || error.code === 'ETIMEDOUT' || error.code === 'ECONNRESET' || error.status >= 500) {
+        await new Promise(resolve => setTimeout(resolve, 10 * 2 ** iteration));
+        continue;
+      }
+      throw error;
+    }
+  }
+  throw lastError;
+}
+
+class HttpClient {
+  constructor(authressLoginCustomDomain, overrideLogger) {
+    if (!authressLoginCustomDomain) {
+      throw Error('Custom Authress Domain Host is required');
+    }
+    // eslint-disable-next-line @typescript-eslint/no-empty-function
+    const logger = overrideLogger || { debug() {}, warn() {}, critical() {} };
+
+    const loginHostFullUrl = new URL(`https://${authressLoginCustomDomain.replace(/^(https?:\/+)/, '')}`);
+    const loginUrl = `${loginHostFullUrl.origin}/api`;
+    const client = axios.create({ baseURL: loginUrl });
+
+    client.interceptors.request.use(config => {
+      logger.debug({ title: 'HttpClient Request', online: navigator.onLine, requestId: config.requestId, method: config.method, url: config.url });
+
+      return config;
+    }, error => {
+      let notFound = false;
+      let newError = error;
+      let url;
+      let requestId;
+
+      if (error) {
+        newError = error.message;
+
+        if (error.response) {
+          newError = {
+            data: error.response.data,
+            status: error.response.status,
+            headers: error.response.headers
+          };
+          notFound = error.response.status === 404;
+        } else if (error.message) {
+          newError = {
+            message: error.message,
+            code: error.code,
+            stack: error.stack
+          };
+        }
+
+        if (error.config) {
+          url = error.config.url;
+          requestId = error.config.requestId;
+        } else {
+          requestId = error.request && error.request.config && error.request.config.requestId;
+        }
+      }
+
+      const logObject = { title: 'HttpClient Request Error', url, online: navigator.onLine, requestId, exception: newError };
+
+      if (notFound) {
+        logger.debug(logObject);
+      } else {
+        logger.warn(logObject);
+      }
+
+      throw newError;
+    });
+
+    client.interceptors.response.use(response => response, error => {
+      // Rewritten error object for easy consumption
+      if (error.re) {
+        throw error;
+      }
+
+      const newError = error && error.response && {
+        url: error.config && error.config.url,
+        data: error.response.data,
+        status: error.response.status,
+        headers: error.response.headers
+      } || error.message && { message: error.message, code: error.code, stack: error.stack } || error;
+      newError.re = true;
+      const requestId = error && (error.config && error.config.requestId || error.request && error.request.config && error.request.config.requestId);
+
+      let message = 'HttpClient Response Error';
+      let logMethod = 'warn';
+
+      if (!error) {
+        message = 'HttpClient Response Error - Unknown error occurred';
+      } else if (error.response && error.response.status === 404) {
+        logMethod = 'debug';
+      } else if (error.response && error.response.status === 401) {
+        message = 'HttpClient Response Error due to invalid token';
+      }
+
+      logger[logMethod]({ title: message, online: navigator.onLine, requestId, exception: newError, url: error && error.config && error.config.url });
+      throw newError;
+    });
+
+    this.client = client;
+  }
+
+  get(url, withCredentials, headers, type = 'json') {
+    return retryExecutor(() => {
+      return this.client.get(url.toString(), {
+        withCredentials: window.location.hostname !== 'localhost' && !!withCredentials,
+        headers: Object.assign({}, defaultHeaders, headers),
+        responseType: type
+      });
+    });
+  }
+
+  delete(url, withCredentials, headers, type = 'json') {
+    return retryExecutor(() => {
+      return this.client.delete(url.toString(), {
+        withCredentials: window.location.hostname !== 'localhost' && !!withCredentials,
+        headers: Object.assign({}, defaultHeaders, headers),
+        responseType: type
+      });
+    });
+  }
+
+  post(url, withCredentials, data, headers) {
+    return retryExecutor(() => {
+      return this.client.post(url.toString(), data, {
+        withCredentials: window.location.hostname !== 'localhost' && !!withCredentials,
+        headers: Object.assign({}, defaultHeaders, headers)
+      });
+    });
+  }
+
+  put(url, withCredentials, data, headers) {
+    return retryExecutor(() => {
+      return this.client.put(url.toString(), data, {
+        withCredentials: window.location.hostname !== 'localhost' && !!withCredentials,
+        headers: Object.assign({}, defaultHeaders, headers)
+      });
+    });
+  }
+
+  patch(url, withCredentials, data, headers) {
+    return retryExecutor(() => {
+      return this.client.patch(url.toString(), data, {
+        withCredentials: window.location.hostname !== 'localhost' && !!withCredentials,
+        headers: Object.assign({}, defaultHeaders, headers)
+      });
+    });
+  }
+}
+
+module.exports = HttpClient;