@bigso/auth-sdk 0.4.7 → 0.5.1

package/dist/node/index.js

@@ -1,137 +0,0 @@
-import {
-  verifySignedPayload
-} from "../chunk-LDDK6SJD.js";
-
-// src/node/SsoClient.ts
-var BigsoSsoClient = class {
-  constructor(options) {
-    this.ssoBackendUrl = options.ssoBackendUrl;
-    this.appId = options.appId;
-    this.ssoJwksUrl = options.ssoJwksUrl;
-  }
-  /**
-   * Verify a signed payload (JWS) against the SSO's JWKS
-   * @param token - The compact JWS token
-   * @param expectedAudience - The expected audience (app origin)
-   * @returns The verified payload
-   */
-  async verifySignedPayload(token, expectedAudience) {
-    if (!this.ssoJwksUrl) {
-      throw new Error("ssoJwksUrl is required for verifySignedPayload");
-    }
-    return await verifySignedPayload(token, this.ssoJwksUrl, expectedAudience);
-  }
-  /**
-   * Validate session token with SSO Backend
-   * @param sessionToken - JWT token from cookie
-   * @returns Session data or null if invalid
-   */
-  async validateSessionToken(sessionToken) {
-    try {
-      const response = await fetch(`${this.ssoBackendUrl}/api/v1/auth/verify-session`, {
-        method: "POST",
-        headers: {
-          "Content-Type": "application/json"
-        },
-        body: JSON.stringify({
-          sessionToken,
-          appId: this.appId
-        })
-        // Node 18+ allows abort signals to enforce timeout, but we will rely on native fetch timeout if available or no timeout for simplicity.
-        // In production, we might want to implement an AbortController wrapper.
-      });
-      if (!response.ok) {
-        return null;
-      }
-      const data = await response.json();
-      if (data.valid) {
-        return {
-          user: data.user,
-          tenant: data.tenant,
-          appId: data.appId,
-          expiresAt: data.expiresAt
-        };
-      }
-      return null;
-    } catch (error) {
-      console.error("\u274C [BigsoSsoClient] Error validating session:", error instanceof Error ? error.message : error);
-      return null;
-    }
-  }
-  /**
-   * Exchange authorization code for session token from SSO
-   * @param code - The auth code
-   * @returns The SSO exchange response
-   */
-  async exchangeCodeForToken(code) {
-    const response = await fetch(`${this.ssoBackendUrl}/api/v1/auth/token`, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json"
-      },
-      body: JSON.stringify({
-        authCode: code,
-        appId: this.appId
-      })
-    });
-    if (!response.ok) {
-      const errData = await response.json().catch(() => ({}));
-      throw new Error(errData.message || "Failed to exchange token");
-    }
-    return await response.json();
-  }
-  /**
-   * Revoke session in SSO backend
-   * @param sessionToken - The active session token
-   */
-  async revokeSession(sessionToken) {
-    const response = await fetch(`${this.ssoBackendUrl}/api/v1/session/revoke`, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        "Authorization": `Bearer ${sessionToken}`
-      }
-    });
-    if (!response.ok) {
-      throw new Error("Failed to revoke session");
-    }
-  }
-  /**
-   * Refreshes the application session using a refresh token
-   * @param refreshToken - The stored refresh token
-   * @returns The new session tokens or null if failed
-   */
-  async refreshAppSession(refreshToken) {
-    try {
-      const response = await fetch(`${this.ssoBackendUrl}/api/v1/auth/app-refresh`, {
-        method: "POST",
-        headers: {
-          "Content-Type": "application/json"
-        },
-        body: JSON.stringify({
-          refreshToken,
-          appId: this.appId
-        })
-      });
-      if (!response.ok) {
-        return null;
-      }
-      const data = await response.json();
-      if (data.success) {
-        return {
-          sessionToken: data.sessionToken,
-          refreshToken: data.refreshToken,
-          expiresAt: data.expiresAt,
-          refreshExpiresAt: data.refreshExpiresAt
-        };
-      }
-      return null;
-    } catch (error) {
-      console.error("\u274C [BigsoSsoClient] Error refreshing app session:", error instanceof Error ? error.message : error);
-      return null;
-    }
-  }
-};
-export {
-  BigsoSsoClient
-};

package/dist/types-CoXgtTry.d.cts

@@ -1,51 +0,0 @@
-interface BigsoAuthOptions {
-    /** Client ID registrado en el SSO */
-    clientId: string;
-    /** Origen del SSO (ej: https://sso.bigso.co) */
-    ssoOrigin: string;
-    /** URL del JWKS para verificar firmas (ej: https://sso.bigso.co/.well-known/jwks.json) */
-    jwksUrl: string;
-    /** Timeout en milisegundos (por defecto 5000) */
-    timeout?: number;
-    /** Activar logs de depuración */
-    debug?: boolean;
-    /** URI de redirección registrada (opcional, si se requiere validación exacta) */
-    redirectUri?: string;
-    /** Sugerencia de tenant (opcional) */
-    tenantHint?: string;
-    /** Tema visual del iframe ('light' | 'dark', por defecto 'light') */
-    theme?: 'light' | 'dark';
-}
-interface SsoUser {
-    userId: string;
-    email: string;
-    firstName: string;
-    lastName: string;
-}
-interface SsoTenant {
-    tenantId: string;
-    name: string;
-    slug: string;
-    role: string;
-    permissions: string[];
-}
-interface SsoSessionData {
-    user: SsoUser;
-    tenant: SsoTenant;
-    appId: string;
-    expiresAt: string;
-}
-interface SsoRefreshData {
-    sessionToken: string;
-    refreshToken: string;
-    expiresAt: string;
-    refreshExpiresAt: string;
-}
-interface SsoExchangeResponse extends SsoSessionData {
-    success: boolean;
-    sessionToken: string;
-    refreshToken?: string;
-    refreshExpiresAt?: string;
-}
-
-export type { BigsoAuthOptions as B, SsoSessionData as S, SsoExchangeResponse as a, SsoRefreshData as b };

package/dist/types-CoXgtTry.d.ts

@@ -1,51 +0,0 @@
-interface BigsoAuthOptions {
-    /** Client ID registrado en el SSO */
-    clientId: string;
-    /** Origen del SSO (ej: https://sso.bigso.co) */
-    ssoOrigin: string;
-    /** URL del JWKS para verificar firmas (ej: https://sso.bigso.co/.well-known/jwks.json) */
-    jwksUrl: string;
-    /** Timeout en milisegundos (por defecto 5000) */
-    timeout?: number;
-    /** Activar logs de depuración */
-    debug?: boolean;
-    /** URI de redirección registrada (opcional, si se requiere validación exacta) */
-    redirectUri?: string;
-    /** Sugerencia de tenant (opcional) */
-    tenantHint?: string;
-    /** Tema visual del iframe ('light' | 'dark', por defecto 'light') */
-    theme?: 'light' | 'dark';
-}
-interface SsoUser {
-    userId: string;
-    email: string;
-    firstName: string;
-    lastName: string;
-}
-interface SsoTenant {
-    tenantId: string;
-    name: string;
-    slug: string;
-    role: string;
-    permissions: string[];
-}
-interface SsoSessionData {
-    user: SsoUser;
-    tenant: SsoTenant;
-    appId: string;
-    expiresAt: string;
-}
-interface SsoRefreshData {
-    sessionToken: string;
-    refreshToken: string;
-    expiresAt: string;
-    refreshExpiresAt: string;
-}
-interface SsoExchangeResponse extends SsoSessionData {
-    success: boolean;
-    sessionToken: string;
-    refreshToken?: string;
-    refreshExpiresAt?: string;
-}
-
-export type { BigsoAuthOptions as B, SsoSessionData as S, SsoExchangeResponse as a, SsoRefreshData as b };