@crossauth/sveltekit 0.0.2

package/dist/sveltekitsharedclientendpoints.d.ts

@@ -0,0 +1,289 @@
+import { SvelteKitSessionServer, SvelteKitSessionServerOptions } from './sveltekitsession';
+import { OAuthClientManager, OAuthClientStorage } from '@crossauth/backend';
+import { OAuthClient, CrossauthError } from '@crossauth/common';
+import { RequestEvent } from '@sveltejs/kit';
+
+/**
+ * Return type for {@link SvelteKitUserClientEndpoints.searchClient}
+ *  {@link SvelteKitAdminClientEndpoints.searchClient} load.
+ *
+ * See class documentation for {@link SvelteKitSharedClientEndpoints} for more details.
+ */
+export type SearchClientsPageData = {
+    ok: boolean;
+    clients?: OAuthClient[];
+    skip: number;
+    take: number;
+    search?: string;
+    error?: string;
+    exception?: CrossauthError;
+    hasPrevious: boolean;
+    hasNext: boolean;
+    clientUserId?: string | number;
+};
+/**
+ * Return type for {@link SvelteKitUserClientEndpoints.updateClientEndpoint}
+ *  {@link SvelteKitAdminClientEndpoints.updateClientEndpoint} load.
+ *
+ * See class documentation for {@link SvelteKitSharedClientEndpoints} for more details.
+ */
+export type UpdateClientPageData = {
+    ok: boolean;
+    client?: OAuthClient;
+    client_id?: string;
+    clientUsername?: string;
+    error?: string;
+    exception?: CrossauthError;
+    validFlows: string[];
+    valid_flowNames: {
+        [key: string]: string;
+    };
+};
+/**
+ * Return type for {@link SvelteKitUserClientEndpoints.updateClientEndpoint}
+ *  {@link SvelteKitAdminClientEndpoints.updateClienEndpoint} actions.
+ *
+ * See class documentation for {@link SvelteKitSharedClientEndpoints} for more details.
+ */
+export type UpdateClientFormData = {
+    ok: boolean;
+    client?: OAuthClient;
+    error?: string;
+    exception?: CrossauthError;
+    formData?: {
+        [key: string]: string;
+    };
+    plaintextSecret?: string;
+};
+/**
+ * Return type for {@link SvelteKitUserClientEndpoints.createClientEndpoints}
+ *  {@link SvelteKitAdminClientEndpoints.createClient} load.
+ *
+ * See class documentation for {@link SvelteKitSharedClientEndpoints} for more details.
+ */
+export type CreateClientPageData = {
+    ok: boolean;
+    clientUserId?: string | number;
+    clientUsername?: string;
+    error?: string;
+    exception?: CrossauthError;
+    validFlows: string[];
+    valid_flowNames: {
+        [key: string]: string;
+    };
+};
+/**
+ * Return type for {@link SvelteKitUserClientEndpoints.createClientEndpoint}
+ *  {@link SvelteKitAdminClientEndpoints.createClientEndpoint} actions.
+ *
+ * See class documentation for {@link SvelteKitSharedClientEndpoints} for more details.
+ */
+export type CreateClientFormData = {
+    ok: boolean;
+    client?: OAuthClient;
+    error?: string;
+    exception?: CrossauthError;
+    formData?: {
+        [key: string]: string;
+    };
+};
+/**
+ * Return type for {@link SvelteKitUserClientEndpoints.deleteClientEndpoint}
+ *  {@link SvelteKitAdminClientEndpoints.deleteClientEndpoint} load.
+ *
+ * See class documentation for {@link SvelteKitSharedClientEndpoints} for more details.
+ */
+export type DeleteClientPageData = {
+    ok: boolean;
+    client?: OAuthClient;
+    client_id?: string;
+    clientUsername?: string;
+    error?: string;
+    exception?: CrossauthError;
+};
+/**
+ * Return type for {@link SvelteKitUserClientEndpoints.deleteClientEndpoint}
+ *  {@link SvelteKitAdminClientEndpoints.deleteClientEndpoint} actions.
+ *
+ * See class documentation for {@link SvelteKitSharedClientEndpoints} for more details.
+ */
+export type DeleteClientFormData = {
+    ok: boolean;
+    error?: string;
+    exception?: CrossauthError;
+};
+/**
+ * The `selectclient` and `admin/selectclient` endpoints have a customisable
+ * function for searching for a client.  This is the default
+ * @param searchTerm the search term passed in the query string
+ * @param clientStorage the client storage to search
+ * @param userid the user id to se3arch for, or null for clients not owned
+ *        by a user
+ * @returns An array of matching {@link @crossauth/common!OAuthClient} objects,
+ */
+export declare function defaultClientSearchFn(searchTerm: string, clientStorage: OAuthClientStorage, skip: number, _take: number, userid?: string | number | null): Promise<OAuthClient[]>;
+/**
+ * Base class for user and admin endpoints that manipulate the OAuth
+ * clients table
+ */
+export declare class SvelteKitSharedClientEndpoints {
+    /**
+     * The session server that instantiated this.
+     *
+     * Set in the constructor
+     */
+    protected sessionServer: SvelteKitSessionServer;
+    /**
+     * The login URL taken from the {@link SvelteKitSessionServerOptions}
+     * in the constructor.
+     */
+    protected loginUrl: string;
+    /**
+     * Function for searching the client table.  Default is to make
+     * an exact match search on `client_name`.
+     */
+    protected clientSearchFn: (searchTerm: string, clientStorage: OAuthClientStorage, skip: number, take: number, userid?: string | number | null) => Promise<OAuthClient[]>;
+    /**
+     * The redirect function taken from the {@link SvelteKitSessionServerOptions}
+     * in the constructor.
+     */
+    protected redirect: any;
+    /**
+     * The error function taken from the {@link SvelteKitSessionServerOptions}
+     * in the constructor.
+     */
+    protected error: any;
+    /**
+     * Taken from the {@link SvelteKitSessionServerOptions}
+     * in the constructor.
+     */
+    protected validFlows: string[];
+    /**
+     * Friendly names for `validFlows`
+     */
+    protected valid_flowNames: {
+        [key: string]: string;
+    };
+    /**
+     * The OAuth client manager instantiated during construction
+     */
+    protected clientManager: OAuthClientManager;
+    /**
+     * Taken from the {@link SvelteKitSessionServerOptions}
+     * in the constructor.
+     */
+    protected clientStorage?: OAuthClientStorage;
+    /**
+     * Constructor
+     *
+     * @param sessionServer the session server to add these endpoints to
+     * @param options See {@link SvelteKitSessionServerOptions}
+     */
+    constructor(sessionServer: SvelteKitSessionServer, options: SvelteKitSessionServerOptions);
+    /**
+     * Returns either a list of all clients for the user matching a search term.
+     *
+     * The returned list is pagenaed using the `skip` and `take` parameters.
+     *
+     * The searching is done with `clientSearchFn` that was passed in the
+     * options (see {@link SvelteKitSessionServerOptions }).  THe default
+     * is an exact username match.
+     *
+     * By default, the searh and pagination parameters are taken from
+     * the query parameters in the request but can be overridden.
+     *
+     * @param event the Sveltekit request event.  The following query parameters
+     *        are read:
+     *   - `search` the search term which is ignored if it is undefined, null
+     *      or the empty string.
+     *   - `skip` the number to start returning from.  0 if not defined
+     *   - `take` the maximum number to return.  10 if not defined.
+     * @param search overrides the search term from the query.
+     * @param skip overrides the skip term from the query
+     * @param take overrides the take term from the query
+     *
+     * @return an object with the following members:
+     *   - `ok` true or false depending on whether there was an error
+     *   - `clients` the matching array of clients
+     *   - `error` error message if `ok` is false
+     *   - `exception` a {@link @crossauth/common!CrossauthError} if there was
+     *      an error.
+     *   - `search` the search term that was used
+     *   - `skip` the skip term that was used
+     *   - `take` the take term that was used
+     *   - `hasNext` whether there are still more results after the ones that
+     *      were returned
+     *   - `hasPrevious` whether there are more results before the ones that
+     *      were returned.
+     */
+    searchClients_internal(event: RequestEvent, searchTerm?: string, skip?: number, take?: number, userid?: string | number): Promise<SearchClientsPageData>;
+    /**
+     * The base class of the load function for updating an OAuth client.
+     *
+     * @param event the Sveltekit request event.  The following are taken:
+     *   - `client_id` from the URL path parameters
+     * @returns {@see UpdateClientPageData}
+     */
+    protected loadClient_internal(event: RequestEvent): Promise<UpdateClientPageData>;
+    /**
+     * The base class of the actions function for updating an OAuth client.
+     *
+     * @param event the Sveltekit request event.  The following are taken:
+     *   - `client_id` from the URL path parameters
+     *   - `client_name` from the body form data
+     *   - `redirect_uri` from the body form data (space-separated)
+     *   - `confidential` from the body form data: 1, `on`, `yes` or `true` are true
+     *   _ `resetSecret` if true (1, `on`, `yes` or `true`), create and return a new secret.  Ignored if not confidential
+     *   - Flow names from {@link @crossauth/common/OAuthFlows} taken from the body form data.  1, `on`, `yes` or `true` are true
+     * @returns {@see UpdateClientFormData}.  If a new secret was created, it will be placed as plaintext in the client that is returned.
+     */
+    protected updateClient_internal(event: RequestEvent, isAdmin: boolean): Promise<UpdateClientFormData>;
+    /**
+     * The base class of the load function for creating an OAuth client.
+     *
+     * @param event the Sveltekit request event.  The following are taken:
+     *   - `userid` from the body parameters parameters.  Ignored if `isAdmin` is false.  Can be undefined
+     *   -
+     * @returns {@see CreateClientPageData}.
+     */
+    protected emptyClient_internal(event: RequestEvent, isAdmin: boolean): Promise<CreateClientPageData>;
+    /**
+     * The base class of the actions function for creating an OAuth client.
+     *
+     * @param event the Sveltekit request event.  The following are taken:
+     *   - `userid` from the URL query parameters.  Ignored if `isAdmin` is false.  Can be undefined
+     *   - `client_name` from the body form data
+     *   - `redirect_uri` from the body form data (space-separated)
+     *   - `confidential` from the body form data: 1, `on`, `yes` or `true` are true
+     *   - Flow names from {@link @crossauth/common/OAuthFlows} taken from the body form data.  1, `on`, `yes` or `true` are true
+     * @returns {@see UpdateClientFormData}.  If a secret was created, it will be placed as plaintext in the client that is returned.  A random `client_id` is created.
+     */
+    protected createClient_internal(event: RequestEvent, isAdmin: boolean): Promise<CreateClientFormData>;
+    /**
+     * The base class of the load function for deleting an OAuth client.
+     *
+     * @param event the Sveltekit request event.  The following are taken:
+     *   - `client_id` from the URL path parameters
+     * @returns {@see DeleteClientPageData}
+     */
+    protected loadDeleteClient_internal(event: RequestEvent): Promise<DeleteClientPageData>;
+    /**
+     * The base class of the actions function for deleting an OAuth client.
+     *
+     * @param event the Sveltekit request event.  The following are taken:
+     *   - `client_id` from the URL path parameters
+     * @returns {@see DeleteClientFormData}
+     */
+    protected deleteClient_internal(event: RequestEvent, isAdmin: boolean): Promise<DeleteClientFormData>;
+    /**
+     * Returned by all endpoitns
+     * @param event the sveltekit request event
+     * @returns object with
+     *   - `user` - the logged in user
+     *   - `csrfToken` the CSRF token if using
+     */
+    baseEndpoint(event: RequestEvent): {
+        user: import('@crossauth/common').User | undefined;
+        csrfToken: string | undefined;
+    };
+}

package/dist/sveltekituserclientendpoints.d.ts

@@ -0,0 +1,151 @@
+import { SvelteKitSessionServer, SvelteKitSessionServerOptions } from './sveltekitsession';
+import { RequestEvent } from '@sveltejs/kit';
+import { SearchClientsPageData, UpdateClientPageData, UpdateClientFormData, DeleteClientPageData, DeleteClientFormData, SvelteKitSharedClientEndpoints } from './sveltekitsharedclientendpoints';
+import { CrossauthError } from '@crossauth/common';
+
+/**
+ * Endpoints for manipulating the OAuth client table, for use by users.
+ *
+ * You do not instantiate this directly - it is created when you create
+ * a {@link SvelteKitServer}.
+ *
+ * **Endpoints**
+ *
+ * These endpoints can only be called if an admin user is logged in, as defined
+ * by the {@link SveltekitSessionServer.isAdminFn}.  If the user does not
+ * have this permission, a 401 error is raised.
+ *
+ * | Name                       | Description                                                 | PageData (returned by load)                                                      | ActionData (return by actions)                                   | Form fields expected by actions                                  | URL param |
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
+ * | baseEndpoint               | This PageData is returned by all endpoints' load function.  | - `user` logged in {@link @crossauth/common!User}                                | *Not provided*                                                   |                                                                  |           |
+ * |                            |                                                             | - `csrfToken` CSRF token if enabled                                              |                                                                  |                                                                  |           |                                                                                  | loginPage                |
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
+ * | searchClientsEndpoint      | Returns a paginated set of clients or those matching search | See {@link SearchClientsPageData}                                                | *Not provided*                                                   |                                                                  |           |
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
+ * | updateClientEndpoint       | Updates a client                                            | See {@link UpdateClientsPageData}                                                | `default`:                                                       |                                                                  |           |
+ * |                            |                                                             |                                                                                  | See {@link UpdateClientsFormData}                                | See {@link SvelteKitSharedClientEndpoints.updateClient_internal} | client_id  |
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
+ * | createClientEndpoint       | Creates a new client                                        | See {@link CreateClientsPageData}                                                | `default`:                                                       |                                                                  |           |
+ * |                            |                                                             |                                                                                  | See {@link CreateClientsFormData}                                | See {@link SvelteKitSharedClientEndpoints.createClient_internal} | client_id  |
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
+ * | deleteClientEndpoint       | Deletes a client                                            | See {@link DeleteClientsPageData}                                                | `default`:                                                       |                                                                  |           |
+ * |                            |                                                             |                                                                                  | See {@link DeleteClientsFormData}                                | See {@link SvelteKitSharedClientEndpoints.deleteClient_internal} | client_id  |
+ * | -------------------------- | ----------------------------------------------------------- | -------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | --------- |
+ */
+export declare class SvelteKitUserClientEndpoints extends SvelteKitSharedClientEndpoints {
+    /**
+     * Constructor
+     * @param sessionServer the session server which will have these endpoints
+     * @param options See {@link SvelteKitSessionServerOptions}.
+     */
+    constructor(sessionServer: SvelteKitSessionServer, options: SvelteKitSessionServerOptions);
+    /**
+     * See {@link SvelteKitSharedClientEndpoints.searchClients_internal}
+     */
+    searchClients(event: RequestEvent, searchTerm?: string, skip?: number, take?: number): Promise<SearchClientsPageData>;
+    /**
+     * See {@link SvelteKitSharedClientEndpoints.loadClient_internal}
+     */
+    loadClient(event: RequestEvent): Promise<UpdateClientPageData>;
+    /**
+     * See {@link SvelteKitSharedClientEndpoints.updateClient_internal}
+     */
+    updateClient(event: RequestEvent): Promise<UpdateClientFormData>;
+    /**
+     * See {@link SvelteKitSharedClientEndpoints.loadDeleteClient_internal}
+     */
+    loadDeleteClient(event: RequestEvent): Promise<DeleteClientPageData>;
+    /**
+     * See {@link SvelteKitSharedClientEndpoints.deleteClient_internal}
+     */
+    deleteClient(event: RequestEvent): Promise<DeleteClientFormData>;
+    /**
+     * See {@link SvelteKitSharedClientEndpoints.emptyClient_internal}
+     */
+    emptyClient(event: RequestEvent): Promise<UpdateClientPageData>;
+    /**
+     * See {@link SvelteKitSharedClientEndpoints.createClient_internal}
+     */
+    createClient(event: RequestEvent): Promise<UpdateClientFormData>;
+    /**
+     * See class documentation.
+     */
+    readonly searchClientsEndpoint: {
+        load: (event: RequestEvent) => Promise<{
+            ok: boolean;
+            clients?: import('@crossauth/common').OAuthClient[] | undefined;
+            skip: number;
+            take: number;
+            search?: string | undefined;
+            error?: string | undefined;
+            exception?: CrossauthError | undefined;
+            hasPrevious: boolean;
+            hasNext: boolean;
+            clientUserId?: string | number | undefined;
+            user: import('@crossauth/common').User | undefined;
+            csrfToken: string | undefined;
+        }>;
+    };
+    /**
+     * See class documentation.
+     */
+    readonly updateClientEndpoint: {
+        load: (event: RequestEvent) => Promise<{
+            ok: boolean;
+            client?: import('@crossauth/common').OAuthClient | undefined;
+            client_id?: string | undefined;
+            clientUsername?: string | undefined;
+            error?: string | undefined;
+            exception?: CrossauthError | undefined;
+            validFlows: string[];
+            valid_flowNames: {
+                [key: string]: string;
+            };
+            user: import('@crossauth/common').User | undefined;
+            csrfToken: string | undefined;
+        }>;
+        actions: {
+            default: (event: RequestEvent) => Promise<UpdateClientFormData>;
+        };
+    };
+    /**
+     * See class documentation.
+     */
+    readonly createClientEndpoint: {
+        load: (event: RequestEvent) => Promise<{
+            ok: boolean;
+            client?: import('@crossauth/common').OAuthClient | undefined;
+            client_id?: string | undefined;
+            clientUsername?: string | undefined;
+            error?: string | undefined;
+            exception?: CrossauthError | undefined;
+            validFlows: string[];
+            valid_flowNames: {
+                [key: string]: string;
+            };
+            user: import('@crossauth/common').User | undefined;
+            csrfToken: string | undefined;
+        }>;
+        actions: {
+            default: (event: RequestEvent) => Promise<UpdateClientFormData>;
+        };
+    };
+    /**
+     * See class documentation.
+     */
+    readonly deleteClientEndpoint: {
+        load: (event: RequestEvent) => Promise<{
+            ok: boolean;
+            client?: import('@crossauth/common').OAuthClient | undefined;
+            client_id?: string | undefined;
+            clientUsername?: string | undefined;
+            error?: string | undefined;
+            exception?: CrossauthError | undefined;
+            user: import('@crossauth/common').User | undefined;
+            csrfToken: string | undefined;
+        }>;
+        actions: {
+            default: (event: RequestEvent) => Promise<DeleteClientFormData>;
+        };
+    };
+}