@dainprotocol/oauth2-token-manager 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +392 -312
- package/dist/index.cjs +2 -2
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +197 -1
- package/dist/index.d.ts +197 -1
- package/dist/index.js +2 -2
- package/dist/index.js.map +1 -1
- package/package.json +28 -31
package/dist/index.d.cts
CHANGED
|
@@ -106,11 +106,13 @@ interface ProfileBasedTokenOptions {
|
|
|
106
106
|
}
|
|
107
107
|
interface StorageAdapter {
|
|
108
108
|
createSystem(system: Omit<System, 'id' | 'createdAt' | 'updatedAt'>): Promise<System>;
|
|
109
|
+
getOrCreateSystem(system: Omit<System, 'id' | 'createdAt' | 'updatedAt'>): Promise<System>;
|
|
109
110
|
getSystem(id: string): Promise<System | null>;
|
|
110
111
|
updateSystem(id: string, system: Partial<System>): Promise<System>;
|
|
111
112
|
deleteSystem(id: string): Promise<void>;
|
|
112
113
|
listSystems(): Promise<System[]>;
|
|
113
114
|
createScope(scope: Omit<Scope, 'id'>): Promise<Scope>;
|
|
115
|
+
getOrCreateScope(scope: Omit<Scope, 'id'>): Promise<Scope>;
|
|
114
116
|
getScope(id: string): Promise<Scope | null>;
|
|
115
117
|
getScopesBySystem(systemId: string): Promise<Scope[]>;
|
|
116
118
|
updateScope(id: string, scope: Partial<Scope>): Promise<Scope>;
|
|
@@ -352,6 +354,155 @@ declare class OAuth2GranularClient implements OAuth2GranularOperations {
|
|
|
352
354
|
private isTokenExpired;
|
|
353
355
|
}
|
|
354
356
|
|
|
357
|
+
interface UserOperationParams {
|
|
358
|
+
systemId?: string;
|
|
359
|
+
email?: string;
|
|
360
|
+
externalId?: string;
|
|
361
|
+
options?: UserCreationOptions;
|
|
362
|
+
}
|
|
363
|
+
interface TokenQueryParams {
|
|
364
|
+
userId?: string;
|
|
365
|
+
systemId?: string;
|
|
366
|
+
scopeId?: string;
|
|
367
|
+
provider?: string;
|
|
368
|
+
email?: string;
|
|
369
|
+
}
|
|
370
|
+
interface TokenSaveParams {
|
|
371
|
+
userId: string;
|
|
372
|
+
systemId?: string;
|
|
373
|
+
scopeId?: string;
|
|
374
|
+
provider: string;
|
|
375
|
+
email: string;
|
|
376
|
+
token: OAuth2Token;
|
|
377
|
+
}
|
|
378
|
+
interface EmailTokenParams {
|
|
379
|
+
email: string;
|
|
380
|
+
systemId?: string;
|
|
381
|
+
scopeId?: string;
|
|
382
|
+
provider: string;
|
|
383
|
+
options?: TokenOptions;
|
|
384
|
+
}
|
|
385
|
+
interface UserTokenParams {
|
|
386
|
+
userId: string;
|
|
387
|
+
systemId?: string;
|
|
388
|
+
scopeId?: string;
|
|
389
|
+
provider: string;
|
|
390
|
+
options?: TokenOptions;
|
|
391
|
+
}
|
|
392
|
+
interface TokenExistenceParams {
|
|
393
|
+
userId?: string;
|
|
394
|
+
systemId?: string;
|
|
395
|
+
scopeId?: string;
|
|
396
|
+
provider: string;
|
|
397
|
+
email?: string;
|
|
398
|
+
}
|
|
399
|
+
interface TokenDeletionParams {
|
|
400
|
+
userId?: string;
|
|
401
|
+
systemId?: string;
|
|
402
|
+
scopeId?: string;
|
|
403
|
+
provider?: string;
|
|
404
|
+
email?: string;
|
|
405
|
+
}
|
|
406
|
+
interface ScopeCreationParams {
|
|
407
|
+
systemId?: string;
|
|
408
|
+
name: string;
|
|
409
|
+
type?: 'authentication' | 'access' | 'custom';
|
|
410
|
+
permissions?: string[];
|
|
411
|
+
isolated?: boolean;
|
|
412
|
+
}
|
|
413
|
+
interface ValidTokenResult {
|
|
414
|
+
provider: string;
|
|
415
|
+
scopeId: string;
|
|
416
|
+
token: OAuth2Token;
|
|
417
|
+
userToken: UserToken;
|
|
418
|
+
}
|
|
419
|
+
interface BulkTokenQueryParams {
|
|
420
|
+
userId?: string;
|
|
421
|
+
email?: string;
|
|
422
|
+
systemId?: string;
|
|
423
|
+
scopeId?: string;
|
|
424
|
+
provider?: string;
|
|
425
|
+
options?: TokenOptions;
|
|
426
|
+
}
|
|
427
|
+
interface OAuth2GranularOperationsV2 {
|
|
428
|
+
ensureDefaults(): Promise<{
|
|
429
|
+
system: System;
|
|
430
|
+
scope: Scope;
|
|
431
|
+
}>;
|
|
432
|
+
createUser(params: UserOperationParams): Promise<User>;
|
|
433
|
+
getOrCreateUser(params: UserOperationParams): Promise<User>;
|
|
434
|
+
getUserById(userId: string): Promise<User | null>;
|
|
435
|
+
findUserByEmail(params: {
|
|
436
|
+
systemId?: string;
|
|
437
|
+
email: string;
|
|
438
|
+
}): Promise<User | null>;
|
|
439
|
+
findUserByExternalId(params: {
|
|
440
|
+
systemId?: string;
|
|
441
|
+
externalId: string;
|
|
442
|
+
}): Promise<User | null>;
|
|
443
|
+
getUsersBySystem(systemId?: string): Promise<User[]>;
|
|
444
|
+
saveToken(params: TokenSaveParams): Promise<UserToken>;
|
|
445
|
+
getTokens(params: TokenQueryParams): Promise<UserToken[]>;
|
|
446
|
+
getValidToken(params: EmailTokenParams | UserTokenParams): Promise<OAuth2Token>;
|
|
447
|
+
getAccessToken(params: EmailTokenParams | UserTokenParams): Promise<string>;
|
|
448
|
+
withValidToken<T>(params: EmailTokenParams | UserTokenParams, callback: (accessToken: string) => Promise<T>): Promise<T>;
|
|
449
|
+
getAllValidTokens(params: BulkTokenQueryParams): Promise<ValidTokenResult[]>;
|
|
450
|
+
hasToken(params: TokenExistenceParams): Promise<boolean>;
|
|
451
|
+
deleteTokens(params: TokenDeletionParams): Promise<void>;
|
|
452
|
+
createSystem(name: string, description?: string): Promise<System>;
|
|
453
|
+
getSystem(systemId?: string): Promise<System | null>;
|
|
454
|
+
createScope(params: ScopeCreationParams): Promise<Scope>;
|
|
455
|
+
getScope(scopeId?: string): Promise<Scope | null>;
|
|
456
|
+
getScopesBySystem(systemId?: string): Promise<Scope[]>;
|
|
457
|
+
}
|
|
458
|
+
|
|
459
|
+
declare class OAuth2GranularClientV2 implements OAuth2GranularOperationsV2 {
|
|
460
|
+
private storage;
|
|
461
|
+
private providers;
|
|
462
|
+
private getContext;
|
|
463
|
+
private now;
|
|
464
|
+
private defaultSystem;
|
|
465
|
+
private defaultScope;
|
|
466
|
+
private defaultsInitialized;
|
|
467
|
+
constructor(storage: StorageAdapter, providers: Map<string, OAuth2Provider>, getContext: () => {
|
|
468
|
+
currentSystem?: System;
|
|
469
|
+
currentUser?: User;
|
|
470
|
+
defaultScope?: Scope;
|
|
471
|
+
}, now?: () => number);
|
|
472
|
+
ensureDefaults(): Promise<{
|
|
473
|
+
system: System;
|
|
474
|
+
scope: Scope;
|
|
475
|
+
}>;
|
|
476
|
+
private resolveSystemId;
|
|
477
|
+
private resolveScopeId;
|
|
478
|
+
createUser(params: UserOperationParams): Promise<User>;
|
|
479
|
+
getOrCreateUser(params: UserOperationParams): Promise<User>;
|
|
480
|
+
getUserById(userId: string): Promise<User | null>;
|
|
481
|
+
findUserByEmail(params: {
|
|
482
|
+
systemId?: string;
|
|
483
|
+
email: string;
|
|
484
|
+
}): Promise<User | null>;
|
|
485
|
+
findUserByExternalId(params: {
|
|
486
|
+
systemId?: string;
|
|
487
|
+
externalId: string;
|
|
488
|
+
}): Promise<User | null>;
|
|
489
|
+
getUsersBySystem(systemId?: string): Promise<User[]>;
|
|
490
|
+
saveToken(params: TokenSaveParams): Promise<UserToken>;
|
|
491
|
+
getTokens(params: TokenQueryParams): Promise<UserToken[]>;
|
|
492
|
+
getValidToken(params: EmailTokenParams | UserTokenParams): Promise<OAuth2Token>;
|
|
493
|
+
getAccessToken(params: EmailTokenParams | UserTokenParams): Promise<string>;
|
|
494
|
+
withValidToken<T>(params: EmailTokenParams | UserTokenParams, callback: (accessToken: string) => Promise<T>): Promise<T>;
|
|
495
|
+
getAllValidTokens(params: BulkTokenQueryParams): Promise<ValidTokenResult[]>;
|
|
496
|
+
hasToken(params: TokenExistenceParams): Promise<boolean>;
|
|
497
|
+
deleteTokens(params: TokenDeletionParams): Promise<void>;
|
|
498
|
+
createSystem(name: string, description?: string): Promise<System>;
|
|
499
|
+
getSystem(systemId?: string): Promise<System | null>;
|
|
500
|
+
createScope(params: ScopeCreationParams): Promise<Scope>;
|
|
501
|
+
getScope(scopeId?: string): Promise<Scope | null>;
|
|
502
|
+
getScopesBySystem(systemId?: string): Promise<Scope[]>;
|
|
503
|
+
private isTokenExpired;
|
|
504
|
+
}
|
|
505
|
+
|
|
355
506
|
interface OAuth2Options {
|
|
356
507
|
storage?: StorageAdapter;
|
|
357
508
|
sealKey?: string;
|
|
@@ -397,7 +548,11 @@ declare class OAuth2Client {
|
|
|
397
548
|
private currentSystem?;
|
|
398
549
|
private currentUser?;
|
|
399
550
|
private defaultScope?;
|
|
551
|
+
/**
|
|
552
|
+
* @deprecated Use granularV2 instead for better developer experience with optional system/scope
|
|
553
|
+
*/
|
|
400
554
|
readonly granular: OAuth2GranularOperations;
|
|
555
|
+
readonly granularV2: OAuth2GranularClientV2;
|
|
401
556
|
constructor(options?: OAuth2Options);
|
|
402
557
|
/**
|
|
403
558
|
* Quick setup for common use cases
|
|
@@ -407,6 +562,21 @@ declare class OAuth2Client {
|
|
|
407
562
|
* Register a provider configuration
|
|
408
563
|
*/
|
|
409
564
|
registerProvider(name: string, config: OAuth2Config): void;
|
|
565
|
+
/**
|
|
566
|
+
* Initialize default system and scope if they don't exist
|
|
567
|
+
*/
|
|
568
|
+
initializeDefaults(): Promise<{
|
|
569
|
+
system: System;
|
|
570
|
+
scope: Scope;
|
|
571
|
+
}>;
|
|
572
|
+
/**
|
|
573
|
+
* Get the default system if it exists
|
|
574
|
+
*/
|
|
575
|
+
getDefaultSystem(): Promise<System | null>;
|
|
576
|
+
/**
|
|
577
|
+
* Get the default scope if it exists
|
|
578
|
+
*/
|
|
579
|
+
getDefaultScope(): Promise<Scope | null>;
|
|
410
580
|
/**
|
|
411
581
|
* Create or select a system to work with
|
|
412
582
|
*/
|
|
@@ -658,11 +828,13 @@ declare class InMemoryStorageAdapter implements StorageAdapter {
|
|
|
658
828
|
private states;
|
|
659
829
|
private generateId;
|
|
660
830
|
createSystem(system: Omit<System, 'id' | 'createdAt' | 'updatedAt'>): Promise<System>;
|
|
831
|
+
getOrCreateSystem(system: Omit<System, 'id' | 'createdAt' | 'updatedAt'>): Promise<System>;
|
|
661
832
|
getSystem(id: string): Promise<System | null>;
|
|
662
833
|
updateSystem(id: string, updates: Partial<System>): Promise<System>;
|
|
663
834
|
deleteSystem(id: string): Promise<void>;
|
|
664
835
|
listSystems(): Promise<System[]>;
|
|
665
836
|
createScope(scope: Omit<Scope, 'id'>): Promise<Scope>;
|
|
837
|
+
getOrCreateScope(scope: Omit<Scope, 'id'>): Promise<Scope>;
|
|
666
838
|
getScope(id: string): Promise<Scope | null>;
|
|
667
839
|
getScopesBySystem(systemId: string): Promise<Scope[]>;
|
|
668
840
|
updateScope(id: string, updates: Partial<Scope>): Promise<Scope>;
|
|
@@ -709,6 +881,11 @@ declare class InMemoryStorageAdapter implements StorageAdapter {
|
|
|
709
881
|
getTokensBySystemWithProfile(systemId: string): Promise<UserTokenWithProfile[]>;
|
|
710
882
|
}
|
|
711
883
|
|
|
884
|
+
declare const DEFAULT_SYSTEM_NAME = "oauth2-token-manager-default-system";
|
|
885
|
+
declare const DEFAULT_SCOPE_NAME = "oauth2-token-manager-default-scope";
|
|
886
|
+
declare const DEFAULT_SYSTEM_CONFIG: Omit<System, 'id' | 'createdAt' | 'updatedAt'>;
|
|
887
|
+
declare const DEFAULT_SCOPE_CONFIG: Omit<Scope, 'id' | 'systemId'>;
|
|
888
|
+
|
|
712
889
|
type ProviderType = 'google' | 'github' | 'microsoft' | 'outlook' | 'facebook' | 'generic';
|
|
713
890
|
interface ProviderFactory {
|
|
714
891
|
createProvider(type: ProviderType, config: OAuth2Config): OAuth2Provider;
|
|
@@ -782,4 +959,23 @@ declare const generateState: () => string;
|
|
|
782
959
|
declare const seal: <T>(d: T, key: string) => Promise<string>;
|
|
783
960
|
declare const unseal: <T>(s: string, key: string) => Promise<T>;
|
|
784
961
|
|
|
785
|
-
|
|
962
|
+
/**
|
|
963
|
+
* Initializes the default system and scope if they don't exist.
|
|
964
|
+
* Uses getOrCreateSystem and getOrCreateScope to ensure unique names.
|
|
965
|
+
*/
|
|
966
|
+
declare function initializeDefaults(storage: StorageAdapter): Promise<{
|
|
967
|
+
system: System;
|
|
968
|
+
scope: Scope;
|
|
969
|
+
}>;
|
|
970
|
+
/**
|
|
971
|
+
* Gets the default system if it exists.
|
|
972
|
+
* Returns null if the default system hasn't been initialized.
|
|
973
|
+
*/
|
|
974
|
+
declare function getDefaultSystem(storage: StorageAdapter): Promise<System | null>;
|
|
975
|
+
/**
|
|
976
|
+
* Gets the default scope if it exists.
|
|
977
|
+
* Returns null if the default scope hasn't been initialized.
|
|
978
|
+
*/
|
|
979
|
+
declare function getDefaultScope(storage: StorageAdapter): Promise<Scope | null>;
|
|
980
|
+
|
|
981
|
+
export { type AuthorizationState, type AuthorizationUrlStrategy, BaseProfileFetcher, type BulkTokenQueryParams, type CreateUserInput, DEFAULT_SCOPE_CONFIG, DEFAULT_SCOPE_NAME, DEFAULT_SYSTEM_CONFIG, DEFAULT_SYSTEM_NAME, type EmailTokenParams, GenericOAuth2Provider, GenericProfileFetcher, GitHubProfileFetcher, GoogleProfileFetcher, InMemoryStorageAdapter, MicrosoftProfileFetcher, OAuth2Client, type OAuth2Config, OAuth2GranularClient, OAuth2GranularClientV2, type OAuth2GranularOperationsV2, OAuth2Provider, type OAuth2Token, type ProfileFetcher, ProfileFetcherFactory, type ProfileFetcherOptions, type ProfileMapping, type ProviderFactory, type ProviderType, type Scope, type ScopeCreationParams, StandardAuthorizationUrlStrategy, StandardTokenExchangeStrategy, type StorageAdapter, type System, type TokenDeletionParams, type TokenExchangeStrategy, type TokenExistenceParams, type TokenQueryParams, type TokenSaveParams, type User, type UserOperationParams, type UserProfile, type UserToken, type UserTokenParams, type UserTokenWithProfile, type ValidTokenResult, createCodeChallenge, createCodeVerifier, generateState, getDefaultScope, getDefaultSystem, initializeDefaults, seal, unseal };
|
package/dist/index.d.ts
CHANGED
|
@@ -106,11 +106,13 @@ interface ProfileBasedTokenOptions {
|
|
|
106
106
|
}
|
|
107
107
|
interface StorageAdapter {
|
|
108
108
|
createSystem(system: Omit<System, 'id' | 'createdAt' | 'updatedAt'>): Promise<System>;
|
|
109
|
+
getOrCreateSystem(system: Omit<System, 'id' | 'createdAt' | 'updatedAt'>): Promise<System>;
|
|
109
110
|
getSystem(id: string): Promise<System | null>;
|
|
110
111
|
updateSystem(id: string, system: Partial<System>): Promise<System>;
|
|
111
112
|
deleteSystem(id: string): Promise<void>;
|
|
112
113
|
listSystems(): Promise<System[]>;
|
|
113
114
|
createScope(scope: Omit<Scope, 'id'>): Promise<Scope>;
|
|
115
|
+
getOrCreateScope(scope: Omit<Scope, 'id'>): Promise<Scope>;
|
|
114
116
|
getScope(id: string): Promise<Scope | null>;
|
|
115
117
|
getScopesBySystem(systemId: string): Promise<Scope[]>;
|
|
116
118
|
updateScope(id: string, scope: Partial<Scope>): Promise<Scope>;
|
|
@@ -352,6 +354,155 @@ declare class OAuth2GranularClient implements OAuth2GranularOperations {
|
|
|
352
354
|
private isTokenExpired;
|
|
353
355
|
}
|
|
354
356
|
|
|
357
|
+
interface UserOperationParams {
|
|
358
|
+
systemId?: string;
|
|
359
|
+
email?: string;
|
|
360
|
+
externalId?: string;
|
|
361
|
+
options?: UserCreationOptions;
|
|
362
|
+
}
|
|
363
|
+
interface TokenQueryParams {
|
|
364
|
+
userId?: string;
|
|
365
|
+
systemId?: string;
|
|
366
|
+
scopeId?: string;
|
|
367
|
+
provider?: string;
|
|
368
|
+
email?: string;
|
|
369
|
+
}
|
|
370
|
+
interface TokenSaveParams {
|
|
371
|
+
userId: string;
|
|
372
|
+
systemId?: string;
|
|
373
|
+
scopeId?: string;
|
|
374
|
+
provider: string;
|
|
375
|
+
email: string;
|
|
376
|
+
token: OAuth2Token;
|
|
377
|
+
}
|
|
378
|
+
interface EmailTokenParams {
|
|
379
|
+
email: string;
|
|
380
|
+
systemId?: string;
|
|
381
|
+
scopeId?: string;
|
|
382
|
+
provider: string;
|
|
383
|
+
options?: TokenOptions;
|
|
384
|
+
}
|
|
385
|
+
interface UserTokenParams {
|
|
386
|
+
userId: string;
|
|
387
|
+
systemId?: string;
|
|
388
|
+
scopeId?: string;
|
|
389
|
+
provider: string;
|
|
390
|
+
options?: TokenOptions;
|
|
391
|
+
}
|
|
392
|
+
interface TokenExistenceParams {
|
|
393
|
+
userId?: string;
|
|
394
|
+
systemId?: string;
|
|
395
|
+
scopeId?: string;
|
|
396
|
+
provider: string;
|
|
397
|
+
email?: string;
|
|
398
|
+
}
|
|
399
|
+
interface TokenDeletionParams {
|
|
400
|
+
userId?: string;
|
|
401
|
+
systemId?: string;
|
|
402
|
+
scopeId?: string;
|
|
403
|
+
provider?: string;
|
|
404
|
+
email?: string;
|
|
405
|
+
}
|
|
406
|
+
interface ScopeCreationParams {
|
|
407
|
+
systemId?: string;
|
|
408
|
+
name: string;
|
|
409
|
+
type?: 'authentication' | 'access' | 'custom';
|
|
410
|
+
permissions?: string[];
|
|
411
|
+
isolated?: boolean;
|
|
412
|
+
}
|
|
413
|
+
interface ValidTokenResult {
|
|
414
|
+
provider: string;
|
|
415
|
+
scopeId: string;
|
|
416
|
+
token: OAuth2Token;
|
|
417
|
+
userToken: UserToken;
|
|
418
|
+
}
|
|
419
|
+
interface BulkTokenQueryParams {
|
|
420
|
+
userId?: string;
|
|
421
|
+
email?: string;
|
|
422
|
+
systemId?: string;
|
|
423
|
+
scopeId?: string;
|
|
424
|
+
provider?: string;
|
|
425
|
+
options?: TokenOptions;
|
|
426
|
+
}
|
|
427
|
+
interface OAuth2GranularOperationsV2 {
|
|
428
|
+
ensureDefaults(): Promise<{
|
|
429
|
+
system: System;
|
|
430
|
+
scope: Scope;
|
|
431
|
+
}>;
|
|
432
|
+
createUser(params: UserOperationParams): Promise<User>;
|
|
433
|
+
getOrCreateUser(params: UserOperationParams): Promise<User>;
|
|
434
|
+
getUserById(userId: string): Promise<User | null>;
|
|
435
|
+
findUserByEmail(params: {
|
|
436
|
+
systemId?: string;
|
|
437
|
+
email: string;
|
|
438
|
+
}): Promise<User | null>;
|
|
439
|
+
findUserByExternalId(params: {
|
|
440
|
+
systemId?: string;
|
|
441
|
+
externalId: string;
|
|
442
|
+
}): Promise<User | null>;
|
|
443
|
+
getUsersBySystem(systemId?: string): Promise<User[]>;
|
|
444
|
+
saveToken(params: TokenSaveParams): Promise<UserToken>;
|
|
445
|
+
getTokens(params: TokenQueryParams): Promise<UserToken[]>;
|
|
446
|
+
getValidToken(params: EmailTokenParams | UserTokenParams): Promise<OAuth2Token>;
|
|
447
|
+
getAccessToken(params: EmailTokenParams | UserTokenParams): Promise<string>;
|
|
448
|
+
withValidToken<T>(params: EmailTokenParams | UserTokenParams, callback: (accessToken: string) => Promise<T>): Promise<T>;
|
|
449
|
+
getAllValidTokens(params: BulkTokenQueryParams): Promise<ValidTokenResult[]>;
|
|
450
|
+
hasToken(params: TokenExistenceParams): Promise<boolean>;
|
|
451
|
+
deleteTokens(params: TokenDeletionParams): Promise<void>;
|
|
452
|
+
createSystem(name: string, description?: string): Promise<System>;
|
|
453
|
+
getSystem(systemId?: string): Promise<System | null>;
|
|
454
|
+
createScope(params: ScopeCreationParams): Promise<Scope>;
|
|
455
|
+
getScope(scopeId?: string): Promise<Scope | null>;
|
|
456
|
+
getScopesBySystem(systemId?: string): Promise<Scope[]>;
|
|
457
|
+
}
|
|
458
|
+
|
|
459
|
+
declare class OAuth2GranularClientV2 implements OAuth2GranularOperationsV2 {
|
|
460
|
+
private storage;
|
|
461
|
+
private providers;
|
|
462
|
+
private getContext;
|
|
463
|
+
private now;
|
|
464
|
+
private defaultSystem;
|
|
465
|
+
private defaultScope;
|
|
466
|
+
private defaultsInitialized;
|
|
467
|
+
constructor(storage: StorageAdapter, providers: Map<string, OAuth2Provider>, getContext: () => {
|
|
468
|
+
currentSystem?: System;
|
|
469
|
+
currentUser?: User;
|
|
470
|
+
defaultScope?: Scope;
|
|
471
|
+
}, now?: () => number);
|
|
472
|
+
ensureDefaults(): Promise<{
|
|
473
|
+
system: System;
|
|
474
|
+
scope: Scope;
|
|
475
|
+
}>;
|
|
476
|
+
private resolveSystemId;
|
|
477
|
+
private resolveScopeId;
|
|
478
|
+
createUser(params: UserOperationParams): Promise<User>;
|
|
479
|
+
getOrCreateUser(params: UserOperationParams): Promise<User>;
|
|
480
|
+
getUserById(userId: string): Promise<User | null>;
|
|
481
|
+
findUserByEmail(params: {
|
|
482
|
+
systemId?: string;
|
|
483
|
+
email: string;
|
|
484
|
+
}): Promise<User | null>;
|
|
485
|
+
findUserByExternalId(params: {
|
|
486
|
+
systemId?: string;
|
|
487
|
+
externalId: string;
|
|
488
|
+
}): Promise<User | null>;
|
|
489
|
+
getUsersBySystem(systemId?: string): Promise<User[]>;
|
|
490
|
+
saveToken(params: TokenSaveParams): Promise<UserToken>;
|
|
491
|
+
getTokens(params: TokenQueryParams): Promise<UserToken[]>;
|
|
492
|
+
getValidToken(params: EmailTokenParams | UserTokenParams): Promise<OAuth2Token>;
|
|
493
|
+
getAccessToken(params: EmailTokenParams | UserTokenParams): Promise<string>;
|
|
494
|
+
withValidToken<T>(params: EmailTokenParams | UserTokenParams, callback: (accessToken: string) => Promise<T>): Promise<T>;
|
|
495
|
+
getAllValidTokens(params: BulkTokenQueryParams): Promise<ValidTokenResult[]>;
|
|
496
|
+
hasToken(params: TokenExistenceParams): Promise<boolean>;
|
|
497
|
+
deleteTokens(params: TokenDeletionParams): Promise<void>;
|
|
498
|
+
createSystem(name: string, description?: string): Promise<System>;
|
|
499
|
+
getSystem(systemId?: string): Promise<System | null>;
|
|
500
|
+
createScope(params: ScopeCreationParams): Promise<Scope>;
|
|
501
|
+
getScope(scopeId?: string): Promise<Scope | null>;
|
|
502
|
+
getScopesBySystem(systemId?: string): Promise<Scope[]>;
|
|
503
|
+
private isTokenExpired;
|
|
504
|
+
}
|
|
505
|
+
|
|
355
506
|
interface OAuth2Options {
|
|
356
507
|
storage?: StorageAdapter;
|
|
357
508
|
sealKey?: string;
|
|
@@ -397,7 +548,11 @@ declare class OAuth2Client {
|
|
|
397
548
|
private currentSystem?;
|
|
398
549
|
private currentUser?;
|
|
399
550
|
private defaultScope?;
|
|
551
|
+
/**
|
|
552
|
+
* @deprecated Use granularV2 instead for better developer experience with optional system/scope
|
|
553
|
+
*/
|
|
400
554
|
readonly granular: OAuth2GranularOperations;
|
|
555
|
+
readonly granularV2: OAuth2GranularClientV2;
|
|
401
556
|
constructor(options?: OAuth2Options);
|
|
402
557
|
/**
|
|
403
558
|
* Quick setup for common use cases
|
|
@@ -407,6 +562,21 @@ declare class OAuth2Client {
|
|
|
407
562
|
* Register a provider configuration
|
|
408
563
|
*/
|
|
409
564
|
registerProvider(name: string, config: OAuth2Config): void;
|
|
565
|
+
/**
|
|
566
|
+
* Initialize default system and scope if they don't exist
|
|
567
|
+
*/
|
|
568
|
+
initializeDefaults(): Promise<{
|
|
569
|
+
system: System;
|
|
570
|
+
scope: Scope;
|
|
571
|
+
}>;
|
|
572
|
+
/**
|
|
573
|
+
* Get the default system if it exists
|
|
574
|
+
*/
|
|
575
|
+
getDefaultSystem(): Promise<System | null>;
|
|
576
|
+
/**
|
|
577
|
+
* Get the default scope if it exists
|
|
578
|
+
*/
|
|
579
|
+
getDefaultScope(): Promise<Scope | null>;
|
|
410
580
|
/**
|
|
411
581
|
* Create or select a system to work with
|
|
412
582
|
*/
|
|
@@ -658,11 +828,13 @@ declare class InMemoryStorageAdapter implements StorageAdapter {
|
|
|
658
828
|
private states;
|
|
659
829
|
private generateId;
|
|
660
830
|
createSystem(system: Omit<System, 'id' | 'createdAt' | 'updatedAt'>): Promise<System>;
|
|
831
|
+
getOrCreateSystem(system: Omit<System, 'id' | 'createdAt' | 'updatedAt'>): Promise<System>;
|
|
661
832
|
getSystem(id: string): Promise<System | null>;
|
|
662
833
|
updateSystem(id: string, updates: Partial<System>): Promise<System>;
|
|
663
834
|
deleteSystem(id: string): Promise<void>;
|
|
664
835
|
listSystems(): Promise<System[]>;
|
|
665
836
|
createScope(scope: Omit<Scope, 'id'>): Promise<Scope>;
|
|
837
|
+
getOrCreateScope(scope: Omit<Scope, 'id'>): Promise<Scope>;
|
|
666
838
|
getScope(id: string): Promise<Scope | null>;
|
|
667
839
|
getScopesBySystem(systemId: string): Promise<Scope[]>;
|
|
668
840
|
updateScope(id: string, updates: Partial<Scope>): Promise<Scope>;
|
|
@@ -709,6 +881,11 @@ declare class InMemoryStorageAdapter implements StorageAdapter {
|
|
|
709
881
|
getTokensBySystemWithProfile(systemId: string): Promise<UserTokenWithProfile[]>;
|
|
710
882
|
}
|
|
711
883
|
|
|
884
|
+
declare const DEFAULT_SYSTEM_NAME = "oauth2-token-manager-default-system";
|
|
885
|
+
declare const DEFAULT_SCOPE_NAME = "oauth2-token-manager-default-scope";
|
|
886
|
+
declare const DEFAULT_SYSTEM_CONFIG: Omit<System, 'id' | 'createdAt' | 'updatedAt'>;
|
|
887
|
+
declare const DEFAULT_SCOPE_CONFIG: Omit<Scope, 'id' | 'systemId'>;
|
|
888
|
+
|
|
712
889
|
type ProviderType = 'google' | 'github' | 'microsoft' | 'outlook' | 'facebook' | 'generic';
|
|
713
890
|
interface ProviderFactory {
|
|
714
891
|
createProvider(type: ProviderType, config: OAuth2Config): OAuth2Provider;
|
|
@@ -782,4 +959,23 @@ declare const generateState: () => string;
|
|
|
782
959
|
declare const seal: <T>(d: T, key: string) => Promise<string>;
|
|
783
960
|
declare const unseal: <T>(s: string, key: string) => Promise<T>;
|
|
784
961
|
|
|
785
|
-
|
|
962
|
+
/**
|
|
963
|
+
* Initializes the default system and scope if they don't exist.
|
|
964
|
+
* Uses getOrCreateSystem and getOrCreateScope to ensure unique names.
|
|
965
|
+
*/
|
|
966
|
+
declare function initializeDefaults(storage: StorageAdapter): Promise<{
|
|
967
|
+
system: System;
|
|
968
|
+
scope: Scope;
|
|
969
|
+
}>;
|
|
970
|
+
/**
|
|
971
|
+
* Gets the default system if it exists.
|
|
972
|
+
* Returns null if the default system hasn't been initialized.
|
|
973
|
+
*/
|
|
974
|
+
declare function getDefaultSystem(storage: StorageAdapter): Promise<System | null>;
|
|
975
|
+
/**
|
|
976
|
+
* Gets the default scope if it exists.
|
|
977
|
+
* Returns null if the default scope hasn't been initialized.
|
|
978
|
+
*/
|
|
979
|
+
declare function getDefaultScope(storage: StorageAdapter): Promise<Scope | null>;
|
|
980
|
+
|
|
981
|
+
export { type AuthorizationState, type AuthorizationUrlStrategy, BaseProfileFetcher, type BulkTokenQueryParams, type CreateUserInput, DEFAULT_SCOPE_CONFIG, DEFAULT_SCOPE_NAME, DEFAULT_SYSTEM_CONFIG, DEFAULT_SYSTEM_NAME, type EmailTokenParams, GenericOAuth2Provider, GenericProfileFetcher, GitHubProfileFetcher, GoogleProfileFetcher, InMemoryStorageAdapter, MicrosoftProfileFetcher, OAuth2Client, type OAuth2Config, OAuth2GranularClient, OAuth2GranularClientV2, type OAuth2GranularOperationsV2, OAuth2Provider, type OAuth2Token, type ProfileFetcher, ProfileFetcherFactory, type ProfileFetcherOptions, type ProfileMapping, type ProviderFactory, type ProviderType, type Scope, type ScopeCreationParams, StandardAuthorizationUrlStrategy, StandardTokenExchangeStrategy, type StorageAdapter, type System, type TokenDeletionParams, type TokenExchangeStrategy, type TokenExistenceParams, type TokenQueryParams, type TokenSaveParams, type User, type UserOperationParams, type UserProfile, type UserToken, type UserTokenParams, type UserTokenWithProfile, type ValidTokenResult, createCodeChallenge, createCodeVerifier, generateState, getDefaultScope, getDefaultSystem, initializeDefaults, seal, unseal };
|