@descope/node-sdk 0.0.0-next-e5caa045-20230606 → 0.0.0-next-e0361769-20230612

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/cjs/index.cjs.js +1 -1
  2. package/dist/index.esm.js +1 -1
  3. package/package.json +1 -1
package/dist/cjs/index.cjs.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),o=require("node-fetch-commonjs");function n(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var r=n(t),a=n(o);const i=t=>async(...s)=>{var o,n,r;const a=await t(...s);if(!a.data)return a;let i=a.data,{refreshJwt:l}=i,p=e.__rest(i,["refreshJwt"]);const d=[];var m;return l?d.push(`${"DSR"}=${l}; Domain=${(null==(m=p)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(o=a.response)||void 0===o?void 0:o.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(n=a.response)||void 0===n?void 0:n.headers.get("set-cookie"),"DSR"),d.push(null===(r=a.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},a),{data:Object.assign(Object.assign({},a.data),{refreshJwt:l,cookies:d})})};function l(e,t,s){var o,n;const r=s?null===(n=null===(o=e.token.tenants)||void 0===o?void 0:o[s])||void 0===n?void 0:n[t]:e.token[t];return Array.isArray(r)?r:[]}var p={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",expirePassword:"/v1/mgmt/user/password/expire",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink"},d={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},m={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},u={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},c={update:"/v1/mgmt/jwt/update"},g={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},h={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},v={export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},f={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},k={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const R=(e,s)=>({create:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.create,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,customAttributes:d,picture:m},{token:s}),(e=>e.user)),createTestUser:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.create,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,test:!0,customAttributes:d,picture:m},{token:s}),(e=>e.user)),invite:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.create,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,invite:!0,customAttributes:d,picture:m},{token:s}),(e=>e.user)),update:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.update,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,customAttributes:d,picture:m},{token:s}),(e=>e.user)),delete:o=>t.transformResponse(e.httpClient.post(p.delete,{loginId:o},{token:s})),deleteAllTestUsers:()=>t.transformResponse(e.httpClient.delete(p.deleteAllTestUsers,{token:s})),load:o=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{loginId:o},token:s}),(e=>e.user)),loadByUserId:o=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{userId:o},token:s}),(e=>e.user)),searchAll:(o,n,r,a,i,l,d)=>t.transformResponse(e.httpClient.post(p.search,{tenantIds:o,roleNames:n,limit:r,page:a,testUsersOnly:i,withTestUser:l,customAttributes:d},{token:s}),(e=>e.users)),getProviderToken:(o,n)=>t.transformResponse(e.httpClient.get(p.getProviderToken,{queryParams:{loginId:o,provider:n},token:s}),(e=>e)),activate:o=>t.transformResponse(e.httpClient.post(p.updateStatus,{loginId:o,status:"enabled"},{token:s}),(e=>e.user)),deactivate:o=>t.transformResponse(e.httpClient.post(p.updateStatus,{loginId:o,status:"disabled"},{token:s}),(e=>e.user)),updateEmail:(o,n,r)=>t.transformResponse(e.httpClient.post(p.updateEmail,{loginId:o,email:n,verified:r},{token:s}),(e=>e.user)),updatePhone:(o,n,r)=>t.transformResponse(e.httpClient.post(p.updatePhone,{loginId:o,phone:n,verified:r},{token:s}),(e=>e.user)),updateDisplayName:(o,n)=>t.transformResponse(e.httpClient.post(p.updateDisplayName,{loginId:o,displayName:n},{token:s}),(e=>e.user)),updatePicture:(o,n)=>t.transformResponse(e.httpClient.post(p.updatePicture,{loginId:o,picture:n},{token:s}),(e=>e.user)),updateCustomAttribute:(o,n,r)=>t.transformResponse(e.httpClient.post(p.updateCustomAttribute,{loginId:o,attributeKey:n,attributeValue:r},{token:s}),(e=>e.user)),addRoles:(o,n)=>t.transformResponse(e.httpClient.post(p.addRole,{loginId:o,roleNames:n},{token:s}),(e=>e.user)),removeRoles:(o,n)=>t.transformResponse(e.httpClient.post(p.removeRole,{loginId:o,roleNames:n},{token:s}),(e=>e.user)),addTenant:(o,n)=>t.transformResponse(e.httpClient.post(p.addTenant,{loginId:o,tenantId:n},{token:s}),(e=>e.user)),removeTenant:(o,n)=>t.transformResponse(e.httpClient.post(p.removeTenant,{loginId:o,tenantId:n},{token:s}),(e=>e.user)),addTenantRoles:(o,n,r)=>t.transformResponse(e.httpClient.post(p.addRole,{loginId:o,tenantId:n,roleNames:r},{token:s}),(e=>e.user)),removeTenantRoles:(o,n,r)=>t.transformResponse(e.httpClient.post(p.removeRole,{loginId:o,tenantId:n,roleNames:r},{token:s}),(e=>e.user)),generateOTPForTestUser:(o,n)=>t.transformResponse(e.httpClient.post(p.generateOTPForTest,{deliveryMethod:o,loginId:n},{token:s}),(e=>e)),generateMagicLinkForTestUser:(o,n,r)=>t.transformResponse(e.httpClient.post(p.generateMagicLinkForTest,{deliveryMethod:o,loginId:n,URI:r},{token:s}),(e=>e)),generateEnchantedLinkForTestUser:(o,n)=>t.transformResponse(e.httpClient.post(p.generateEnchantedLinkForTest,{loginId:o,URI:n},{token:s}),(e=>e)),setPassword:(o,n)=>t.transformResponse(e.httpClient.post(p.setPassword,{loginId:o,password:n},{token:s}),(e=>e)),expirePassword:o=>t.transformResponse(e.httpClient.post(p.expirePassword,{loginId:o},{token:s}),(e=>e))}),y=(e,s)=>({create:(o,n)=>t.transformResponse(e.httpClient.post(m.create,{name:o,selfProvisioningDomains:n},{token:s})),createWithId:(o,n,r)=>t.transformResponse(e.httpClient.post(m.create,{id:o,name:n,selfProvisioningDomains:r},{token:s})),update:(o,n,r)=>t.transformResponse(e.httpClient.post(m.update,{id:o,name:n,selfProvisioningDomains:r},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(m.delete,{id:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(m.loadAll,{token:s}),(e=>e.tenants))}),C=(e,s)=>({update:(o,n)=>t.transformResponse(e.httpClient.post(c.update,{jwt:o,customClaims:n},{token:s}))}),w=(e,s)=>({create:(o,n)=>t.transformResponse(e.httpClient.post(g.create,{name:o,description:n},{token:s})),update:(o,n,r)=>t.transformResponse(e.httpClient.post(g.update,{name:o,newName:n,description:r},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(g.delete,{name:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(g.loadAll,{token:s}),(e=>e.permissions))}),I=(e,s)=>({create:(o,n,r)=>t.transformResponse(e.httpClient.post(h.create,{name:o,description:n,permissionNames:r},{token:s})),update:(o,n,r,a)=>t.transformResponse(e.httpClient.post(h.update,{name:o,newName:n,description:r,permissionNames:a},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(h.delete,{name:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(h.loadAll,{token:s}),(e=>e.roles))}),b=(e,s)=>({loadAllGroups:o=>t.transformResponse(e.httpClient.post(k.loadAllGroups,{tenantId:o},{token:s})),loadAllGroupsForMember:(o,n,r)=>t.transformResponse(e.httpClient.post(k.loadAllGroupsForMember,{tenantId:o,loginIds:r,userIds:n},{token:s})),loadAllGroupMembers:(o,n)=>t.transformResponse(e.httpClient.post(k.loadAllGroupMembers,{tenantId:o,groupId:n},{token:s}))}),T=(e,s)=>({getSettings:o=>t.transformResponse(e.httpClient.get(u.settings,{queryParams:{tenantId:o},token:s}),(e=>e)),deleteSettings:o=>t.transformResponse(e.httpClient.delete(u.settings,{queryParams:{tenantId:o},token:s})),configureSettings:(o,n,r,a,i,l)=>t.transformResponse(e.httpClient.post(u.settings,{tenantId:o,idpURL:n,entityId:a,idpCert:r,redirectURL:i,domain:l},{token:s})),configureMetadata:(o,n)=>t.transformResponse(e.httpClient.post(u.metadata,{tenantId:o,idpMetadataURL:n},{token:s})),configureMapping:(o,n,r)=>t.transformResponse(e.httpClient.post(u.mapping,{tenantId:o,roleMappings:n,attributeMapping:r},{token:s}))}),A=(e,s)=>({create:(o,n,r,a)=>t.transformResponse(e.httpClient.post(d.create,{name:o,expireTime:n,roleNames:r,keyTenants:a},{token:s})),load:o=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{id:o},token:s}),(e=>e.key)),searchAll:o=>t.transformResponse(e.httpClient.post(d.search,{tenantIds:o},{token:s}),(e=>e.keys)),update:(o,n)=>t.transformResponse(e.httpClient.post(d.update,{id:o,name:n},{token:s}),(e=>e.key)),deactivate:o=>t.transformResponse(e.httpClient.post(d.deactivate,{id:o},{token:s})),activate:o=>t.transformResponse(e.httpClient.post(d.activate,{id:o},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(d.delete,{id:o},{token:s}))}),P=(e,s)=>({export:o=>t.transformResponse(e.httpClient.post(v.export,{flowId:o},{token:s})),import:(o,n,r)=>t.transformResponse(e.httpClient.post(v.import,{flowId:o,flow:n,screens:r},{token:s}))}),x=(e,s)=>({export:()=>t.transformResponse(e.httpClient.post(f.export,{},{token:s})),import:o=>t.transformResponse(e.httpClient.post(f.import,{theme:o},{token:s}))});var j;null!==(j=globalThis.Headers)&&void 0!==j||(globalThis.Headers=o.Headers);const N=(...e)=>(e.forEach((e=>{var t,s;e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),a.default(...e)),M=o=>{var n,{managementKey:a}=o,p=e.__rest(o,["managementKey"]);const d=r.default(Object.assign(Object.assign({},p),{fetch:N,baseHeaders:Object.assign(Object.assign({},p.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(n=null===process||void 0===process?void 0:process.versions)||void 0===n?void 0:n.node)||"","x-descope-sdk-version":"0.0.0-next-e5caa045-20230606"})})),{projectId:m,logger:u}=p,c={},g=((e,t)=>({user:R(e,t),accessKey:A(e,t),tenant:y(e,t),sso:T(e,t),jwt:C(e,t),permission:w(e,t),role:I(e,t),group:b(e,t),flow:P(e,t),theme:x(e,t)}))(d,a),h=Object.assign(Object.assign({},d),{management:g,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(c[e.kid])return c[e.kid];if(Object.assign(c,await(async()=>{const e=(await d.httpClient.get(`v2/keys/${m}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!c[e.kid])throw Error("failed to fetch matching key");return c[e.kid]},async validateJwt(e){var t;const o=(await s.jwtVerify(e,h.getKey,{clockTolerance:5})).payload;if(o&&(o.iss=null===(t=o.iss)||void 0===t?void 0:t.split("/").pop(),o.iss!==m))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:o}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await h.validateJwt(e)}catch(e){throw null==u||u.error("session validation failed",e),Error("session validation failed")}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await h.validateJwt(e);const o=await h.refresh(e);if(o.ok){return await h.validateJwt(null===(t=o.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=o.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==u||u.error("refresh token validation failed",e),Error("refresh token validation failed")}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await h.validateSession(e)}catch(e){null==u||u.log("session validation failed - trying to refresh it")}return h.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await h.accessKey.exchange(e)}catch(e){throw null==u||u.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:s}=t.data;if(!s)throw null==u||u.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await h.validateJwt(s)}catch(e){throw null==u||u.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>h.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,s){const o=l(e,"permissions",t);return s.every((e=>o.includes(e)))},validateRoles:(e,t)=>h.validateTenantRoles(e,null,t),validateTenantRoles(e,t,s){const o=l(e,"roles",t);return s.every((e=>o.includes(e)))}});return t.wrapWith(h,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],i)};M.RefreshTokenCookieName="DSR",M.SessionTokenCookieName="DS",module.exports=M;
1
+ "use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),o=require("node-fetch-commonjs");function n(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var r=n(t),a=n(o);const i=t=>async(...s)=>{var o,n,r;const a=await t(...s);if(!a.data)return a;let i=a.data,{refreshJwt:l}=i,p=e.__rest(i,["refreshJwt"]);const d=[];var m;return l?d.push(`${"DSR"}=${l}; Domain=${(null==(m=p)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(o=a.response)||void 0===o?void 0:o.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(n=a.response)||void 0===n?void 0:n.headers.get("set-cookie"),"DSR"),d.push(null===(r=a.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},a),{data:Object.assign(Object.assign({},a.data),{refreshJwt:l,cookies:d})})};function l(e,t,s){var o,n;const r=s?null===(n=null===(o=e.token.tenants)||void 0===o?void 0:o[s])||void 0===n?void 0:n[t]:e.token[t];return Array.isArray(r)?r:[]}var p={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",expirePassword:"/v1/mgmt/user/password/expire",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink"},d={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},m={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},u={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},c={update:"/v1/mgmt/jwt/update"},g={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},h={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},v={export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},f={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},k={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const R=(e,s)=>({create:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.create,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,customAttributes:d,picture:m},{token:s}),(e=>e.user)),createTestUser:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.create,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,test:!0,customAttributes:d,picture:m},{token:s}),(e=>e.user)),invite:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.create,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,invite:!0,customAttributes:d,picture:m},{token:s}),(e=>e.user)),update:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.update,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,customAttributes:d,picture:m},{token:s}),(e=>e.user)),delete:o=>t.transformResponse(e.httpClient.post(p.delete,{loginId:o},{token:s})),deleteAllTestUsers:()=>t.transformResponse(e.httpClient.delete(p.deleteAllTestUsers,{token:s})),load:o=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{loginId:o},token:s}),(e=>e.user)),loadByUserId:o=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{userId:o},token:s}),(e=>e.user)),searchAll:(o,n,r,a,i,l,d)=>t.transformResponse(e.httpClient.post(p.search,{tenantIds:o,roleNames:n,limit:r,page:a,testUsersOnly:i,withTestUser:l,customAttributes:d},{token:s}),(e=>e.users)),getProviderToken:(o,n)=>t.transformResponse(e.httpClient.get(p.getProviderToken,{queryParams:{loginId:o,provider:n},token:s}),(e=>e)),activate:o=>t.transformResponse(e.httpClient.post(p.updateStatus,{loginId:o,status:"enabled"},{token:s}),(e=>e.user)),deactivate:o=>t.transformResponse(e.httpClient.post(p.updateStatus,{loginId:o,status:"disabled"},{token:s}),(e=>e.user)),updateEmail:(o,n,r)=>t.transformResponse(e.httpClient.post(p.updateEmail,{loginId:o,email:n,verified:r},{token:s}),(e=>e.user)),updatePhone:(o,n,r)=>t.transformResponse(e.httpClient.post(p.updatePhone,{loginId:o,phone:n,verified:r},{token:s}),(e=>e.user)),updateDisplayName:(o,n)=>t.transformResponse(e.httpClient.post(p.updateDisplayName,{loginId:o,displayName:n},{token:s}),(e=>e.user)),updatePicture:(o,n)=>t.transformResponse(e.httpClient.post(p.updatePicture,{loginId:o,picture:n},{token:s}),(e=>e.user)),updateCustomAttribute:(o,n,r)=>t.transformResponse(e.httpClient.post(p.updateCustomAttribute,{loginId:o,attributeKey:n,attributeValue:r},{token:s}),(e=>e.user)),addRoles:(o,n)=>t.transformResponse(e.httpClient.post(p.addRole,{loginId:o,roleNames:n},{token:s}),(e=>e.user)),removeRoles:(o,n)=>t.transformResponse(e.httpClient.post(p.removeRole,{loginId:o,roleNames:n},{token:s}),(e=>e.user)),addTenant:(o,n)=>t.transformResponse(e.httpClient.post(p.addTenant,{loginId:o,tenantId:n},{token:s}),(e=>e.user)),removeTenant:(o,n)=>t.transformResponse(e.httpClient.post(p.removeTenant,{loginId:o,tenantId:n},{token:s}),(e=>e.user)),addTenantRoles:(o,n,r)=>t.transformResponse(e.httpClient.post(p.addRole,{loginId:o,tenantId:n,roleNames:r},{token:s}),(e=>e.user)),removeTenantRoles:(o,n,r)=>t.transformResponse(e.httpClient.post(p.removeRole,{loginId:o,tenantId:n,roleNames:r},{token:s}),(e=>e.user)),generateOTPForTestUser:(o,n)=>t.transformResponse(e.httpClient.post(p.generateOTPForTest,{deliveryMethod:o,loginId:n},{token:s}),(e=>e)),generateMagicLinkForTestUser:(o,n,r)=>t.transformResponse(e.httpClient.post(p.generateMagicLinkForTest,{deliveryMethod:o,loginId:n,URI:r},{token:s}),(e=>e)),generateEnchantedLinkForTestUser:(o,n)=>t.transformResponse(e.httpClient.post(p.generateEnchantedLinkForTest,{loginId:o,URI:n},{token:s}),(e=>e)),setPassword:(o,n)=>t.transformResponse(e.httpClient.post(p.setPassword,{loginId:o,password:n},{token:s}),(e=>e)),expirePassword:o=>t.transformResponse(e.httpClient.post(p.expirePassword,{loginId:o},{token:s}),(e=>e))}),y=(e,s)=>({create:(o,n)=>t.transformResponse(e.httpClient.post(m.create,{name:o,selfProvisioningDomains:n},{token:s})),createWithId:(o,n,r)=>t.transformResponse(e.httpClient.post(m.create,{id:o,name:n,selfProvisioningDomains:r},{token:s})),update:(o,n,r)=>t.transformResponse(e.httpClient.post(m.update,{id:o,name:n,selfProvisioningDomains:r},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(m.delete,{id:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(m.loadAll,{token:s}),(e=>e.tenants))}),C=(e,s)=>({update:(o,n)=>t.transformResponse(e.httpClient.post(c.update,{jwt:o,customClaims:n},{token:s}))}),w=(e,s)=>({create:(o,n)=>t.transformResponse(e.httpClient.post(g.create,{name:o,description:n},{token:s})),update:(o,n,r)=>t.transformResponse(e.httpClient.post(g.update,{name:o,newName:n,description:r},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(g.delete,{name:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(g.loadAll,{token:s}),(e=>e.permissions))}),I=(e,s)=>({create:(o,n,r)=>t.transformResponse(e.httpClient.post(h.create,{name:o,description:n,permissionNames:r},{token:s})),update:(o,n,r,a)=>t.transformResponse(e.httpClient.post(h.update,{name:o,newName:n,description:r,permissionNames:a},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(h.delete,{name:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(h.loadAll,{token:s}),(e=>e.roles))}),b=(e,s)=>({loadAllGroups:o=>t.transformResponse(e.httpClient.post(k.loadAllGroups,{tenantId:o},{token:s})),loadAllGroupsForMember:(o,n,r)=>t.transformResponse(e.httpClient.post(k.loadAllGroupsForMember,{tenantId:o,loginIds:r,userIds:n},{token:s})),loadAllGroupMembers:(o,n)=>t.transformResponse(e.httpClient.post(k.loadAllGroupMembers,{tenantId:o,groupId:n},{token:s}))}),T=(e,s)=>({getSettings:o=>t.transformResponse(e.httpClient.get(u.settings,{queryParams:{tenantId:o},token:s}),(e=>e)),deleteSettings:o=>t.transformResponse(e.httpClient.delete(u.settings,{queryParams:{tenantId:o},token:s})),configureSettings:(o,n,r,a,i,l)=>t.transformResponse(e.httpClient.post(u.settings,{tenantId:o,idpURL:n,entityId:a,idpCert:r,redirectURL:i,domain:l},{token:s})),configureMetadata:(o,n)=>t.transformResponse(e.httpClient.post(u.metadata,{tenantId:o,idpMetadataURL:n},{token:s})),configureMapping:(o,n,r)=>t.transformResponse(e.httpClient.post(u.mapping,{tenantId:o,roleMappings:n,attributeMapping:r},{token:s}))}),A=(e,s)=>({create:(o,n,r,a)=>t.transformResponse(e.httpClient.post(d.create,{name:o,expireTime:n,roleNames:r,keyTenants:a},{token:s})),load:o=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{id:o},token:s}),(e=>e.key)),searchAll:o=>t.transformResponse(e.httpClient.post(d.search,{tenantIds:o},{token:s}),(e=>e.keys)),update:(o,n)=>t.transformResponse(e.httpClient.post(d.update,{id:o,name:n},{token:s}),(e=>e.key)),deactivate:o=>t.transformResponse(e.httpClient.post(d.deactivate,{id:o},{token:s})),activate:o=>t.transformResponse(e.httpClient.post(d.activate,{id:o},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(d.delete,{id:o},{token:s}))}),P=(e,s)=>({export:o=>t.transformResponse(e.httpClient.post(v.export,{flowId:o},{token:s})),import:(o,n,r)=>t.transformResponse(e.httpClient.post(v.import,{flowId:o,flow:n,screens:r},{token:s}))}),x=(e,s)=>({export:()=>t.transformResponse(e.httpClient.post(f.export,{},{token:s})),import:o=>t.transformResponse(e.httpClient.post(f.import,{theme:o},{token:s}))});var j;null!==(j=globalThis.Headers)&&void 0!==j||(globalThis.Headers=o.Headers);const N=(...e)=>(e.forEach((e=>{var t,s;e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),a.default(...e)),M=o=>{var n,{managementKey:a}=o,p=e.__rest(o,["managementKey"]);const d=r.default(Object.assign(Object.assign({},p),{fetch:N,baseHeaders:Object.assign(Object.assign({},p.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(n=null===process||void 0===process?void 0:process.versions)||void 0===n?void 0:n.node)||"","x-descope-sdk-version":"0.0.0-next-e0361769-20230612"})})),{projectId:m,logger:u}=p,c={},g=((e,t)=>({user:R(e,t),accessKey:A(e,t),tenant:y(e,t),sso:T(e,t),jwt:C(e,t),permission:w(e,t),role:I(e,t),group:b(e,t),flow:P(e,t),theme:x(e,t)}))(d,a),h=Object.assign(Object.assign({},d),{management:g,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(c[e.kid])return c[e.kid];if(Object.assign(c,await(async()=>{const e=(await d.httpClient.get(`v2/keys/${m}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!c[e.kid])throw Error("failed to fetch matching key");return c[e.kid]},async validateJwt(e){var t;const o=(await s.jwtVerify(e,h.getKey,{clockTolerance:5})).payload;if(o&&(o.iss=null===(t=o.iss)||void 0===t?void 0:t.split("/").pop(),o.iss!==m))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:o}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await h.validateJwt(e)}catch(e){throw null==u||u.error("session validation failed",e),Error("session validation failed")}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await h.validateJwt(e);const o=await h.refresh(e);if(o.ok){return await h.validateJwt(null===(t=o.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=o.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==u||u.error("refresh token validation failed",e),Error("refresh token validation failed")}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await h.validateSession(e)}catch(e){null==u||u.log("session validation failed - trying to refresh it")}return h.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await h.accessKey.exchange(e)}catch(e){throw null==u||u.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:s}=t.data;if(!s)throw null==u||u.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await h.validateJwt(s)}catch(e){throw null==u||u.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>h.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,s){const o=l(e,"permissions",t);return s.every((e=>o.includes(e)))},validateRoles:(e,t)=>h.validateTenantRoles(e,null,t),validateTenantRoles(e,t,s){const o=l(e,"roles",t);return s.every((e=>o.includes(e)))}});return t.wrapWith(h,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],i)};M.RefreshTokenCookieName="DSR",M.SessionTokenCookieName="DS",module.exports=M;
2
2
  //# sourceMappingURL=index.cjs.js.map
package/dist/index.esm.js CHANGED
@@ -1,2 +1,2 @@
1
- import{__rest as e}from"tslib";import t,{transformResponse as a,wrapWith as s}from"@descope/core-js-sdk";import{jwtVerify as o,errors as n,importJWK as r}from"jose";import i,{Headers as l}from"node-fetch-commonjs";const d=t=>async(...a)=>{var s,o,n;const r=await t(...a);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,d=e(i,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(s=r.response)||void 0===s?void 0:s.headers.get("set-cookie"))&&(l=((e,t)=>{const a=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return a?a[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:p})})};function p(e,t,a){var s,o;const n=a?null===(o=null===(s=e.token.tenants)||void 0===s?void 0:s[a])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(n)?n:[]}var m={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",expirePassword:"/v1/mgmt/user/password/expire",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink"},u={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},c={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},g={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},h={update:"/v1/mgmt/jwt/update"},v={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},k={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},y={export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},C={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},f={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const w=(e,t)=>({create:(s,o,n,r,i,l,d,p)=>a(e.httpClient.post(m.create,{loginId:s,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,customAttributes:d,picture:p},{token:t}),(e=>e.user)),createTestUser:(s,o,n,r,i,l,d,p)=>a(e.httpClient.post(m.create,{loginId:s,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,test:!0,customAttributes:d,picture:p},{token:t}),(e=>e.user)),invite:(s,o,n,r,i,l,d,p)=>a(e.httpClient.post(m.create,{loginId:s,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,invite:!0,customAttributes:d,picture:p},{token:t}),(e=>e.user)),update:(s,o,n,r,i,l,d,p)=>a(e.httpClient.post(m.update,{loginId:s,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,customAttributes:d,picture:p},{token:t}),(e=>e.user)),delete:s=>a(e.httpClient.post(m.delete,{loginId:s},{token:t})),deleteAllTestUsers:()=>a(e.httpClient.delete(m.deleteAllTestUsers,{token:t})),load:s=>a(e.httpClient.get(m.load,{queryParams:{loginId:s},token:t}),(e=>e.user)),loadByUserId:s=>a(e.httpClient.get(m.load,{queryParams:{userId:s},token:t}),(e=>e.user)),searchAll:(s,o,n,r,i,l,d)=>a(e.httpClient.post(m.search,{tenantIds:s,roleNames:o,limit:n,page:r,testUsersOnly:i,withTestUser:l,customAttributes:d},{token:t}),(e=>e.users)),getProviderToken:(s,o)=>a(e.httpClient.get(m.getProviderToken,{queryParams:{loginId:s,provider:o},token:t}),(e=>e)),activate:s=>a(e.httpClient.post(m.updateStatus,{loginId:s,status:"enabled"},{token:t}),(e=>e.user)),deactivate:s=>a(e.httpClient.post(m.updateStatus,{loginId:s,status:"disabled"},{token:t}),(e=>e.user)),updateEmail:(s,o,n)=>a(e.httpClient.post(m.updateEmail,{loginId:s,email:o,verified:n},{token:t}),(e=>e.user)),updatePhone:(s,o,n)=>a(e.httpClient.post(m.updatePhone,{loginId:s,phone:o,verified:n},{token:t}),(e=>e.user)),updateDisplayName:(s,o)=>a(e.httpClient.post(m.updateDisplayName,{loginId:s,displayName:o},{token:t}),(e=>e.user)),updatePicture:(s,o)=>a(e.httpClient.post(m.updatePicture,{loginId:s,picture:o},{token:t}),(e=>e.user)),updateCustomAttribute:(s,o,n)=>a(e.httpClient.post(m.updateCustomAttribute,{loginId:s,attributeKey:o,attributeValue:n},{token:t}),(e=>e.user)),addRoles:(s,o)=>a(e.httpClient.post(m.addRole,{loginId:s,roleNames:o},{token:t}),(e=>e.user)),removeRoles:(s,o)=>a(e.httpClient.post(m.removeRole,{loginId:s,roleNames:o},{token:t}),(e=>e.user)),addTenant:(s,o)=>a(e.httpClient.post(m.addTenant,{loginId:s,tenantId:o},{token:t}),(e=>e.user)),removeTenant:(s,o)=>a(e.httpClient.post(m.removeTenant,{loginId:s,tenantId:o},{token:t}),(e=>e.user)),addTenantRoles:(s,o,n)=>a(e.httpClient.post(m.addRole,{loginId:s,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),removeTenantRoles:(s,o,n)=>a(e.httpClient.post(m.removeRole,{loginId:s,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),generateOTPForTestUser:(s,o)=>a(e.httpClient.post(m.generateOTPForTest,{deliveryMethod:s,loginId:o},{token:t}),(e=>e)),generateMagicLinkForTestUser:(s,o,n)=>a(e.httpClient.post(m.generateMagicLinkForTest,{deliveryMethod:s,loginId:o,URI:n},{token:t}),(e=>e)),generateEnchantedLinkForTestUser:(s,o)=>a(e.httpClient.post(m.generateEnchantedLinkForTest,{loginId:s,URI:o},{token:t}),(e=>e)),setPassword:(s,o)=>a(e.httpClient.post(m.setPassword,{loginId:s,password:o},{token:t}),(e=>e)),expirePassword:s=>a(e.httpClient.post(m.expirePassword,{loginId:s},{token:t}),(e=>e))}),I=(e,t)=>({create:(s,o)=>a(e.httpClient.post(c.create,{name:s,selfProvisioningDomains:o},{token:t})),createWithId:(s,o,n)=>a(e.httpClient.post(c.create,{id:s,name:o,selfProvisioningDomains:n},{token:t})),update:(s,o,n)=>a(e.httpClient.post(c.update,{id:s,name:o,selfProvisioningDomains:n},{token:t})),delete:s=>a(e.httpClient.post(c.delete,{id:s},{token:t})),loadAll:()=>a(e.httpClient.get(c.loadAll,{token:t}),(e=>e.tenants))}),b=(e,t)=>({update:(s,o)=>a(e.httpClient.post(h.update,{jwt:s,customClaims:o},{token:t}))}),T=(e,t)=>({create:(s,o)=>a(e.httpClient.post(v.create,{name:s,description:o},{token:t})),update:(s,o,n)=>a(e.httpClient.post(v.update,{name:s,newName:o,description:n},{token:t})),delete:s=>a(e.httpClient.post(v.delete,{name:s},{token:t})),loadAll:()=>a(e.httpClient.get(v.loadAll,{token:t}),(e=>e.permissions))}),A=(e,t)=>({create:(s,o,n)=>a(e.httpClient.post(k.create,{name:s,description:o,permissionNames:n},{token:t})),update:(s,o,n,r)=>a(e.httpClient.post(k.update,{name:s,newName:o,description:n,permissionNames:r},{token:t})),delete:s=>a(e.httpClient.post(k.delete,{name:s},{token:t})),loadAll:()=>a(e.httpClient.get(k.loadAll,{token:t}),(e=>e.roles))}),P=(e,t)=>({loadAllGroups:s=>a(e.httpClient.post(f.loadAllGroups,{tenantId:s},{token:t})),loadAllGroupsForMember:(s,o,n)=>a(e.httpClient.post(f.loadAllGroupsForMember,{tenantId:s,loginIds:n,userIds:o},{token:t})),loadAllGroupMembers:(s,o)=>a(e.httpClient.post(f.loadAllGroupMembers,{tenantId:s,groupId:o},{token:t}))}),x=(e,t)=>({getSettings:s=>a(e.httpClient.get(g.settings,{queryParams:{tenantId:s},token:t}),(e=>e)),deleteSettings:s=>a(e.httpClient.delete(g.settings,{queryParams:{tenantId:s},token:t})),configureSettings:(s,o,n,r,i,l)=>a(e.httpClient.post(g.settings,{tenantId:s,idpURL:o,entityId:r,idpCert:n,redirectURL:i,domain:l},{token:t})),configureMetadata:(s,o)=>a(e.httpClient.post(g.metadata,{tenantId:s,idpMetadataURL:o},{token:t})),configureMapping:(s,o,n)=>a(e.httpClient.post(g.mapping,{tenantId:s,roleMappings:o,attributeMapping:n},{token:t}))}),j=(e,t)=>({create:(s,o,n,r)=>a(e.httpClient.post(u.create,{name:s,expireTime:o,roleNames:n,keyTenants:r},{token:t})),load:s=>a(e.httpClient.get(u.load,{queryParams:{id:s},token:t}),(e=>e.key)),searchAll:s=>a(e.httpClient.post(u.search,{tenantIds:s},{token:t}),(e=>e.keys)),update:(s,o)=>a(e.httpClient.post(u.update,{id:s,name:o},{token:t}),(e=>e.key)),deactivate:s=>a(e.httpClient.post(u.deactivate,{id:s},{token:t})),activate:s=>a(e.httpClient.post(u.activate,{id:s},{token:t})),delete:s=>a(e.httpClient.post(u.delete,{id:s},{token:t}))}),N=(e,t)=>({export:s=>a(e.httpClient.post(y.export,{flowId:s},{token:t})),import:(s,o,n)=>a(e.httpClient.post(y.import,{flowId:s,flow:o,screens:n},{token:t}))}),R=(e,t)=>({export:()=>a(e.httpClient.post(C.export,{},{token:t})),import:s=>a(e.httpClient.post(C.import,{theme:s},{token:t}))});var M;null!==(M=globalThis.Headers)&&void 0!==M||(globalThis.Headers=l);const E=(...e)=>(e.forEach((e=>{var t,a;e&&(null!==(t=(a=e).highWaterMark)&&void 0!==t||(a.highWaterMark=31457280))})),i(...e)),S=a=>{var i,{managementKey:l}=a,m=e(a,["managementKey"]);const u=t(Object.assign(Object.assign({},m),{fetch:E,baseHeaders:Object.assign(Object.assign({},m.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(i=null===process||void 0===process?void 0:process.versions)||void 0===i?void 0:i.node)||"","x-descope-sdk-version":"0.0.0-next-e5caa045-20230606"})})),{projectId:c,logger:g}=m,h={},v=((e,t)=>({user:w(e,t),accessKey:j(e,t),tenant:I(e,t),sso:x(e,t),jwt:b(e,t),permission:T(e,t),role:A(e,t),group:P(e,t),flow:N(e,t),theme:R(e,t)}))(u,l),k=Object.assign(Object.assign({},u),{management:v,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(h[e.kid])return h[e.kid];if(Object.assign(h,await(async()=>{const e=(await u.httpClient.get(`v2/keys/${c}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await r(e)])))).reduce(((e,[t,a])=>t?Object.assign(Object.assign({},e),{[t.toString()]:a}):e),{}):{}})()),!h[e.kid])throw Error("failed to fetch matching key");return h[e.kid]},async validateJwt(e){var t;const a=(await o(e,k.getKey,{clockTolerance:5})).payload;if(a&&(a.iss=null===(t=a.iss)||void 0===t?void 0:t.split("/").pop(),a.iss!==c))throw new n.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:a}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await k.validateJwt(e)}catch(e){throw null==g||g.error("session validation failed",e),Error("session validation failed")}},async refreshSession(e){var t,a;if(!e)throw Error("refresh token is required to refresh a session");try{await k.validateJwt(e);const s=await k.refresh(e);if(s.ok){return await k.validateJwt(null===(t=s.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(a=s.error)||void 0===a?void 0:a.errorMessage)}catch(e){throw null==g||g.error("refresh token validation failed",e),Error("refresh token validation failed")}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await k.validateSession(e)}catch(e){null==g||g.log("session validation failed - trying to refresh it")}return k.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await k.accessKey.exchange(e)}catch(e){throw null==g||g.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:a}=t.data;if(!a)throw null==g||g.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await k.validateJwt(a)}catch(e){throw null==g||g.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>k.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,a){const s=p(e,"permissions",t);return a.every((e=>s.includes(e)))},validateRoles:(e,t)=>k.validateTenantRoles(e,null,t),validateTenantRoles(e,t,a){const s=p(e,"roles",t);return a.every((e=>s.includes(e)))}});return s(k,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],d)};S.RefreshTokenCookieName="DSR",S.SessionTokenCookieName="DS";export{S as default};
1
+ import{__rest as e}from"tslib";import t,{transformResponse as s,wrapWith as a}from"@descope/core-js-sdk";import{jwtVerify as o,errors as n,importJWK as r}from"jose";import i,{Headers as l}from"node-fetch-commonjs";const d=t=>async(...s)=>{var a,o,n;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,d=e(i,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:p})})};function p(e,t,s){var a,o;const n=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(n)?n:[]}var m={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",expirePassword:"/v1/mgmt/user/password/expire",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink"},u={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},c={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},g={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},h={update:"/v1/mgmt/jwt/update"},v={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},k={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},y={export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},C={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},f={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const w=(e,t)=>({create:(a,o,n,r,i,l,d,p)=>s(e.httpClient.post(m.create,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,customAttributes:d,picture:p},{token:t}),(e=>e.user)),createTestUser:(a,o,n,r,i,l,d,p)=>s(e.httpClient.post(m.create,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,test:!0,customAttributes:d,picture:p},{token:t}),(e=>e.user)),invite:(a,o,n,r,i,l,d,p)=>s(e.httpClient.post(m.create,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,invite:!0,customAttributes:d,picture:p},{token:t}),(e=>e.user)),update:(a,o,n,r,i,l,d,p)=>s(e.httpClient.post(m.update,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,customAttributes:d,picture:p},{token:t}),(e=>e.user)),delete:a=>s(e.httpClient.post(m.delete,{loginId:a},{token:t})),deleteAllTestUsers:()=>s(e.httpClient.delete(m.deleteAllTestUsers,{token:t})),load:a=>s(e.httpClient.get(m.load,{queryParams:{loginId:a},token:t}),(e=>e.user)),loadByUserId:a=>s(e.httpClient.get(m.load,{queryParams:{userId:a},token:t}),(e=>e.user)),searchAll:(a,o,n,r,i,l,d)=>s(e.httpClient.post(m.search,{tenantIds:a,roleNames:o,limit:n,page:r,testUsersOnly:i,withTestUser:l,customAttributes:d},{token:t}),(e=>e.users)),getProviderToken:(a,o)=>s(e.httpClient.get(m.getProviderToken,{queryParams:{loginId:a,provider:o},token:t}),(e=>e)),activate:a=>s(e.httpClient.post(m.updateStatus,{loginId:a,status:"enabled"},{token:t}),(e=>e.user)),deactivate:a=>s(e.httpClient.post(m.updateStatus,{loginId:a,status:"disabled"},{token:t}),(e=>e.user)),updateEmail:(a,o,n)=>s(e.httpClient.post(m.updateEmail,{loginId:a,email:o,verified:n},{token:t}),(e=>e.user)),updatePhone:(a,o,n)=>s(e.httpClient.post(m.updatePhone,{loginId:a,phone:o,verified:n},{token:t}),(e=>e.user)),updateDisplayName:(a,o)=>s(e.httpClient.post(m.updateDisplayName,{loginId:a,displayName:o},{token:t}),(e=>e.user)),updatePicture:(a,o)=>s(e.httpClient.post(m.updatePicture,{loginId:a,picture:o},{token:t}),(e=>e.user)),updateCustomAttribute:(a,o,n)=>s(e.httpClient.post(m.updateCustomAttribute,{loginId:a,attributeKey:o,attributeValue:n},{token:t}),(e=>e.user)),addRoles:(a,o)=>s(e.httpClient.post(m.addRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),removeRoles:(a,o)=>s(e.httpClient.post(m.removeRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),addTenant:(a,o)=>s(e.httpClient.post(m.addTenant,{loginId:a,tenantId:o},{token:t}),(e=>e.user)),removeTenant:(a,o)=>s(e.httpClient.post(m.removeTenant,{loginId:a,tenantId:o},{token:t}),(e=>e.user)),addTenantRoles:(a,o,n)=>s(e.httpClient.post(m.addRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),removeTenantRoles:(a,o,n)=>s(e.httpClient.post(m.removeRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),generateOTPForTestUser:(a,o)=>s(e.httpClient.post(m.generateOTPForTest,{deliveryMethod:a,loginId:o},{token:t}),(e=>e)),generateMagicLinkForTestUser:(a,o,n)=>s(e.httpClient.post(m.generateMagicLinkForTest,{deliveryMethod:a,loginId:o,URI:n},{token:t}),(e=>e)),generateEnchantedLinkForTestUser:(a,o)=>s(e.httpClient.post(m.generateEnchantedLinkForTest,{loginId:a,URI:o},{token:t}),(e=>e)),setPassword:(a,o)=>s(e.httpClient.post(m.setPassword,{loginId:a,password:o},{token:t}),(e=>e)),expirePassword:a=>s(e.httpClient.post(m.expirePassword,{loginId:a},{token:t}),(e=>e))}),I=(e,t)=>({create:(a,o)=>s(e.httpClient.post(c.create,{name:a,selfProvisioningDomains:o},{token:t})),createWithId:(a,o,n)=>s(e.httpClient.post(c.create,{id:a,name:o,selfProvisioningDomains:n},{token:t})),update:(a,o,n)=>s(e.httpClient.post(c.update,{id:a,name:o,selfProvisioningDomains:n},{token:t})),delete:a=>s(e.httpClient.post(c.delete,{id:a},{token:t})),loadAll:()=>s(e.httpClient.get(c.loadAll,{token:t}),(e=>e.tenants))}),b=(e,t)=>({update:(a,o)=>s(e.httpClient.post(h.update,{jwt:a,customClaims:o},{token:t}))}),T=(e,t)=>({create:(a,o)=>s(e.httpClient.post(v.create,{name:a,description:o},{token:t})),update:(a,o,n)=>s(e.httpClient.post(v.update,{name:a,newName:o,description:n},{token:t})),delete:a=>s(e.httpClient.post(v.delete,{name:a},{token:t})),loadAll:()=>s(e.httpClient.get(v.loadAll,{token:t}),(e=>e.permissions))}),A=(e,t)=>({create:(a,o,n)=>s(e.httpClient.post(k.create,{name:a,description:o,permissionNames:n},{token:t})),update:(a,o,n,r)=>s(e.httpClient.post(k.update,{name:a,newName:o,description:n,permissionNames:r},{token:t})),delete:a=>s(e.httpClient.post(k.delete,{name:a},{token:t})),loadAll:()=>s(e.httpClient.get(k.loadAll,{token:t}),(e=>e.roles))}),P=(e,t)=>({loadAllGroups:a=>s(e.httpClient.post(f.loadAllGroups,{tenantId:a},{token:t})),loadAllGroupsForMember:(a,o,n)=>s(e.httpClient.post(f.loadAllGroupsForMember,{tenantId:a,loginIds:n,userIds:o},{token:t})),loadAllGroupMembers:(a,o)=>s(e.httpClient.post(f.loadAllGroupMembers,{tenantId:a,groupId:o},{token:t}))}),x=(e,t)=>({getSettings:a=>s(e.httpClient.get(g.settings,{queryParams:{tenantId:a},token:t}),(e=>e)),deleteSettings:a=>s(e.httpClient.delete(g.settings,{queryParams:{tenantId:a},token:t})),configureSettings:(a,o,n,r,i,l)=>s(e.httpClient.post(g.settings,{tenantId:a,idpURL:o,entityId:r,idpCert:n,redirectURL:i,domain:l},{token:t})),configureMetadata:(a,o)=>s(e.httpClient.post(g.metadata,{tenantId:a,idpMetadataURL:o},{token:t})),configureMapping:(a,o,n)=>s(e.httpClient.post(g.mapping,{tenantId:a,roleMappings:o,attributeMapping:n},{token:t}))}),j=(e,t)=>({create:(a,o,n,r)=>s(e.httpClient.post(u.create,{name:a,expireTime:o,roleNames:n,keyTenants:r},{token:t})),load:a=>s(e.httpClient.get(u.load,{queryParams:{id:a},token:t}),(e=>e.key)),searchAll:a=>s(e.httpClient.post(u.search,{tenantIds:a},{token:t}),(e=>e.keys)),update:(a,o)=>s(e.httpClient.post(u.update,{id:a,name:o},{token:t}),(e=>e.key)),deactivate:a=>s(e.httpClient.post(u.deactivate,{id:a},{token:t})),activate:a=>s(e.httpClient.post(u.activate,{id:a},{token:t})),delete:a=>s(e.httpClient.post(u.delete,{id:a},{token:t}))}),N=(e,t)=>({export:a=>s(e.httpClient.post(y.export,{flowId:a},{token:t})),import:(a,o,n)=>s(e.httpClient.post(y.import,{flowId:a,flow:o,screens:n},{token:t}))}),R=(e,t)=>({export:()=>s(e.httpClient.post(C.export,{},{token:t})),import:a=>s(e.httpClient.post(C.import,{theme:a},{token:t}))});var M;null!==(M=globalThis.Headers)&&void 0!==M||(globalThis.Headers=l);const E=(...e)=>(e.forEach((e=>{var t,s;e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),i(...e)),S=s=>{var i,{managementKey:l}=s,m=e(s,["managementKey"]);const u=t(Object.assign(Object.assign({},m),{fetch:E,baseHeaders:Object.assign(Object.assign({},m.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(i=null===process||void 0===process?void 0:process.versions)||void 0===i?void 0:i.node)||"","x-descope-sdk-version":"0.0.0-next-e0361769-20230612"})})),{projectId:c,logger:g}=m,h={},v=((e,t)=>({user:w(e,t),accessKey:j(e,t),tenant:I(e,t),sso:x(e,t),jwt:b(e,t),permission:T(e,t),role:A(e,t),group:P(e,t),flow:N(e,t),theme:R(e,t)}))(u,l),k=Object.assign(Object.assign({},u),{management:v,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(h[e.kid])return h[e.kid];if(Object.assign(h,await(async()=>{const e=(await u.httpClient.get(`v2/keys/${c}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await r(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!h[e.kid])throw Error("failed to fetch matching key");return h[e.kid]},async validateJwt(e){var t;const s=(await o(e,k.getKey,{clockTolerance:5})).payload;if(s&&(s.iss=null===(t=s.iss)||void 0===t?void 0:t.split("/").pop(),s.iss!==c))throw new n.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:s}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await k.validateJwt(e)}catch(e){throw null==g||g.error("session validation failed",e),Error("session validation failed")}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await k.validateJwt(e);const a=await k.refresh(e);if(a.ok){return await k.validateJwt(null===(t=a.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=a.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==g||g.error("refresh token validation failed",e),Error("refresh token validation failed")}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await k.validateSession(e)}catch(e){null==g||g.log("session validation failed - trying to refresh it")}return k.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await k.accessKey.exchange(e)}catch(e){throw null==g||g.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:s}=t.data;if(!s)throw null==g||g.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await k.validateJwt(s)}catch(e){throw null==g||g.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>k.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,s){const a=p(e,"permissions",t);return s.every((e=>a.includes(e)))},validateRoles:(e,t)=>k.validateTenantRoles(e,null,t),validateTenantRoles(e,t,s){const a=p(e,"roles",t);return s.every((e=>a.includes(e)))}});return a(k,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],d)};S.RefreshTokenCookieName="DSR",S.SessionTokenCookieName="DS";export{S as default};
2
2
  //# sourceMappingURL=index.esm.js.map
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@descope/node-sdk",
3
- "version": "0.0.0-next-e5caa045-20230606",
3
+ "version": "0.0.0-next-e0361769-20230612",
4
4
  "description": "Node.js library used to integrate with Descope",
5
5
  "typings": "./dist/index.d.ts",
6
6
  "main": "dist/cjs/index.cjs.js",