npm - @descope/node-sdk - Versions diffs - 1.5.7 → 1.5.8 - Mend

@descope/node-sdk 1.5.7 → 1.5.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -7,16 +7,16 @@ import { JWTHeaderParameters, KeyLike } from 'jose';
  * which tenant the user or access key belongs to. The roleNames array is an optional list of
  * roles for the user or access key in this specific tenant.
  */
-type AssociatedTenant = {
+declare type AssociatedTenant = {
     tenantId: string;
     roleNames: string[];
 };
 /** The tenantId of a newly created tenant */
-type CreateTenantResponse = {
+declare type CreateTenantResponse = {
     id: string;
 };
 /** An access key that can be used to access descope */
-type AccessKey = {
+declare type AccessKey = {
     id: string;
     name: string;
     expiredTime: number;
@@ -28,31 +28,31 @@ type AccessKey = {
     createdBy: string;
 };
 /** Access Key extended details including created key cleartext */
-type CreatedAccessKeyResponse = {
+declare type CreatedAccessKeyResponse = {
     key: AccessKey;
     cleartext: string;
 };
 /** Represents a mapping between a set of groups of users and a role that will be assigned to them */
-type RoleMapping = {
+declare type RoleMapping = {
     groups: string[];
     roleName: string;
 };
-type RoleMappings = RoleMapping[];
+declare type RoleMappings = RoleMapping[];
 /** Represents a mapping between Descope and IDP user attributes */
-type AttributeMapping = {
+declare type AttributeMapping = {
     name?: string;
     email?: string;
     phoneNumber?: string;
     group?: string;
 };
 /** UpdateJWT response with a new JWT value with the added custom claims */
-type UpdateJWTResponse = {
+declare type UpdateJWTResponse = {
     jwt: string;
 };
 /** Represents a tenant in a project. It has an id, a name and an array of
  * self provisioning domains used to associate users with that tenant.
  */
-type Tenant = {
+declare type Tenant = {
     id: string;
     name: string;
     selfProvisioningDomains: string[];
@@ -60,7 +60,7 @@ type Tenant = {
 /** Represents a permission in a project. It has a name and optionally a description.
  * It also has a flag indicating whether it is system default or not.
  */
-type Permission = {
+declare type Permission = {
     name: string;
     description?: string;
     systemDefault: boolean;
@@ -68,25 +68,25 @@ type Permission = {
 /** Represents a role in a project. It has a name and optionally a description and
  * a list of permissions it grants.
  */
-type Role = {
+declare type Role = {
     name: string;
     description?: string;
     permissionNames: string[];
     createdTime: number;
 };
 /** Represents a group in a project. It has an id and display name and a list of group members. */
-type Group = {
+declare type Group = {
     id: string;
     display: string;
     members?: GroupMember[];
 };
 /** Represents a group member. It has loginId, userId and display. */
-type GroupMember = {
+declare type GroupMember = {
     loginId: string;
     userId: string;
     display: string;
 };
-type Flow = {
+declare type Flow = {
     id: string;
     name: string;
     description?: string;
@@ -94,67 +94,67 @@ type Flow = {
     disabled: boolean;
     etag?: string;
 };
-type FlowMetadata = {
+declare type FlowMetadata = {
     id: string;
     name: string;
     description?: string;
     disabled: boolean;
 };
-type Screen = {
+declare type Screen = {
     id: string;
     flowId: string;
     inputs?: any;
     interactions?: any;
     htmlTemplate: any;
 };
-type FlowsResponse = {
+declare type FlowsResponse = {
     flows: FlowMetadata[];
     total: number;
 };
-type FlowResponse = {
+declare type FlowResponse = {
     flow: Flow;
     screens: Screen[];
 };
-type Theme = {
+declare type Theme = {
     id: string;
     cssTemplate?: any;
 };
-type ThemeResponse = {
+declare type ThemeResponse = {
     theme: Theme;
 };
-type GenerateOTPForTestResponse = {
+declare type GenerateOTPForTestResponse = {
     loginId: string;
     code: string;
 };
-type GenerateMagicLinkForTestResponse = {
+declare type GenerateMagicLinkForTestResponse = {
     loginId: string;
     link: string;
 };
-type GenerateEnchantedLinkForTestResponse = {
+declare type GenerateEnchantedLinkForTestResponse = {
     loginId: string;
     link: string;
     pendingRef: string;
 };
-type GenerateEmbeddedLinkResponse = {
+declare type GenerateEmbeddedLinkResponse = {
     token: string;
 };
-type AttributesTypes = string | boolean | number;
-type UserMapping = {
+declare type AttributesTypes = string | boolean | number;
+declare type UserMapping = {
     name: string;
     email: string;
     username: string;
     phoneNumber: string;
     group: string;
 };
-type RoleItem = {
+declare type RoleItem = {
     id: string;
     name: string;
 };
-type GroupsMapping = {
+declare type GroupsMapping = {
     role: RoleItem;
     groups: string[];
 };
-type SSOSettingsResponse = {
+declare type SSOSettingsResponse = {
     tenantId: string;
     idpEntityId: string;
     idpSSOUrl: string;
@@ -168,7 +168,7 @@ type SSOSettingsResponse = {
     redirectUrl: string;
     domain: string;
 };
-type ProviderTokenResponse = {
+declare type ProviderTokenResponse = {
     provider: string;
     providerUserId: string;
     accessToken: string;
@@ -179,7 +179,7 @@ type ProviderTokenResponse = {
  * Search options to filter which audit records we should retrieve.
  * All parameters are optional. `From` is currently limited to 30 days.
  */
-type AuditSearchOptions = {
+declare type AuditSearchOptions = {
     userIds?: string[];
     actions?: string[];
     excludedActions?: string[];
@@ -195,7 +195,7 @@ type AuditSearchOptions = {
     to?: number;
 };
 /** Audit record response from the audit trail. Occurred is in milliseconds. */
-type AuditRecord = {
+declare type AuditRecord = {
     projectId: string;
     userId: string;
     action: string;
@@ -229,7 +229,7 @@ interface AuthenticationInfo {
 }
 /** Configuration arguments which include the Descope core SDK args and an optional management key */
-type NodeSdkArgs = Parameters<typeof _descope_core_js_sdk__default>[0] & {
+declare type NodeSdkArgs = Parameters<typeof _descope_core_js_sdk__default>[0] & {
     managementKey?: string;
     publicKey?: string;
 };
@@ -245,7 +245,9 @@ declare const nodeSdk: {
                 deleteAllTestUsers: () => Promise<SdkResponse<never>>;
                 load: (loginId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
                 loadByUserId: (userId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
-                searchAll: (tenantIds?: string[], roles?: string[], limit?: number, page?: number, testUsersOnly?: boolean, withTestUser?: boolean, customAttributes?: Record<string, AttributesTypes>, statuses?: UserStatus[]) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse[]>>;
+                logoutUser: (loginId: string) => Promise<SdkResponse<never>>;
+                logoutUserByUserId: (userId: string) => Promise<SdkResponse<never>>;
+                searchAll: (tenantIds?: string[], roles?: string[], limit?: number, page?: number, testUsersOnly?: boolean, withTestUser?: boolean, customAttributes?: Record<string, AttributesTypes>, statuses?: UserStatus[], emails?: string[], phones?: string[]) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse[]>>;
                 getProviderToken: (loginId: string, provider: string) => Promise<SdkResponse<ProviderTokenResponse>>;
                 activate: (loginId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
                 deactivate: (loginId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
@@ -281,12 +283,13 @@ declare const nodeSdk: {
                 delete: (id: string) => Promise<SdkResponse<never>>;
             };
             tenant: {
-                create: (name: string, selfProvisioningDomains?: string[]) => Promise<SdkResponse<CreateTenantResponse>>;
-                createWithId: (id: string, name: string, selfProvisioningDomains?: string[]) => Promise<SdkResponse<never>>;
-                update: (id: string, name: string, selfProvisioningDomains?: string[]) => Promise<SdkResponse<never>>;
+                create: (name: string, selfProvisioningDomains?: string[], customAttributes?: Record<string, AttributesTypes>) => Promise<SdkResponse<CreateTenantResponse>>;
+                createWithId: (id: string, name: string, selfProvisioningDomains?: string[], customAttributes?: Record<string, AttributesTypes>) => Promise<SdkResponse<never>>;
+                update: (id: string, name: string, selfProvisioningDomains?: string[], customAttributes?: Record<string, AttributesTypes>) => Promise<SdkResponse<never>>;
                 delete: (id: string) => Promise<SdkResponse<never>>;
                 load: (id: string) => Promise<SdkResponse<Tenant>>;
                 loadAll: () => Promise<SdkResponse<Tenant[]>>;
+                searchAll: (ids?: string[], names?: string[], selfProvisioningDomains?: string[], customAttributes?: Record<string, AttributesTypes>) => Promise<SdkResponse<Tenant[]>>;
             };
             sso: {
                 getSettings: (tenantId: string) => Promise<SdkResponse<SSOSettingsResponse>>;

package/dist/index.esm.js CHANGED Viewed

@@ -1,2 +1,2 @@
-import{__rest as e}from"tslib";import t,{transformResponse as a,wrapWith as s}from"@descope/core-js-sdk";import{jwtVerify as o,errors as n,importJWK as r}from"jose";import i,{Headers as l}from"node-fetch-commonjs";const d="DSR",p="tenants",m=t=>async(...a)=>{var s,o,n;const r=await t(...a);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,p=e(i,["refreshJwt"]);const m=[];var u;return l?m.push(`${d}=${l}; Domain=${(null==(u=p)?void 0:u.cookieDomain)||""}; Max-Age=${(null==u?void 0:u.cookieMaxAge)||""}; Path=${(null==u?void 0:u.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(s=r.response)||void 0===s?void 0:s.headers.get("set-cookie"))&&(l=((e,t)=>{const a=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return a?a[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),d),m.push(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:m})})};function u(e,t,a){var s,o;const n=a?null===(o=null===(s=e.token[p])||void 0===s?void 0:s[a])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(n)?n:[]}function c(e,t){var a;return!!(null===(a=e.token[p])||void 0===a?void 0:a[t])}var g={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",expirePassword:"/v1/mgmt/user/password/expire",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink"},h={updateName:"/v1/mgmt/project/update/name"},v={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},k={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",loadAll:"/v1/mgmt/tenant/all"},y={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},f={update:"/v1/mgmt/jwt/update"},C={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},w={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},I={list:"/v1/mgmt/flow/list",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},b={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},T={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},A={search:"/v1/mgmt/audit/search"};const P=(e,t)=>({create:(s,o,n,r,i,l,d,p,m,u)=>a(e.httpClient.post(g.create,{loginId:s,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:u},{token:t}),(e=>e.user)),createTestUser:(s,o,n,r,i,l,d,p,m,u)=>a(e.httpClient.post(g.create,{loginId:s,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,test:!0,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:u},{token:t}),(e=>e.user)),invite:(s,o,n,r,i,l,d,p,m,u,c)=>a(e.httpClient.post(g.create,{loginId:s,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,invite:!0,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:u,inviteUrl:c},{token:t}),(e=>e.user)),update:(s,o,n,r,i,l,d,p,m,u)=>a(e.httpClient.post(g.update,{loginId:s,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:u},{token:t}),(e=>e.user)),delete:s=>a(e.httpClient.post(g.delete,{loginId:s},{token:t})),deleteAllTestUsers:()=>a(e.httpClient.delete(g.deleteAllTestUsers,{token:t})),load:s=>a(e.httpClient.get(g.load,{queryParams:{loginId:s},token:t}),(e=>e.user)),loadByUserId:s=>a(e.httpClient.get(g.load,{queryParams:{userId:s},token:t}),(e=>e.user)),searchAll:(s,o,n,r,i,l,d,p)=>a(e.httpClient.post(g.search,{tenantIds:s,roleNames:o,limit:n,page:r,testUsersOnly:i,withTestUser:l,customAttributes:d,statuses:p},{token:t}),(e=>e.users)),getProviderToken:(s,o)=>a(e.httpClient.get(g.getProviderToken,{queryParams:{loginId:s,provider:o},token:t}),(e=>e)),activate:s=>a(e.httpClient.post(g.updateStatus,{loginId:s,status:"enabled"},{token:t}),(e=>e.user)),deactivate:s=>a(e.httpClient.post(g.updateStatus,{loginId:s,status:"disabled"},{token:t}),(e=>e.user)),updateLoginId:(s,o)=>a(e.httpClient.post(g.updateLoginId,{loginId:s,newLoginId:o},{token:t}),(e=>e.user)),updateEmail:(s,o,n)=>a(e.httpClient.post(g.updateEmail,{loginId:s,email:o,verified:n},{token:t}),(e=>e.user)),updatePhone:(s,o,n)=>a(e.httpClient.post(g.updatePhone,{loginId:s,phone:o,verified:n},{token:t}),(e=>e.user)),updateDisplayName:(s,o)=>a(e.httpClient.post(g.updateDisplayName,{loginId:s,displayName:o},{token:t}),(e=>e.user)),updatePicture:(s,o)=>a(e.httpClient.post(g.updatePicture,{loginId:s,picture:o},{token:t}),(e=>e.user)),updateCustomAttribute:(s,o,n)=>a(e.httpClient.post(g.updateCustomAttribute,{loginId:s,attributeKey:o,attributeValue:n},{token:t}),(e=>e.user)),addRoles:(s,o)=>a(e.httpClient.post(g.addRole,{loginId:s,roleNames:o},{token:t}),(e=>e.user)),removeRoles:(s,o)=>a(e.httpClient.post(g.removeRole,{loginId:s,roleNames:o},{token:t}),(e=>e.user)),addTenant:(s,o)=>a(e.httpClient.post(g.addTenant,{loginId:s,tenantId:o},{token:t}),(e=>e.user)),removeTenant:(s,o)=>a(e.httpClient.post(g.removeTenant,{loginId:s,tenantId:o},{token:t}),(e=>e.user)),addTenantRoles:(s,o,n)=>a(e.httpClient.post(g.addRole,{loginId:s,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),removeTenantRoles:(s,o,n)=>a(e.httpClient.post(g.removeRole,{loginId:s,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),generateOTPForTestUser:(s,o)=>a(e.httpClient.post(g.generateOTPForTest,{deliveryMethod:s,loginId:o},{token:t}),(e=>e)),generateMagicLinkForTestUser:(s,o,n)=>a(e.httpClient.post(g.generateMagicLinkForTest,{deliveryMethod:s,loginId:o,URI:n},{token:t}),(e=>e)),generateEnchantedLinkForTestUser:(s,o)=>a(e.httpClient.post(g.generateEnchantedLinkForTest,{loginId:s,URI:o},{token:t}),(e=>e)),generateEmbeddedLink:(s,o)=>a(e.httpClient.post(g.generateEmbeddedLink,{loginId:s,customClaims:o},{token:t}),(e=>e)),setPassword:(s,o)=>a(e.httpClient.post(g.setPassword,{loginId:s,password:o},{token:t}),(e=>e)),expirePassword:s=>a(e.httpClient.post(g.expirePassword,{loginId:s},{token:t}),(e=>e))}),x=(e,t)=>({updateName:s=>a(e.httpClient.post(h.updateName,{name:s},{token:t}))}),E=(e,t)=>({create:(s,o)=>a(e.httpClient.post(k.create,{name:s,selfProvisioningDomains:o},{token:t})),createWithId:(s,o,n)=>a(e.httpClient.post(k.create,{id:s,name:o,selfProvisioningDomains:n},{token:t})),update:(s,o,n)=>a(e.httpClient.post(k.update,{id:s,name:o,selfProvisioningDomains:n},{token:t})),delete:s=>a(e.httpClient.post(k.delete,{id:s},{token:t})),load:s=>a(e.httpClient.get(k.load,{queryParams:{id:s},token:t}),(e=>e)),loadAll:()=>a(e.httpClient.get(k.loadAll,{token:t}),(e=>e.tenants))}),j=(e,t)=>({update:(s,o)=>a(e.httpClient.post(f.update,{jwt:s,customClaims:o},{token:t}))}),N=(e,t)=>({create:(s,o)=>a(e.httpClient.post(C.create,{name:s,description:o},{token:t})),update:(s,o,n)=>a(e.httpClient.post(C.update,{name:s,newName:o,description:n},{token:t})),delete:s=>a(e.httpClient.post(C.delete,{name:s},{token:t})),loadAll:()=>a(e.httpClient.get(C.loadAll,{token:t}),(e=>e.permissions))}),O=(e,t)=>({create:(s,o,n)=>a(e.httpClient.post(w.create,{name:s,description:o,permissionNames:n},{token:t})),update:(s,o,n,r)=>a(e.httpClient.post(w.update,{name:s,newName:o,description:n,permissionNames:r},{token:t})),delete:s=>a(e.httpClient.post(w.delete,{name:s},{token:t})),loadAll:()=>a(e.httpClient.get(w.loadAll,{token:t}),(e=>e.roles))}),R=(e,t)=>({loadAllGroups:s=>a(e.httpClient.post(T.loadAllGroups,{tenantId:s},{token:t})),loadAllGroupsForMember:(s,o,n)=>a(e.httpClient.post(T.loadAllGroupsForMember,{tenantId:s,loginIds:n,userIds:o},{token:t})),loadAllGroupMembers:(s,o)=>a(e.httpClient.post(T.loadAllGroupMembers,{tenantId:s,groupId:o},{token:t}))}),M=(e,t)=>({getSettings:s=>a(e.httpClient.get(y.settings,{queryParams:{tenantId:s},token:t}),(e=>e)),deleteSettings:s=>a(e.httpClient.delete(y.settings,{queryParams:{tenantId:s},token:t})),configureSettings:(s,o,n,r,i,l)=>a(e.httpClient.post(y.settings,{tenantId:s,idpURL:o,entityId:r,idpCert:n,redirectURL:i,domain:l},{token:t})),configureMetadata:(s,o,n,r)=>a(e.httpClient.post(y.metadata,{tenantId:s,idpMetadataURL:o,redirectURL:n,domain:r},{token:t})),configureMapping:(s,o,n)=>a(e.httpClient.post(y.mapping,{tenantId:s,roleMappings:o,attributeMapping:n},{token:t}))}),L=(e,t)=>({create:(s,o,n,r)=>a(e.httpClient.post(v.create,{name:s,expireTime:o,roleNames:n,keyTenants:r},{token:t})),load:s=>a(e.httpClient.get(v.load,{queryParams:{id:s},token:t}),(e=>e.key)),searchAll:s=>a(e.httpClient.post(v.search,{tenantIds:s},{token:t}),(e=>e.keys)),update:(s,o)=>a(e.httpClient.post(v.update,{id:s,name:o},{token:t}),(e=>e.key)),deactivate:s=>a(e.httpClient.post(v.deactivate,{id:s},{token:t})),activate:s=>a(e.httpClient.post(v.activate,{id:s},{token:t})),delete:s=>a(e.httpClient.post(v.delete,{id:s},{token:t}))}),S=(e,t)=>({list:()=>a(e.httpClient.post(I.list,{},{token:t})),export:s=>a(e.httpClient.post(I.export,{flowId:s},{token:t})),import:(s,o,n)=>a(e.httpClient.post(I.import,{flowId:s,flow:o,screens:n},{token:t}))}),U=(e,t)=>({export:()=>a(e.httpClient.post(b.export,{},{token:t})),import:s=>a(e.httpClient.post(b.import,{theme:s},{token:t}))}),F=(e,t)=>({search:s=>{const o=Object.assign(Object.assign({},s),{externalIds:s.loginIds});return delete o.loginIds,a(e.httpClient.post(A.search,o,{token:t}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))}});var $;null!==($=globalThis.Headers)&&void 0!==$||(globalThis.Headers=l);const J=(...e)=>(e.forEach((e=>{var t,a;e&&(null!==(t=(a=e).highWaterMark)&&void 0!==t||(a.highWaterMark=31457280))})),i(...e)),D=a=>{var i,{managementKey:l,publicKey:d}=a,p=e(a,["managementKey","publicKey"]);const g=t(Object.assign(Object.assign({},p),{fetch:J,baseHeaders:Object.assign(Object.assign({},p.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(i=null===process||void 0===process?void 0:process.versions)||void 0===i?void 0:i.node)||"","x-descope-sdk-version":"1.5.7"})})),{projectId:h,logger:v}=p,k={},y=((e,t)=>({user:P(e,t),project:x(e,t),accessKey:L(e,t),tenant:E(e,t),sso:M(e,t),jwt:j(e,t),permission:N(e,t),role:O(e,t),group:R(e,t),flow:S(e,t),theme:U(e,t),audit:F(e,t)}))(g,l),f=Object.assign(Object.assign({},g),{management:y,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(k[e.kid])return k[e.kid];if(Object.assign(k,await(async()=>{if(d)try{const e=JSON.parse(d),t=await r(e);return{[e.kid]:t}}catch(e){throw null==v||v.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await g.httpClient.get(`v2/keys/${h}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await r(e)])))).reduce(((e,[t,a])=>t?Object.assign(Object.assign({},e),{[t.toString()]:a}):e),{}):{}})()),!k[e.kid])throw Error("failed to fetch matching key");return k[e.kid]},async validateJwt(e){var t;const a=(await o(e,f.getKey,{clockTolerance:5})).payload;if(a&&(a.iss=null===(t=a.iss)||void 0===t?void 0:t.split("/").pop(),a.iss!==h))throw new n.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:a}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await f.validateJwt(e)}catch(e){throw null==v||v.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,a;if(!e)throw Error("refresh token is required to refresh a session");try{await f.validateJwt(e);const s=await f.refresh(e);if(s.ok){return await f.validateJwt(null===(t=s.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(a=s.error)||void 0===a?void 0:a.errorMessage)}catch(e){throw null==v||v.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await f.validateSession(e)}catch(e){null==v||v.log(`session validation failed with error ${e} - trying to refresh it`)}return f.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await f.accessKey.exchange(e)}catch(e){throw null==v||v.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}const{sessionJwt:a}=t.data;if(!a)throw null==v||v.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await f.validateJwt(a)}catch(e){throw null==v||v.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>f.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,a){if(t&&!c(e,t))return!1;const s=u(e,"permissions",t);return a.every((e=>s.includes(e)))},validateRoles:(e,t)=>f.validateTenantRoles(e,null,t),validateTenantRoles(e,t,a){if(t&&!c(e,t))return!1;const s=u(e,"roles",t);return a.every((e=>s.includes(e)))}});return s(f,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],m)};D.RefreshTokenCookieName=d,D.SessionTokenCookieName="DS";export{D as default};
+import{__rest as e}from"tslib";import t,{transformResponse as s,wrapWith as a}from"@descope/core-js-sdk";import{jwtVerify as o,errors as n,importJWK as r}from"jose";import i,{Headers as l}from"node-fetch-commonjs";const d=t=>async(...s)=>{var a,o,n;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,d=e(i,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:p})})};function p(e,t,s){var a,o;const n=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(n)?n:[]}function m(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var u={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",expirePassword:"/v1/mgmt/user/password/expire",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink"},c={updateName:"/v1/mgmt/project/update/name"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},h={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search"},v={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},k={update:"/v1/mgmt/jwt/update"},y={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},f={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},C={list:"/v1/mgmt/flow/list",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},w={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},I={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},b={search:"/v1/mgmt/audit/search"};const A=(e,t)=>({create:(a,o,n,r,i,l,d,p,m,c)=>s(e.httpClient.post(u.create,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c},{token:t}),(e=>e.user)),createTestUser:(a,o,n,r,i,l,d,p,m,c)=>s(e.httpClient.post(u.create,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,test:!0,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c},{token:t}),(e=>e.user)),invite:(a,o,n,r,i,l,d,p,m,c,g)=>s(e.httpClient.post(u.create,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,invite:!0,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,inviteUrl:g},{token:t}),(e=>e.user)),update:(a,o,n,r,i,l,d,p,m,c)=>s(e.httpClient.post(u.update,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c},{token:t}),(e=>e.user)),delete:a=>s(e.httpClient.post(u.delete,{loginId:a},{token:t})),deleteAllTestUsers:()=>s(e.httpClient.delete(u.deleteAllTestUsers,{token:t})),load:a=>s(e.httpClient.get(u.load,{queryParams:{loginId:a},token:t}),(e=>e.user)),loadByUserId:a=>s(e.httpClient.get(u.load,{queryParams:{userId:a},token:t}),(e=>e.user)),logoutUser:a=>s(e.httpClient.post(u.logout,{loginId:a},{token:t})),logoutUserByUserId:a=>s(e.httpClient.post(u.logout,{userId:a},{token:t})),searchAll:(a,o,n,r,i,l,d,p,m,c)=>s(e.httpClient.post(u.search,{tenantIds:a,roleNames:o,limit:n,page:r,testUsersOnly:i,withTestUser:l,customAttributes:d,statuses:p,emails:m,phones:c},{token:t}),(e=>e.users)),getProviderToken:(a,o)=>s(e.httpClient.get(u.getProviderToken,{queryParams:{loginId:a,provider:o},token:t}),(e=>e)),activate:a=>s(e.httpClient.post(u.updateStatus,{loginId:a,status:"enabled"},{token:t}),(e=>e.user)),deactivate:a=>s(e.httpClient.post(u.updateStatus,{loginId:a,status:"disabled"},{token:t}),(e=>e.user)),updateLoginId:(a,o)=>s(e.httpClient.post(u.updateLoginId,{loginId:a,newLoginId:o},{token:t}),(e=>e.user)),updateEmail:(a,o,n)=>s(e.httpClient.post(u.updateEmail,{loginId:a,email:o,verified:n},{token:t}),(e=>e.user)),updatePhone:(a,o,n)=>s(e.httpClient.post(u.updatePhone,{loginId:a,phone:o,verified:n},{token:t}),(e=>e.user)),updateDisplayName:(a,o)=>s(e.httpClient.post(u.updateDisplayName,{loginId:a,displayName:o},{token:t}),(e=>e.user)),updatePicture:(a,o)=>s(e.httpClient.post(u.updatePicture,{loginId:a,picture:o},{token:t}),(e=>e.user)),updateCustomAttribute:(a,o,n)=>s(e.httpClient.post(u.updateCustomAttribute,{loginId:a,attributeKey:o,attributeValue:n},{token:t}),(e=>e.user)),addRoles:(a,o)=>s(e.httpClient.post(u.addRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),removeRoles:(a,o)=>s(e.httpClient.post(u.removeRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),addTenant:(a,o)=>s(e.httpClient.post(u.addTenant,{loginId:a,tenantId:o},{token:t}),(e=>e.user)),removeTenant:(a,o)=>s(e.httpClient.post(u.removeTenant,{loginId:a,tenantId:o},{token:t}),(e=>e.user)),addTenantRoles:(a,o,n)=>s(e.httpClient.post(u.addRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),removeTenantRoles:(a,o,n)=>s(e.httpClient.post(u.removeRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),generateOTPForTestUser:(a,o)=>s(e.httpClient.post(u.generateOTPForTest,{deliveryMethod:a,loginId:o},{token:t}),(e=>e)),generateMagicLinkForTestUser:(a,o,n)=>s(e.httpClient.post(u.generateMagicLinkForTest,{deliveryMethod:a,loginId:o,URI:n},{token:t}),(e=>e)),generateEnchantedLinkForTestUser:(a,o)=>s(e.httpClient.post(u.generateEnchantedLinkForTest,{loginId:a,URI:o},{token:t}),(e=>e)),generateEmbeddedLink:(a,o)=>s(e.httpClient.post(u.generateEmbeddedLink,{loginId:a,customClaims:o},{token:t}),(e=>e)),setPassword:(a,o)=>s(e.httpClient.post(u.setPassword,{loginId:a,password:o},{token:t}),(e=>e)),expirePassword:a=>s(e.httpClient.post(u.expirePassword,{loginId:a},{token:t}),(e=>e))}),T=(e,t)=>({updateName:a=>s(e.httpClient.post(c.updateName,{name:a},{token:t}))}),P=(e,t)=>({create:(a,o,n)=>s(e.httpClient.post(h.create,{name:a,selfProvisioningDomains:o,customAttributes:n},{token:t})),createWithId:(a,o,n,r)=>s(e.httpClient.post(h.create,{id:a,name:o,selfProvisioningDomains:n,customAttributes:r},{token:t})),update:(a,o,n,r)=>s(e.httpClient.post(h.update,{id:a,name:o,selfProvisioningDomains:n,customAttributes:r},{token:t})),delete:a=>s(e.httpClient.post(h.delete,{id:a},{token:t})),load:a=>s(e.httpClient.get(h.load,{queryParams:{id:a},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(h.loadAll,{token:t}),(e=>e.tenants)),searchAll:(a,o,n,r)=>s(e.httpClient.post(h.searchAll,{tenantIds:a,tenantNames:o,tenantSelfProvisioningDomains:n,customAttributes:r},{token:t}),(e=>e.tenants))}),x=(e,t)=>({update:(a,o)=>s(e.httpClient.post(k.update,{jwt:a,customClaims:o},{token:t}))}),E=(e,t)=>({create:(a,o)=>s(e.httpClient.post(y.create,{name:a,description:o},{token:t})),update:(a,o,n)=>s(e.httpClient.post(y.update,{name:a,newName:o,description:n},{token:t})),delete:a=>s(e.httpClient.post(y.delete,{name:a},{token:t})),loadAll:()=>s(e.httpClient.get(y.loadAll,{token:t}),(e=>e.permissions))}),j=(e,t)=>({create:(a,o,n)=>s(e.httpClient.post(f.create,{name:a,description:o,permissionNames:n},{token:t})),update:(a,o,n,r)=>s(e.httpClient.post(f.update,{name:a,newName:o,description:n,permissionNames:r},{token:t})),delete:a=>s(e.httpClient.post(f.delete,{name:a},{token:t})),loadAll:()=>s(e.httpClient.get(f.loadAll,{token:t}),(e=>e.roles))}),N=(e,t)=>({loadAllGroups:a=>s(e.httpClient.post(I.loadAllGroups,{tenantId:a},{token:t})),loadAllGroupsForMember:(a,o,n)=>s(e.httpClient.post(I.loadAllGroupsForMember,{tenantId:a,loginIds:n,userIds:o},{token:t})),loadAllGroupMembers:(a,o)=>s(e.httpClient.post(I.loadAllGroupMembers,{tenantId:a,groupId:o},{token:t}))}),R=(e,t)=>({getSettings:a=>s(e.httpClient.get(v.settings,{queryParams:{tenantId:a},token:t}),(e=>e)),deleteSettings:a=>s(e.httpClient.delete(v.settings,{queryParams:{tenantId:a},token:t})),configureSettings:(a,o,n,r,i,l)=>s(e.httpClient.post(v.settings,{tenantId:a,idpURL:o,entityId:r,idpCert:n,redirectURL:i,domain:l},{token:t})),configureMetadata:(a,o,n,r)=>s(e.httpClient.post(v.metadata,{tenantId:a,idpMetadataURL:o,redirectURL:n,domain:r},{token:t})),configureMapping:(a,o,n)=>s(e.httpClient.post(v.mapping,{tenantId:a,roleMappings:o,attributeMapping:n},{token:t}))}),O=(e,t)=>({create:(a,o,n,r)=>s(e.httpClient.post(g.create,{name:a,expireTime:o,roleNames:n,keyTenants:r},{token:t})),load:a=>s(e.httpClient.get(g.load,{queryParams:{id:a},token:t}),(e=>e.key)),searchAll:a=>s(e.httpClient.post(g.search,{tenantIds:a},{token:t}),(e=>e.keys)),update:(a,o)=>s(e.httpClient.post(g.update,{id:a,name:o},{token:t}),(e=>e.key)),deactivate:a=>s(e.httpClient.post(g.deactivate,{id:a},{token:t})),activate:a=>s(e.httpClient.post(g.activate,{id:a},{token:t})),delete:a=>s(e.httpClient.post(g.delete,{id:a},{token:t}))}),S=(e,t)=>({list:()=>s(e.httpClient.post(C.list,{},{token:t})),export:a=>s(e.httpClient.post(C.export,{flowId:a},{token:t})),import:(a,o,n)=>s(e.httpClient.post(C.import,{flowId:a,flow:o,screens:n},{token:t}))}),U=(e,t)=>({export:()=>s(e.httpClient.post(w.export,{},{token:t})),import:a=>s(e.httpClient.post(w.import,{theme:a},{token:t}))}),M=(e,t)=>({search:a=>{const o=Object.assign(Object.assign({},a),{externalIds:a.loginIds});return delete o.loginIds,s(e.httpClient.post(b.search,o,{token:t}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))}});var L;null!==(L=globalThis.Headers)&&void 0!==L||(globalThis.Headers=l);const F=(...e)=>(e.forEach((e=>{var t,s;e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),i(...e)),D=s=>{var i,{managementKey:l,publicKey:u}=s,c=e(s,["managementKey","publicKey"]);const g=t(Object.assign(Object.assign({fetch:F},c),{baseHeaders:Object.assign(Object.assign({},c.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(i=null===process||void 0===process?void 0:process.versions)||void 0===i?void 0:i.node)||"","x-descope-sdk-version":"1.5.8"})})),{projectId:h,logger:v}=c,k={},y=((e,t)=>({user:A(e,t),project:T(e,t),accessKey:O(e,t),tenant:P(e,t),sso:R(e,t),jwt:x(e,t),permission:E(e,t),role:j(e,t),group:N(e,t),flow:S(e,t),theme:U(e,t),audit:M(e,t)}))(g,l),f=Object.assign(Object.assign({},g),{management:y,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(k[e.kid])return k[e.kid];if(Object.assign(k,await(async()=>{if(u)try{const e=JSON.parse(u),t=await r(e);return{[e.kid]:t}}catch(e){throw null==v||v.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await g.httpClient.get(`v2/keys/${h}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await r(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!k[e.kid])throw Error("failed to fetch matching key");return k[e.kid]},async validateJwt(e){var t;const s=(await o(e,f.getKey,{clockTolerance:5})).payload;if(s&&(s.iss=null===(t=s.iss)||void 0===t?void 0:t.split("/").pop(),s.iss!==h))throw new n.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:s}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await f.validateJwt(e)}catch(e){throw null==v||v.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await f.validateJwt(e);const a=await f.refresh(e);if(a.ok){return await f.validateJwt(null===(t=a.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=a.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==v||v.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await f.validateSession(e)}catch(e){null==v||v.log(`session validation failed with error ${e} - trying to refresh it`)}return f.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await f.accessKey.exchange(e)}catch(e){throw null==v||v.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}const{sessionJwt:s}=t.data;if(!s)throw null==v||v.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await f.validateJwt(s)}catch(e){throw null==v||v.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>f.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,s){if(t&&!m(e,t))return!1;const a=p(e,"permissions",t);return s.every((e=>a.includes(e)))},validateRoles:(e,t)=>f.validateTenantRoles(e,null,t),validateTenantRoles(e,t,s){if(t&&!m(e,t))return!1;const a=p(e,"roles",t);return s.every((e=>a.includes(e)))}});return a(f,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],d)};D.RefreshTokenCookieName="DSR",D.SessionTokenCookieName="DS";export{D as default};
 //# sourceMappingURL=index.esm.js.map