@descope/node-sdk 1.6.2 → 1.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -33
- package/dist/cjs/index.cjs.js +1 -1
- package/dist/cjs/index.cjs.js.map +1 -1
- package/dist/index.d.ts +171 -37
- package/dist/index.esm.js +1 -1
- package/dist/index.esm.js.map +1 -1
- package/package.json +2 -3
package/README.md
CHANGED
|
@@ -574,26 +574,20 @@ You can create, update, delete or load users, as well as search according to fil
|
|
|
574
574
|
// A user must have a login ID, other fields are optional.
|
|
575
575
|
// Roles should be set directly if no tenants exist, otherwise set
|
|
576
576
|
// on a per-tenant basis.
|
|
577
|
-
await descopeClient.management.user.create(
|
|
578
|
-
'desmond@descope.com',
|
|
579
|
-
'
|
|
580
|
-
|
|
581
|
-
|
|
582
|
-
null,
|
|
583
|
-
[{ tenantId: 'tenant-ID1', roleNames: ['role-name1'] }],
|
|
584
|
-
);
|
|
577
|
+
await descopeClient.management.user.create('desmond@descope.com', {
|
|
578
|
+
email: 'desmond@descope.com',
|
|
579
|
+
displayName: 'Desmond Copeland',
|
|
580
|
+
userTenants: [{ tenantId: 'tenant-ID1', roleNames: ['role-name1'] }],
|
|
581
|
+
});
|
|
585
582
|
|
|
586
583
|
// Alternatively, a user can be created and invited via an email / text message.
|
|
587
584
|
// Make sure to configure the invite URL in the Descope console prior to using this function,
|
|
588
585
|
// and that an email address / phone number is provided in the information.
|
|
589
|
-
await descopeClient.management.user.invite(
|
|
590
|
-
'desmond@descope.com',
|
|
591
|
-
'
|
|
592
|
-
|
|
593
|
-
|
|
594
|
-
null,
|
|
595
|
-
[{ tenantId: 'tenant-ID1', roleNames: ['role-name1'] }],
|
|
596
|
-
);
|
|
586
|
+
await descopeClient.management.user.invite('desmond@descope.com', {
|
|
587
|
+
email: 'desmond@descope.com',
|
|
588
|
+
displayName: 'Desmond Copeland',
|
|
589
|
+
userTenants: [{ tenantId: 'tenant-ID1', roleNames: ['role-name1'] }],
|
|
590
|
+
});
|
|
597
591
|
|
|
598
592
|
// You can invite batch of users via an email / text message.
|
|
599
593
|
// Make sure to configure the invite URL in the Descope console prior to using this function,
|
|
@@ -614,14 +608,11 @@ await descopeClient.management.user.inviteBatch(
|
|
|
614
608
|
);
|
|
615
609
|
|
|
616
610
|
// Update will override all fields as is. Use carefully.
|
|
617
|
-
await descopeClient.management.user.update(
|
|
618
|
-
'desmond@descope.com',
|
|
619
|
-
'
|
|
620
|
-
|
|
621
|
-
|
|
622
|
-
null,
|
|
623
|
-
[{ tenantId: 'tenant-ID1', roleNames: ['role-name1', 'role-name2'] }],
|
|
624
|
-
);
|
|
611
|
+
await descopeClient.management.user.update('desmond@descope.com', {
|
|
612
|
+
email: 'desmond@descope.com',
|
|
613
|
+
displayName: 'Desmond Copeland',
|
|
614
|
+
userTenants: [{ tenantId: 'tenant-ID1', roleNames: ['role-name1'] }],
|
|
615
|
+
});
|
|
625
616
|
|
|
626
617
|
// Update explicit data for a user rather than overriding all fields
|
|
627
618
|
await descopeClient.management.user.updatePhone('desmond@descope.com', '+18005551234', true);
|
|
@@ -643,7 +634,7 @@ const userRes = await descopeClient.management.user.loadByUserId('<user-ID>');
|
|
|
643
634
|
|
|
644
635
|
// Search all users, optionally according to tenant and/or role filter
|
|
645
636
|
// Results can be paginated using the limit and page parameters
|
|
646
|
-
const usersRes = await descopeClient.management.user.
|
|
637
|
+
const usersRes = await descopeClient.management.user.search({ tenantIds: ['tenant-ID'] });
|
|
647
638
|
usersRes.data.forEach((user) => {
|
|
648
639
|
// do something
|
|
649
640
|
});
|
|
@@ -849,6 +840,10 @@ console.log('found total flows', res.total);
|
|
|
849
840
|
res.flows.forEach((flowMetadata) => {
|
|
850
841
|
// do something
|
|
851
842
|
});
|
|
843
|
+
|
|
844
|
+
// Delete flows by ids
|
|
845
|
+
await descopeClient.management.flow.delete(['flow-1', 'flow-2']);
|
|
846
|
+
|
|
852
847
|
// Export the flow and it's matching screens based on the given id
|
|
853
848
|
const res = await descopeClient.management.flow.export('sign-up');
|
|
854
849
|
console.log('found flow', res.data.flow);
|
|
@@ -1105,14 +1100,11 @@ that way, you don't need to use 3rd party messaging services in order to receive
|
|
|
1105
1100
|
// Test user must have a loginId, other fields are optional.
|
|
1106
1101
|
// Roles should be set directly if no tenants exist, otherwise set
|
|
1107
1102
|
// on a per-tenant basis.
|
|
1108
|
-
await descopeClient.management.user.createTestUser(
|
|
1109
|
-
'desmond@descope.com',
|
|
1110
|
-
'
|
|
1111
|
-
|
|
1112
|
-
|
|
1113
|
-
null,
|
|
1114
|
-
[{ tenantId: 'tenant-ID1', roleNames: ['role-name1'] }],
|
|
1115
|
-
);
|
|
1103
|
+
await descopeClient.management.user.createTestUser('desmond@descope.com', {
|
|
1104
|
+
email: 'desmond@descope.com',
|
|
1105
|
+
displayName: 'Desmond Copeland',
|
|
1106
|
+
userTenants: [{ tenantId: 'tenant-ID1', roleNames: ['role-name1'] }],
|
|
1107
|
+
});
|
|
1116
1108
|
|
|
1117
1109
|
// Now test user got created, and this user will be available until you delete it,
|
|
1118
1110
|
// you can use any management operation for test user CRUD.
|
package/dist/cjs/index.cjs.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
"use strict";Object.defineProperty(exports,"__esModule",{value:!0});var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),n=require("cross-fetch");function o(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var a=o(t);const r=t=>async(...s)=>{var n,o,a;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,m=e.__rest(i,["refreshJwt"]);const d=[];var p;return l?d.push(`${"DSR"}=${l}; Domain=${(null==(p=m)?void 0:p.cookieDomain)||""}; Max-Age=${(null==p?void 0:p.cookieMaxAge)||""}; Path=${(null==p?void 0:p.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),d.push(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:d})})};function i(e,t,s){var n,o;const a=s?null===(o=null===(n=e.token.tenants)||void 0===n?void 0:n[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(a)?a:[]}function l(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var m={create:"/v1/mgmt/user/create",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",expirePassword:"/v1/mgmt/user/password/expire",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink"},d={updateName:"/v1/mgmt/project/update/name",clone:"/v1/mgmt/project/clone"},p={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},u={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search"},c={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},g={update:"/v1/mgmt/jwt/update"},h={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},v={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},f={list:"/v1/mgmt/flow/list",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},k={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},R={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},C={search:"/v1/mgmt/audit/search"},y={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall"};const w=(e,s)=>({create:(n,o,a,r,i,l,d,p,u,c,g,h,v,f)=>t.transformResponse(e.httpClient.post(m.create,{loginId:n,email:o,phone:a,displayName:r,givenName:g,middleName:h,familyName:v,roleNames:i,userTenants:l,customAttributes:d,picture:p,verifiedEmail:u,verifiedPhone:c,additionalLoginIds:f},{token:s}),(e=>e.user)),createTestUser:(n,o,a,r,i,l,d,p,u,c,g,h,v,f)=>t.transformResponse(e.httpClient.post(m.create,{loginId:n,email:o,phone:a,displayName:r,givenName:g,middleName:h,familyName:v,roleNames:i,userTenants:l,test:!0,customAttributes:d,picture:p,verifiedEmail:u,verifiedPhone:c,additionalLoginIds:f},{token:s}),(e=>e.user)),invite:(n,o,a,r,i,l,d,p,u,c,g,h,v,f,k,R,C)=>t.transformResponse(e.httpClient.post(m.create,{loginId:n,email:o,phone:a,displayName:r,givenName:f,middleName:k,familyName:R,roleNames:i,userTenants:l,invite:!0,customAttributes:d,picture:p,verifiedEmail:u,verifiedPhone:c,inviteUrl:g,sendMail:h,sendSMS:v,additionalLoginIds:C},{token:s}),(e=>e.user)),inviteBatch:(n,o,a,r)=>t.transformResponse(e.httpClient.post(m.createBatch,{users:n,invite:!0,inviteUrl:o,sendMail:a,sendSMS:r},{token:s}),(e=>e)),update:(n,o,a,r,i,l,d,p,u,c,g,h,v,f)=>t.transformResponse(e.httpClient.post(m.update,{loginId:n,email:o,phone:a,displayName:r,givenName:g,middleName:h,familyName:v,roleNames:i,userTenants:l,customAttributes:d,picture:p,verifiedEmail:u,verifiedPhone:c,additionalLoginIds:f},{token:s}),(e=>e.user)),delete:n=>t.transformResponse(e.httpClient.post(m.delete,{loginId:n},{token:s})),deleteAllTestUsers:()=>t.transformResponse(e.httpClient.delete(m.deleteAllTestUsers,{token:s})),load:n=>t.transformResponse(e.httpClient.get(m.load,{queryParams:{loginId:n},token:s}),(e=>e.user)),loadByUserId:n=>t.transformResponse(e.httpClient.get(m.load,{queryParams:{userId:n},token:s}),(e=>e.user)),logoutUser:n=>t.transformResponse(e.httpClient.post(m.logout,{loginId:n},{token:s})),logoutUserByUserId:n=>t.transformResponse(e.httpClient.post(m.logout,{userId:n},{token:s})),searchAll:(n,o,a,r,i,l,d,p,u,c)=>t.transformResponse(e.httpClient.post(m.search,{tenantIds:n,roleNames:o,limit:a,page:r,testUsersOnly:i,withTestUser:l,customAttributes:d,statuses:p,emails:u,phones:c},{token:s}),(e=>e.users)),getProviderToken:(n,o)=>t.transformResponse(e.httpClient.get(m.getProviderToken,{queryParams:{loginId:n,provider:o},token:s}),(e=>e)),activate:n=>t.transformResponse(e.httpClient.post(m.updateStatus,{loginId:n,status:"enabled"},{token:s}),(e=>e.user)),deactivate:n=>t.transformResponse(e.httpClient.post(m.updateStatus,{loginId:n,status:"disabled"},{token:s}),(e=>e.user)),updateLoginId:(n,o)=>t.transformResponse(e.httpClient.post(m.updateLoginId,{loginId:n,newLoginId:o},{token:s}),(e=>e.user)),updateEmail:(n,o,a)=>t.transformResponse(e.httpClient.post(m.updateEmail,{loginId:n,email:o,verified:a},{token:s}),(e=>e.user)),updatePhone:(n,o,a)=>t.transformResponse(e.httpClient.post(m.updatePhone,{loginId:n,phone:o,verified:a},{token:s}),(e=>e.user)),updateDisplayName:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(m.updateDisplayName,{loginId:n,displayName:o,givenName:a,middleName:r,familyName:i},{token:s}),(e=>e.user)),updatePicture:(n,o)=>t.transformResponse(e.httpClient.post(m.updatePicture,{loginId:n,picture:o},{token:s}),(e=>e.user)),updateCustomAttribute:(n,o,a)=>t.transformResponse(e.httpClient.post(m.updateCustomAttribute,{loginId:n,attributeKey:o,attributeValue:a},{token:s}),(e=>e.user)),setRoles:(n,o)=>t.transformResponse(e.httpClient.post(m.setRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addRoles:(n,o)=>t.transformResponse(e.httpClient.post(m.addRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),removeRoles:(n,o)=>t.transformResponse(e.httpClient.post(m.removeRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addTenant:(n,o)=>t.transformResponse(e.httpClient.post(m.addTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),removeTenant:(n,o)=>t.transformResponse(e.httpClient.post(m.removeTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),setTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(m.setRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),addTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(m.addRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),removeTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(m.removeRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),generateOTPForTestUser:(n,o,a)=>t.transformResponse(e.httpClient.post(m.generateOTPForTest,{deliveryMethod:n,loginId:o,loginOptions:a},{token:s}),(e=>e)),generateMagicLinkForTestUser:(n,o,a,r)=>t.transformResponse(e.httpClient.post(m.generateMagicLinkForTest,{deliveryMethod:n,loginId:o,URI:a,loginOptions:r},{token:s}),(e=>e)),generateEnchantedLinkForTestUser:(n,o,a)=>t.transformResponse(e.httpClient.post(m.generateEnchantedLinkForTest,{loginId:n,URI:o,loginOptions:a},{token:s}),(e=>e)),generateEmbeddedLink:(n,o)=>t.transformResponse(e.httpClient.post(m.generateEmbeddedLink,{loginId:n,customClaims:o},{token:s}),(e=>e)),setPassword:(n,o)=>t.transformResponse(e.httpClient.post(m.setPassword,{loginId:n,password:o},{token:s}),(e=>e)),expirePassword:n=>t.transformResponse(e.httpClient.post(m.expirePassword,{loginId:n},{token:s}),(e=>e))}),I=(e,s)=>({updateName:n=>t.transformResponse(e.httpClient.post(d.updateName,{name:n},{token:s})),clone:(n,o)=>t.transformResponse(e.httpClient.post(d.clone,{name:n,tag:o},{token:s}))}),b=(e,s)=>({create:(n,o,a)=>t.transformResponse(e.httpClient.post(u.create,{name:n,selfProvisioningDomains:o,customAttributes:a},{token:s})),createWithId:(n,o,a,r)=>t.transformResponse(e.httpClient.post(u.create,{id:n,name:o,selfProvisioningDomains:a,customAttributes:r},{token:s})),update:(n,o,a,r)=>t.transformResponse(e.httpClient.post(u.update,{id:n,name:o,selfProvisioningDomains:a,customAttributes:r},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(u.delete,{id:n},{token:s})),load:n=>t.transformResponse(e.httpClient.get(u.load,{queryParams:{id:n},token:s}),(e=>e)),loadAll:()=>t.transformResponse(e.httpClient.get(u.loadAll,{token:s}),(e=>e.tenants)),searchAll:(n,o,a,r)=>t.transformResponse(e.httpClient.post(u.searchAll,{tenantIds:n,tenantNames:o,tenantSelfProvisioningDomains:a,customAttributes:r},{token:s}),(e=>e.tenants))}),N=(e,s)=>({update:(n,o)=>t.transformResponse(e.httpClient.post(g.update,{jwt:n,customClaims:o},{token:s}))}),A=(e,s)=>({create:(n,o)=>t.transformResponse(e.httpClient.post(h.create,{name:n,description:o},{token:s})),update:(n,o,a)=>t.transformResponse(e.httpClient.post(h.update,{name:n,newName:o,description:a},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(h.delete,{name:n},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(h.loadAll,{token:s}),(e=>e.permissions))}),T=(e,s)=>({create:(n,o,a)=>t.transformResponse(e.httpClient.post(v.create,{name:n,description:o,permissionNames:a},{token:s})),update:(n,o,a,r)=>t.transformResponse(e.httpClient.post(v.update,{name:n,newName:o,description:a,permissionNames:r},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(v.delete,{name:n},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(v.loadAll,{token:s}),(e=>e.roles))}),P=(e,s)=>({loadAllGroups:n=>t.transformResponse(e.httpClient.post(R.loadAllGroups,{tenantId:n},{token:s})),loadAllGroupsForMember:(n,o,a)=>t.transformResponse(e.httpClient.post(R.loadAllGroupsForMember,{tenantId:n,loginIds:a,userIds:o},{token:s})),loadAllGroupMembers:(n,o)=>t.transformResponse(e.httpClient.post(R.loadAllGroupMembers,{tenantId:n,groupId:o},{token:s}))}),E=(e,s)=>({getSettings:n=>t.transformResponse(e.httpClient.get(c.settings,{queryParams:{tenantId:n},token:s}),(e=>e)),deleteSettings:n=>t.transformResponse(e.httpClient.delete(c.settings,{queryParams:{tenantId:n},token:s})),configureSettings:(n,o,a,r,i,l)=>t.transformResponse(e.httpClient.post(c.settings,{tenantId:n,idpURL:o,entityId:r,idpCert:a,redirectURL:i,domains:l},{token:s})),configureMetadata:(n,o,a,r)=>t.transformResponse(e.httpClient.post(c.metadata,{tenantId:n,idpMetadataURL:o,redirectURL:a,domains:r},{token:s})),configureMapping:(n,o,a)=>t.transformResponse(e.httpClient.post(c.mapping,{tenantId:n,roleMappings:o,attributeMapping:a},{token:s}))}),x=(e,s)=>({create:(n,o,a,r)=>t.transformResponse(e.httpClient.post(p.create,{name:n,expireTime:o,roleNames:a,keyTenants:r},{token:s})),load:n=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{id:n},token:s}),(e=>e.key)),searchAll:n=>t.transformResponse(e.httpClient.post(p.search,{tenantIds:n},{token:s}),(e=>e.keys)),update:(n,o)=>t.transformResponse(e.httpClient.post(p.update,{id:n,name:o},{token:s}),(e=>e.key)),deactivate:n=>t.transformResponse(e.httpClient.post(p.deactivate,{id:n},{token:s})),activate:n=>t.transformResponse(e.httpClient.post(p.activate,{id:n},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(p.delete,{id:n},{token:s}))}),S=(e,s)=>({list:()=>t.transformResponse(e.httpClient.post(f.list,{},{token:s})),export:n=>t.transformResponse(e.httpClient.post(f.export,{flowId:n},{token:s})),import:(n,o,a)=>t.transformResponse(e.httpClient.post(f.import,{flowId:n,flow:o,screens:a},{token:s}))}),j=(e,s)=>({export:()=>t.transformResponse(e.httpClient.post(k.export,{},{token:s})),import:n=>t.transformResponse(e.httpClient.post(k.import,{theme:n},{token:s}))}),M=(e,s)=>({search:n=>{const o=Object.assign(Object.assign({},n),{externalIds:n.loginIds});return delete o.loginIds,t.transformResponse(e.httpClient.post(C.search,o,{token:s}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))}}),O=(e,s)=>({saveSchema:(n,o)=>t.transformResponse(e.httpClient.post(y.schemaSave,{schema:n,upgrade:o},{token:s})),deleteSchema:()=>t.transformResponse(e.httpClient.post(y.schemaDelete,{},{token:s})),loadSchema:()=>t.transformResponse(e.httpClient.post(y.schemaLoad,{},{token:s}),(e=>e.schema)),saveNamespace:(n,o,a)=>t.transformResponse(e.httpClient.post(y.nsSave,{namespace:n,oldName:o,schemaName:a},{token:s})),deleteNamespace:(n,o)=>t.transformResponse(e.httpClient.post(y.nsDelete,{name:n,schemaName:o},{token:s})),saveRelationDefinition:(n,o,a,r)=>t.transformResponse(e.httpClient.post(y.rdSave,{relationDefinition:n,namespace:o,oldName:a,schemaName:r},{token:s})),deleteRelationDefinition:(n,o,a)=>t.transformResponse(e.httpClient.post(y.rdDelete,{name:n,namespace:o,schemaName:a},{token:s})),createRelations:n=>t.transformResponse(e.httpClient.post(y.reCreate,{relations:n},{token:s})),deleteRelations:n=>t.transformResponse(e.httpClient.post(y.reDelete,{relations:n},{token:s})),deleteRelationsForResources:n=>t.transformResponse(e.httpClient.post(y.reDeleteResources,{resources:n},{token:s})),hasRelations:n=>t.transformResponse(e.httpClient.post(y.hasRelations,{relationQueries:n},{token:s}),(e=>e.relationQueries)),whoCanAccess:(n,o,a)=>t.transformResponse(e.httpClient.post(y.who,{resource:n,relationDefinition:o,namespace:a},{token:s}),(e=>e.targets)),resourceRelations:n=>t.transformResponse(e.httpClient.post(y.resource,{resource:n},{token:s}),(e=>e.relations)),targetsRelations:n=>t.transformResponse(e.httpClient.post(y.targets,{targets:n},{token:s}),(e=>e.relations)),whatCanTargetAccess:n=>t.transformResponse(e.httpClient.post(y.targetAll,{target:n},{token:s}),(e=>e.relations))});var D;null!==(D=globalThis.Headers)&&void 0!==D||(globalThis.Headers=n.Headers);const L=(...e)=>(e.forEach((e=>{var t,s;e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),n.fetch(...e)),U=n=>{var o,{managementKey:m,publicKey:d}=n,p=e.__rest(n,["managementKey","publicKey"]);const u=a.default(Object.assign(Object.assign({fetch:L},p),{baseHeaders:Object.assign(Object.assign({},p.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(o=null===process||void 0===process?void 0:process.versions)||void 0===o?void 0:o.node)||"","x-descope-sdk-version":"1.6.2"})})),{projectId:c,logger:g}=p,h={},v=((e,t)=>({user:w(e,t),project:I(e,t),accessKey:x(e,t),tenant:b(e,t),sso:E(e,t),jwt:N(e,t),permission:A(e,t),role:T(e,t),group:P(e,t),flow:S(e,t),theme:j(e,t),audit:M(e,t),authz:O(e,t)}))(u,m),f=Object.assign(Object.assign({},u),{management:v,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(h[e.kid])return h[e.kid];if(Object.assign(h,await(async()=>{if(d)try{const e=JSON.parse(d),t=await s.importJWK(e);return{[e.kid]:t}}catch(e){throw null==g||g.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await u.httpClient.get(`v2/keys/${c}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!h[e.kid])throw Error("failed to fetch matching key");return h[e.kid]},async validateJwt(e){var t;const n=(await s.jwtVerify(e,f.getKey,{clockTolerance:5})).payload;if(n&&(n.iss=null===(t=n.iss)||void 0===t?void 0:t.split("/").pop(),n.iss!==c))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:n}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await f.validateJwt(e)}catch(e){throw null==g||g.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await f.validateJwt(e);const n=await f.refresh(e);if(n.ok){return await f.validateJwt(null===(t=n.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=n.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==g||g.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await f.validateSession(e)}catch(e){null==g||g.log(`session validation failed with error ${e} - trying to refresh it`)}return f.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await f.accessKey.exchange(e)}catch(e){throw null==g||g.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}const{sessionJwt:s}=t.data;if(!s)throw null==g||g.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await f.validateJwt(s)}catch(e){throw null==g||g.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>f.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>f.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!l(e,t))return!1;const n=i(e,"permissions",t);return s.every((e=>n.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!l(e,t))return[];const n=i(e,"permissions",t);return s.filter((e=>n.includes(e)))},validateRoles:(e,t)=>f.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>f.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!l(e,t))return!1;const n=i(e,"roles",t);return s.every((e=>n.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!l(e,t))return[];const n=i(e,"roles",t);return s.filter((e=>n.includes(e)))}});return t.wrapWith(f,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],r)};U.RefreshTokenCookieName="DSR",U.SessionTokenCookieName="DS",exports.default=U,exports.descopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"};
|
|
1
|
+
"use strict";Object.defineProperty(exports,"__esModule",{value:!0});var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),n=require("util"),o=require("cross-fetch");function r(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var a=r(t);const i=t=>async(...s)=>{var n,o,r;const a=await t(...s);if(!a.data)return a;let i=a.data,{refreshJwt:l}=i,d=e.__rest(i,["refreshJwt"]);const m=[];var p;return l?m.push(`${"DSR"}=${l}; Domain=${(null==(p=d)?void 0:p.cookieDomain)||""}; Max-Age=${(null==p?void 0:p.cookieMaxAge)||""}; Path=${(null==p?void 0:p.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(n=a.response)||void 0===n?void 0:n.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=a.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),m.push(null===(r=a.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},a),{data:Object.assign(Object.assign({},a.data),{refreshJwt:l,cookies:m})})};function l(e,t,s){var n,o;const r=s?null===(o=null===(n=e.token.tenants)||void 0===n?void 0:n[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(r)?r:[]}function d(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var m={create:"/v1/mgmt/user/create",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink"},p={updateName:"/v1/mgmt/project/update/name",clone:"/v1/mgmt/project/clone"},u={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},c={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search"},g={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},h={update:"/v1/mgmt/jwt/update"},v={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},f={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},k={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},R={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},C={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},y={search:"/v1/mgmt/audit/search"},I={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",getModified:"/v1/mgmt/authz/getmodified"};const w=(e,s)=>({create:function(n,o,r,a,i,l,d,p,u,c,g,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:r,displayName:a,givenName:g,middleName:h,familyName:v,roleNames:i,userTenants:l,customAttributes:d,picture:p,verifiedEmail:u,verifiedPhone:c,additionalLoginIds:f}:Object.assign(Object.assign({loginId:n},o),{roleNames:o.roles,roles:void 0});return t.transformResponse(e.httpClient.post(m.create,k,{token:s}),(e=>e.user))},createTestUser:function(n,o,r,a,i,l,d,p,u,c,g,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:r,displayName:a,givenName:g,middleName:h,familyName:v,roleNames:i,userTenants:l,customAttributes:d,picture:p,verifiedEmail:u,verifiedPhone:c,additionalLoginIds:f,test:!0}:Object.assign(Object.assign({loginId:n},o),{roleNames:o.roles,roles:void 0,test:!0});return t.transformResponse(e.httpClient.post(m.create,k,{token:s}),(e=>e.user))},invite:function(n,o,r,a,i,l,d,p,u,c,g,h,v,f,k,R,C){const y="string"==typeof o?{loginId:n,email:o,phone:r,displayName:a,givenName:f,middleName:k,familyName:R,roleNames:i,userTenants:l,invite:!0,customAttributes:d,picture:p,verifiedEmail:u,verifiedPhone:c,inviteUrl:g,sendMail:h,sendSMS:v,additionalLoginIds:C}:Object.assign(Object.assign({loginId:n},o),{roleNames:o.roles,roles:void 0,invite:!0});return t.transformResponse(e.httpClient.post(m.create,y,{token:s}),(e=>e.user))},inviteBatch:(n,o,r,a)=>t.transformResponse(e.httpClient.post(m.createBatch,{users:n,invite:!0,inviteUrl:o,sendMail:r,sendSMS:a},{token:s}),(e=>e)),update:function(n,o,r,a,i,l,d,p,u,c,g,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:r,displayName:a,givenName:g,middleName:h,familyName:v,roleNames:i,userTenants:l,customAttributes:d,picture:p,verifiedEmail:u,verifiedPhone:c,additionalLoginIds:f}:Object.assign(Object.assign({loginId:n},o),{roleNames:o.roles,roles:void 0});return t.transformResponse(e.httpClient.post(m.update,k,{token:s}),(e=>e.user))},delete:n=>t.transformResponse(e.httpClient.post(m.delete,{loginId:n},{token:s})),deleteByUserId:n=>t.transformResponse(e.httpClient.post(m.delete,{userId:n},{token:s})),deleteAllTestUsers:()=>t.transformResponse(e.httpClient.delete(m.deleteAllTestUsers,{token:s})),load:n=>t.transformResponse(e.httpClient.get(m.load,{queryParams:{loginId:n},token:s}),(e=>e.user)),loadByUserId:n=>t.transformResponse(e.httpClient.get(m.load,{queryParams:{userId:n},token:s}),(e=>e.user)),logoutUser:n=>t.transformResponse(e.httpClient.post(m.logout,{loginId:n},{token:s})),logoutUserByUserId:n=>t.transformResponse(e.httpClient.post(m.logout,{userId:n},{token:s})),searchAll:n.deprecate(((n,o,r,a,i,l,d,p,u,c)=>t.transformResponse(e.httpClient.post(m.search,{tenantIds:n,roleNames:o,limit:r,page:a,testUsersOnly:i,withTestUser:l,customAttributes:d,statuses:p,emails:u,phones:c},{token:s}),(e=>e.users))),"searchAll is deprecated please use search() instead"),search:n=>t.transformResponse(e.httpClient.post(m.search,Object.assign(Object.assign({},n),{roleNames:n.roles,roles:void 0}),{token:s}),(e=>e.users)),getProviderToken:(n,o)=>t.transformResponse(e.httpClient.get(m.getProviderToken,{queryParams:{loginId:n,provider:o},token:s}),(e=>e)),activate:n=>t.transformResponse(e.httpClient.post(m.updateStatus,{loginId:n,status:"enabled"},{token:s}),(e=>e.user)),deactivate:n=>t.transformResponse(e.httpClient.post(m.updateStatus,{loginId:n,status:"disabled"},{token:s}),(e=>e.user)),updateLoginId:(n,o)=>t.transformResponse(e.httpClient.post(m.updateLoginId,{loginId:n,newLoginId:o},{token:s}),(e=>e.user)),updateEmail:(n,o,r)=>t.transformResponse(e.httpClient.post(m.updateEmail,{loginId:n,email:o,verified:r},{token:s}),(e=>e.user)),updatePhone:(n,o,r)=>t.transformResponse(e.httpClient.post(m.updatePhone,{loginId:n,phone:o,verified:r},{token:s}),(e=>e.user)),updateDisplayName:(n,o,r,a,i)=>t.transformResponse(e.httpClient.post(m.updateDisplayName,{loginId:n,displayName:o,givenName:r,middleName:a,familyName:i},{token:s}),(e=>e.user)),updatePicture:(n,o)=>t.transformResponse(e.httpClient.post(m.updatePicture,{loginId:n,picture:o},{token:s}),(e=>e.user)),updateCustomAttribute:(n,o,r)=>t.transformResponse(e.httpClient.post(m.updateCustomAttribute,{loginId:n,attributeKey:o,attributeValue:r},{token:s}),(e=>e.user)),setRoles:(n,o)=>t.transformResponse(e.httpClient.post(m.setRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addRoles:(n,o)=>t.transformResponse(e.httpClient.post(m.addRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),removeRoles:(n,o)=>t.transformResponse(e.httpClient.post(m.removeRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addTenant:(n,o)=>t.transformResponse(e.httpClient.post(m.addTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),removeTenant:(n,o)=>t.transformResponse(e.httpClient.post(m.removeTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),setTenantRoles:(n,o,r)=>t.transformResponse(e.httpClient.post(m.setRole,{loginId:n,tenantId:o,roleNames:r},{token:s}),(e=>e.user)),addTenantRoles:(n,o,r)=>t.transformResponse(e.httpClient.post(m.addRole,{loginId:n,tenantId:o,roleNames:r},{token:s}),(e=>e.user)),removeTenantRoles:(n,o,r)=>t.transformResponse(e.httpClient.post(m.removeRole,{loginId:n,tenantId:o,roleNames:r},{token:s}),(e=>e.user)),generateOTPForTestUser:(n,o,r)=>t.transformResponse(e.httpClient.post(m.generateOTPForTest,{deliveryMethod:n,loginId:o,loginOptions:r},{token:s}),(e=>e)),generateMagicLinkForTestUser:(n,o,r,a)=>t.transformResponse(e.httpClient.post(m.generateMagicLinkForTest,{deliveryMethod:n,loginId:o,URI:r,loginOptions:a},{token:s}),(e=>e)),generateEnchantedLinkForTestUser:(n,o,r)=>t.transformResponse(e.httpClient.post(m.generateEnchantedLinkForTest,{loginId:n,URI:o,loginOptions:r},{token:s}),(e=>e)),generateEmbeddedLink:(n,o)=>t.transformResponse(e.httpClient.post(m.generateEmbeddedLink,{loginId:n,customClaims:o},{token:s}),(e=>e)),setPassword:(n,o)=>t.transformResponse(e.httpClient.post(m.setPassword,{loginId:n,password:o},{token:s}),(e=>e)),expirePassword:n=>t.transformResponse(e.httpClient.post(m.expirePassword,{loginId:n},{token:s}),(e=>e)),removeAllPasskeys:n=>t.transformResponse(e.httpClient.post(m.removeAllPasskeys,{loginId:n},{token:s}),(e=>e))}),b=(e,s)=>({updateName:n=>t.transformResponse(e.httpClient.post(p.updateName,{name:n},{token:s})),clone:(n,o)=>t.transformResponse(e.httpClient.post(p.clone,{name:n,tag:o},{token:s}))}),N=(e,s)=>({create:(n,o,r)=>t.transformResponse(e.httpClient.post(c.create,{name:n,selfProvisioningDomains:o,customAttributes:r},{token:s})),createWithId:(n,o,r,a)=>t.transformResponse(e.httpClient.post(c.create,{id:n,name:o,selfProvisioningDomains:r,customAttributes:a},{token:s})),update:(n,o,r,a)=>t.transformResponse(e.httpClient.post(c.update,{id:n,name:o,selfProvisioningDomains:r,customAttributes:a},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(c.delete,{id:n},{token:s})),load:n=>t.transformResponse(e.httpClient.get(c.load,{queryParams:{id:n},token:s}),(e=>e)),loadAll:()=>t.transformResponse(e.httpClient.get(c.loadAll,{token:s}),(e=>e.tenants)),searchAll:(n,o,r,a)=>t.transformResponse(e.httpClient.post(c.searchAll,{tenantIds:n,tenantNames:o,tenantSelfProvisioningDomains:r,customAttributes:a},{token:s}),(e=>e.tenants))}),A=(e,s)=>({update:(n,o)=>t.transformResponse(e.httpClient.post(h.update,{jwt:n,customClaims:o},{token:s}))}),T=(e,s)=>({create:(n,o)=>t.transformResponse(e.httpClient.post(v.create,{name:n,description:o},{token:s})),update:(n,o,r)=>t.transformResponse(e.httpClient.post(v.update,{name:n,newName:o,description:r},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(v.delete,{name:n},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(v.loadAll,{token:s}),(e=>e.permissions))}),P=(e,s)=>({create:(n,o,r)=>t.transformResponse(e.httpClient.post(f.create,{name:n,description:o,permissionNames:r},{token:s})),update:(n,o,r,a)=>t.transformResponse(e.httpClient.post(f.update,{name:n,newName:o,description:r,permissionNames:a},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(f.delete,{name:n},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(f.loadAll,{token:s}),(e=>e.roles))}),j=(e,s)=>({loadAllGroups:n=>t.transformResponse(e.httpClient.post(C.loadAllGroups,{tenantId:n},{token:s})),loadAllGroupsForMember:(n,o,r)=>t.transformResponse(e.httpClient.post(C.loadAllGroupsForMember,{tenantId:n,loginIds:r,userIds:o},{token:s})),loadAllGroupMembers:(n,o)=>t.transformResponse(e.httpClient.post(C.loadAllGroupMembers,{tenantId:n,groupId:o},{token:s}))}),E=(e,s)=>({getSettings:n=>t.transformResponse(e.httpClient.get(g.settings,{queryParams:{tenantId:n},token:s}),(e=>e)),deleteSettings:n=>t.transformResponse(e.httpClient.delete(g.settings,{queryParams:{tenantId:n},token:s})),configureSettings:(n,o,r,a,i,l)=>t.transformResponse(e.httpClient.post(g.settings,{tenantId:n,idpURL:o,entityId:a,idpCert:r,redirectURL:i,domains:l},{token:s})),configureMetadata:(n,o,r,a)=>t.transformResponse(e.httpClient.post(g.metadata,{tenantId:n,idpMetadataURL:o,redirectURL:r,domains:a},{token:s})),configureMapping:(n,o,r)=>t.transformResponse(e.httpClient.post(g.mapping,{tenantId:n,roleMappings:o,attributeMapping:r},{token:s}))}),O=(e,s)=>({create:(n,o,r,a)=>t.transformResponse(e.httpClient.post(u.create,{name:n,expireTime:o,roleNames:r,keyTenants:a},{token:s})),load:n=>t.transformResponse(e.httpClient.get(u.load,{queryParams:{id:n},token:s}),(e=>e.key)),searchAll:n=>t.transformResponse(e.httpClient.post(u.search,{tenantIds:n},{token:s}),(e=>e.keys)),update:(n,o)=>t.transformResponse(e.httpClient.post(u.update,{id:n,name:o},{token:s}),(e=>e.key)),deactivate:n=>t.transformResponse(e.httpClient.post(u.deactivate,{id:n},{token:s})),activate:n=>t.transformResponse(e.httpClient.post(u.activate,{id:n},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(u.delete,{id:n},{token:s}))}),x=(e,s)=>({list:()=>t.transformResponse(e.httpClient.post(k.list,{},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(k.delete,{ids:n},{token:s})),export:n=>t.transformResponse(e.httpClient.post(k.export,{flowId:n},{token:s})),import:(n,o,r)=>t.transformResponse(e.httpClient.post(k.import,{flowId:n,flow:o,screens:r},{token:s}))}),M=(e,s)=>({export:()=>t.transformResponse(e.httpClient.post(R.export,{},{token:s})),import:n=>t.transformResponse(e.httpClient.post(R.import,{theme:n},{token:s}))}),S=(e,s)=>({search:n=>{const o=Object.assign(Object.assign({},n),{externalIds:n.loginIds});return delete o.loginIds,t.transformResponse(e.httpClient.post(y.search,o,{token:s}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))}}),D=(e,s)=>({saveSchema:(n,o)=>t.transformResponse(e.httpClient.post(I.schemaSave,{schema:n,upgrade:o},{token:s})),deleteSchema:()=>t.transformResponse(e.httpClient.post(I.schemaDelete,{},{token:s})),loadSchema:()=>t.transformResponse(e.httpClient.post(I.schemaLoad,{},{token:s}),(e=>e.schema)),saveNamespace:(n,o,r)=>t.transformResponse(e.httpClient.post(I.nsSave,{namespace:n,oldName:o,schemaName:r},{token:s})),deleteNamespace:(n,o)=>t.transformResponse(e.httpClient.post(I.nsDelete,{name:n,schemaName:o},{token:s})),saveRelationDefinition:(n,o,r,a)=>t.transformResponse(e.httpClient.post(I.rdSave,{relationDefinition:n,namespace:o,oldName:r,schemaName:a},{token:s})),deleteRelationDefinition:(n,o,r)=>t.transformResponse(e.httpClient.post(I.rdDelete,{name:n,namespace:o,schemaName:r},{token:s})),createRelations:n=>t.transformResponse(e.httpClient.post(I.reCreate,{relations:n},{token:s})),deleteRelations:n=>t.transformResponse(e.httpClient.post(I.reDelete,{relations:n},{token:s})),deleteRelationsForResources:n=>t.transformResponse(e.httpClient.post(I.reDeleteResources,{resources:n},{token:s})),hasRelations:n=>t.transformResponse(e.httpClient.post(I.hasRelations,{relationQueries:n},{token:s}),(e=>e.relationQueries)),whoCanAccess:(n,o,r)=>t.transformResponse(e.httpClient.post(I.who,{resource:n,relationDefinition:o,namespace:r},{token:s}),(e=>e.targets)),resourceRelations:n=>t.transformResponse(e.httpClient.post(I.resource,{resource:n},{token:s}),(e=>e.relations)),targetsRelations:n=>t.transformResponse(e.httpClient.post(I.targets,{targets:n},{token:s}),(e=>e.relations)),whatCanTargetAccess:n=>t.transformResponse(e.httpClient.post(I.targetAll,{target:n},{token:s}),(e=>e.relations)),getModified:n=>t.transformResponse(e.httpClient.post(I.getModified,{since:n?n.getTime():0},{token:s}),(e=>e))});var L;null!==(L=globalThis.Headers)&&void 0!==L||(globalThis.Headers=o.Headers);const U=(...e)=>(e.forEach((e=>{var t,s;e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),o.fetch(...e)),F=n=>{var o,{managementKey:r,publicKey:m}=n,p=e.__rest(n,["managementKey","publicKey"]);const u=a.default(Object.assign(Object.assign({fetch:U},p),{baseHeaders:Object.assign(Object.assign({},p.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(o=null===process||void 0===process?void 0:process.versions)||void 0===o?void 0:o.node)||"","x-descope-sdk-version":"1.6.3"})})),{projectId:c,logger:g}=p,h={},v=((e,t)=>({user:w(e,t),project:b(e,t),accessKey:O(e,t),tenant:N(e,t),sso:E(e,t),jwt:A(e,t),permission:T(e,t),role:P(e,t),group:j(e,t),flow:x(e,t),theme:M(e,t),audit:S(e,t),authz:D(e,t)}))(u,r),f=Object.assign(Object.assign({},u),{management:v,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(h[e.kid])return h[e.kid];if(Object.assign(h,await(async()=>{if(m)try{const e=JSON.parse(m),t=await s.importJWK(e);return{[e.kid]:t}}catch(e){throw null==g||g.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await u.httpClient.get(`v2/keys/${c}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!h[e.kid])throw Error("failed to fetch matching key");return h[e.kid]},async validateJwt(e){var t;const n=(await s.jwtVerify(e,f.getKey,{clockTolerance:5})).payload;if(n&&(n.iss=null===(t=n.iss)||void 0===t?void 0:t.split("/").pop(),n.iss!==c))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:n}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await f.validateJwt(e)}catch(e){throw null==g||g.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await f.validateJwt(e);const n=await f.refresh(e);if(n.ok){return await f.validateJwt(null===(t=n.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=n.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==g||g.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await f.validateSession(e)}catch(e){null==g||g.log(`session validation failed with error ${e} - trying to refresh it`)}return f.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await f.accessKey.exchange(e)}catch(e){throw null==g||g.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}const{sessionJwt:s}=t.data;if(!s)throw null==g||g.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await f.validateJwt(s)}catch(e){throw null==g||g.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>f.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>f.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!d(e,t))return!1;const n=l(e,"permissions",t);return s.every((e=>n.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!d(e,t))return[];const n=l(e,"permissions",t);return s.filter((e=>n.includes(e)))},validateRoles:(e,t)=>f.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>f.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!d(e,t))return!1;const n=l(e,"roles",t);return s.every((e=>n.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!d(e,t))return[];const n=l(e,"roles",t);return s.filter((e=>n.includes(e)))}});return t.wrapWith(f,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],i)};F.RefreshTokenCookieName="DSR",F.SessionTokenCookieName="DS",exports.default=F,exports.descopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"};
|
|
2
2
|
//# sourceMappingURL=index.cjs.js.map
|