@descope/node-sdk 1.6.8 → 1.6.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +42 -5
- package/dist/cjs/index.cjs.js +1 -1
- package/dist/cjs/index.cjs.js.map +1 -1
- package/dist/index.d.ts +126 -12
- package/dist/index.esm.js +1 -1
- package/dist/index.esm.js.map +1 -1
- package/package.json +2 -2
package/dist/index.d.ts
CHANGED
|
@@ -32,6 +32,9 @@ declare type AssociatedTenant = {
|
|
|
32
32
|
declare type CreateTenantResponse = {
|
|
33
33
|
id: string;
|
|
34
34
|
};
|
|
35
|
+
declare type GenerateSSOConfigurationLinkResponse = {
|
|
36
|
+
adminSSOConfigurationLink: string;
|
|
37
|
+
};
|
|
35
38
|
/**
|
|
36
39
|
* Options to create or update an OIDC application.
|
|
37
40
|
*
|
|
@@ -44,6 +47,7 @@ declare type OidcApplicationOptions = {
|
|
|
44
47
|
description?: string;
|
|
45
48
|
logo?: string;
|
|
46
49
|
enabled?: boolean;
|
|
50
|
+
forceAuthentication?: boolean;
|
|
47
51
|
};
|
|
48
52
|
/**
|
|
49
53
|
* Options to create or update a SAML application.
|
|
@@ -67,6 +71,9 @@ declare type SamlApplicationOptions = {
|
|
|
67
71
|
acsAllowedCallbacks?: string[];
|
|
68
72
|
subjectNameIdType?: string;
|
|
69
73
|
subjectNameIdFormat?: string;
|
|
74
|
+
defaultRelayState?: string;
|
|
75
|
+
forceAuthentication?: boolean;
|
|
76
|
+
logoutRedirectUrl?: string;
|
|
70
77
|
};
|
|
71
78
|
/**
|
|
72
79
|
* Represents a SAML IDP attribute mapping object. Use this class for mapping Descope attribute
|
|
@@ -110,6 +117,8 @@ declare type AccessKey = {
|
|
|
110
117
|
createdBy: string;
|
|
111
118
|
clientId: string;
|
|
112
119
|
boundUserId?: string;
|
|
120
|
+
description?: string;
|
|
121
|
+
permittedIps?: string[];
|
|
113
122
|
};
|
|
114
123
|
/** Access Key extended details including created key cleartext */
|
|
115
124
|
declare type CreatedAccessKeyResponse = {
|
|
@@ -183,6 +192,7 @@ declare type SSOApplicationOIDCSettings = {
|
|
|
183
192
|
loginPageUrl: string;
|
|
184
193
|
issuer: string;
|
|
185
194
|
discoveryUrl: string;
|
|
195
|
+
forceAuthentication: boolean;
|
|
186
196
|
};
|
|
187
197
|
/** Represents SAML settings of an SSO application in a project. */
|
|
188
198
|
declare type SSOApplicationSAMLSettings = {
|
|
@@ -201,6 +211,10 @@ declare type SSOApplicationSAMLSettings = {
|
|
|
201
211
|
acsAllowedCallbacks: string[];
|
|
202
212
|
subjectNameIdType: string;
|
|
203
213
|
subjectNameIdFormat: string;
|
|
214
|
+
defaultRelayState: string;
|
|
215
|
+
forceAuthentication: boolean;
|
|
216
|
+
idpLogoutUrl: string;
|
|
217
|
+
logoutRedirectUrl: string;
|
|
204
218
|
};
|
|
205
219
|
/** Represents an SSO application in a project. */
|
|
206
220
|
declare type SSOApplication = {
|
|
@@ -319,6 +333,7 @@ declare type User = {
|
|
|
319
333
|
additionalLoginIds?: string[];
|
|
320
334
|
password?: string;
|
|
321
335
|
hashedPassword?: UserPasswordHashed;
|
|
336
|
+
seed?: string;
|
|
322
337
|
};
|
|
323
338
|
declare type UserPasswordHashed = {
|
|
324
339
|
bcrypt?: UserPasswordBcrypt;
|
|
@@ -436,6 +451,10 @@ declare type SSOSAMLByMetadataSettings = {
|
|
|
436
451
|
roleMappings?: RoleMappings;
|
|
437
452
|
attributeMapping?: AttributeMapping;
|
|
438
453
|
};
|
|
454
|
+
declare type ProviderTokenOptions = {
|
|
455
|
+
withRefreshToken?: boolean;
|
|
456
|
+
forceRefresh?: boolean;
|
|
457
|
+
};
|
|
439
458
|
declare type ProviderTokenResponse = {
|
|
440
459
|
provider: string;
|
|
441
460
|
providerUserId: string;
|
|
@@ -470,6 +489,16 @@ declare type AuditSearchOptions = {
|
|
|
470
489
|
from?: number;
|
|
471
490
|
to?: number;
|
|
472
491
|
};
|
|
492
|
+
declare type AuditType = 'info' | 'warn' | 'error';
|
|
493
|
+
/** Audit create options for creating audit event */
|
|
494
|
+
declare type AuditCreateOptions = {
|
|
495
|
+
userId?: string;
|
|
496
|
+
action: string;
|
|
497
|
+
type: AuditType;
|
|
498
|
+
actorId: string;
|
|
499
|
+
tenantId: string;
|
|
500
|
+
data?: Record<string, any>;
|
|
501
|
+
};
|
|
473
502
|
/** Audit record response from the audit trail. Occurred is in milliseconds. */
|
|
474
503
|
declare type AuditRecord = {
|
|
475
504
|
projectId: string;
|
|
@@ -572,7 +601,14 @@ declare type AuthzModified = {
|
|
|
572
601
|
declare type CloneProjectResponse = {
|
|
573
602
|
projectId: string;
|
|
574
603
|
projectName: string;
|
|
575
|
-
|
|
604
|
+
environment?: string;
|
|
605
|
+
tags?: string[];
|
|
606
|
+
};
|
|
607
|
+
declare type Project = {
|
|
608
|
+
id: string;
|
|
609
|
+
name: string;
|
|
610
|
+
environment?: string;
|
|
611
|
+
tags?: string[];
|
|
576
612
|
};
|
|
577
613
|
|
|
578
614
|
interface UserOptions {
|
|
@@ -591,6 +627,21 @@ interface UserOptions {
|
|
|
591
627
|
additionalLoginIds?: string[];
|
|
592
628
|
ssoAppIds?: string[];
|
|
593
629
|
}
|
|
630
|
+
interface PatchUserOptions {
|
|
631
|
+
email?: string;
|
|
632
|
+
phone?: string;
|
|
633
|
+
displayName?: string;
|
|
634
|
+
roles?: string[];
|
|
635
|
+
userTenants?: AssociatedTenant[];
|
|
636
|
+
customAttributes?: Record<string, AttributesTypes>;
|
|
637
|
+
picture?: string;
|
|
638
|
+
verifiedEmail?: boolean;
|
|
639
|
+
verifiedPhone?: boolean;
|
|
640
|
+
givenName?: string;
|
|
641
|
+
middleName?: string;
|
|
642
|
+
familyName?: string;
|
|
643
|
+
ssoAppIds?: string[];
|
|
644
|
+
}
|
|
594
645
|
|
|
595
646
|
/** Common Error Codes */
|
|
596
647
|
declare const descopeErrors: {
|
|
@@ -611,6 +662,10 @@ declare type NodeSdkArgs = Parameters<typeof _descope_core_js_sdk__default>[0] &
|
|
|
611
662
|
};
|
|
612
663
|
declare const nodeSdk: {
|
|
613
664
|
({ managementKey, publicKey, ...config }: NodeSdkArgs): {
|
|
665
|
+
refresh: (token?: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & {
|
|
666
|
+
refreshJwt?: string;
|
|
667
|
+
cookies?: string[];
|
|
668
|
+
}>>;
|
|
614
669
|
management: {
|
|
615
670
|
user: {
|
|
616
671
|
create: {
|
|
@@ -635,6 +690,7 @@ declare const nodeSdk: {
|
|
|
635
690
|
(loginId: string, options?: UserOptions): Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
|
|
636
691
|
(loginId: string, email?: string, phone?: string, displayName?: string, roles?: string[], userTenants?: AssociatedTenant[], customAttributes?: Record<string, AttributesTypes>, picture?: string, verifiedEmail?: boolean, verifiedPhone?: boolean, givenName?: string, middleName?: string, familyName?: string, additionalLoginIds?: string[]): Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
|
|
637
692
|
};
|
|
693
|
+
patch: (loginId: string, options: PatchUserOptions) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
|
|
638
694
|
delete: (loginId: string) => Promise<SdkResponse<never>>;
|
|
639
695
|
deleteByUserId: (userId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
|
|
640
696
|
deleteAllTestUsers: () => Promise<SdkResponse<never>>;
|
|
@@ -660,8 +716,9 @@ declare const nodeSdk: {
|
|
|
660
716
|
withTestUser?: boolean;
|
|
661
717
|
testUsersOnly?: boolean;
|
|
662
718
|
ssoAppIds?: string[];
|
|
719
|
+
loginIds?: string[];
|
|
663
720
|
}) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse[]>>;
|
|
664
|
-
getProviderToken: (loginId: string, provider: string) => Promise<SdkResponse<ProviderTokenResponse>>;
|
|
721
|
+
getProviderToken: (loginId: string, provider: string, providerTokenOptions?: ProviderTokenOptions) => Promise<SdkResponse<ProviderTokenResponse>>;
|
|
665
722
|
activate: (loginId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
|
|
666
723
|
deactivate: (loginId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
|
|
667
724
|
updateLoginId: (loginId: string, newLoginId?: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
|
|
@@ -694,15 +751,17 @@ declare const nodeSdk: {
|
|
|
694
751
|
};
|
|
695
752
|
project: {
|
|
696
753
|
updateName: (name: string) => Promise<SdkResponse<never>>;
|
|
697
|
-
|
|
754
|
+
updateTags: (tags: string[]) => Promise<SdkResponse<never>>;
|
|
755
|
+
clone: (name: string, environment?: "production", tags?: string[]) => Promise<SdkResponse<CloneProjectResponse>>;
|
|
756
|
+
listProjects: () => Promise<SdkResponse<Project[]>>;
|
|
698
757
|
export: () => Promise<SdkResponse<Record<string, any>>>;
|
|
699
758
|
import: (files: Record<string, any>) => Promise<SdkResponse<never>>;
|
|
700
759
|
};
|
|
701
760
|
accessKey: {
|
|
702
|
-
create: (name: string, expireTime: number, roles?: string[], keyTenants?: AssociatedTenant[], userId?: string, customClaims?: Record<string, any
|
|
761
|
+
create: (name: string, expireTime: number, roles?: string[], keyTenants?: AssociatedTenant[], userId?: string, customClaims?: Record<string, any>, description?: string, permittedIps?: string[]) => Promise<SdkResponse<CreatedAccessKeyResponse>>;
|
|
703
762
|
load: (id: string) => Promise<SdkResponse<AccessKey>>;
|
|
704
763
|
searchAll: (tenantIds?: string[]) => Promise<SdkResponse<AccessKey[]>>;
|
|
705
|
-
update: (id: string, name: string) => Promise<SdkResponse<AccessKey>>;
|
|
764
|
+
update: (id: string, name: string, description?: string) => Promise<SdkResponse<AccessKey>>;
|
|
706
765
|
deactivate: (id: string) => Promise<SdkResponse<never>>;
|
|
707
766
|
activate: (id: string) => Promise<SdkResponse<never>>;
|
|
708
767
|
delete: (id: string) => Promise<SdkResponse<never>>;
|
|
@@ -711,12 +770,13 @@ declare const nodeSdk: {
|
|
|
711
770
|
create: (name: string, selfProvisioningDomains?: string[], customAttributes?: Record<string, AttributesTypes>) => Promise<SdkResponse<CreateTenantResponse>>;
|
|
712
771
|
createWithId: (id: string, name: string, selfProvisioningDomains?: string[], customAttributes?: Record<string, AttributesTypes>) => Promise<SdkResponse<never>>;
|
|
713
772
|
update: (id: string, name: string, selfProvisioningDomains?: string[], customAttributes?: Record<string, AttributesTypes>) => Promise<SdkResponse<never>>;
|
|
714
|
-
delete: (id: string) => Promise<SdkResponse<never>>;
|
|
773
|
+
delete: (id: string, cascade?: boolean) => Promise<SdkResponse<never>>;
|
|
715
774
|
load: (id: string) => Promise<SdkResponse<Tenant>>;
|
|
716
775
|
loadAll: () => Promise<SdkResponse<Tenant[]>>;
|
|
717
776
|
searchAll: (ids?: string[], names?: string[], selfProvisioningDomains?: string[], customAttributes?: Record<string, AttributesTypes>) => Promise<SdkResponse<Tenant[]>>;
|
|
718
777
|
getSettings: (tenantId: string) => Promise<SdkResponse<TenantSettings>>;
|
|
719
778
|
configureSettings: (tenantId: string, settings: TenantSettings) => Promise<SdkResponse<never>>;
|
|
779
|
+
generateSSOConfigurationLink: (tenantId: string, expireDuration: number) => Promise<SdkResponse<GenerateSSOConfigurationLinkResponse>>;
|
|
720
780
|
};
|
|
721
781
|
ssoApplication: {
|
|
722
782
|
createOidcApplication: (options: OidcApplicationOptions) => Promise<SdkResponse<CreateSSOApplicationResponse>>;
|
|
@@ -780,6 +840,7 @@ declare const nodeSdk: {
|
|
|
780
840
|
};
|
|
781
841
|
audit: {
|
|
782
842
|
search: (searchOptions: AuditSearchOptions) => Promise<SdkResponse<AuditRecord[]>>;
|
|
843
|
+
createEvent: (createOptions: AuditCreateOptions) => Promise<SdkResponse<never>>;
|
|
783
844
|
};
|
|
784
845
|
authz: {
|
|
785
846
|
saveSchema: (schema: AuthzSchema, upgrade: boolean) => Promise<SdkResponse<never>>;
|
|
@@ -1181,7 +1242,7 @@ declare const nodeSdk: {
|
|
|
1181
1242
|
refreshJwt?: string;
|
|
1182
1243
|
cookies?: string[];
|
|
1183
1244
|
}>>;
|
|
1184
|
-
startNative: (provider: string, loginOptions?: _descope_core_js_sdk.LoginOptions) => Promise<SdkResponse<_descope_core_js_sdk.ResponseData>>;
|
|
1245
|
+
startNative: (provider: string, loginOptions?: _descope_core_js_sdk.LoginOptions, implicit?: boolean) => Promise<SdkResponse<_descope_core_js_sdk.ResponseData>>;
|
|
1185
1246
|
finishNative: (provider: string, stateId: string, user?: string, code?: string, idToken?: string) => Promise<SdkResponse<_descope_core_js_sdk.ResponseData>>;
|
|
1186
1247
|
};
|
|
1187
1248
|
saml: {
|
|
@@ -1206,6 +1267,44 @@ declare const nodeSdk: {
|
|
|
1206
1267
|
}>>;
|
|
1207
1268
|
update: (loginId: string, token?: string) => Promise<SdkResponse<_descope_core_js_sdk.TOTPResponse>>;
|
|
1208
1269
|
};
|
|
1270
|
+
notp: {
|
|
1271
|
+
signUpOrIn: (loginId?: string, signUpOptions?: {
|
|
1272
|
+
customClaims?: Record<string, any>;
|
|
1273
|
+
templateOptions?: {
|
|
1274
|
+
[x: string]: string;
|
|
1275
|
+
};
|
|
1276
|
+
}) => Promise<SdkResponse<{
|
|
1277
|
+
pendingRef: string;
|
|
1278
|
+
redirectUrl: string;
|
|
1279
|
+
image: string;
|
|
1280
|
+
}>>;
|
|
1281
|
+
signUp: (loginId?: string, user?: {
|
|
1282
|
+
email?: string;
|
|
1283
|
+
name?: string;
|
|
1284
|
+
givenName?: string;
|
|
1285
|
+
middleName?: string;
|
|
1286
|
+
familyName?: string;
|
|
1287
|
+
phone?: string;
|
|
1288
|
+
}, signUpOptions?: {
|
|
1289
|
+
customClaims?: Record<string, any>;
|
|
1290
|
+
templateOptions?: {
|
|
1291
|
+
[x: string]: string;
|
|
1292
|
+
};
|
|
1293
|
+
}) => Promise<SdkResponse<{
|
|
1294
|
+
pendingRef: string;
|
|
1295
|
+
redirectUrl: string;
|
|
1296
|
+
image: string;
|
|
1297
|
+
}>>;
|
|
1298
|
+
signIn: (loginId?: string, loginOptions?: _descope_core_js_sdk.LoginOptions, token?: string) => Promise<SdkResponse<{
|
|
1299
|
+
pendingRef: string;
|
|
1300
|
+
redirectUrl: string;
|
|
1301
|
+
image: string;
|
|
1302
|
+
}>>;
|
|
1303
|
+
waitForSession: (pendingRef: string, config?: {
|
|
1304
|
+
pollingIntervalMs: number;
|
|
1305
|
+
timeoutMs: number;
|
|
1306
|
+
}) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse>>;
|
|
1307
|
+
};
|
|
1209
1308
|
webauthn: {
|
|
1210
1309
|
signUp: {
|
|
1211
1310
|
start: (loginId: string, origin: string, name: string) => Promise<SdkResponse<{
|
|
@@ -1253,8 +1352,13 @@ declare const nodeSdk: {
|
|
|
1253
1352
|
middleName?: string;
|
|
1254
1353
|
familyName?: string;
|
|
1255
1354
|
phone?: string;
|
|
1355
|
+
}, signUpOptions?: {
|
|
1356
|
+
customClaims?: Record<string, any>;
|
|
1357
|
+
templateOptions?: {
|
|
1358
|
+
[x: string]: string;
|
|
1359
|
+
};
|
|
1256
1360
|
}) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse>>;
|
|
1257
|
-
signIn: (loginId: string, password: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse>>;
|
|
1361
|
+
signIn: (loginId: string, password: string, loginOptions?: _descope_core_js_sdk.LoginOptions) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse>>;
|
|
1258
1362
|
sendReset: (loginId: string, redirectUrl?: string, templateOptions?: {
|
|
1259
1363
|
[x: string]: string;
|
|
1260
1364
|
}) => Promise<SdkResponse<{
|
|
@@ -1300,6 +1404,9 @@ declare const nodeSdk: {
|
|
|
1300
1404
|
abTestingKey?: number;
|
|
1301
1405
|
startOptionsVersion?: number;
|
|
1302
1406
|
client?: Record<string, any>;
|
|
1407
|
+
locale?: string;
|
|
1408
|
+
oidcPrompt?: string;
|
|
1409
|
+
oidcErrorRedirectUri?: string;
|
|
1303
1410
|
}, conditionInteractionId?: string, interactionId?: string, version?: number, componentsVersion?: string, input?: {
|
|
1304
1411
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
1305
1412
|
}) => Promise<SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
@@ -1307,10 +1414,6 @@ declare const nodeSdk: {
|
|
|
1307
1414
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
1308
1415
|
}) => Promise<SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
1309
1416
|
};
|
|
1310
|
-
refresh: (token?: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & {
|
|
1311
|
-
refreshJwt?: string;
|
|
1312
|
-
cookies?: string[];
|
|
1313
|
-
}>>;
|
|
1314
1417
|
selectTenant: (tenantId: string, token?: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse>>;
|
|
1315
1418
|
logout: (token?: string) => Promise<SdkResponse<never>>;
|
|
1316
1419
|
logoutAll: (token?: string) => Promise<SdkResponse<never>>;
|
|
@@ -1335,6 +1438,13 @@ declare const nodeSdk: {
|
|
|
1335
1438
|
};
|
|
1336
1439
|
token?: string;
|
|
1337
1440
|
}) => Promise<Response>;
|
|
1441
|
+
patch: (path: string, body?: any, config?: {
|
|
1442
|
+
headers?: HeadersInit;
|
|
1443
|
+
queryParams?: {
|
|
1444
|
+
[key: string]: string;
|
|
1445
|
+
};
|
|
1446
|
+
token?: string;
|
|
1447
|
+
}) => Promise<Response>;
|
|
1338
1448
|
put: (path: string, body?: any, config?: {
|
|
1339
1449
|
headers?: HeadersInit;
|
|
1340
1450
|
queryParams?: {
|
|
@@ -1352,7 +1462,11 @@ declare const nodeSdk: {
|
|
|
1352
1462
|
hooks?: {
|
|
1353
1463
|
beforeRequest?: (config: _descope_core_js_sdk.RequestConfig) => _descope_core_js_sdk.RequestConfig;
|
|
1354
1464
|
afterRequest?: (req: _descope_core_js_sdk.RequestConfig, res: Response) => void | Promise<void>;
|
|
1465
|
+
transformResponse?: (mutableResponse: _descope_core_js_sdk.ExtendedResponse) => Promise<_descope_core_js_sdk.ExtendedResponse>;
|
|
1355
1466
|
};
|
|
1467
|
+
buildUrl: (path: string, queryParams?: {
|
|
1468
|
+
[key: string]: string;
|
|
1469
|
+
}) => string;
|
|
1356
1470
|
};
|
|
1357
1471
|
};
|
|
1358
1472
|
/** Descope SDK client with delivery methods enum.
|
package/dist/index.esm.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{__rest as e}from"tslib";import t,{transformResponse as s,wrapWith as a}from"@descope/core-js-sdk";import{jwtVerify as o,errors as n,importJWK as i}from"jose";import{Headers as r,fetch as l}from"cross-fetch";const d=t=>async(...s)=>{var a,o,n;const i=await t(...s);if(!i.data)return i;let r=i.data,{refreshJwt:l}=r,d=e(r,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=i.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=i.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(n=i.response)||void 0===n?void 0:n.headers.get("set-cookie"))),Object.assign(Object.assign({},i),{data:Object.assign(Object.assign({},i.data),{refreshJwt:l,cookies:p})})};function p(e,t,s){var a,o;const n=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(n)?n:[]}function m(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var g={create:"/v1/mgmt/user/create",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",history:"/v1/mgmt/user/history"},c={updateName:"/v1/mgmt/project/update/name",clone:"/v1/mgmt/project/clone",export:"/v1/mgmt/project/export",import:"/v1/mgmt/project/import"},u={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},h={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search"},v={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},k={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},C={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate"},f={settings:"/v1/mgmt/password/settings"},y={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},I={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},b={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},w={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},A={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},O={search:"/v1/mgmt/audit/search"},S={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",getModified:"/v1/mgmt/authz/getmodified"};const N=(e,t)=>({create:function(a,o,n,i,r,l,d,p,m,c,u,h,v,k){const C="string"==typeof o?{loginId:a,email:o,phone:n,displayName:i,givenName:u,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k}:Object.assign(Object.assign({loginId:a},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return s(e.httpClient.post(g.create,C,{token:t}),(e=>e.user))},createTestUser:function(a,o,n,i,r,l,d,p,m,c,u,h,v,k){const C="string"==typeof o?{loginId:a,email:o,phone:n,displayName:i,givenName:u,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k,test:!0}:Object.assign(Object.assign({loginId:a},o),{roleNames:null==o?void 0:o.roles,roles:void 0,test:!0});return s(e.httpClient.post(g.create,C,{token:t}),(e=>e.user))},invite:function(a,o,n,i,r,l,d,p,m,c,u,h,v,k,C,f,y){const I="string"==typeof o?{loginId:a,email:o,phone:n,displayName:i,givenName:k,middleName:C,familyName:f,roleNames:r,userTenants:l,invite:!0,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,inviteUrl:u,sendMail:h,sendSMS:v,additionalLoginIds:y}:Object.assign(Object.assign({loginId:a},o),{roleNames:null==o?void 0:o.roles,roles:void 0,invite:!0});return s(e.httpClient.post(g.create,I,{token:t}),(e=>e.user))},inviteBatch:(a,o,n,i,r)=>s(e.httpClient.post(g.createBatch,{users:a,invite:!0,inviteUrl:o,sendMail:n,sendSMS:i,templateOptions:r},{token:t}),(e=>e)),update:function(a,o,n,i,r,l,d,p,m,c,u,h,v,k){const C="string"==typeof o?{loginId:a,email:o,phone:n,displayName:i,givenName:u,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k}:Object.assign(Object.assign({loginId:a},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return s(e.httpClient.post(g.update,C,{token:t}),(e=>e.user))},delete:a=>s(e.httpClient.post(g.delete,{loginId:a},{token:t})),deleteByUserId:a=>s(e.httpClient.post(g.delete,{userId:a},{token:t})),deleteAllTestUsers:()=>s(e.httpClient.delete(g.deleteAllTestUsers,{token:t})),load:a=>s(e.httpClient.get(g.load,{queryParams:{loginId:a},token:t}),(e=>e.user)),loadByUserId:a=>s(e.httpClient.get(g.load,{queryParams:{userId:a},token:t}),(e=>e.user)),logoutUser:a=>s(e.httpClient.post(g.logout,{loginId:a},{token:t})),logoutUserByUserId:a=>s(e.httpClient.post(g.logout,{userId:a},{token:t})),searchAll:(a,o,n,i,r,l,d,p,m,c)=>s(e.httpClient.post(g.search,{tenantIds:a,roleNames:o,limit:n,page:i,testUsersOnly:r,withTestUser:l,customAttributes:d,statuses:p,emails:m,phones:c},{token:t}),(e=>e.users)),search:a=>s(e.httpClient.post(g.search,Object.assign(Object.assign({},a),{roleNames:a.roles,roles:void 0}),{token:t}),(e=>e.users)),getProviderToken:(a,o)=>s(e.httpClient.get(g.getProviderToken,{queryParams:{loginId:a,provider:o},token:t}),(e=>e)),activate:a=>s(e.httpClient.post(g.updateStatus,{loginId:a,status:"enabled"},{token:t}),(e=>e.user)),deactivate:a=>s(e.httpClient.post(g.updateStatus,{loginId:a,status:"disabled"},{token:t}),(e=>e.user)),updateLoginId:(a,o)=>s(e.httpClient.post(g.updateLoginId,{loginId:a,newLoginId:o},{token:t}),(e=>e.user)),updateEmail:(a,o,n)=>s(e.httpClient.post(g.updateEmail,{loginId:a,email:o,verified:n},{token:t}),(e=>e.user)),updatePhone:(a,o,n)=>s(e.httpClient.post(g.updatePhone,{loginId:a,phone:o,verified:n},{token:t}),(e=>e.user)),updateDisplayName:(a,o,n,i,r)=>s(e.httpClient.post(g.updateDisplayName,{loginId:a,displayName:o,givenName:n,middleName:i,familyName:r},{token:t}),(e=>e.user)),updatePicture:(a,o)=>s(e.httpClient.post(g.updatePicture,{loginId:a,picture:o},{token:t}),(e=>e.user)),updateCustomAttribute:(a,o,n)=>s(e.httpClient.post(g.updateCustomAttribute,{loginId:a,attributeKey:o,attributeValue:n},{token:t}),(e=>e.user)),setRoles:(a,o)=>s(e.httpClient.post(g.setRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),addRoles:(a,o)=>s(e.httpClient.post(g.addRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),removeRoles:(a,o)=>s(e.httpClient.post(g.removeRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),addTenant:(a,o)=>s(e.httpClient.post(g.addTenant,{loginId:a,tenantId:o},{token:t}),(e=>e.user)),removeTenant:(a,o)=>s(e.httpClient.post(g.removeTenant,{loginId:a,tenantId:o},{token:t}),(e=>e.user)),setTenantRoles:(a,o,n)=>s(e.httpClient.post(g.setRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),addTenantRoles:(a,o,n)=>s(e.httpClient.post(g.addRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),removeTenantRoles:(a,o,n)=>s(e.httpClient.post(g.removeRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),addSSOapps:(a,o)=>s(e.httpClient.post(g.addSSOApps,{loginId:a,ssoAppIds:o},{token:t}),(e=>e.user)),setSSOapps:(a,o)=>s(e.httpClient.post(g.setSSOApps,{loginId:a,ssoAppIds:o},{token:t}),(e=>e.user)),removeSSOapps:(a,o)=>s(e.httpClient.post(g.removeSSOApps,{loginId:a,ssoAppIds:o},{token:t}),(e=>e.user)),generateOTPForTestUser:(a,o,n)=>s(e.httpClient.post(g.generateOTPForTest,{deliveryMethod:a,loginId:o,loginOptions:n},{token:t}),(e=>e)),generateMagicLinkForTestUser:(a,o,n,i)=>s(e.httpClient.post(g.generateMagicLinkForTest,{deliveryMethod:a,loginId:o,URI:n,loginOptions:i},{token:t}),(e=>e)),generateEnchantedLinkForTestUser:(a,o,n)=>s(e.httpClient.post(g.generateEnchantedLinkForTest,{loginId:a,URI:o,loginOptions:n},{token:t}),(e=>e)),generateEmbeddedLink:(a,o)=>s(e.httpClient.post(g.generateEmbeddedLink,{loginId:a,customClaims:o},{token:t}),(e=>e)),setTemporaryPassword:(a,o)=>s(e.httpClient.post(g.setTemporaryPassword,{loginId:a,password:o},{token:t}),(e=>e)),setActivePassword:(a,o)=>s(e.httpClient.post(g.setActivePassword,{loginId:a,password:o},{token:t}),(e=>e)),setPassword:(a,o)=>s(e.httpClient.post(g.setPassword,{loginId:a,password:o},{token:t}),(e=>e)),expirePassword:a=>s(e.httpClient.post(g.expirePassword,{loginId:a},{token:t}),(e=>e)),removeAllPasskeys:a=>s(e.httpClient.post(g.removeAllPasskeys,{loginId:a},{token:t}),(e=>e)),history:a=>s(e.httpClient.post(g.history,a,{token:t}),(e=>e))}),P=(e,t)=>({updateName:a=>s(e.httpClient.post(c.updateName,{name:a},{token:t})),clone:(a,o)=>s(e.httpClient.post(c.clone,{name:a,tag:o},{token:t})),export:()=>s(e.httpClient.post(c.export,{},{token:t}),(e=>e.files)),import:a=>s(e.httpClient.post(c.import,{files:a},{token:t}))}),j=(e,t)=>({create:(a,o,n)=>s(e.httpClient.post(h.create,{name:a,selfProvisioningDomains:o,customAttributes:n},{token:t})),createWithId:(a,o,n,i)=>s(e.httpClient.post(h.create,{id:a,name:o,selfProvisioningDomains:n,customAttributes:i},{token:t})),update:(a,o,n,i)=>s(e.httpClient.post(h.update,{id:a,name:o,selfProvisioningDomains:n,customAttributes:i},{token:t})),delete:a=>s(e.httpClient.post(h.delete,{id:a},{token:t})),load:a=>s(e.httpClient.get(h.load,{queryParams:{id:a},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(h.loadAll,{token:t}),(e=>e.tenants)),searchAll:(a,o,n,i)=>s(e.httpClient.post(h.searchAll,{tenantIds:a,tenantNames:o,tenantSelfProvisioningDomains:n,customAttributes:i},{token:t}),(e=>e.tenants)),getSettings:a=>s(e.httpClient.get(h.settings,{queryParams:{id:a},token:t}),(e=>e)),configureSettings:(a,o)=>s(e.httpClient.post(h.settings,Object.assign(Object.assign({},o),{tenantId:a}),{token:t}))}),T=(e,t)=>({update:(a,o)=>s(e.httpClient.post(C.update,{jwt:a,customClaims:o},{token:t})),impersonate:(a,o,n)=>s(e.httpClient.post(C.impersonate,{impersonatorId:a,loginId:o,validateConsent:n},{token:t}))}),R=(e,t)=>({create:(a,o)=>s(e.httpClient.post(y.create,{name:a,description:o},{token:t})),update:(a,o,n)=>s(e.httpClient.post(y.update,{name:a,newName:o,description:n},{token:t})),delete:a=>s(e.httpClient.post(y.delete,{name:a},{token:t})),loadAll:()=>s(e.httpClient.get(y.loadAll,{token:t}),(e=>e.permissions))}),M=(e,t)=>({create:(a,o,n,i)=>s(e.httpClient.post(I.create,{name:a,description:o,permissionNames:n,tenantId:i},{token:t})),update:(a,o,n,i,r)=>s(e.httpClient.post(I.update,{name:a,newName:o,description:n,permissionNames:i,tenantId:r},{token:t})),delete:(a,o)=>s(e.httpClient.post(I.delete,{name:a,tenantId:o},{token:t})),loadAll:()=>s(e.httpClient.get(I.loadAll,{token:t}),(e=>e.roles)),search:a=>s(e.httpClient.post(I.search,a,{token:t}),(e=>e.roles))}),E=(e,t)=>({loadAllGroups:a=>s(e.httpClient.post(A.loadAllGroups,{tenantId:a},{token:t})),loadAllGroupsForMember:(a,o,n)=>s(e.httpClient.post(A.loadAllGroupsForMember,{tenantId:a,loginIds:n,userIds:o},{token:t})),loadAllGroupMembers:(a,o)=>s(e.httpClient.post(A.loadAllGroupMembers,{tenantId:a,groupId:o},{token:t}))}),x=(e,t)=>({getSettings:a=>s(e.httpClient.get(k.settings,{queryParams:{tenantId:a},token:t}),(e=>e)),deleteSettings:a=>s(e.httpClient.delete(k.settings,{queryParams:{tenantId:a},token:t})),configureSettings:(a,o,n,i,r,l)=>s(e.httpClient.post(k.settings,{tenantId:a,idpURL:o,entityId:i,idpCert:n,redirectURL:r,domains:l},{token:t})),configureMetadata:(a,o,n,i)=>s(e.httpClient.post(k.metadata,{tenantId:a,idpMetadataURL:o,redirectURL:n,domains:i},{token:t})),configureMapping:(a,o,n)=>s(e.httpClient.post(k.mapping,{tenantId:a,roleMappings:o,attributeMapping:n},{token:t})),configureOIDCSettings:(a,o,n)=>{const i=Object.assign(Object.assign({},o),{userAttrMapping:o.attributeMapping});return delete i.attributeMapping,s(e.httpClient.post(k.oidc.configure,{tenantId:a,settings:i,domains:n},{token:t}))},configureSAMLSettings:(a,o,n,i)=>s(e.httpClient.post(k.saml.configure,{tenantId:a,settings:o,redirectUrl:n,domains:i},{token:t})),configureSAMLByMetadata:(a,o,n,i)=>s(e.httpClient.post(k.saml.metadata,{tenantId:a,settings:o,redirectUrl:n,domains:i},{token:t})),loadSettings:a=>s(e.httpClient.get(k.settingsv2,{queryParams:{tenantId:a},token:t}),(e=>{var t,s;const a=e;return a.oidc&&(a.oidc=Object.assign(Object.assign({},a.oidc),{attributeMapping:a.oidc.userAttrMapping}),delete a.oidc.userAttrMapping),(null===(t=a.saml)||void 0===t?void 0:t.groupsMapping)&&(a.saml.groupsMapping=null===(s=a.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),a}))}),U=(e,t)=>({create:(a,o,n,i,r,l)=>s(e.httpClient.post(u.create,{name:a,expireTime:o,roleNames:n,keyTenants:i,userId:r,customClaims:l},{token:t})),load:a=>s(e.httpClient.get(u.load,{queryParams:{id:a},token:t}),(e=>e.key)),searchAll:a=>s(e.httpClient.post(u.search,{tenantIds:a},{token:t}),(e=>e.keys)),update:(a,o)=>s(e.httpClient.post(u.update,{id:a,name:o},{token:t}),(e=>e.key)),deactivate:a=>s(e.httpClient.post(u.deactivate,{id:a},{token:t})),activate:a=>s(e.httpClient.post(u.activate,{id:a},{token:t})),delete:a=>s(e.httpClient.post(u.delete,{id:a},{token:t}))}),L=(e,t)=>({list:()=>s(e.httpClient.post(b.list,{},{token:t})),delete:a=>s(e.httpClient.post(b.delete,{ids:a},{token:t})),export:a=>s(e.httpClient.post(b.export,{flowId:a},{token:t})),import:(a,o,n)=>s(e.httpClient.post(b.import,{flowId:a,flow:o,screens:n},{token:t}))}),D=(e,t)=>({export:()=>s(e.httpClient.post(w.export,{},{token:t})),import:a=>s(e.httpClient.post(w.import,{theme:a},{token:t}))}),F=(e,t)=>({search:a=>{const o=Object.assign(Object.assign({},a),{externalIds:a.loginIds});return delete o.loginIds,s(e.httpClient.post(O.search,o,{token:t}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))}}),z=(e,t)=>({saveSchema:(a,o)=>s(e.httpClient.post(S.schemaSave,{schema:a,upgrade:o},{token:t})),deleteSchema:()=>s(e.httpClient.post(S.schemaDelete,{},{token:t})),loadSchema:()=>s(e.httpClient.post(S.schemaLoad,{},{token:t}),(e=>e.schema)),saveNamespace:(a,o,n)=>s(e.httpClient.post(S.nsSave,{namespace:a,oldName:o,schemaName:n},{token:t})),deleteNamespace:(a,o)=>s(e.httpClient.post(S.nsDelete,{name:a,schemaName:o},{token:t})),saveRelationDefinition:(a,o,n,i)=>s(e.httpClient.post(S.rdSave,{relationDefinition:a,namespace:o,oldName:n,schemaName:i},{token:t})),deleteRelationDefinition:(a,o,n)=>s(e.httpClient.post(S.rdDelete,{name:a,namespace:o,schemaName:n},{token:t})),createRelations:a=>s(e.httpClient.post(S.reCreate,{relations:a},{token:t})),deleteRelations:a=>s(e.httpClient.post(S.reDelete,{relations:a},{token:t})),deleteRelationsForResources:a=>s(e.httpClient.post(S.reDeleteResources,{resources:a},{token:t})),hasRelations:a=>s(e.httpClient.post(S.hasRelations,{relationQueries:a},{token:t}),(e=>e.relationQueries)),whoCanAccess:(a,o,n)=>s(e.httpClient.post(S.who,{resource:a,relationDefinition:o,namespace:n},{token:t}),(e=>e.targets)),resourceRelations:a=>s(e.httpClient.post(S.resource,{resource:a},{token:t}),(e=>e.relations)),targetsRelations:a=>s(e.httpClient.post(S.targets,{targets:a},{token:t}),(e=>e.relations)),whatCanTargetAccess:a=>s(e.httpClient.post(S.targetAll,{target:a},{token:t}),(e=>e.relations)),getModified:a=>s(e.httpClient.post(S.getModified,{since:a?a.getTime():0},{token:t}),(e=>e))}),q=(e,t)=>({createOidcApplication:a=>{var o;return s(e.httpClient.post(v.oidcCreate,Object.assign(Object.assign({},a),{enabled:null===(o=a.enabled)||void 0===o||o}),{token:t}))},createSamlApplication:a=>{var o;return s(e.httpClient.post(v.samlCreate,Object.assign(Object.assign({},a),{enabled:null===(o=a.enabled)||void 0===o||o}),{token:t}))},updateOidcApplication:a=>s(e.httpClient.post(v.oidcUpdate,Object.assign({},a),{token:t})),updateSamlApplication:a=>s(e.httpClient.post(v.samlUpdate,Object.assign({},a),{token:t})),delete:a=>s(e.httpClient.post(v.delete,{id:a},{token:t})),load:a=>s(e.httpClient.get(v.load,{queryParams:{id:a},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(v.loadAll,{token:t}),(e=>e.apps))}),$=(e,t)=>({getSettings:a=>s(e.httpClient.get(f.settings,{queryParams:{tenantId:a},token:t}),(e=>e)),configureSettings:(a,o)=>s(e.httpClient.post(f.settings,Object.assign(Object.assign({},o),{tenantId:a}),{token:t}))});var J;null!==(J=globalThis.Headers)&&void 0!==J||(globalThis.Headers=r);const K=(...e)=>(e.forEach((e=>{var t,s;e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),l(...e)),G={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"},B=s=>{var r,{managementKey:l,publicKey:g}=s,c=e(s,["managementKey","publicKey"]);const u=t(Object.assign(Object.assign({fetch:K},c),{baseHeaders:Object.assign(Object.assign({},c.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(r=null===process||void 0===process?void 0:process.versions)||void 0===r?void 0:r.node)||"","x-descope-sdk-version":"1.6.8"})})),{projectId:h,logger:v}=c,k={},C=((e,t)=>({user:N(e,t),project:P(e,t),accessKey:U(e,t),tenant:j(e,t),ssoApplication:q(e,t),sso:x(e,t),jwt:T(e,t),permission:R(e,t),password:$(e,t),role:M(e,t),group:E(e,t),flow:L(e,t),theme:D(e,t),audit:F(e,t),authz:z(e,t)}))(u,l),f=Object.assign(Object.assign({},u),{management:C,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(k[e.kid])return k[e.kid];if(Object.assign(k,await(async()=>{if(g)try{const e=JSON.parse(g),t=await i(e);return{[e.kid]:t}}catch(e){throw null==v||v.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await u.httpClient.get(`v2/keys/${h}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await i(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!k[e.kid])throw Error("failed to fetch matching key");return k[e.kid]},async validateJwt(e){var t;const s=(await o(e,f.getKey,{clockTolerance:5})).payload;if(s&&(s.iss=null===(t=s.iss)||void 0===t?void 0:t.split("/").pop(),s.iss!==h))throw new n.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:s}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await f.validateJwt(e)}catch(e){throw null==v||v.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await f.validateJwt(e);const a=await f.refresh(e);if(a.ok){return await f.validateJwt(null===(t=a.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=a.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==v||v.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await f.validateSession(e)}catch(e){null==v||v.log(`session validation failed with error ${e} - trying to refresh it`)}return f.refreshSession(t)},async exchangeAccessKey(e,t){if(!e)throw Error("access key must not be empty");let s;try{s=await f.accessKey.exchange(e,t)}catch(e){throw null==v||v.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}const{sessionJwt:a}=s.data;if(!a)throw null==v||v.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await f.validateJwt(a)}catch(e){throw null==v||v.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>f.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>f.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!m(e,t))return!1;const a=p(e,"permissions",t);return s.every((e=>a.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!m(e,t))return[];const a=p(e,"permissions",t);return s.filter((e=>a.includes(e)))},validateRoles:(e,t)=>f.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>f.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!m(e,t))return!1;const a=p(e,"roles",t);return s.every((e=>a.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!m(e,t))return[];const a=p(e,"roles",t);return s.filter((e=>a.includes(e)))}});return a(f,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],d)};B.RefreshTokenCookieName="DSR",B.SessionTokenCookieName="DS";export{B as default,G as descopeErrors};
|
|
1
|
+
import{__rest as e}from"tslib";import t,{transformResponse as s,wrapWith as a}from"@descope/core-js-sdk";import{jwtVerify as n,errors as o,importJWK as i}from"jose";import{Headers as r,fetch as l}from"cross-fetch";const d=t=>async(...s)=>{var a,n,o;const i=await t(...s);if(!i.data)return i;let r=i.data,{refreshJwt:l}=r,d=e(r,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=i.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(n=i.response)||void 0===n?void 0:n.headers.get("set-cookie"),"DSR"),p.push(null===(o=i.response)||void 0===o?void 0:o.headers.get("set-cookie"))),Object.assign(Object.assign({},i),{data:Object.assign(Object.assign({},i.data),{refreshJwt:l,cookies:p})})};function p(e,t,s){var a,n;const o=s?null===(n=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===n?void 0:n[t]:e.token[t];return Array.isArray(o)?o:[]}function m(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var c={create:"/v1/mgmt/user/create",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",history:"/v1/mgmt/user/history"},g={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",export:"/v1/mgmt/project/export",import:"/v1/mgmt/project/import",projectsList:"/v1/mgmt/projects/list"},u={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},h={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",generateSSOConfigurationLink:"/v1/mgmt/tenant/adminlinks/sso/generate"},v={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},k={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},C={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate"},f={settings:"/v1/mgmt/password/settings"},y={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},I={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},b={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},w={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},A={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},N={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},S={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",getModified:"/v1/mgmt/authz/getmodified"};const O=(e,t)=>({create:function(a,n,o,i,r,l,d,p,m,g,u,h,v,k){const C="string"==typeof n?{loginId:a,email:n,phone:o,displayName:i,givenName:u,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:g,additionalLoginIds:k}:Object.assign(Object.assign({loginId:a},n),{roleNames:null==n?void 0:n.roles,roles:void 0});return s(e.httpClient.post(c.create,C,{token:t}),(e=>e.user))},createTestUser:function(a,n,o,i,r,l,d,p,m,g,u,h,v,k){const C="string"==typeof n?{loginId:a,email:n,phone:o,displayName:i,givenName:u,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:g,additionalLoginIds:k,test:!0}:Object.assign(Object.assign({loginId:a},n),{roleNames:null==n?void 0:n.roles,roles:void 0,test:!0});return s(e.httpClient.post(c.create,C,{token:t}),(e=>e.user))},invite:function(a,n,o,i,r,l,d,p,m,g,u,h,v,k,C,f,y){const I="string"==typeof n?{loginId:a,email:n,phone:o,displayName:i,givenName:k,middleName:C,familyName:f,roleNames:r,userTenants:l,invite:!0,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:g,inviteUrl:u,sendMail:h,sendSMS:v,additionalLoginIds:y}:Object.assign(Object.assign({loginId:a},n),{roleNames:null==n?void 0:n.roles,roles:void 0,invite:!0});return s(e.httpClient.post(c.create,I,{token:t}),(e=>e.user))},inviteBatch:(a,n,o,i,r)=>s(e.httpClient.post(c.createBatch,{users:a,invite:!0,inviteUrl:n,sendMail:o,sendSMS:i,templateOptions:r},{token:t}),(e=>e)),update:function(a,n,o,i,r,l,d,p,m,g,u,h,v,k){const C="string"==typeof n?{loginId:a,email:n,phone:o,displayName:i,givenName:u,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:g,additionalLoginIds:k}:Object.assign(Object.assign({loginId:a},n),{roleNames:null==n?void 0:n.roles,roles:void 0});return s(e.httpClient.post(c.update,C,{token:t}),(e=>e.user))},patch:function(a,n){const o={loginId:a};return void 0!==n.email&&(o.email=n.email),void 0!==n.phone&&(o.phone=n.phone),void 0!==n.displayName&&(o.displayName=n.displayName),void 0!==n.givenName&&(o.givenName=n.givenName),void 0!==n.middleName&&(o.middleName=n.middleName),void 0!==n.familyName&&(o.familyName=n.familyName),void 0!==n.roles&&(o.roleNames=n.roles),void 0!==n.userTenants&&(o.userTenants=n.userTenants),void 0!==n.customAttributes&&(o.customAttributes=n.customAttributes),void 0!==n.picture&&(o.picture=n.picture),void 0!==n.verifiedEmail&&(o.verifiedEmail=n.verifiedEmail),void 0!==n.verifiedPhone&&(o.verifiedPhone=n.verifiedPhone),void 0!==n.ssoAppIds&&(o.ssoAppIds=n.ssoAppIds),s(e.httpClient.patch(c.patch,o,{token:t}),(e=>e.user))},delete:a=>s(e.httpClient.post(c.delete,{loginId:a},{token:t})),deleteByUserId:a=>s(e.httpClient.post(c.delete,{userId:a},{token:t})),deleteAllTestUsers:()=>s(e.httpClient.delete(c.deleteAllTestUsers,{token:t})),load:a=>s(e.httpClient.get(c.load,{queryParams:{loginId:a},token:t}),(e=>e.user)),loadByUserId:a=>s(e.httpClient.get(c.load,{queryParams:{userId:a},token:t}),(e=>e.user)),logoutUser:a=>s(e.httpClient.post(c.logout,{loginId:a},{token:t})),logoutUserByUserId:a=>s(e.httpClient.post(c.logout,{userId:a},{token:t})),searchAll:(a,n,o,i,r,l,d,p,m,g)=>s(e.httpClient.post(c.search,{tenantIds:a,roleNames:n,limit:o,page:i,testUsersOnly:r,withTestUser:l,customAttributes:d,statuses:p,emails:m,phones:g},{token:t}),(e=>e.users)),search:a=>s(e.httpClient.post(c.search,Object.assign(Object.assign({},a),{roleNames:a.roles,roles:void 0}),{token:t}),(e=>e.users)),getProviderToken:(a,n,o)=>s(e.httpClient.get(c.getProviderToken,{queryParams:{loginId:a,provider:n,withRefreshToken:(null==o?void 0:o.withRefreshToken)?"true":"false",forceRefresh:(null==o?void 0:o.forceRefresh)?"true":"false"},token:t}),(e=>e)),activate:a=>s(e.httpClient.post(c.updateStatus,{loginId:a,status:"enabled"},{token:t}),(e=>e.user)),deactivate:a=>s(e.httpClient.post(c.updateStatus,{loginId:a,status:"disabled"},{token:t}),(e=>e.user)),updateLoginId:(a,n)=>s(e.httpClient.post(c.updateLoginId,{loginId:a,newLoginId:n},{token:t}),(e=>e.user)),updateEmail:(a,n,o)=>s(e.httpClient.post(c.updateEmail,{loginId:a,email:n,verified:o},{token:t}),(e=>e.user)),updatePhone:(a,n,o)=>s(e.httpClient.post(c.updatePhone,{loginId:a,phone:n,verified:o},{token:t}),(e=>e.user)),updateDisplayName:(a,n,o,i,r)=>s(e.httpClient.post(c.updateDisplayName,{loginId:a,displayName:n,givenName:o,middleName:i,familyName:r},{token:t}),(e=>e.user)),updatePicture:(a,n)=>s(e.httpClient.post(c.updatePicture,{loginId:a,picture:n},{token:t}),(e=>e.user)),updateCustomAttribute:(a,n,o)=>s(e.httpClient.post(c.updateCustomAttribute,{loginId:a,attributeKey:n,attributeValue:o},{token:t}),(e=>e.user)),setRoles:(a,n)=>s(e.httpClient.post(c.setRole,{loginId:a,roleNames:n},{token:t}),(e=>e.user)),addRoles:(a,n)=>s(e.httpClient.post(c.addRole,{loginId:a,roleNames:n},{token:t}),(e=>e.user)),removeRoles:(a,n)=>s(e.httpClient.post(c.removeRole,{loginId:a,roleNames:n},{token:t}),(e=>e.user)),addTenant:(a,n)=>s(e.httpClient.post(c.addTenant,{loginId:a,tenantId:n},{token:t}),(e=>e.user)),removeTenant:(a,n)=>s(e.httpClient.post(c.removeTenant,{loginId:a,tenantId:n},{token:t}),(e=>e.user)),setTenantRoles:(a,n,o)=>s(e.httpClient.post(c.setRole,{loginId:a,tenantId:n,roleNames:o},{token:t}),(e=>e.user)),addTenantRoles:(a,n,o)=>s(e.httpClient.post(c.addRole,{loginId:a,tenantId:n,roleNames:o},{token:t}),(e=>e.user)),removeTenantRoles:(a,n,o)=>s(e.httpClient.post(c.removeRole,{loginId:a,tenantId:n,roleNames:o},{token:t}),(e=>e.user)),addSSOapps:(a,n)=>s(e.httpClient.post(c.addSSOApps,{loginId:a,ssoAppIds:n},{token:t}),(e=>e.user)),setSSOapps:(a,n)=>s(e.httpClient.post(c.setSSOApps,{loginId:a,ssoAppIds:n},{token:t}),(e=>e.user)),removeSSOapps:(a,n)=>s(e.httpClient.post(c.removeSSOApps,{loginId:a,ssoAppIds:n},{token:t}),(e=>e.user)),generateOTPForTestUser:(a,n,o)=>s(e.httpClient.post(c.generateOTPForTest,{deliveryMethod:a,loginId:n,loginOptions:o},{token:t}),(e=>e)),generateMagicLinkForTestUser:(a,n,o,i)=>s(e.httpClient.post(c.generateMagicLinkForTest,{deliveryMethod:a,loginId:n,URI:o,loginOptions:i},{token:t}),(e=>e)),generateEnchantedLinkForTestUser:(a,n,o)=>s(e.httpClient.post(c.generateEnchantedLinkForTest,{loginId:a,URI:n,loginOptions:o},{token:t}),(e=>e)),generateEmbeddedLink:(a,n)=>s(e.httpClient.post(c.generateEmbeddedLink,{loginId:a,customClaims:n},{token:t}),(e=>e)),setTemporaryPassword:(a,n)=>s(e.httpClient.post(c.setTemporaryPassword,{loginId:a,password:n},{token:t}),(e=>e)),setActivePassword:(a,n)=>s(e.httpClient.post(c.setActivePassword,{loginId:a,password:n},{token:t}),(e=>e)),setPassword:(a,n)=>s(e.httpClient.post(c.setPassword,{loginId:a,password:n},{token:t}),(e=>e)),expirePassword:a=>s(e.httpClient.post(c.expirePassword,{loginId:a},{token:t}),(e=>e)),removeAllPasskeys:a=>s(e.httpClient.post(c.removeAllPasskeys,{loginId:a},{token:t}),(e=>e)),history:a=>s(e.httpClient.post(c.history,a,{token:t}),(e=>e))}),j=(e,t)=>({updateName:a=>s(e.httpClient.post(g.updateName,{name:a},{token:t})),updateTags:a=>s(e.httpClient.post(g.updateTags,{tags:a},{token:t})),clone:(a,n,o)=>s(e.httpClient.post(g.clone,{name:a,environment:n,tags:o},{token:t})),listProjects:async()=>s(e.httpClient.post(g.projectsList,{},{token:t}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:a})=>({id:e,name:t,environment:s,tags:a}))))),export:()=>s(e.httpClient.post(g.export,{},{token:t}),(e=>e.files)),import:a=>s(e.httpClient.post(g.import,{files:a},{token:t}))}),T=(e,t)=>({create:(a,n,o)=>s(e.httpClient.post(h.create,{name:a,selfProvisioningDomains:n,customAttributes:o},{token:t})),createWithId:(a,n,o,i)=>s(e.httpClient.post(h.create,{id:a,name:n,selfProvisioningDomains:o,customAttributes:i},{token:t})),update:(a,n,o,i)=>s(e.httpClient.post(h.update,{id:a,name:n,selfProvisioningDomains:o,customAttributes:i},{token:t})),delete:(a,n)=>s(e.httpClient.post(h.delete,{id:a,cascade:n},{token:t})),load:a=>s(e.httpClient.get(h.load,{queryParams:{id:a},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(h.loadAll,{token:t}),(e=>e.tenants)),searchAll:(a,n,o,i)=>s(e.httpClient.post(h.searchAll,{tenantIds:a,tenantNames:n,tenantSelfProvisioningDomains:o,customAttributes:i},{token:t}),(e=>e.tenants)),getSettings:a=>s(e.httpClient.get(h.settings,{queryParams:{id:a},token:t}),(e=>e)),configureSettings:(a,n)=>s(e.httpClient.post(h.settings,Object.assign(Object.assign({},n),{tenantId:a}),{token:t})),generateSSOConfigurationLink:(a,n)=>s(e.httpClient.post(h.generateSSOConfigurationLink,{tenantId:a,expireTime:n},{token:t}),(e=>e))}),P=(e,t)=>({update:(a,n)=>s(e.httpClient.post(C.update,{jwt:a,customClaims:n},{token:t})),impersonate:(a,n,o)=>s(e.httpClient.post(C.impersonate,{impersonatorId:a,loginId:n,validateConsent:o},{token:t}))}),R=(e,t)=>({create:(a,n)=>s(e.httpClient.post(y.create,{name:a,description:n},{token:t})),update:(a,n,o)=>s(e.httpClient.post(y.update,{name:a,newName:n,description:o},{token:t})),delete:a=>s(e.httpClient.post(y.delete,{name:a},{token:t})),loadAll:()=>s(e.httpClient.get(y.loadAll,{token:t}),(e=>e.permissions))}),E=(e,t)=>({create:(a,n,o,i)=>s(e.httpClient.post(I.create,{name:a,description:n,permissionNames:o,tenantId:i},{token:t})),update:(a,n,o,i,r)=>s(e.httpClient.post(I.update,{name:a,newName:n,description:o,permissionNames:i,tenantId:r},{token:t})),delete:(a,n)=>s(e.httpClient.post(I.delete,{name:a,tenantId:n},{token:t})),loadAll:()=>s(e.httpClient.get(I.loadAll,{token:t}),(e=>e.roles)),search:a=>s(e.httpClient.post(I.search,a,{token:t}),(e=>e.roles))}),M=(e,t)=>({loadAllGroups:a=>s(e.httpClient.post(A.loadAllGroups,{tenantId:a},{token:t})),loadAllGroupsForMember:(a,n,o)=>s(e.httpClient.post(A.loadAllGroupsForMember,{tenantId:a,loginIds:o,userIds:n},{token:t})),loadAllGroupMembers:(a,n)=>s(e.httpClient.post(A.loadAllGroupMembers,{tenantId:a,groupId:n},{token:t}))}),x=(e,t)=>({getSettings:a=>s(e.httpClient.get(k.settings,{queryParams:{tenantId:a},token:t}),(e=>e)),deleteSettings:a=>s(e.httpClient.delete(k.settings,{queryParams:{tenantId:a},token:t})),configureSettings:(a,n,o,i,r,l)=>s(e.httpClient.post(k.settings,{tenantId:a,idpURL:n,entityId:i,idpCert:o,redirectURL:r,domains:l},{token:t})),configureMetadata:(a,n,o,i)=>s(e.httpClient.post(k.metadata,{tenantId:a,idpMetadataURL:n,redirectURL:o,domains:i},{token:t})),configureMapping:(a,n,o)=>s(e.httpClient.post(k.mapping,{tenantId:a,roleMappings:n,attributeMapping:o},{token:t})),configureOIDCSettings:(a,n,o)=>{const i=Object.assign(Object.assign({},n),{userAttrMapping:n.attributeMapping});return delete i.attributeMapping,s(e.httpClient.post(k.oidc.configure,{tenantId:a,settings:i,domains:o},{token:t}))},configureSAMLSettings:(a,n,o,i)=>s(e.httpClient.post(k.saml.configure,{tenantId:a,settings:n,redirectUrl:o,domains:i},{token:t})),configureSAMLByMetadata:(a,n,o,i)=>s(e.httpClient.post(k.saml.metadata,{tenantId:a,settings:n,redirectUrl:o,domains:i},{token:t})),loadSettings:a=>s(e.httpClient.get(k.settingsv2,{queryParams:{tenantId:a},token:t}),(e=>{var t,s;const a=e;return a.oidc&&(a.oidc=Object.assign(Object.assign({},a.oidc),{attributeMapping:a.oidc.userAttrMapping}),delete a.oidc.userAttrMapping),(null===(t=a.saml)||void 0===t?void 0:t.groupsMapping)&&(a.saml.groupsMapping=null===(s=a.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),a}))}),L=(e,t)=>({create:(a,n,o,i,r,l,d,p)=>s(e.httpClient.post(u.create,{name:a,expireTime:n,roleNames:o,keyTenants:i,userId:r,customClaims:l,description:d,permittedIps:p},{token:t})),load:a=>s(e.httpClient.get(u.load,{queryParams:{id:a},token:t}),(e=>e.key)),searchAll:a=>s(e.httpClient.post(u.search,{tenantIds:a},{token:t}),(e=>e.keys)),update:(a,n,o)=>s(e.httpClient.post(u.update,{id:a,name:n,description:o},{token:t}),(e=>e.key)),deactivate:a=>s(e.httpClient.post(u.deactivate,{id:a},{token:t})),activate:a=>s(e.httpClient.post(u.activate,{id:a},{token:t})),delete:a=>s(e.httpClient.post(u.delete,{id:a},{token:t}))}),U=(e,t)=>({list:()=>s(e.httpClient.post(b.list,{},{token:t})),delete:a=>s(e.httpClient.post(b.delete,{ids:a},{token:t})),export:a=>s(e.httpClient.post(b.export,{flowId:a},{token:t})),import:(a,n,o)=>s(e.httpClient.post(b.import,{flowId:a,flow:n,screens:o},{token:t}))}),D=(e,t)=>({export:()=>s(e.httpClient.post(w.export,{},{token:t})),import:a=>s(e.httpClient.post(w.import,{theme:a},{token:t}))}),F=(e,t)=>({search:a=>{const n=Object.assign(Object.assign({},a),{externalIds:a.loginIds});return delete n.loginIds,s(e.httpClient.post(N.search,n,{token:t}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))},createEvent:a=>{const n=Object.assign({},a);return s(e.httpClient.post(N.createEvent,n,{token:t}))}}),z=(e,t)=>({saveSchema:(a,n)=>s(e.httpClient.post(S.schemaSave,{schema:a,upgrade:n},{token:t})),deleteSchema:()=>s(e.httpClient.post(S.schemaDelete,{},{token:t})),loadSchema:()=>s(e.httpClient.post(S.schemaLoad,{},{token:t}),(e=>e.schema)),saveNamespace:(a,n,o)=>s(e.httpClient.post(S.nsSave,{namespace:a,oldName:n,schemaName:o},{token:t})),deleteNamespace:(a,n)=>s(e.httpClient.post(S.nsDelete,{name:a,schemaName:n},{token:t})),saveRelationDefinition:(a,n,o,i)=>s(e.httpClient.post(S.rdSave,{relationDefinition:a,namespace:n,oldName:o,schemaName:i},{token:t})),deleteRelationDefinition:(a,n,o)=>s(e.httpClient.post(S.rdDelete,{name:a,namespace:n,schemaName:o},{token:t})),createRelations:a=>s(e.httpClient.post(S.reCreate,{relations:a},{token:t})),deleteRelations:a=>s(e.httpClient.post(S.reDelete,{relations:a},{token:t})),deleteRelationsForResources:a=>s(e.httpClient.post(S.reDeleteResources,{resources:a},{token:t})),hasRelations:a=>s(e.httpClient.post(S.hasRelations,{relationQueries:a},{token:t}),(e=>e.relationQueries)),whoCanAccess:(a,n,o)=>s(e.httpClient.post(S.who,{resource:a,relationDefinition:n,namespace:o},{token:t}),(e=>e.targets)),resourceRelations:a=>s(e.httpClient.post(S.resource,{resource:a},{token:t}),(e=>e.relations)),targetsRelations:a=>s(e.httpClient.post(S.targets,{targets:a},{token:t}),(e=>e.relations)),whatCanTargetAccess:a=>s(e.httpClient.post(S.targetAll,{target:a},{token:t}),(e=>e.relations)),getModified:a=>s(e.httpClient.post(S.getModified,{since:a?a.getTime():0},{token:t}),(e=>e))}),q=(e,t)=>({createOidcApplication:a=>{var n;return s(e.httpClient.post(v.oidcCreate,Object.assign(Object.assign({},a),{enabled:null===(n=a.enabled)||void 0===n||n}),{token:t}))},createSamlApplication:a=>{var n;return s(e.httpClient.post(v.samlCreate,Object.assign(Object.assign({},a),{enabled:null===(n=a.enabled)||void 0===n||n}),{token:t}))},updateOidcApplication:a=>s(e.httpClient.post(v.oidcUpdate,Object.assign({},a),{token:t})),updateSamlApplication:a=>s(e.httpClient.post(v.samlUpdate,Object.assign({},a),{token:t})),delete:a=>s(e.httpClient.post(v.delete,{id:a},{token:t})),load:a=>s(e.httpClient.get(v.load,{queryParams:{id:a},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(v.loadAll,{token:t}),(e=>e.apps))}),$=(e,t)=>({getSettings:a=>s(e.httpClient.get(f.settings,{queryParams:{tenantId:a},token:t}),(e=>e)),configureSettings:(a,n)=>s(e.httpClient.post(f.settings,Object.assign(Object.assign({},n),{tenantId:a}),{token:t}))});var J;null!==(J=globalThis.Headers)&&void 0!==J||(globalThis.Headers=r);const K=(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),l(...e)),G={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"},B=s=>{var r,{managementKey:l,publicKey:c}=s,g=e(s,["managementKey","publicKey"]);const u=t(Object.assign(Object.assign({fetch:K},g),{baseHeaders:Object.assign(Object.assign({},g.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(r=null===process||void 0===process?void 0:process.versions)||void 0===r?void 0:r.node)||"","x-descope-sdk-version":"1.6.10"})})),{projectId:h,logger:v}=g,k={},C=((e,t)=>({user:O(e,t),project:j(e,t),accessKey:L(e,t),tenant:T(e,t),ssoApplication:q(e,t),sso:x(e,t),jwt:P(e,t),permission:R(e,t),password:$(e,t),role:E(e,t),group:M(e,t),flow:U(e,t),theme:D(e,t),audit:F(e,t),authz:z(e,t)}))(u,l),f=Object.assign(Object.assign({},u),{refresh:async e=>u.refresh(e),management:C,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(k[e.kid])return k[e.kid];if(Object.assign(k,await(async()=>{if(c)try{const e=JSON.parse(c),t=await i(e);return{[e.kid]:t}}catch(e){throw null==v||v.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await u.httpClient.get(`v2/keys/${h}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await i(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!k[e.kid])throw Error("failed to fetch matching key");return k[e.kid]},async validateJwt(e){var t;const s=(await n(e,f.getKey,{clockTolerance:5})).payload;if(s&&(s.iss=null===(t=s.iss)||void 0===t?void 0:t.split("/").pop(),s.iss!==h))throw new o.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:s}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await f.validateJwt(e)}catch(e){throw null==v||v.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await f.validateJwt(e);const a=await f.refresh(e);if(a.ok){return await f.validateJwt(null===(t=a.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=a.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==v||v.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await f.validateSession(e)}catch(e){null==v||v.log(`session validation failed with error ${e} - trying to refresh it`)}return f.refreshSession(t)},async exchangeAccessKey(e,t){if(!e)throw Error("access key must not be empty");let s;try{s=await f.accessKey.exchange(e,t)}catch(e){throw null==v||v.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}const{sessionJwt:a}=s.data;if(!a)throw null==v||v.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await f.validateJwt(a)}catch(e){throw null==v||v.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>f.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>f.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!m(e,t))return!1;const a=p(e,"permissions",t);return s.every((e=>a.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!m(e,t))return[];const a=p(e,"permissions",t);return s.filter((e=>a.includes(e)))},validateRoles:(e,t)=>f.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>f.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!m(e,t))return!1;const a=p(e,"roles",t);return s.every((e=>a.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!m(e,t))return[];const a=p(e,"roles",t);return s.filter((e=>a.includes(e)))}});return a(f,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],d)};B.RefreshTokenCookieName="DSR",B.SessionTokenCookieName="DS";export{B as default,G as descopeErrors};
|
|
2
2
|
//# sourceMappingURL=index.esm.js.map
|