@descope/node-sdk 1.7.1 → 1.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +41 -19
- package/dist/cjs/index.cjs.js +1 -1
- package/dist/cjs/index.cjs.js.map +1 -1
- package/dist/index.d.ts +27 -12
- package/dist/index.esm.js +1 -1
- package/dist/index.esm.js.map +1 -1
- package/package.json +2 -2
package/dist/index.d.ts
CHANGED
|
@@ -135,8 +135,16 @@ declare type RoleMappings = RoleMapping[];
|
|
|
135
135
|
declare type AttributeMapping = {
|
|
136
136
|
name?: string;
|
|
137
137
|
email?: string;
|
|
138
|
+
username?: string;
|
|
138
139
|
phoneNumber?: string;
|
|
140
|
+
givenName?: string;
|
|
141
|
+
middleName?: string;
|
|
142
|
+
familyName?: string;
|
|
143
|
+
picture?: string;
|
|
144
|
+
verifiedEmail?: string;
|
|
145
|
+
verifiedPhone?: string;
|
|
139
146
|
group?: string;
|
|
147
|
+
customAttributes?: Record<string, string>;
|
|
140
148
|
};
|
|
141
149
|
/** UpdateJWT response with a new JWT value with the added custom claims */
|
|
142
150
|
declare type UpdateJWTResponse = {
|
|
@@ -378,7 +386,6 @@ declare type UserMapping = {
|
|
|
378
386
|
email: string;
|
|
379
387
|
username: string;
|
|
380
388
|
phoneNumber: string;
|
|
381
|
-
group: string;
|
|
382
389
|
};
|
|
383
390
|
declare type RoleItem = {
|
|
384
391
|
id: string;
|
|
@@ -419,19 +426,21 @@ declare type SSOSettings = {
|
|
|
419
426
|
tenant: Tenant;
|
|
420
427
|
saml?: SSOSAMLSettingsResponse;
|
|
421
428
|
oidc?: SSOOIDCSettings;
|
|
429
|
+
ssoId?: string;
|
|
422
430
|
};
|
|
423
431
|
declare type OIDCAttributeMapping = {
|
|
424
432
|
loginId?: string;
|
|
425
433
|
name?: string;
|
|
434
|
+
email?: string;
|
|
435
|
+
username?: string;
|
|
436
|
+
phoneNumber?: string;
|
|
426
437
|
givenName?: string;
|
|
427
438
|
middleName?: string;
|
|
428
439
|
familyName?: string;
|
|
429
|
-
|
|
440
|
+
picture?: string;
|
|
430
441
|
verifiedEmail?: string;
|
|
431
|
-
username?: string;
|
|
432
|
-
phoneNumber?: string;
|
|
433
442
|
verifiedPhone?: string;
|
|
434
|
-
|
|
443
|
+
customAttributes?: Record<string, string>;
|
|
435
444
|
};
|
|
436
445
|
declare type Prompt = 'none' | 'login' | 'consent' | 'select_account';
|
|
437
446
|
declare type SSOOIDCSettings = {
|
|
@@ -803,6 +812,7 @@ declare const nodeSdk: {
|
|
|
803
812
|
testUsersOnly?: boolean;
|
|
804
813
|
ssoAppIds?: string[];
|
|
805
814
|
loginIds?: string[];
|
|
815
|
+
userIds?: string[];
|
|
806
816
|
fromCreatedTime?: number;
|
|
807
817
|
toCreatedTime?: number;
|
|
808
818
|
fromModifiedTime?: number;
|
|
@@ -826,6 +836,7 @@ declare const nodeSdk: {
|
|
|
826
836
|
testUsersOnly?: boolean;
|
|
827
837
|
ssoAppIds?: string[];
|
|
828
838
|
loginIds?: string[];
|
|
839
|
+
userIds?: string[];
|
|
829
840
|
fromCreatedTime?: number;
|
|
830
841
|
toCreatedTime?: number;
|
|
831
842
|
fromModifiedTime?: number;
|
|
@@ -875,10 +886,10 @@ declare const nodeSdk: {
|
|
|
875
886
|
import: (files: Record<string, any>) => Promise<SdkResponse<never>>;
|
|
876
887
|
};
|
|
877
888
|
accessKey: {
|
|
878
|
-
create: (name: string, expireTime: number, roles?: string[],
|
|
889
|
+
create: (name: string, expireTime: number, roles?: string[], tenants?: AssociatedTenant[], userId?: string, customClaims?: Record<string, any>, description?: string, permittedIps?: string[]) => Promise<SdkResponse<CreatedAccessKeyResponse>>;
|
|
879
890
|
load: (id: string) => Promise<SdkResponse<AccessKey>>;
|
|
880
891
|
searchAll: (tenantIds?: string[]) => Promise<SdkResponse<AccessKey[]>>;
|
|
881
|
-
update: (id: string, name: string, description?: string) => Promise<SdkResponse<AccessKey>>;
|
|
892
|
+
update: (id: string, name: string, description?: string, roles?: string[], tenants?: AssociatedTenant[], customClaims?: Record<string, any>, permittedIps?: string[]) => Promise<SdkResponse<AccessKey>>;
|
|
882
893
|
deactivate: (id: string) => Promise<SdkResponse<never>>;
|
|
883
894
|
activate: (id: string) => Promise<SdkResponse<never>>;
|
|
884
895
|
delete: (id: string) => Promise<SdkResponse<never>>;
|
|
@@ -914,14 +925,16 @@ declare const nodeSdk: {
|
|
|
914
925
|
};
|
|
915
926
|
sso: {
|
|
916
927
|
getSettings: (tenantId: string) => Promise<SdkResponse<SSOSettingsResponse>>;
|
|
917
|
-
|
|
928
|
+
newSettings: (tenantId: string, ssoId: string, displayName: string) => Promise<SdkResponse<SSOSettings>>;
|
|
929
|
+
deleteSettings: (tenantId: string, ssoId?: string) => Promise<SdkResponse<never>>;
|
|
918
930
|
configureSettings: (tenantId: string, idpURL: string, idpCert: string, entityId: string, redirectURL: string, domains: string[]) => Promise<SdkResponse<never>>;
|
|
919
931
|
configureMetadata: (tenantId: string, idpMetadataURL: string, redirectURL: string, domains: string[]) => Promise<SdkResponse<never>>;
|
|
920
932
|
configureMapping: (tenantId: string, roleMappings?: RoleMappings, attributeMapping?: AttributeMapping) => Promise<SdkResponse<never>>;
|
|
921
|
-
configureOIDCSettings: (tenantId: string, settings: SSOOIDCSettings, domains?: string[]) => Promise<SdkResponse<never>>;
|
|
922
|
-
configureSAMLSettings: (tenantId: string, settings: SSOSAMLSettings, redirectUrl?: string, domains?: string[]) => Promise<SdkResponse<never>>;
|
|
923
|
-
configureSAMLByMetadata: (tenantId: string, settings: SSOSAMLByMetadataSettings, redirectUrl?: string, domains?: string[]) => Promise<SdkResponse<never>>;
|
|
924
|
-
loadSettings: (tenantId: string) => Promise<SdkResponse<SSOSettings>>;
|
|
933
|
+
configureOIDCSettings: (tenantId: string, settings: SSOOIDCSettings, domains?: string[], ssoId?: string) => Promise<SdkResponse<never>>;
|
|
934
|
+
configureSAMLSettings: (tenantId: string, settings: SSOSAMLSettings, redirectUrl?: string, domains?: string[], ssoId?: string) => Promise<SdkResponse<never>>;
|
|
935
|
+
configureSAMLByMetadata: (tenantId: string, settings: SSOSAMLByMetadataSettings, redirectUrl?: string, domains?: string[], ssoId?: string) => Promise<SdkResponse<never>>;
|
|
936
|
+
loadSettings: (tenantId: string, ssoId?: string) => Promise<SdkResponse<SSOSettings>>;
|
|
937
|
+
loadAllSettings: (tenantId: string) => Promise<SdkResponse<SSOSettings[]>>;
|
|
925
938
|
};
|
|
926
939
|
jwt: {
|
|
927
940
|
update: (jwt: string, customClaims?: Record<string, any>, refreshDuration?: number) => Promise<SdkResponse<UpdateJWTResponse>>;
|
|
@@ -936,6 +949,7 @@ declare const nodeSdk: {
|
|
|
936
949
|
cookiePath?: string;
|
|
937
950
|
sessionJwt: string;
|
|
938
951
|
cookieExpiration?: number;
|
|
952
|
+
sessionExpiration: number;
|
|
939
953
|
}>>;
|
|
940
954
|
};
|
|
941
955
|
permission: {
|
|
@@ -1595,6 +1609,7 @@ declare const nodeSdk: {
|
|
|
1595
1609
|
getTenants: (token: string) => string[];
|
|
1596
1610
|
getJwtPermissions: (token: string, tenant?: string) => string[];
|
|
1597
1611
|
getJwtRoles: (token: string, tenant?: string) => string[];
|
|
1612
|
+
getCurrentTenant: (token: string) => string;
|
|
1598
1613
|
httpClient: {
|
|
1599
1614
|
get: (path: string, config?: {
|
|
1600
1615
|
headers?: HeadersInit;
|
package/dist/index.esm.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{__rest as e}from"tslib";import t,{transformResponse as s,wrapWith as n}from"@descope/core-js-sdk";import{jwtVerify as a,errors as o,importJWK as i}from"jose";import{Headers as r,fetch as l}from"cross-fetch";var d;null!==(d=globalThis.Headers)&&void 0!==d||(globalThis.Headers=r);const p=(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),l(...e)),m=t=>async(...s)=>{var n,a,o;const i=await t(...s);if(!i.data)return i;let r=i.data,{refreshJwt:l}=r,d=e(r,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(n=i.response)||void 0===n?void 0:n.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(a=i.response)||void 0===a?void 0:a.headers.get("set-cookie"),"DSR"),p.push(null===(o=i.response)||void 0===o?void 0:o.headers.get("set-cookie"))),Object.assign(Object.assign({},i),{data:Object.assign(Object.assign({},i.data),{refreshJwt:l,cookies:p})})};function c(e,t,s){var n,a;const o=s?null===(a=null===(n=e.token.tenants)||void 0===n?void 0:n[s])||void 0===a?void 0:a[t]:e.token[t];return Array.isArray(o)?o:[]}function g(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var u={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",history:"/v1/mgmt/user/history"},h={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},v={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},k={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate"},C={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},f={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},y={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous"},I={settings:"/v1/mgmt/password/settings"},b={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},w={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},A={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},S={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},O={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},T={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},N={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},j={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check"};const P=(e,t)=>({create:function(n,a,o,i,r,l,d,p,m,c,g,h,v,k){const C="string"==typeof a?{loginId:n,email:a,phone:o,displayName:i,givenName:g,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k}:Object.assign(Object.assign({loginId:n},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.httpClient.post(u.create,C,{token:t}),(e=>e.user))},createTestUser:function(n,a,o,i,r,l,d,p,m,c,g,h,v,k){const C="string"==typeof a?{loginId:n,email:a,phone:o,displayName:i,givenName:g,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k,test:!0}:Object.assign(Object.assign({loginId:n},a),{roleNames:null==a?void 0:a.roles,roles:void 0,test:!0});return s(e.httpClient.post(u.createTestUser,C,{token:t}),(e=>e.user))},invite:function(n,a,o,i,r,l,d,p,m,c,g,h,v,k,C,f,y,I){const b="string"==typeof a?{loginId:n,email:a,phone:o,displayName:i,givenName:k,middleName:C,familyName:f,roleNames:r,userTenants:l,invite:!0,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,inviteUrl:g,sendMail:h,sendSMS:v,additionalLoginIds:y,templateId:I}:Object.assign(Object.assign({loginId:n},a),{roleNames:null==a?void 0:a.roles,roles:void 0,invite:!0});return s(e.httpClient.post(u.create,b,{token:t}),(e=>e.user))},inviteBatch:(n,a,o,i,r,l)=>s(e.httpClient.post(u.createBatch,{users:n.map((e=>{const t=Object.assign(Object.assign({},e),{roleNames:e.roles});return delete t.roles,t})),invite:!0,inviteUrl:a,sendMail:o,sendSMS:i,templateOptions:r,templateId:l},{token:t}),(e=>e)),update:function(n,a,o,i,r,l,d,p,m,c,g,h,v,k){const C="string"==typeof a?{loginId:n,email:a,phone:o,displayName:i,givenName:g,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k}:Object.assign(Object.assign({loginId:n},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.httpClient.post(u.update,C,{token:t}),(e=>e.user))},patch:function(n,a){const o={loginId:n};return void 0!==a.email&&(o.email=a.email),void 0!==a.phone&&(o.phone=a.phone),void 0!==a.displayName&&(o.displayName=a.displayName),void 0!==a.givenName&&(o.givenName=a.givenName),void 0!==a.middleName&&(o.middleName=a.middleName),void 0!==a.familyName&&(o.familyName=a.familyName),void 0!==a.roles&&(o.roleNames=a.roles),void 0!==a.userTenants&&(o.userTenants=a.userTenants),void 0!==a.customAttributes&&(o.customAttributes=a.customAttributes),void 0!==a.picture&&(o.picture=a.picture),void 0!==a.verifiedEmail&&(o.verifiedEmail=a.verifiedEmail),void 0!==a.verifiedPhone&&(o.verifiedPhone=a.verifiedPhone),void 0!==a.ssoAppIds&&(o.ssoAppIds=a.ssoAppIds),s(e.httpClient.patch(u.patch,o,{token:t}),(e=>e.user))},delete:n=>s(e.httpClient.post(u.delete,{loginId:n},{token:t})),deleteByUserId:n=>s(e.httpClient.post(u.delete,{userId:n},{token:t})),deleteAllTestUsers:()=>s(e.httpClient.delete(u.deleteAllTestUsers,{token:t})),load:n=>s(e.httpClient.get(u.load,{queryParams:{loginId:n},token:t}),(e=>e.user)),loadByUserId:n=>s(e.httpClient.get(u.load,{queryParams:{userId:n},token:t}),(e=>e.user)),logoutUser:n=>s(e.httpClient.post(u.logout,{loginId:n},{token:t})),logoutUserByUserId:n=>s(e.httpClient.post(u.logout,{userId:n},{token:t})),searchAll:(n,a,o,i,r,l,d,p,m,c)=>s(e.httpClient.post(u.search,{tenantIds:n,roleNames:a,limit:o,page:i,testUsersOnly:r,withTestUser:l,customAttributes:d,statuses:p,emails:m,phones:c},{token:t}),(e=>e.users)),searchTestUsers:n=>s(e.httpClient.post(u.searchTestUsers,Object.assign(Object.assign({},n),{withTestUser:!0,testUsersOnly:!0,roleNames:n.roles,roles:void 0}),{token:t}),(e=>e.users)),search:n=>s(e.httpClient.post(u.search,Object.assign(Object.assign({},n),{roleNames:n.roles,roles:void 0}),{token:t}),(e=>e.users)),getProviderToken:(n,a,o)=>s(e.httpClient.get(u.getProviderToken,{queryParams:{loginId:n,provider:a,withRefreshToken:(null==o?void 0:o.withRefreshToken)?"true":"false",forceRefresh:(null==o?void 0:o.forceRefresh)?"true":"false"},token:t}),(e=>e)),activate:n=>s(e.httpClient.post(u.updateStatus,{loginId:n,status:"enabled"},{token:t}),(e=>e.user)),deactivate:n=>s(e.httpClient.post(u.updateStatus,{loginId:n,status:"disabled"},{token:t}),(e=>e.user)),updateLoginId:(n,a)=>s(e.httpClient.post(u.updateLoginId,{loginId:n,newLoginId:a},{token:t}),(e=>e.user)),updateEmail:(n,a,o)=>s(e.httpClient.post(u.updateEmail,{loginId:n,email:a,verified:o},{token:t}),(e=>e.user)),updatePhone:(n,a,o)=>s(e.httpClient.post(u.updatePhone,{loginId:n,phone:a,verified:o},{token:t}),(e=>e.user)),updateDisplayName:(n,a,o,i,r)=>s(e.httpClient.post(u.updateDisplayName,{loginId:n,displayName:a,givenName:o,middleName:i,familyName:r},{token:t}),(e=>e.user)),updatePicture:(n,a)=>s(e.httpClient.post(u.updatePicture,{loginId:n,picture:a},{token:t}),(e=>e.user)),updateCustomAttribute:(n,a,o)=>s(e.httpClient.post(u.updateCustomAttribute,{loginId:n,attributeKey:a,attributeValue:o},{token:t}),(e=>e.user)),setRoles:(n,a)=>s(e.httpClient.post(u.setRole,{loginId:n,roleNames:a},{token:t}),(e=>e.user)),addRoles:(n,a)=>s(e.httpClient.post(u.addRole,{loginId:n,roleNames:a},{token:t}),(e=>e.user)),removeRoles:(n,a)=>s(e.httpClient.post(u.removeRole,{loginId:n,roleNames:a},{token:t}),(e=>e.user)),addTenant:(n,a)=>s(e.httpClient.post(u.addTenant,{loginId:n,tenantId:a},{token:t}),(e=>e.user)),removeTenant:(n,a)=>s(e.httpClient.post(u.removeTenant,{loginId:n,tenantId:a},{token:t}),(e=>e.user)),setTenantRoles:(n,a,o)=>s(e.httpClient.post(u.setRole,{loginId:n,tenantId:a,roleNames:o},{token:t}),(e=>e.user)),addTenantRoles:(n,a,o)=>s(e.httpClient.post(u.addRole,{loginId:n,tenantId:a,roleNames:o},{token:t}),(e=>e.user)),removeTenantRoles:(n,a,o)=>s(e.httpClient.post(u.removeRole,{loginId:n,tenantId:a,roleNames:o},{token:t}),(e=>e.user)),addSSOapps:(n,a)=>s(e.httpClient.post(u.addSSOApps,{loginId:n,ssoAppIds:a},{token:t}),(e=>e.user)),setSSOapps:(n,a)=>s(e.httpClient.post(u.setSSOApps,{loginId:n,ssoAppIds:a},{token:t}),(e=>e.user)),removeSSOapps:(n,a)=>s(e.httpClient.post(u.removeSSOApps,{loginId:n,ssoAppIds:a},{token:t}),(e=>e.user)),generateOTPForTestUser:(n,a,o)=>s(e.httpClient.post(u.generateOTPForTest,{deliveryMethod:n,loginId:a,loginOptions:o},{token:t}),(e=>e)),generateMagicLinkForTestUser:(n,a,o,i)=>s(e.httpClient.post(u.generateMagicLinkForTest,{deliveryMethod:n,loginId:a,URI:o,loginOptions:i},{token:t}),(e=>e)),generateEnchantedLinkForTestUser:(n,a,o)=>s(e.httpClient.post(u.generateEnchantedLinkForTest,{loginId:n,URI:a,loginOptions:o},{token:t}),(e=>e)),generateEmbeddedLink:(n,a)=>s(e.httpClient.post(u.generateEmbeddedLink,{loginId:n,customClaims:a},{token:t}),(e=>e)),setTemporaryPassword:(n,a)=>s(e.httpClient.post(u.setTemporaryPassword,{loginId:n,password:a},{token:t}),(e=>e)),setActivePassword:(n,a)=>s(e.httpClient.post(u.setActivePassword,{loginId:n,password:a},{token:t}),(e=>e)),setPassword:(n,a)=>s(e.httpClient.post(u.setPassword,{loginId:n,password:a},{token:t}),(e=>e)),expirePassword:n=>s(e.httpClient.post(u.expirePassword,{loginId:n},{token:t}),(e=>e)),removeAllPasskeys:n=>s(e.httpClient.post(u.removeAllPasskeys,{loginId:n},{token:t}),(e=>e)),removeTOTPSeed:n=>s(e.httpClient.post(u.removeTOTPSeed,{loginId:n},{token:t}),(e=>e)),history:n=>s(e.httpClient.post(u.history,n,{token:t}),(e=>e))}),R=(e,t)=>({updateName:n=>s(e.httpClient.post(h.updateName,{name:n},{token:t})),updateTags:n=>s(e.httpClient.post(h.updateTags,{tags:n},{token:t})),clone:(n,a,o)=>s(e.httpClient.post(h.clone,{name:n,environment:a,tags:o},{token:t})),listProjects:async()=>s(e.httpClient.post(h.projectsList,{},{token:t}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:n})=>({id:e,name:t,environment:s,tags:n}))))),exportSnapshot:()=>s(e.httpClient.post(h.exportSnapshot,{},{token:t})),importSnapshot:n=>s(e.httpClient.post(h.importSnapshot,n,{token:t})),validateSnapshot:n=>s(e.httpClient.post(h.validateSnapshot,n,{token:t})),export:()=>s(e.httpClient.post(h.exportSnapshot,{},{token:t}),(e=>e.files)),import:n=>s(e.httpClient.post(h.importSnapshot,{files:n},{token:t}))}),E=(e,t)=>({create:(n,a,o)=>s(e.httpClient.post(k.create,{name:n,selfProvisioningDomains:a,customAttributes:o},{token:t})),createWithId:(n,a,o,i)=>s(e.httpClient.post(k.create,{id:n,name:a,selfProvisioningDomains:o,customAttributes:i},{token:t})),update:(n,a,o,i)=>s(e.httpClient.post(k.update,{id:n,name:a,selfProvisioningDomains:o,customAttributes:i},{token:t})),delete:(n,a)=>s(e.httpClient.post(k.delete,{id:n,cascade:a},{token:t})),load:n=>s(e.httpClient.get(k.load,{queryParams:{id:n},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(k.loadAll,{token:t}),(e=>e.tenants)),searchAll:(n,a,o,i)=>s(e.httpClient.post(k.searchAll,{tenantIds:n,tenantNames:a,tenantSelfProvisioningDomains:o,customAttributes:i},{token:t}),(e=>e.tenants)),getSettings:n=>s(e.httpClient.get(k.settings,{queryParams:{id:n},token:t}),(e=>e)),configureSettings:(n,a)=>s(e.httpClient.post(k.settings,Object.assign(Object.assign({},a),{tenantId:n}),{token:t})),generateSSOConfigurationLink:(n,a,o,i,r)=>s(e.httpClient.post(k.generateSSOConfigurationLink,{tenantId:n,expireTime:a,ssoId:o,email:i,templateId:r},{token:t}),(e=>e))}),M=(e,t)=>({update:(n,a,o)=>s(e.httpClient.post(y.update,{jwt:n,customClaims:a,refreshDuration:o},{token:t})),impersonate:(n,a,o,i,r)=>s(e.httpClient.post(y.impersonate,{impersonatorId:n,loginId:a,validateConsent:o,customClaims:i,selectedTenant:r},{token:t})),signIn:(n,a)=>s(e.httpClient.post(y.signIn,Object.assign({loginId:n},a),{token:t})),signUp:(n,a,o)=>s(e.httpClient.post(y.signUp,Object.assign({loginId:n,user:a},o),{token:t})),signUpOrIn:(n,a,o)=>s(e.httpClient.post(y.signUpOrIn,Object.assign({loginId:n,user:a},o),{token:t})),anonymous:(n,a)=>s(e.httpClient.post(y.anonymous,{customClaims:n,selectedTenant:a},{token:t}))}),x=(e,t)=>({create:(n,a)=>s(e.httpClient.post(b.create,{name:n,description:a},{token:t})),update:(n,a,o)=>s(e.httpClient.post(b.update,{name:n,newName:a,description:o},{token:t})),delete:n=>s(e.httpClient.post(b.delete,{name:n},{token:t})),loadAll:()=>s(e.httpClient.get(b.loadAll,{token:t}),(e=>e.permissions))}),U=(e,t)=>({create:(n,a,o,i)=>s(e.httpClient.post(w.create,{name:n,description:a,permissionNames:o,tenantId:i},{token:t})),update:(n,a,o,i,r)=>s(e.httpClient.post(w.update,{name:n,newName:a,description:o,permissionNames:i,tenantId:r},{token:t})),delete:(n,a)=>s(e.httpClient.post(w.delete,{name:n,tenantId:a},{token:t})),loadAll:()=>s(e.httpClient.get(w.loadAll,{token:t}),(e=>e.roles)),search:n=>s(e.httpClient.post(w.search,n,{token:t}),(e=>e.roles))}),L=(e,t)=>({loadAllGroups:n=>s(e.httpClient.post(O.loadAllGroups,{tenantId:n},{token:t})),loadAllGroupsForMember:(n,a,o)=>s(e.httpClient.post(O.loadAllGroupsForMember,{tenantId:n,loginIds:o,userIds:a},{token:t})),loadAllGroupMembers:(n,a)=>s(e.httpClient.post(O.loadAllGroupMembers,{tenantId:n,groupId:a},{token:t}))}),D=(e,t)=>({getSettings:n=>s(e.httpClient.get(f.settings,{queryParams:{tenantId:n},token:t}),(e=>e)),deleteSettings:n=>s(e.httpClient.delete(f.settings,{queryParams:{tenantId:n},token:t})),configureSettings:(n,a,o,i,r,l)=>s(e.httpClient.post(f.settings,{tenantId:n,idpURL:a,entityId:i,idpCert:o,redirectURL:r,domains:l},{token:t})),configureMetadata:(n,a,o,i)=>s(e.httpClient.post(f.metadata,{tenantId:n,idpMetadataURL:a,redirectURL:o,domains:i},{token:t})),configureMapping:(n,a,o)=>s(e.httpClient.post(f.mapping,{tenantId:n,roleMappings:a,attributeMapping:o},{token:t})),configureOIDCSettings:(n,a,o)=>{const i=Object.assign(Object.assign({},a),{userAttrMapping:a.attributeMapping});return delete i.attributeMapping,s(e.httpClient.post(f.oidc.configure,{tenantId:n,settings:i,domains:o},{token:t}))},configureSAMLSettings:(n,a,o,i)=>s(e.httpClient.post(f.saml.configure,{tenantId:n,settings:a,redirectUrl:o,domains:i},{token:t})),configureSAMLByMetadata:(n,a,o,i)=>s(e.httpClient.post(f.saml.metadata,{tenantId:n,settings:a,redirectUrl:o,domains:i},{token:t})),loadSettings:n=>s(e.httpClient.get(f.settingsv2,{queryParams:{tenantId:n},token:t}),(e=>{var t,s;const n=e;return n.oidc&&(n.oidc=Object.assign(Object.assign({},n.oidc),{attributeMapping:n.oidc.userAttrMapping}),delete n.oidc.userAttrMapping),(null===(t=n.saml)||void 0===t?void 0:t.groupsMapping)&&(n.saml.groupsMapping=null===(s=n.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),n}))}),F=(e,t)=>({create:(n,a,o,i,r,l,d,p)=>s(e.httpClient.post(v.create,{name:n,expireTime:a,roleNames:o,keyTenants:i,userId:r,customClaims:l,description:d,permittedIps:p},{token:t})),load:n=>s(e.httpClient.get(v.load,{queryParams:{id:n},token:t}),(e=>e.key)),searchAll:n=>s(e.httpClient.post(v.search,{tenantIds:n},{token:t}),(e=>e.keys)),update:(n,a,o)=>s(e.httpClient.post(v.update,{id:n,name:a,description:o},{token:t}),(e=>e.key)),deactivate:n=>s(e.httpClient.post(v.deactivate,{id:n},{token:t})),activate:n=>s(e.httpClient.post(v.activate,{id:n},{token:t})),delete:n=>s(e.httpClient.post(v.delete,{id:n},{token:t}))}),z=(e,t)=>({list:()=>s(e.httpClient.post(A.list,{},{token:t})),delete:n=>s(e.httpClient.post(A.delete,{ids:n},{token:t})),export:n=>s(e.httpClient.post(A.export,{flowId:n},{token:t})),import:(n,a,o)=>s(e.httpClient.post(A.import,{flowId:n,flow:a,screens:o},{token:t}))}),q=(e,t)=>({export:()=>s(e.httpClient.post(S.export,{},{token:t})),import:n=>s(e.httpClient.post(S.import,{theme:n},{token:t}))}),$=(e,t)=>({search:n=>{const a=Object.assign(Object.assign({},n),{externalIds:n.loginIds});return delete a.loginIds,s(e.httpClient.post(T.search,a,{token:t}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))},createEvent:n=>{const a=Object.assign({},n);return s(e.httpClient.post(T.createEvent,a,{token:t}))}}),J=(e,t)=>({saveSchema:(n,a)=>s(e.httpClient.post(N.schemaSave,{schema:n,upgrade:a},{token:t})),deleteSchema:()=>s(e.httpClient.post(N.schemaDelete,{},{token:t})),loadSchema:()=>s(e.httpClient.post(N.schemaLoad,{},{token:t}),(e=>e.schema)),saveNamespace:(n,a,o)=>s(e.httpClient.post(N.nsSave,{namespace:n,oldName:a,schemaName:o},{token:t})),deleteNamespace:(n,a)=>s(e.httpClient.post(N.nsDelete,{name:n,schemaName:a},{token:t})),saveRelationDefinition:(n,a,o,i)=>s(e.httpClient.post(N.rdSave,{relationDefinition:n,namespace:a,oldName:o,schemaName:i},{token:t})),deleteRelationDefinition:(n,a,o)=>s(e.httpClient.post(N.rdDelete,{name:n,namespace:a,schemaName:o},{token:t})),createRelations:n=>s(e.httpClient.post(N.reCreate,{relations:n},{token:t})),deleteRelations:n=>s(e.httpClient.post(N.reDelete,{relations:n},{token:t})),deleteRelationsForResources:n=>s(e.httpClient.post(N.reDeleteResources,{resources:n},{token:t})),hasRelations:n=>s(e.httpClient.post(N.hasRelations,{relationQueries:n},{token:t}),(e=>e.relationQueries)),whoCanAccess:(n,a,o)=>s(e.httpClient.post(N.who,{resource:n,relationDefinition:a,namespace:o},{token:t}),(e=>e.targets)),resourceRelations:n=>s(e.httpClient.post(N.resource,{resource:n},{token:t}),(e=>e.relations)),targetsRelations:n=>s(e.httpClient.post(N.targets,{targets:n},{token:t}),(e=>e.relations)),whatCanTargetAccess:n=>s(e.httpClient.post(N.targetAll,{target:n},{token:t}),(e=>e.relations)),whatCanTargetAccessWithRelation:(n,a,o)=>s(e.httpClient.post(N.targetWithRelation,{target:n,relationDefinition:a,namespace:o},{token:t}),(e=>e.resources.map((e=>({resource:e}))))),getModified:n=>s(e.httpClient.post(N.getModified,{since:n?n.getTime():0},{token:t}),(e=>e))}),K=(e,t)=>({createOidcApplication:n=>{var a;return s(e.httpClient.post(C.oidcCreate,Object.assign(Object.assign({},n),{enabled:null===(a=n.enabled)||void 0===a||a}),{token:t}))},createSamlApplication:n=>{var a;return s(e.httpClient.post(C.samlCreate,Object.assign(Object.assign({},n),{enabled:null===(a=n.enabled)||void 0===a||a}),{token:t}))},updateOidcApplication:n=>s(e.httpClient.post(C.oidcUpdate,Object.assign({},n),{token:t})),updateSamlApplication:n=>s(e.httpClient.post(C.samlUpdate,Object.assign({},n),{token:t})),delete:n=>s(e.httpClient.post(C.delete,{id:n},{token:t})),load:n=>s(e.httpClient.get(C.load,{queryParams:{id:n},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(C.loadAll,{token:t}),(e=>e.apps))}),G=(e,t)=>({getSettings:n=>s(e.httpClient.get(I.settings,{queryParams:{tenantId:n},token:t}),(e=>e)),configureSettings:(n,a)=>s(e.httpClient.post(I.settings,Object.assign(Object.assign({},a),{tenantId:n}),{token:t}))}),B=(e,t)=>({saveSchema:n=>s(e.httpClient.post(j.schema,n,{token:t})),deleteSchema:()=>s(e.httpClient.post(N.schemaDelete,{},{token:t})),createRelations:n=>s(e.httpClient.post(j.relations,{tuples:n},{token:t})),deleteRelations:n=>s(e.httpClient.post(j.deleteRelations,{tuples:n},{token:t})),check:n=>s(e.httpClient.post(j.check,{tuples:n},{token:t}),(e=>e.tuples))});const W=s=>{var r,{managementKey:l,publicKey:d}=s,u=e(s,["managementKey","publicKey"]);const h=t(Object.assign(Object.assign({fetch:p},u),{baseHeaders:Object.assign(Object.assign({},u.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(r=null===process||void 0===process?void 0:process.versions)||void 0===r?void 0:r.node)||"","x-descope-sdk-version":"1.7.1"})})),{projectId:v,logger:k}=u,C={},f=((e,t)=>({user:P(e,t),project:R(e,t),accessKey:F(e,t),tenant:E(e,t),ssoApplication:K(e,t),sso:D(e,t),jwt:M(e,t),permission:x(e,t),password:G(e,t),role:U(e,t),group:L(e,t),flow:z(e,t),theme:q(e,t),audit:$(e,t),authz:J(e,t),fga:B(e,t)}))(h,l),y=Object.assign(Object.assign({},h),{refresh:async e=>h.refresh(e),management:f,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(C[e.kid])return C[e.kid];if(Object.assign(C,await(async()=>{if(d)try{const e=JSON.parse(d),t=await i(e);return{[e.kid]:t}}catch(e){throw null==k||k.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await h.httpClient.get(`v2/keys/${v}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await i(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!C[e.kid])throw Error("failed to fetch matching key");return C[e.kid]},async validateJwt(e){var t;const s=(await a(e,y.getKey,{clockTolerance:5})).payload;if(s&&(s.iss=null===(t=s.iss)||void 0===t?void 0:t.split("/").pop(),s.iss!==v))throw new o.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:s}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await y.validateJwt(e)}catch(e){throw null==k||k.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await y.validateJwt(e);const n=await y.refresh(e);if(n.ok){return await y.validateJwt(null===(t=n.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=n.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==k||k.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await y.validateSession(e)}catch(e){null==k||k.log(`session validation failed with error ${e} - trying to refresh it`)}return y.refreshSession(t)},async exchangeAccessKey(e,t){var s;if(!e)throw Error("access key must not be empty");let n;try{n=await y.accessKey.exchange(e,t)}catch(e){throw null==k||k.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!n.ok)throw null==k||k.error("failed to exchange access key",n.error),Error(`could not exchange access key - ${null===(s=n.error)||void 0===s?void 0:s.errorMessage}`);const{sessionJwt:a}=n.data;if(!a)throw null==k||k.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await y.validateJwt(a)}catch(e){throw null==k||k.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>y.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>y.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!g(e,t))return!1;const n=c(e,"permissions",t);return s.every((e=>n.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!g(e,t))return[];const n=c(e,"permissions",t);return s.filter((e=>n.includes(e)))},validateRoles:(e,t)=>y.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>y.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!g(e,t))return!1;const n=c(e,"roles",t);return s.every((e=>n.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!g(e,t))return[];const n=c(e,"roles",t);return s.filter((e=>n.includes(e)))}});return n(y,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],m)};W.RefreshTokenCookieName="DSR",W.SessionTokenCookieName="DS",W.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"};export{W as default};
|
|
1
|
+
import{__rest as e}from"tslib";import t,{transformResponse as s,wrapWith as n}from"@descope/core-js-sdk";import{jwtVerify as a,errors as o,importJWK as i}from"jose";import{Headers as r,fetch as l}from"cross-fetch";var d;null!==(d=globalThis.Headers)&&void 0!==d||(globalThis.Headers=r);const p=(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),l(...e)),m=t=>async(...s)=>{var n,a,o;const i=await t(...s);if(!i.data)return i;let r=i.data,{refreshJwt:l}=r,d=e(r,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(n=i.response)||void 0===n?void 0:n.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(a=i.response)||void 0===a?void 0:a.headers.get("set-cookie"),"DSR"),p.push(null===(o=i.response)||void 0===o?void 0:o.headers.get("set-cookie"))),Object.assign(Object.assign({},i),{data:Object.assign(Object.assign({},i.data),{refreshJwt:l,cookies:p})})};function g(e,t,s){var n,a;const o=s?null===(a=null===(n=e.token.tenants)||void 0===n?void 0:n[s])||void 0===a?void 0:a[t]:e.token[t];return Array.isArray(o)?o:[]}function c(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var u={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",history:"/v1/mgmt/user/history"},h={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},v={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},k={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate"},C={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},f={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},y={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous"},I={settings:"/v1/mgmt/password/settings"},b={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},w={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},A={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},O={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},S={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},T={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},j={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},N={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check"};const P=(e,t)=>({create:function(n,a,o,i,r,l,d,p,m,g,c,h,v,k){const C="string"==typeof a?{loginId:n,email:a,phone:o,displayName:i,givenName:c,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:g,additionalLoginIds:k}:Object.assign(Object.assign({loginId:n},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.httpClient.post(u.create,C,{token:t}),(e=>e.user))},createTestUser:function(n,a,o,i,r,l,d,p,m,g,c,h,v,k){const C="string"==typeof a?{loginId:n,email:a,phone:o,displayName:i,givenName:c,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:g,additionalLoginIds:k,test:!0}:Object.assign(Object.assign({loginId:n},a),{roleNames:null==a?void 0:a.roles,roles:void 0,test:!0});return s(e.httpClient.post(u.createTestUser,C,{token:t}),(e=>e.user))},invite:function(n,a,o,i,r,l,d,p,m,g,c,h,v,k,C,f,y,I){const b="string"==typeof a?{loginId:n,email:a,phone:o,displayName:i,givenName:k,middleName:C,familyName:f,roleNames:r,userTenants:l,invite:!0,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:g,inviteUrl:c,sendMail:h,sendSMS:v,additionalLoginIds:y,templateId:I}:Object.assign(Object.assign({loginId:n},a),{roleNames:null==a?void 0:a.roles,roles:void 0,invite:!0});return s(e.httpClient.post(u.create,b,{token:t}),(e=>e.user))},inviteBatch:(n,a,o,i,r,l)=>s(e.httpClient.post(u.createBatch,{users:n.map((e=>{const t=Object.assign(Object.assign({},e),{roleNames:e.roles});return delete t.roles,t})),invite:!0,inviteUrl:a,sendMail:o,sendSMS:i,templateOptions:r,templateId:l},{token:t}),(e=>e)),update:function(n,a,o,i,r,l,d,p,m,g,c,h,v,k){const C="string"==typeof a?{loginId:n,email:a,phone:o,displayName:i,givenName:c,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:g,additionalLoginIds:k}:Object.assign(Object.assign({loginId:n},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.httpClient.post(u.update,C,{token:t}),(e=>e.user))},patch:function(n,a){const o={loginId:n};return void 0!==a.email&&(o.email=a.email),void 0!==a.phone&&(o.phone=a.phone),void 0!==a.displayName&&(o.displayName=a.displayName),void 0!==a.givenName&&(o.givenName=a.givenName),void 0!==a.middleName&&(o.middleName=a.middleName),void 0!==a.familyName&&(o.familyName=a.familyName),void 0!==a.roles&&(o.roleNames=a.roles),void 0!==a.userTenants&&(o.userTenants=a.userTenants),void 0!==a.customAttributes&&(o.customAttributes=a.customAttributes),void 0!==a.picture&&(o.picture=a.picture),void 0!==a.verifiedEmail&&(o.verifiedEmail=a.verifiedEmail),void 0!==a.verifiedPhone&&(o.verifiedPhone=a.verifiedPhone),void 0!==a.ssoAppIds&&(o.ssoAppIds=a.ssoAppIds),s(e.httpClient.patch(u.patch,o,{token:t}),(e=>e.user))},delete:n=>s(e.httpClient.post(u.delete,{loginId:n},{token:t})),deleteByUserId:n=>s(e.httpClient.post(u.delete,{userId:n},{token:t})),deleteAllTestUsers:()=>s(e.httpClient.delete(u.deleteAllTestUsers,{token:t})),load:n=>s(e.httpClient.get(u.load,{queryParams:{loginId:n},token:t}),(e=>e.user)),loadByUserId:n=>s(e.httpClient.get(u.load,{queryParams:{userId:n},token:t}),(e=>e.user)),logoutUser:n=>s(e.httpClient.post(u.logout,{loginId:n},{token:t})),logoutUserByUserId:n=>s(e.httpClient.post(u.logout,{userId:n},{token:t})),searchAll:(n,a,o,i,r,l,d,p,m,g)=>s(e.httpClient.post(u.search,{tenantIds:n,roleNames:a,limit:o,page:i,testUsersOnly:r,withTestUser:l,customAttributes:d,statuses:p,emails:m,phones:g},{token:t}),(e=>e.users)),searchTestUsers:n=>s(e.httpClient.post(u.searchTestUsers,Object.assign(Object.assign({},n),{withTestUser:!0,testUsersOnly:!0,roleNames:n.roles,roles:void 0}),{token:t}),(e=>e.users)),search:n=>s(e.httpClient.post(u.search,Object.assign(Object.assign({},n),{roleNames:n.roles,roles:void 0}),{token:t}),(e=>e.users)),getProviderToken:(n,a,o)=>s(e.httpClient.get(u.getProviderToken,{queryParams:{loginId:n,provider:a,withRefreshToken:(null==o?void 0:o.withRefreshToken)?"true":"false",forceRefresh:(null==o?void 0:o.forceRefresh)?"true":"false"},token:t}),(e=>e)),activate:n=>s(e.httpClient.post(u.updateStatus,{loginId:n,status:"enabled"},{token:t}),(e=>e.user)),deactivate:n=>s(e.httpClient.post(u.updateStatus,{loginId:n,status:"disabled"},{token:t}),(e=>e.user)),updateLoginId:(n,a)=>s(e.httpClient.post(u.updateLoginId,{loginId:n,newLoginId:a},{token:t}),(e=>e.user)),updateEmail:(n,a,o)=>s(e.httpClient.post(u.updateEmail,{loginId:n,email:a,verified:o},{token:t}),(e=>e.user)),updatePhone:(n,a,o)=>s(e.httpClient.post(u.updatePhone,{loginId:n,phone:a,verified:o},{token:t}),(e=>e.user)),updateDisplayName:(n,a,o,i,r)=>s(e.httpClient.post(u.updateDisplayName,{loginId:n,displayName:a,givenName:o,middleName:i,familyName:r},{token:t}),(e=>e.user)),updatePicture:(n,a)=>s(e.httpClient.post(u.updatePicture,{loginId:n,picture:a},{token:t}),(e=>e.user)),updateCustomAttribute:(n,a,o)=>s(e.httpClient.post(u.updateCustomAttribute,{loginId:n,attributeKey:a,attributeValue:o},{token:t}),(e=>e.user)),setRoles:(n,a)=>s(e.httpClient.post(u.setRole,{loginId:n,roleNames:a},{token:t}),(e=>e.user)),addRoles:(n,a)=>s(e.httpClient.post(u.addRole,{loginId:n,roleNames:a},{token:t}),(e=>e.user)),removeRoles:(n,a)=>s(e.httpClient.post(u.removeRole,{loginId:n,roleNames:a},{token:t}),(e=>e.user)),addTenant:(n,a)=>s(e.httpClient.post(u.addTenant,{loginId:n,tenantId:a},{token:t}),(e=>e.user)),removeTenant:(n,a)=>s(e.httpClient.post(u.removeTenant,{loginId:n,tenantId:a},{token:t}),(e=>e.user)),setTenantRoles:(n,a,o)=>s(e.httpClient.post(u.setRole,{loginId:n,tenantId:a,roleNames:o},{token:t}),(e=>e.user)),addTenantRoles:(n,a,o)=>s(e.httpClient.post(u.addRole,{loginId:n,tenantId:a,roleNames:o},{token:t}),(e=>e.user)),removeTenantRoles:(n,a,o)=>s(e.httpClient.post(u.removeRole,{loginId:n,tenantId:a,roleNames:o},{token:t}),(e=>e.user)),addSSOapps:(n,a)=>s(e.httpClient.post(u.addSSOApps,{loginId:n,ssoAppIds:a},{token:t}),(e=>e.user)),setSSOapps:(n,a)=>s(e.httpClient.post(u.setSSOApps,{loginId:n,ssoAppIds:a},{token:t}),(e=>e.user)),removeSSOapps:(n,a)=>s(e.httpClient.post(u.removeSSOApps,{loginId:n,ssoAppIds:a},{token:t}),(e=>e.user)),generateOTPForTestUser:(n,a,o)=>s(e.httpClient.post(u.generateOTPForTest,{deliveryMethod:n,loginId:a,loginOptions:o},{token:t}),(e=>e)),generateMagicLinkForTestUser:(n,a,o,i)=>s(e.httpClient.post(u.generateMagicLinkForTest,{deliveryMethod:n,loginId:a,URI:o,loginOptions:i},{token:t}),(e=>e)),generateEnchantedLinkForTestUser:(n,a,o)=>s(e.httpClient.post(u.generateEnchantedLinkForTest,{loginId:n,URI:a,loginOptions:o},{token:t}),(e=>e)),generateEmbeddedLink:(n,a)=>s(e.httpClient.post(u.generateEmbeddedLink,{loginId:n,customClaims:a},{token:t}),(e=>e)),setTemporaryPassword:(n,a)=>s(e.httpClient.post(u.setTemporaryPassword,{loginId:n,password:a},{token:t}),(e=>e)),setActivePassword:(n,a)=>s(e.httpClient.post(u.setActivePassword,{loginId:n,password:a},{token:t}),(e=>e)),setPassword:(n,a)=>s(e.httpClient.post(u.setPassword,{loginId:n,password:a},{token:t}),(e=>e)),expirePassword:n=>s(e.httpClient.post(u.expirePassword,{loginId:n},{token:t}),(e=>e)),removeAllPasskeys:n=>s(e.httpClient.post(u.removeAllPasskeys,{loginId:n},{token:t}),(e=>e)),removeTOTPSeed:n=>s(e.httpClient.post(u.removeTOTPSeed,{loginId:n},{token:t}),(e=>e)),history:n=>s(e.httpClient.post(u.history,n,{token:t}),(e=>e))}),R=(e,t)=>({updateName:n=>s(e.httpClient.post(h.updateName,{name:n},{token:t})),updateTags:n=>s(e.httpClient.post(h.updateTags,{tags:n},{token:t})),clone:(n,a,o)=>s(e.httpClient.post(h.clone,{name:n,environment:a,tags:o},{token:t})),listProjects:async()=>s(e.httpClient.post(h.projectsList,{},{token:t}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:n})=>({id:e,name:t,environment:s,tags:n}))))),exportSnapshot:()=>s(e.httpClient.post(h.exportSnapshot,{},{token:t})),importSnapshot:n=>s(e.httpClient.post(h.importSnapshot,n,{token:t})),validateSnapshot:n=>s(e.httpClient.post(h.validateSnapshot,n,{token:t})),export:()=>s(e.httpClient.post(h.exportSnapshot,{},{token:t}),(e=>e.files)),import:n=>s(e.httpClient.post(h.importSnapshot,{files:n},{token:t}))}),E=(e,t)=>({create:(n,a,o)=>s(e.httpClient.post(k.create,{name:n,selfProvisioningDomains:a,customAttributes:o},{token:t})),createWithId:(n,a,o,i)=>s(e.httpClient.post(k.create,{id:n,name:a,selfProvisioningDomains:o,customAttributes:i},{token:t})),update:(n,a,o,i)=>s(e.httpClient.post(k.update,{id:n,name:a,selfProvisioningDomains:o,customAttributes:i},{token:t})),delete:(n,a)=>s(e.httpClient.post(k.delete,{id:n,cascade:a},{token:t})),load:n=>s(e.httpClient.get(k.load,{queryParams:{id:n},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(k.loadAll,{token:t}),(e=>e.tenants)),searchAll:(n,a,o,i)=>s(e.httpClient.post(k.searchAll,{tenantIds:n,tenantNames:a,tenantSelfProvisioningDomains:o,customAttributes:i},{token:t}),(e=>e.tenants)),getSettings:n=>s(e.httpClient.get(k.settings,{queryParams:{id:n},token:t}),(e=>e)),configureSettings:(n,a)=>s(e.httpClient.post(k.settings,Object.assign(Object.assign({},a),{tenantId:n}),{token:t})),generateSSOConfigurationLink:(n,a,o,i,r)=>s(e.httpClient.post(k.generateSSOConfigurationLink,{tenantId:n,expireTime:a,ssoId:o,email:i,templateId:r},{token:t}),(e=>e))}),M=(e,t)=>({update:(n,a,o)=>s(e.httpClient.post(y.update,{jwt:n,customClaims:a,refreshDuration:o},{token:t})),impersonate:(n,a,o,i,r)=>s(e.httpClient.post(y.impersonate,{impersonatorId:n,loginId:a,validateConsent:o,customClaims:i,selectedTenant:r},{token:t})),signIn:(n,a)=>s(e.httpClient.post(y.signIn,Object.assign({loginId:n},a),{token:t})),signUp:(n,a,o)=>s(e.httpClient.post(y.signUp,Object.assign({loginId:n,user:a},o),{token:t})),signUpOrIn:(n,a,o)=>s(e.httpClient.post(y.signUpOrIn,Object.assign({loginId:n,user:a},o),{token:t})),anonymous:(n,a)=>s(e.httpClient.post(y.anonymous,{customClaims:n,selectedTenant:a},{token:t}))}),x=(e,t)=>({create:(n,a)=>s(e.httpClient.post(b.create,{name:n,description:a},{token:t})),update:(n,a,o)=>s(e.httpClient.post(b.update,{name:n,newName:a,description:o},{token:t})),delete:n=>s(e.httpClient.post(b.delete,{name:n},{token:t})),loadAll:()=>s(e.httpClient.get(b.loadAll,{token:t}),(e=>e.permissions))}),U=(e,t)=>({create:(n,a,o,i)=>s(e.httpClient.post(w.create,{name:n,description:a,permissionNames:o,tenantId:i},{token:t})),update:(n,a,o,i,r)=>s(e.httpClient.post(w.update,{name:n,newName:a,description:o,permissionNames:i,tenantId:r},{token:t})),delete:(n,a)=>s(e.httpClient.post(w.delete,{name:n,tenantId:a},{token:t})),loadAll:()=>s(e.httpClient.get(w.loadAll,{token:t}),(e=>e.roles)),search:n=>s(e.httpClient.post(w.search,n,{token:t}),(e=>e.roles))}),L=(e,t)=>({loadAllGroups:n=>s(e.httpClient.post(S.loadAllGroups,{tenantId:n},{token:t})),loadAllGroupsForMember:(n,a,o)=>s(e.httpClient.post(S.loadAllGroupsForMember,{tenantId:n,loginIds:o,userIds:a},{token:t})),loadAllGroupMembers:(n,a)=>s(e.httpClient.post(S.loadAllGroupMembers,{tenantId:n,groupId:a},{token:t}))});function D(e){var t,s;const n=e;return n.oidc&&(n.oidc=Object.assign(Object.assign({},n.oidc),{attributeMapping:n.oidc.userAttrMapping}),delete n.oidc.userAttrMapping),(null===(t=n.saml)||void 0===t?void 0:t.groupsMapping)&&(n.saml.groupsMapping=null===(s=n.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),n}const F=(e,t)=>({getSettings:n=>s(e.httpClient.get(f.settings,{queryParams:{tenantId:n},token:t}),(e=>e)),newSettings:(n,a,o)=>s(e.httpClient.post(f.settingsNew,Object.assign(Object.assign({tenantId:n},a?{ssoId:a}:{}),{displayName:o}),{token:t}),(e=>D(e))),deleteSettings:(n,a)=>s(e.httpClient.delete(f.settings,{queryParams:Object.assign({tenantId:n},a?{ssoId:a}:{}),token:t})),configureSettings:(n,a,o,i,r,l)=>s(e.httpClient.post(f.settings,{tenantId:n,idpURL:a,entityId:i,idpCert:o,redirectURL:r,domains:l},{token:t})),configureMetadata:(n,a,o,i)=>s(e.httpClient.post(f.metadata,{tenantId:n,idpMetadataURL:a,redirectURL:o,domains:i},{token:t})),configureMapping:(n,a,o)=>s(e.httpClient.post(f.mapping,{tenantId:n,roleMappings:a,attributeMapping:o},{token:t})),configureOIDCSettings:(n,a,o,i)=>{const r=Object.assign(Object.assign({},a),{userAttrMapping:a.attributeMapping});return delete r.attributeMapping,s(e.httpClient.post(f.oidc.configure,Object.assign({tenantId:n,settings:r,domains:o},i?{ssoId:i}:{}),{token:t}))},configureSAMLSettings:(n,a,o,i,r)=>s(e.httpClient.post(f.saml.configure,Object.assign({tenantId:n,settings:a,redirectUrl:o,domains:i},r?{ssoId:r}:{}),{token:t})),configureSAMLByMetadata:(n,a,o,i,r)=>s(e.httpClient.post(f.saml.metadata,Object.assign({tenantId:n,settings:a,redirectUrl:o,domains:i},r?{ssoId:r}:{}),{token:t})),loadSettings:(n,a)=>s(e.httpClient.get(f.settingsv2,{queryParams:Object.assign({tenantId:n},a?{ssoId:a}:{}),token:t}),(e=>D(e))),loadAllSettings:n=>s(e.httpClient.get(f.settingsAllV2,{queryParams:{tenantId:n},token:t}),(e=>function(e){const t=e.SSOSettings,s=[];return t.forEach((e=>s.push(D(e)))),s}(e)))}),z=(e,t)=>({create:(n,a,o,i,r,l,d,p)=>s(e.httpClient.post(v.create,{name:n,expireTime:a,roleNames:o,keyTenants:i,userId:r,customClaims:l,description:d,permittedIps:p},{token:t})),load:n=>s(e.httpClient.get(v.load,{queryParams:{id:n},token:t}),(e=>e.key)),searchAll:n=>s(e.httpClient.post(v.search,{tenantIds:n},{token:t}),(e=>e.keys)),update:(n,a,o,i,r,l,d)=>s(e.httpClient.post(v.update,{id:n,name:a,description:o,roleNames:i,keyTenants:r,customClaims:l,permittedIps:d},{token:t}),(e=>e.key)),deactivate:n=>s(e.httpClient.post(v.deactivate,{id:n},{token:t})),activate:n=>s(e.httpClient.post(v.activate,{id:n},{token:t})),delete:n=>s(e.httpClient.post(v.delete,{id:n},{token:t}))}),q=(e,t)=>({list:()=>s(e.httpClient.post(A.list,{},{token:t})),delete:n=>s(e.httpClient.post(A.delete,{ids:n},{token:t})),export:n=>s(e.httpClient.post(A.export,{flowId:n},{token:t})),import:(n,a,o)=>s(e.httpClient.post(A.import,{flowId:n,flow:a,screens:o},{token:t}))}),$=(e,t)=>({export:()=>s(e.httpClient.post(O.export,{},{token:t})),import:n=>s(e.httpClient.post(O.import,{theme:n},{token:t}))}),J=(e,t)=>({search:n=>{const a=Object.assign(Object.assign({},n),{externalIds:n.loginIds});return delete a.loginIds,s(e.httpClient.post(T.search,a,{token:t}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))},createEvent:n=>{const a=Object.assign({},n);return s(e.httpClient.post(T.createEvent,a,{token:t}))}}),K=(e,t)=>({saveSchema:(n,a)=>s(e.httpClient.post(j.schemaSave,{schema:n,upgrade:a},{token:t})),deleteSchema:()=>s(e.httpClient.post(j.schemaDelete,{},{token:t})),loadSchema:()=>s(e.httpClient.post(j.schemaLoad,{},{token:t}),(e=>e.schema)),saveNamespace:(n,a,o)=>s(e.httpClient.post(j.nsSave,{namespace:n,oldName:a,schemaName:o},{token:t})),deleteNamespace:(n,a)=>s(e.httpClient.post(j.nsDelete,{name:n,schemaName:a},{token:t})),saveRelationDefinition:(n,a,o,i)=>s(e.httpClient.post(j.rdSave,{relationDefinition:n,namespace:a,oldName:o,schemaName:i},{token:t})),deleteRelationDefinition:(n,a,o)=>s(e.httpClient.post(j.rdDelete,{name:n,namespace:a,schemaName:o},{token:t})),createRelations:n=>s(e.httpClient.post(j.reCreate,{relations:n},{token:t})),deleteRelations:n=>s(e.httpClient.post(j.reDelete,{relations:n},{token:t})),deleteRelationsForResources:n=>s(e.httpClient.post(j.reDeleteResources,{resources:n},{token:t})),hasRelations:n=>s(e.httpClient.post(j.hasRelations,{relationQueries:n},{token:t}),(e=>e.relationQueries)),whoCanAccess:(n,a,o)=>s(e.httpClient.post(j.who,{resource:n,relationDefinition:a,namespace:o},{token:t}),(e=>e.targets)),resourceRelations:n=>s(e.httpClient.post(j.resource,{resource:n},{token:t}),(e=>e.relations)),targetsRelations:n=>s(e.httpClient.post(j.targets,{targets:n},{token:t}),(e=>e.relations)),whatCanTargetAccess:n=>s(e.httpClient.post(j.targetAll,{target:n},{token:t}),(e=>e.relations)),whatCanTargetAccessWithRelation:(n,a,o)=>s(e.httpClient.post(j.targetWithRelation,{target:n,relationDefinition:a,namespace:o},{token:t}),(e=>e.resources.map((e=>({resource:e}))))),getModified:n=>s(e.httpClient.post(j.getModified,{since:n?n.getTime():0},{token:t}),(e=>e))}),G=(e,t)=>({createOidcApplication:n=>{var a;return s(e.httpClient.post(C.oidcCreate,Object.assign(Object.assign({},n),{enabled:null===(a=n.enabled)||void 0===a||a}),{token:t}))},createSamlApplication:n=>{var a;return s(e.httpClient.post(C.samlCreate,Object.assign(Object.assign({},n),{enabled:null===(a=n.enabled)||void 0===a||a}),{token:t}))},updateOidcApplication:n=>s(e.httpClient.post(C.oidcUpdate,Object.assign({},n),{token:t})),updateSamlApplication:n=>s(e.httpClient.post(C.samlUpdate,Object.assign({},n),{token:t})),delete:n=>s(e.httpClient.post(C.delete,{id:n},{token:t})),load:n=>s(e.httpClient.get(C.load,{queryParams:{id:n},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(C.loadAll,{token:t}),(e=>e.apps))}),B=(e,t)=>({getSettings:n=>s(e.httpClient.get(I.settings,{queryParams:{tenantId:n},token:t}),(e=>e)),configureSettings:(n,a)=>s(e.httpClient.post(I.settings,Object.assign(Object.assign({},a),{tenantId:n}),{token:t}))}),W=(e,t)=>({saveSchema:n=>s(e.httpClient.post(N.schema,n,{token:t})),deleteSchema:()=>s(e.httpClient.post(j.schemaDelete,{},{token:t})),createRelations:n=>s(e.httpClient.post(N.relations,{tuples:n},{token:t})),deleteRelations:n=>s(e.httpClient.post(N.deleteRelations,{tuples:n},{token:t})),check:n=>s(e.httpClient.post(N.check,{tuples:n},{token:t}),(e=>e.tuples))});const H=s=>{var r,{managementKey:l,publicKey:d}=s,u=e(s,["managementKey","publicKey"]);const h=t(Object.assign(Object.assign({fetch:p},u),{baseHeaders:Object.assign(Object.assign({},u.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(r=null===process||void 0===process?void 0:process.versions)||void 0===r?void 0:r.node)||"","x-descope-sdk-version":"1.7.2"})})),{projectId:v,logger:k}=u,C={},f=((e,t)=>({user:P(e,t),project:R(e,t),accessKey:z(e,t),tenant:E(e,t),ssoApplication:G(e,t),sso:F(e,t),jwt:M(e,t),permission:x(e,t),password:B(e,t),role:U(e,t),group:L(e,t),flow:q(e,t),theme:$(e,t),audit:J(e,t),authz:K(e,t),fga:W(e,t)}))(h,l),y=Object.assign(Object.assign({},h),{refresh:async e=>h.refresh(e),management:f,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(C[e.kid])return C[e.kid];if(Object.assign(C,await(async()=>{if(d)try{const e=JSON.parse(d),t=await i(e);return{[e.kid]:t}}catch(e){throw null==k||k.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await h.httpClient.get(`v2/keys/${v}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await i(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!C[e.kid])throw Error("failed to fetch matching key");return C[e.kid]},async validateJwt(e){var t;const s=(await a(e,y.getKey,{clockTolerance:5})).payload;if(s&&(s.iss=null===(t=s.iss)||void 0===t?void 0:t.split("/").pop(),s.iss!==v))throw new o.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:s}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await y.validateJwt(e)}catch(e){throw null==k||k.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await y.validateJwt(e);const n=await y.refresh(e);if(n.ok){return await y.validateJwt(null===(t=n.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=n.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==k||k.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await y.validateSession(e)}catch(e){null==k||k.log(`session validation failed with error ${e} - trying to refresh it`)}return y.refreshSession(t)},async exchangeAccessKey(e,t){var s;if(!e)throw Error("access key must not be empty");let n;try{n=await y.accessKey.exchange(e,t)}catch(e){throw null==k||k.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!n.ok)throw null==k||k.error("failed to exchange access key",n.error),Error(`could not exchange access key - ${null===(s=n.error)||void 0===s?void 0:s.errorMessage}`);const{sessionJwt:a}=n.data;if(!a)throw null==k||k.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await y.validateJwt(a)}catch(e){throw null==k||k.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>y.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>y.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!c(e,t))return!1;const n=g(e,"permissions",t);return s.every((e=>n.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!c(e,t))return[];const n=g(e,"permissions",t);return s.filter((e=>n.includes(e)))},validateRoles:(e,t)=>y.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>y.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!c(e,t))return!1;const n=g(e,"roles",t);return s.every((e=>n.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!c(e,t))return[];const n=g(e,"roles",t);return s.filter((e=>n.includes(e)))}});return n(y,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],m)};H.RefreshTokenCookieName="DSR",H.SessionTokenCookieName="DS",H.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"};export{H as default};
|
|
2
2
|
//# sourceMappingURL=index.esm.js.map
|