@descope/node-sdk 1.7.16 → 1.7.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/cjs/index.cjs.js +1 -1
  2. package/dist/index.d.ts +24 -8
  3. package/dist/index.esm.js +1 -1
  4. package/package.json +2 -2
package/dist/cjs/index.cjs.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var e=require("tslib"),s=require("@descope/core-js-sdk"),t=require("jose"),o=require("cross-fetch");function a(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var r=a(s);var n;null!==(n=globalThis.Headers)&&void 0!==n||(globalThis.Headers=o.Headers);const i=(...e)=>(e.forEach((e=>{var s,t;e&&"object"==typeof e&&(null!==(s=(t=e).highWaterMark)&&void 0!==s||(t.highWaterMark=31457280))})),o.fetch(...e)),p=(e,s)=>{const t=null==e?void 0:e.match(RegExp(`(?:^|[;,]\\s*)${s}=([^;]*)`));return t?t[1]:null},m=s=>async(...t)=>{var o,a,r;const n=await s(...t);if(!n.data)return n;let i=n.data,{refreshJwt:m}=i,d=e.__rest(i,["refreshJwt"]);const l=[];var c;return m?l.push(`${"DSR"}=${m}; Domain=${(null==(c=d)?void 0:c.cookieDomain)||""}; Max-Age=${(null==c?void 0:c.cookieMaxAge)||""}; Path=${(null==c?void 0:c.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(o=n.response)||void 0===o?void 0:o.headers.get("set-cookie"))&&(m=p(null===(a=n.response)||void 0===a?void 0:a.headers.get("set-cookie"),"DSR"),l.push(null===(r=n.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},n),{data:Object.assign(Object.assign({},n.data),{refreshJwt:m,cookies:l})})};function d(e,s,t){var o,a;const r=t?null===(a=null===(o=e.token.tenants)||void 0===o?void 0:o[t])||void 0===a?void 0:a[s]:e.token[s];return Array.isArray(r)?r:[]}function l(e,s){var t;return!!(null===(t=e.token.tenants)||void 0===t?void 0:t[s])}var c={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",patchBatch:"/v1/mgmt/user/patch/batch",delete:"/v1/mgmt/user/delete",deleteBatch:"/v1/mgmt/user/delete/batch",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",generateSignUpEmbeddedLink:"/v1/mgmt/user/signup/embeddedlink",history:"/v1/mgmt/user/history"},u={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},v={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate"},f={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},h={create:"/v1/mgmt/thirdparty/app/create",update:"/v1/mgmt/thirdparty/app/update",patch:"/v1/mgmt/thirdparty/app/patch",delete:"/v1/mgmt/thirdparty/app/delete",load:"/v1/mgmt/thirdparty/app/load",loadAll:"/v1/mgmt/thirdparty/apps/load",secret:"/v1/mgmt/thirdparty/app/secret",rotate:"/v1/mgmt/thirdparty/app/rotate"},R={delete:"/v1/mgmt/thirdparty/consents/delete",search:"/v1/mgmt/thirdparty/consents/search"},b={create:"/v1/mgmt/outbound/app/create",update:"/v1/mgmt/outbound/app/update",delete:"/v1/mgmt/outbound/app/delete",load:"/v1/mgmt/outbound/app",loadAll:"/v1/mgmt/outbound/apps",fetchToken:"/v1/mgmt/outbound/app/user/token/latest",fetchTokenByScopes:"/v1/mgmt/outbound/app/user/token",fetchTenantToken:"/v1/mgmt/outbound/app/tenant/token/latest",fetchTenantTokenByScopes:"/v1/mgmt/outbound/app/tenant/token"},y={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},I={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous",clientAssertion:"/v1/mgmt/token/clientassertion"},k={settings:"/v1/mgmt/password/settings"},A={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},S={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},O={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import",run:"/v1/mgmt/flow/run"},w={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},T={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},j={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},N={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},P={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save"};function E(s){return s.map((s=>{var{roles:t}=s,o=e.__rest(s,["roles"]);return Object.assign(Object.assign({},o),{roleNames:t})}))}const M=e=>{function t(e,s){const t={loginId:e};return void 0!==s.email&&(t.email=s.email),void 0!==s.phone&&(t.phone=s.phone),void 0!==s.displayName&&(t.displayName=s.displayName),void 0!==s.givenName&&(t.givenName=s.givenName),void 0!==s.middleName&&(t.middleName=s.middleName),void 0!==s.familyName&&(t.familyName=s.familyName),void 0!==s.roles&&(t.roleNames=s.roles),void 0!==s.userTenants&&(t.userTenants=s.userTenants),void 0!==s.customAttributes&&(t.customAttributes=s.customAttributes),void 0!==s.picture&&(t.picture=s.picture),void 0!==s.verifiedEmail&&(t.verifiedEmail=s.verifiedEmail),void 0!==s.verifiedPhone&&(t.verifiedPhone=s.verifiedPhone),void 0!==s.ssoAppIds&&(t.ssoAppIds=s.ssoAppIds),void 0!==s.scim&&(t.scim=s.scim),void 0!==s.status&&(t.status=s.status),t}return{create:function(t,o,a,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof o?{loginId:t,email:o,phone:a,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f}:Object.assign(Object.assign({loginId:t},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return s.transformResponse(e.post(c.create,h),(e=>e.user))},createTestUser:function(t,o,a,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof o?{loginId:t,email:o,phone:a,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f,test:!0}:Object.assign(Object.assign({loginId:t},o),{roleNames:null==o?void 0:o.roles,roles:void 0,test:!0});return s.transformResponse(e.post(c.createTestUser,h),(e=>e.user))},invite:function(t,o,a,r,n,i,p,m,d,l,u,g,v,f,h,R,b,y){const I="string"==typeof o?{loginId:t,email:o,phone:a,displayName:r,givenName:f,middleName:h,familyName:R,roleNames:n,userTenants:i,invite:!0,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,inviteUrl:u,sendMail:g,sendSMS:v,additionalLoginIds:b,templateId:y}:Object.assign(Object.assign({loginId:t},o),{roleNames:null==o?void 0:o.roles,roles:void 0,invite:!0});return s.transformResponse(e.post(c.create,I),(e=>e.user))},inviteBatch:(t,o,a,r,n,i)=>s.transformResponse(e.post(c.createBatch,{users:E(t),invite:!0,inviteUrl:o,sendMail:a,sendSMS:r,templateOptions:n,templateId:i}),(e=>e)),createBatch:t=>s.transformResponse(e.post(c.createBatch,{users:E(t)}),(e=>e)),deleteBatch:t=>s.transformResponse(e.post(c.deleteBatch,{userIds:t})),update:function(t,o,a,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof o?{loginId:t,email:o,phone:a,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f}:Object.assign(Object.assign({loginId:t},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return s.transformResponse(e.post(c.update,h),(e=>e.user))},patch:function(o,a){const r=t(o,a);return s.transformResponse(e.patch(c.patch,r),(e=>e.user))},patchBatch:function(o){const a={users:o.map((e=>t(e.loginId,e)))};return s.transformResponse(e.patch(c.patchBatch,a),(e=>e))},delete:t=>s.transformResponse(e.post(c.delete,{loginId:t})),deleteByUserId:t=>s.transformResponse(e.post(c.delete,{userId:t})),deleteAllTestUsers:()=>s.transformResponse(e.delete(c.deleteAllTestUsers)),load:t=>s.transformResponse(e.get(c.load,{queryParams:{loginId:t}}),(e=>e.user)),loadByUserId:t=>s.transformResponse(e.get(c.load,{queryParams:{userId:t}}),(e=>e.user)),logoutUser:t=>s.transformResponse(e.post(c.logout,{loginId:t})),logoutUserByUserId:t=>s.transformResponse(e.post(c.logout,{userId:t})),searchAll:(t,o,a,r,n,i,p,m,d,l)=>s.transformResponse(e.post(c.search,{tenantIds:t,roleNames:o,limit:a,page:r,testUsersOnly:n,withTestUser:i,customAttributes:p,statuses:m,emails:d,phones:l}),(e=>e.users)),searchTestUsers:t=>s.transformResponse(e.post(c.searchTestUsers,Object.assign(Object.assign({},t),{withTestUser:!0,testUsersOnly:!0,roleNames:t.roles,roles:void 0})),(e=>e.users)),search:t=>s.transformResponse(e.post(c.search,Object.assign(Object.assign({},t),{roleNames:t.roles,roles:void 0})),(e=>e.users)),getProviderToken:(t,o,a)=>s.transformResponse(e.get(c.getProviderToken,{queryParams:{loginId:t,provider:o,withRefreshToken:(null==a?void 0:a.withRefreshToken)?"true":"false",forceRefresh:(null==a?void 0:a.forceRefresh)?"true":"false"}}),(e=>e)),activate:t=>s.transformResponse(e.post(c.updateStatus,{loginId:t,status:"enabled"}),(e=>e.user)),deactivate:t=>s.transformResponse(e.post(c.updateStatus,{loginId:t,status:"disabled"}),(e=>e.user)),updateLoginId:(t,o)=>s.transformResponse(e.post(c.updateLoginId,{loginId:t,newLoginId:o}),(e=>e.user)),updateEmail:(t,o,a)=>s.transformResponse(e.post(c.updateEmail,{loginId:t,email:o,verified:a}),(e=>e.user)),updatePhone:(t,o,a)=>s.transformResponse(e.post(c.updatePhone,{loginId:t,phone:o,verified:a}),(e=>e.user)),updateDisplayName:(t,o,a,r,n)=>s.transformResponse(e.post(c.updateDisplayName,{loginId:t,displayName:o,givenName:a,middleName:r,familyName:n}),(e=>e.user)),updatePicture:(t,o)=>s.transformResponse(e.post(c.updatePicture,{loginId:t,picture:o}),(e=>e.user)),updateCustomAttribute:(t,o,a)=>s.transformResponse(e.post(c.updateCustomAttribute,{loginId:t,attributeKey:o,attributeValue:a}),(e=>e.user)),setRoles:(t,o)=>s.transformResponse(e.post(c.setRole,{loginId:t,roleNames:o}),(e=>e.user)),addRoles:(t,o)=>s.transformResponse(e.post(c.addRole,{loginId:t,roleNames:o}),(e=>e.user)),removeRoles:(t,o)=>s.transformResponse(e.post(c.removeRole,{loginId:t,roleNames:o}),(e=>e.user)),addTenant:(t,o)=>s.transformResponse(e.post(c.addTenant,{loginId:t,tenantId:o}),(e=>e.user)),removeTenant:(t,o)=>s.transformResponse(e.post(c.removeTenant,{loginId:t,tenantId:o}),(e=>e.user)),setTenantRoles:(t,o,a)=>s.transformResponse(e.post(c.setRole,{loginId:t,tenantId:o,roleNames:a}),(e=>e.user)),addTenantRoles:(t,o,a)=>s.transformResponse(e.post(c.addRole,{loginId:t,tenantId:o,roleNames:a}),(e=>e.user)),removeTenantRoles:(t,o,a)=>s.transformResponse(e.post(c.removeRole,{loginId:t,tenantId:o,roleNames:a}),(e=>e.user)),addSSOapps:(t,o)=>s.transformResponse(e.post(c.addSSOApps,{loginId:t,ssoAppIds:o}),(e=>e.user)),setSSOapps:(t,o)=>s.transformResponse(e.post(c.setSSOApps,{loginId:t,ssoAppIds:o}),(e=>e.user)),removeSSOapps:(t,o)=>s.transformResponse(e.post(c.removeSSOApps,{loginId:t,ssoAppIds:o}),(e=>e.user)),generateOTPForTestUser:(t,o,a)=>s.transformResponse(e.post(c.generateOTPForTest,{deliveryMethod:t,loginId:o,loginOptions:a}),(e=>e)),generateMagicLinkForTestUser:(t,o,a,r)=>s.transformResponse(e.post(c.generateMagicLinkForTest,{deliveryMethod:t,loginId:o,URI:a,loginOptions:r}),(e=>e)),generateEnchantedLinkForTestUser:(t,o,a)=>s.transformResponse(e.post(c.generateEnchantedLinkForTest,{loginId:t,URI:o,loginOptions:a}),(e=>e)),generateEmbeddedLink:(t,o,a)=>s.transformResponse(e.post(c.generateEmbeddedLink,{loginId:t,customClaims:o,timeout:a}),(e=>e)),generateSignUpEmbeddedLink:(t,o,a,r,n,i)=>s.transformResponse(e.post(c.generateSignUpEmbeddedLink,{loginId:t,user:o,emailVerified:a,phoneVerified:r,loginOptions:n,timeout:i}),(e=>e)),setTemporaryPassword:(t,o)=>s.transformResponse(e.post(c.setTemporaryPassword,{loginId:t,password:o}),(e=>e)),setActivePassword:(t,o)=>s.transformResponse(e.post(c.setActivePassword,{loginId:t,password:o}),(e=>e)),setPassword:(t,o)=>s.transformResponse(e.post(c.setPassword,{loginId:t,password:o}),(e=>e)),expirePassword:t=>s.transformResponse(e.post(c.expirePassword,{loginId:t}),(e=>e)),removeAllPasskeys:t=>s.transformResponse(e.post(c.removeAllPasskeys,{loginId:t}),(e=>e)),removeTOTPSeed:t=>s.transformResponse(e.post(c.removeTOTPSeed,{loginId:t}),(e=>e)),history:t=>s.transformResponse(e.post(c.history,t),(e=>e))}},U=e=>({create:(t,o,a,r,n)=>s.transformResponse(e.post(v.create,{name:t,selfProvisioningDomains:o,customAttributes:a,enforceSSO:r,disabled:n})),createWithId:(t,o,a,r,n,i)=>s.transformResponse(e.post(v.create,{id:t,name:o,selfProvisioningDomains:a,customAttributes:r,enforceSSO:n,disabled:i})),update:(t,o,a,r,n,i)=>s.transformResponse(e.post(v.update,{id:t,name:o,selfProvisioningDomains:a,customAttributes:r,enforceSSO:n,disabled:i})),delete:(t,o)=>s.transformResponse(e.post(v.delete,{id:t,cascade:o})),load:t=>s.transformResponse(e.get(v.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s.transformResponse(e.get(v.loadAll,{}),(e=>e.tenants)),searchAll:(t,o,a,r)=>s.transformResponse(e.post(v.searchAll,{tenantIds:t,tenantNames:o,tenantSelfProvisioningDomains:a,customAttributes:r}),(e=>e.tenants)),getSettings:t=>s.transformResponse(e.get(v.settings,{queryParams:{id:t}}),(e=>e)),configureSettings:(t,o)=>s.transformResponse(e.post(v.settings,Object.assign(Object.assign({},o),{tenantId:t}),{})),generateSSOConfigurationLink:(t,o,a,r,n)=>s.transformResponse(e.post(v.generateSSOConfigurationLink,{tenantId:t,expireTime:o,ssoId:a,email:r,templateId:n},{}),(e=>e))}),x=e=>({update:(t,o,a)=>s.transformResponse(e.post(I.update,{jwt:t,customClaims:o,refreshDuration:a})),impersonate:(t,o,a,r,n,i)=>s.transformResponse(e.post(I.impersonate,{impersonatorId:t,loginId:o,validateConsent:a,customClaims:r,selectedTenant:n,refreshDuration:i})),stopImpersonation:(t,o,a,r)=>s.transformResponse(e.post(I.stopImpersonation,{jwt:t,customClaims:o,selectedTenant:a,refreshDuration:r})),signIn:(t,o)=>s.transformResponse(e.post(I.signIn,Object.assign({loginId:t},o))),signUp:(t,o,a)=>s.transformResponse(e.post(I.signUp,Object.assign({loginId:t,user:o},a))),signUpOrIn:(t,o,a)=>s.transformResponse(e.post(I.signUpOrIn,Object.assign({loginId:t,user:o},a))),anonymous:(t,o,a)=>s.transformResponse(e.post(I.anonymous,{customClaims:t,selectedTenant:o,refreshDuration:a})),generateClientAssertionJwt:(t,o,a,r,n)=>s.transformResponse(e.post(I.clientAssertion,{issuer:t,subject:o,audience:a,expiresIn:r,flattenAudience:n}))}),D=e=>({create:(t,o)=>s.transformResponse(e.post(A.create,{name:t,description:o})),update:(t,o,a)=>s.transformResponse(e.post(A.update,{name:t,newName:o,description:a})),delete:t=>s.transformResponse(e.post(A.delete,{name:t})),loadAll:()=>s.transformResponse(e.get(A.loadAll,{}),(e=>e.permissions))}),L=e=>({create:(t,o,a,r,n)=>s.transformResponse(e.post(S.create,{name:t,description:o,permissionNames:a,tenantId:r,default:n})),update:(t,o,a,r,n,i)=>s.transformResponse(e.post(S.update,{name:t,newName:o,description:a,permissionNames:r,tenantId:n,default:i})),delete:(t,o)=>s.transformResponse(e.post(S.delete,{name:t,tenantId:o})),loadAll:()=>s.transformResponse(e.get(S.loadAll,{}),(e=>e.roles)),search:t=>s.transformResponse(e.post(S.search,t,{}),(e=>e.roles))}),C=e=>({loadAllGroups:t=>s.transformResponse(e.post(T.loadAllGroups,{tenantId:t})),loadAllGroupsForMember:(t,o,a)=>s.transformResponse(e.post(T.loadAllGroupsForMember,{tenantId:t,loginIds:a,userIds:o})),loadAllGroupMembers:(t,o)=>s.transformResponse(e.post(T.loadAllGroupMembers,{tenantId:t,groupId:o}))});function q(e){var s,t;const o=e;return o.oidc&&(o.oidc=Object.assign(Object.assign({},o.oidc),{attributeMapping:o.oidc.userAttrMapping}),delete o.oidc.userAttrMapping),(null===(s=o.saml)||void 0===s?void 0:s.groupsMapping)&&(o.saml.groupsMapping=null===(t=o.saml)||void 0===t?void 0:t.groupsMapping.map((e=>{const s=e;return s.roleName=s.role.name,delete s.role,s}))),o}const F=e=>({getSettings:t=>s.transformResponse(e.get(y.settings,{queryParams:{tenantId:t}}),(e=>e)),newSettings:(t,o,a)=>s.transformResponse(e.post(y.settingsNew,Object.assign(Object.assign({tenantId:t},o?{ssoId:o}:{}),{displayName:a})),(e=>q(e))),deleteSettings:(t,o)=>s.transformResponse(e.delete(y.settings,{queryParams:Object.assign({tenantId:t},o?{ssoId:o}:{})})),configureSettings:(t,o,a,r,n,i)=>s.transformResponse(e.post(y.settings,{tenantId:t,idpURL:o,entityId:r,idpCert:a,redirectURL:n,domains:i})),configureMetadata:(t,o,a,r)=>s.transformResponse(e.post(y.metadata,{tenantId:t,idpMetadataURL:o,redirectURL:a,domains:r})),configureMapping:(t,o,a)=>s.transformResponse(e.post(y.mapping,{tenantId:t,roleMappings:o,attributeMapping:a})),configureOIDCSettings:(t,o,a,r)=>{const n=Object.assign(Object.assign({},o),{userAttrMapping:o.attributeMapping});return delete n.attributeMapping,s.transformResponse(e.post(y.oidc.configure,Object.assign({tenantId:t,settings:n,domains:a},r?{ssoId:r}:{})))},configureSAMLSettings:(t,o,a,r,n)=>s.transformResponse(e.post(y.saml.configure,Object.assign({tenantId:t,settings:o,redirectUrl:a,domains:r},n?{ssoId:n}:{}))),configureSAMLByMetadata:(t,o,a,r,n)=>s.transformResponse(e.post(y.saml.metadata,Object.assign({tenantId:t,settings:o,redirectUrl:a,domains:r},n?{ssoId:n}:{}))),loadSettings:(t,o)=>s.transformResponse(e.get(y.settingsv2,{queryParams:Object.assign({tenantId:t},o?{ssoId:o}:{})}),(e=>q(e))),loadAllSettings:t=>s.transformResponse(e.get(y.settingsAllV2,{queryParams:{tenantId:t}}),(e=>function(e){const s=e.SSOSettings,t=[];return s.forEach((e=>t.push(q(e)))),t}(e)))}),B=e=>({create:(t,o,a,r,n,i,p,m)=>s.transformResponse(e.post(g.create,{name:t,expireTime:o,roleNames:a,keyTenants:r,userId:n,customClaims:i,description:p,permittedIps:m})),load:t=>s.transformResponse(e.get(g.load,{queryParams:{id:t}}),(e=>e.key)),searchAll:t=>s.transformResponse(e.post(g.search,{tenantIds:t}),(e=>e.keys)),update:(t,o,a,r,n,i,p)=>s.transformResponse(e.post(g.update,{id:t,name:o,description:a,roleNames:r,keyTenants:n,customClaims:i,permittedIps:p}),(e=>e.key)),deactivate:t=>s.transformResponse(e.post(g.deactivate,{id:t})),activate:t=>s.transformResponse(e.post(g.activate,{id:t})),delete:t=>s.transformResponse(e.post(g.delete,{id:t}))}),z=e=>({list:()=>s.transformResponse(e.post(O.list,{})),delete:t=>s.transformResponse(e.post(O.delete,{ids:t})),export:t=>s.transformResponse(e.post(O.export,{flowId:t})),import:(t,o,a)=>s.transformResponse(e.post(O.import,{flowId:t,flow:o,screens:a})),run:(t,o)=>s.transformResponse(e.post(O.run,{flowId:t,options:o}),(e=>null==e?void 0:e.output))}),J=e=>({export:()=>s.transformResponse(e.post(w.export,{})),import:t=>s.transformResponse(e.post(w.import,{theme:t}))}),$=e=>({search:t=>{const o=Object.assign(Object.assign({},t),{externalIds:t.loginIds});return delete o.loginIds,s.transformResponse(e.post(j.search,o),(e=>null==e?void 0:e.audits.map((e=>{const s=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete s.externalIds,s}))))},createEvent:t=>{const o=Object.assign({},t);return s.transformResponse(e.post(j.createEvent,o))}}),K=e=>({saveSchema:(t,o)=>s.transformResponse(e.post(N.schemaSave,{schema:t,upgrade:o})),deleteSchema:()=>s.transformResponse(e.post(N.schemaDelete,{})),loadSchema:()=>s.transformResponse(e.post(N.schemaLoad,{}),(e=>e.schema)),saveNamespace:(t,o,a)=>s.transformResponse(e.post(N.nsSave,{namespace:t,oldName:o,schemaName:a})),deleteNamespace:(t,o)=>s.transformResponse(e.post(N.nsDelete,{name:t,schemaName:o})),saveRelationDefinition:(t,o,a,r)=>s.transformResponse(e.post(N.rdSave,{relationDefinition:t,namespace:o,oldName:a,schemaName:r})),deleteRelationDefinition:(t,o,a)=>s.transformResponse(e.post(N.rdDelete,{name:t,namespace:o,schemaName:a})),createRelations:t=>s.transformResponse(e.post(N.reCreate,{relations:t})),deleteRelations:t=>s.transformResponse(e.post(N.reDelete,{relations:t})),deleteRelationsForResources:t=>s.transformResponse(e.post(N.reDeleteResources,{resources:t})),deleteResourceRelationsForResources:t=>s.transformResponse(e.post(N.reDeleteResourceRelationsForResources,{resources:t})),deleteRelationsForIds:t=>s.transformResponse(e.post(N.reDeleteResources,{resources:t})),hasRelations:t=>s.transformResponse(e.post(N.hasRelations,{relationQueries:t}),(e=>e.relationQueries)),whoCanAccess:(t,o,a)=>s.transformResponse(e.post(N.who,{resource:t,relationDefinition:o,namespace:a}),(e=>e.targets)),resourceRelations:(t,o=!1)=>s.transformResponse(e.post(N.resource,{resource:t,ignoreTargetSetRelations:o}),(e=>e.relations)),targetsRelations:(t,o=!1)=>s.transformResponse(e.post(N.targets,{targets:t,includeTargetSetRelations:o}),(e=>e.relations)),whatCanTargetAccess:t=>s.transformResponse(e.post(N.targetAll,{target:t}),(e=>e.relations)),whatCanTargetAccessWithRelation:(t,o,a)=>s.transformResponse(e.post(N.targetWithRelation,{target:t,relationDefinition:o,namespace:a}),(e=>e.resources.map((e=>({resource:e}))))),getModified:t=>s.transformResponse(e.post(N.getModified,{since:t?t.getTime():0}),(e=>e))}),W=e=>({createOidcApplication:t=>{var o;return s.transformResponse(e.post(f.oidcCreate,Object.assign(Object.assign({},t),{enabled:null===(o=t.enabled)||void 0===o||o})))},createSamlApplication:t=>{var o;return s.transformResponse(e.post(f.samlCreate,Object.assign(Object.assign({},t),{enabled:null===(o=t.enabled)||void 0===o||o})))},updateOidcApplication:t=>s.transformResponse(e.post(f.oidcUpdate,Object.assign({},t))),updateSamlApplication:t=>s.transformResponse(e.post(f.samlUpdate,Object.assign({},t))),delete:t=>s.transformResponse(e.post(f.delete,{id:t})),load:t=>s.transformResponse(e.get(f.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s.transformResponse(e.get(f.loadAll,{}),(e=>e.apps))}),G=e=>({getSettings:t=>s.transformResponse(e.get(k.settings,{queryParams:{tenantId:t}}),(e=>e)),configureSettings:(t,o)=>s.transformResponse(e.post(k.settings,Object.assign(Object.assign({},o),{tenantId:t})))}),H=e=>({saveSchema:t=>s.transformResponse(e.post(P.schema,t)),deleteSchema:()=>s.transformResponse(e.post(N.schemaDelete,{})),createRelations:t=>s.transformResponse(e.post(P.relations,{tuples:t})),deleteRelations:t=>s.transformResponse(e.post(P.deleteRelations,{tuples:t})),check:t=>s.transformResponse(e.post(P.check,{tuples:t}),(e=>e.tuples)),loadResourcesDetails:t=>s.transformResponse(e.post(P.resourcesLoad,{resourceIdentifiers:t}),(e=>e.resourcesDetails)),saveResourcesDetails:t=>s.transformResponse(e.post(P.resourcesSave,{resourcesDetails:t})),deleteAllRelations:()=>s.transformResponse(e.delete(P.relations))}),V=e=>({createApplication:t=>s.transformResponse(e.post(h.create,Object.assign({},t))),updateApplication:t=>s.transformResponse(e.post(h.update,Object.assign({},t))),patchApplication:t=>s.transformResponse(e.post(h.patch,Object.assign({},t))),deleteApplication:t=>s.transformResponse(e.post(h.delete,{id:t})),loadApplication:t=>s.transformResponse(e.get(h.load,{queryParams:{id:t}}),(e=>e)),loadAllApplications:()=>s.transformResponse(e.get(h.loadAll,{}),(e=>e.apps)),getApplicationSecret:t=>s.transformResponse(e.get(h.secret,{queryParams:{id:t}}),(e=>e)),rotateApplicationSecret:t=>s.transformResponse(e.post(h.rotate,{id:t})),searchConsents:t=>s.transformResponse(e.post(R.search,Object.assign({},t)),(e=>e.consents)),deleteConsents:t=>s.transformResponse(e.post(R.delete,Object.assign({},t)))}),_=e=>({createApplication:t=>s.transformResponse(e.post(b.create,Object.assign({},t)),(e=>e.app)),updateApplication:t=>s.transformResponse(e.post(b.update,{app:t}),(e=>e.app)),deleteApplication:t=>s.transformResponse(e.post(b.delete,{id:t})),loadApplication:t=>s.transformResponse(e.get(`${b.load}/${t}`),(e=>e.app)),loadAllApplications:()=>s.transformResponse(e.get(b.loadAll,{}),(e=>e.apps)),fetchTokenByScopes:(t,o,a,r,n)=>s.transformResponse(e.post(b.fetchTokenByScopes,{appId:t,userId:o,scopes:a,options:r,tenantId:n}),(e=>e.token)),fetchToken:(t,o,a,r)=>s.transformResponse(e.post(b.fetchToken,{appId:t,userId:o,tenantId:a,options:r}),(e=>e.token)),fetchTenantTokenByScopes:(t,o,a,r)=>s.transformResponse(e.post(b.fetchTenantTokenByScopes,{appId:t,tenantId:o,scopes:a,options:r}),(e=>e.token)),fetchTenantToken:(t,o,a)=>s.transformResponse(e.post(b.fetchTenantToken,{appId:t,tenantId:o,options:a}),(e=>e.token))});const Q=o=>{var a,n,c,{authManagementKey:g,managementKey:v,publicKey:f}=o,h=e.__rest(o,["authManagementKey","managementKey","publicKey"]);const R={"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(a=null===process||void 0===process?void 0:process.versions)||void 0===a?void 0:a.node)||"","x-descope-sdk-version":"1.7.16"},b=Object.assign(Object.assign({fetch:i},h),{baseHeaders:Object.assign(Object.assign({},h.baseHeaders),R),hooks:Object.assign(Object.assign({},h.hooks),{beforeRequest:[e=>(g&&(e.token=e.token?`${e.token}:${g}`:g),e)].concat((null===(n=h.hooks)||void 0===n?void 0:n.beforeRequest)||[])})}),y=r.default(b),{projectId:I,logger:k}=h,A={},S=Object.assign(Object.assign({fetch:i},h),{baseConfig:{baseHeaders:Object.assign(Object.assign({},h.baseHeaders),R)},hooks:Object.assign(Object.assign({},h.hooks),{beforeRequest:[e=>(e.token=v,e)].concat((null===(c=h.hooks)||void 0===c?void 0:c.beforeRequest)||[])})}),O=s.createHttpClient(S),w={user:M(T=O),project:(j=T,{updateName:e=>s.transformResponse(j.post(u.updateName,{name:e})),updateTags:e=>s.transformResponse(j.post(u.updateTags,{tags:e})),clone:(e,t,o)=>s.transformResponse(j.post(u.clone,{name:e,environment:t,tags:o})),listProjects:async()=>s.transformResponse(j.post(u.projectsList,{}),(e=>e.projects.map((({id:e,name:s,environment:t,tags:o})=>({id:e,name:s,environment:t,tags:o}))))),exportSnapshot:()=>s.transformResponse(j.post(u.exportSnapshot,{})),importSnapshot:e=>s.transformResponse(j.post(u.importSnapshot,e)),validateSnapshot:e=>s.transformResponse(j.post(u.validateSnapshot,e)),export:()=>s.transformResponse(j.post(u.exportSnapshot,{}),(e=>e.files)),import:e=>s.transformResponse(j.post(u.importSnapshot,{files:e}))}),accessKey:B(T),tenant:U(T),ssoApplication:W(T),inboundApplication:V(T),outboundApplication:_(T),sso:F(T),jwt:x(T),permission:D(T),password:G(T),role:L(T),group:C(T),flow:z(T),theme:J(T),audit:$(T),authz:K(T),fga:H(T)};var T,j;const N=Object.assign(Object.assign({},y),{refresh:async(e,s)=>y.refresh(e,void 0,s),management:w,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(A[e.kid])return A[e.kid];if(Object.assign(A,await(async()=>{if(f)try{const e=JSON.parse(f),s=await t.importJWK(e);return{[e.kid]:s}}catch(e){throw null==k||k.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await y.httpClient.get(`v2/keys/${I}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await t.importJWK(e)])))).reduce(((e,[s,t])=>s?Object.assign(Object.assign({},e),{[s.toString()]:t}):e),{}):{}})()),!A[e.kid])throw Error("failed to fetch matching key");return A[e.kid]},async validateJwt(e,s){var o;const a={clockTolerance:5};(null==s?void 0:s.audience)&&(a.audience=s.audience);const r=(await t.jwtVerify(e,N.getKey,a)).payload;if(r&&(r.iss=null===(o=r.iss)||void 0===o?void 0:o.split("/").pop(),r.iss!==I))throw new t.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:r}},async validateSession(e,s){if(!e)throw Error("session token is required for validation");try{return await N.validateJwt(e,s)}catch(e){throw null==k||k.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e,s){var t,o,a,r,n,i;if(!e)throw Error("refresh token is required to refresh a session");try{await N.validateJwt(e);const m=await N.refresh(e);if(m.ok){const e=p(null===(o=null===(t=m.data)||void 0===t?void 0:t.cookies)||void 0===o?void 0:o.join(";"),"DS")||(null===(a=m.data)||void 0===a?void 0:a.sessionJwt),i=await N.validateJwt(e,s);return i.cookies=(null===(r=m.data)||void 0===r?void 0:r.cookies)||[],(null===(n=m.data)||void 0===n?void 0:n.refreshJwt)&&(i.refreshJwt=m.data.refreshJwt),i}throw Error(null===(i=m.error)||void 0===i?void 0:i.errorMessage)}catch(e){throw null==k||k.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,s,t){if(!e&&!s)throw Error("both session and refresh tokens are empty");try{return await N.validateSession(e,t)}catch(e){null==k||k.log(`session validation failed with error ${e} - trying to refresh it`)}return N.refreshSession(s,t)},async exchangeAccessKey(e,s,t){var o;if(!e)throw Error("access key must not be empty");let a;try{a=await N.accessKey.exchange(e,s)}catch(e){throw null==k||k.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!a.ok)throw null==k||k.error("failed to exchange access key",a.error),Error(`could not exchange access key - ${null===(o=a.error)||void 0===o?void 0:o.errorMessage}`);const{sessionJwt:r}=a.data;if(!r)throw null==k||k.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await N.validateJwt(r,t)}catch(e){throw null==k||k.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,s)=>N.validateTenantPermissions(e,"",s),getMatchedPermissions:(e,s)=>N.getMatchedTenantPermissions(e,"",s),validateTenantPermissions(e,s,t){if(s&&!l(e,s))return!1;const o=d(e,"permissions",s);return t.every((e=>o.includes(e)))},getMatchedTenantPermissions(e,s,t){if(s&&!l(e,s))return[];const o=d(e,"permissions",s);return t.filter((e=>o.includes(e)))},validateRoles:(e,s)=>N.validateTenantRoles(e,"",s),getMatchedRoles:(e,s)=>N.getMatchedTenantRoles(e,"",s),validateTenantRoles(e,s,t){if(s&&!l(e,s))return!1;const o=d(e,"roles",s);return t.every((e=>o.includes(e)))},getMatchedTenantRoles(e,s,t){if(s&&!l(e,s))return[];const o=d(e,"roles",s);return t.filter((e=>o.includes(e)))}});return s.wrapWith(N,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],m)};Q.RefreshTokenCookieName="DSR",Q.SessionTokenCookieName="DS",Q.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"},module.exports=Q;
1
+ "use strict";var e=require("tslib"),s=require("@descope/core-js-sdk"),t=require("jose"),o=require("cross-fetch");function a(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var r=a(s);var n;null!==(n=globalThis.Headers)&&void 0!==n||(globalThis.Headers=o.Headers);const i=(...e)=>(e.forEach((e=>{var s,t;e&&"object"==typeof e&&(null!==(s=(t=e).highWaterMark)&&void 0!==s||(t.highWaterMark=31457280))})),o.fetch(...e)),p=(e,s)=>{const t=null==e?void 0:e.match(RegExp(`(?:^|[;,]\\s*)${s}=([^;]*)`));return t?t[1]:null},m=s=>async(...t)=>{var o,a,r;const n=await s(...t);if(!n.data)return n;let i=n.data,{refreshJwt:m}=i,d=e.__rest(i,["refreshJwt"]);const l=[];var c;return m?l.push(`${"DSR"}=${m}; Domain=${(null==(c=d)?void 0:c.cookieDomain)||""}; Max-Age=${(null==c?void 0:c.cookieMaxAge)||""}; Path=${(null==c?void 0:c.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(o=n.response)||void 0===o?void 0:o.headers.get("set-cookie"))&&(m=p(null===(a=n.response)||void 0===a?void 0:a.headers.get("set-cookie"),"DSR"),l.push(null===(r=n.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},n),{data:Object.assign(Object.assign({},n.data),{refreshJwt:m,cookies:l})})};function d(e,s,t){var o,a;const r=t?null===(a=null===(o=e.token.tenants)||void 0===o?void 0:o[t])||void 0===a?void 0:a[s]:e.token[s];return Array.isArray(r)?r:[]}function l(e,s){var t;return!!(null===(t=e.token.tenants)||void 0===t?void 0:t[s])}var c={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",patchBatch:"/v1/mgmt/user/patch/batch",delete:"/v1/mgmt/user/delete",deleteBatch:"/v1/mgmt/user/delete/batch",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",generateSignUpEmbeddedLink:"/v1/mgmt/user/signup/embeddedlink",history:"/v1/mgmt/user/history"},u={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},v={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate"},f={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},h={create:"/v1/mgmt/thirdparty/app/create",update:"/v1/mgmt/thirdparty/app/update",patch:"/v1/mgmt/thirdparty/app/patch",delete:"/v1/mgmt/thirdparty/app/delete",load:"/v1/mgmt/thirdparty/app/load",loadAll:"/v1/mgmt/thirdparty/apps/load",secret:"/v1/mgmt/thirdparty/app/secret",rotate:"/v1/mgmt/thirdparty/app/rotate"},R={delete:"/v1/mgmt/thirdparty/consents/delete",search:"/v1/mgmt/thirdparty/consents/search"},b={create:"/v1/mgmt/outbound/app/create",update:"/v1/mgmt/outbound/app/update",delete:"/v1/mgmt/outbound/app/delete",load:"/v1/mgmt/outbound/app",loadAll:"/v1/mgmt/outbound/apps",fetchToken:"/v1/mgmt/outbound/app/user/token/latest",fetchTokenByScopes:"/v1/mgmt/outbound/app/user/token",fetchTenantToken:"/v1/mgmt/outbound/app/tenant/token/latest",fetchTenantTokenByScopes:"/v1/mgmt/outbound/app/tenant/token"},y={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},I={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous",clientAssertion:"/v1/mgmt/token/clientassertion"},k={settings:"/v1/mgmt/password/settings"},A={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},S={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},O={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import",run:"/v1/mgmt/flow/run"},w={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},T={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},j={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},N={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},P={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save"};function E(s){return s.map((s=>{var{roles:t}=s,o=e.__rest(s,["roles"]);return Object.assign(Object.assign({},o),{roleNames:t})}))}const M=e=>{function t(e,s){const t={loginId:e};return void 0!==s.email&&(t.email=s.email),void 0!==s.phone&&(t.phone=s.phone),void 0!==s.displayName&&(t.displayName=s.displayName),void 0!==s.givenName&&(t.givenName=s.givenName),void 0!==s.middleName&&(t.middleName=s.middleName),void 0!==s.familyName&&(t.familyName=s.familyName),void 0!==s.roles&&(t.roleNames=s.roles),void 0!==s.userTenants&&(t.userTenants=s.userTenants),void 0!==s.customAttributes&&(t.customAttributes=s.customAttributes),void 0!==s.picture&&(t.picture=s.picture),void 0!==s.verifiedEmail&&(t.verifiedEmail=s.verifiedEmail),void 0!==s.verifiedPhone&&(t.verifiedPhone=s.verifiedPhone),void 0!==s.ssoAppIds&&(t.ssoAppIds=s.ssoAppIds),void 0!==s.scim&&(t.scim=s.scim),void 0!==s.status&&(t.status=s.status),t}return{create:function(t,o,a,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof o?{loginId:t,email:o,phone:a,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f}:Object.assign(Object.assign({loginId:t},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return s.transformResponse(e.post(c.create,h),(e=>e.user))},createTestUser:function(t,o,a,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof o?{loginId:t,email:o,phone:a,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f,test:!0}:Object.assign(Object.assign({loginId:t},o),{roleNames:null==o?void 0:o.roles,roles:void 0,test:!0});return s.transformResponse(e.post(c.createTestUser,h),(e=>e.user))},invite:function(t,o,a,r,n,i,p,m,d,l,u,g,v,f,h,R,b,y){const I="string"==typeof o?{loginId:t,email:o,phone:a,displayName:r,givenName:f,middleName:h,familyName:R,roleNames:n,userTenants:i,invite:!0,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,inviteUrl:u,sendMail:g,sendSMS:v,additionalLoginIds:b,templateId:y}:Object.assign(Object.assign({loginId:t},o),{roleNames:null==o?void 0:o.roles,roles:void 0,invite:!0});return s.transformResponse(e.post(c.create,I),(e=>e.user))},inviteBatch:(t,o,a,r,n,i)=>s.transformResponse(e.post(c.createBatch,{users:E(t),invite:!0,inviteUrl:o,sendMail:a,sendSMS:r,templateOptions:n,templateId:i}),(e=>e)),createBatch:t=>s.transformResponse(e.post(c.createBatch,{users:E(t)}),(e=>e)),deleteBatch:t=>s.transformResponse(e.post(c.deleteBatch,{userIds:t})),update:function(t,o,a,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof o?{loginId:t,email:o,phone:a,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f}:Object.assign(Object.assign({loginId:t},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return s.transformResponse(e.post(c.update,h),(e=>e.user))},patch:function(o,a){const r=t(o,a);return s.transformResponse(e.patch(c.patch,r),(e=>e.user))},patchBatch:function(o){const a={users:o.map((e=>t(e.loginId,e)))};return s.transformResponse(e.patch(c.patchBatch,a),(e=>e))},delete:t=>s.transformResponse(e.post(c.delete,{loginId:t})),deleteByUserId:t=>s.transformResponse(e.post(c.delete,{userId:t})),deleteAllTestUsers:()=>s.transformResponse(e.delete(c.deleteAllTestUsers)),load:t=>s.transformResponse(e.get(c.load,{queryParams:{loginId:t}}),(e=>e.user)),loadByUserId:t=>s.transformResponse(e.get(c.load,{queryParams:{userId:t}}),(e=>e.user)),logoutUser:t=>s.transformResponse(e.post(c.logout,{loginId:t})),logoutUserByUserId:t=>s.transformResponse(e.post(c.logout,{userId:t})),searchAll:(t,o,a,r,n,i,p,m,d,l)=>s.transformResponse(e.post(c.search,{tenantIds:t,roleNames:o,limit:a,page:r,testUsersOnly:n,withTestUser:i,customAttributes:p,statuses:m,emails:d,phones:l}),(e=>e.users)),searchTestUsers:t=>s.transformResponse(e.post(c.searchTestUsers,Object.assign(Object.assign({},t),{withTestUser:!0,testUsersOnly:!0,roleNames:t.roles,roles:void 0})),(e=>e.users)),search:t=>s.transformResponse(e.post(c.search,Object.assign(Object.assign({},t),{roleNames:t.roles,roles:void 0})),(e=>e.users)),getProviderToken:(t,o,a)=>s.transformResponse(e.get(c.getProviderToken,{queryParams:{loginId:t,provider:o,withRefreshToken:(null==a?void 0:a.withRefreshToken)?"true":"false",forceRefresh:(null==a?void 0:a.forceRefresh)?"true":"false"}}),(e=>e)),activate:t=>s.transformResponse(e.post(c.updateStatus,{loginId:t,status:"enabled"}),(e=>e.user)),deactivate:t=>s.transformResponse(e.post(c.updateStatus,{loginId:t,status:"disabled"}),(e=>e.user)),updateLoginId:(t,o)=>s.transformResponse(e.post(c.updateLoginId,{loginId:t,newLoginId:o}),(e=>e.user)),updateEmail:(t,o,a)=>s.transformResponse(e.post(c.updateEmail,{loginId:t,email:o,verified:a}),(e=>e.user)),updatePhone:(t,o,a)=>s.transformResponse(e.post(c.updatePhone,{loginId:t,phone:o,verified:a}),(e=>e.user)),updateDisplayName:(t,o,a,r,n)=>s.transformResponse(e.post(c.updateDisplayName,{loginId:t,displayName:o,givenName:a,middleName:r,familyName:n}),(e=>e.user)),updatePicture:(t,o)=>s.transformResponse(e.post(c.updatePicture,{loginId:t,picture:o}),(e=>e.user)),updateCustomAttribute:(t,o,a)=>s.transformResponse(e.post(c.updateCustomAttribute,{loginId:t,attributeKey:o,attributeValue:a}),(e=>e.user)),setRoles:(t,o)=>s.transformResponse(e.post(c.setRole,{loginId:t,roleNames:o}),(e=>e.user)),addRoles:(t,o)=>s.transformResponse(e.post(c.addRole,{loginId:t,roleNames:o}),(e=>e.user)),removeRoles:(t,o)=>s.transformResponse(e.post(c.removeRole,{loginId:t,roleNames:o}),(e=>e.user)),addTenant:(t,o)=>s.transformResponse(e.post(c.addTenant,{loginId:t,tenantId:o}),(e=>e.user)),removeTenant:(t,o)=>s.transformResponse(e.post(c.removeTenant,{loginId:t,tenantId:o}),(e=>e.user)),setTenantRoles:(t,o,a)=>s.transformResponse(e.post(c.setRole,{loginId:t,tenantId:o,roleNames:a}),(e=>e.user)),addTenantRoles:(t,o,a)=>s.transformResponse(e.post(c.addRole,{loginId:t,tenantId:o,roleNames:a}),(e=>e.user)),removeTenantRoles:(t,o,a)=>s.transformResponse(e.post(c.removeRole,{loginId:t,tenantId:o,roleNames:a}),(e=>e.user)),addSSOapps:(t,o)=>s.transformResponse(e.post(c.addSSOApps,{loginId:t,ssoAppIds:o}),(e=>e.user)),setSSOapps:(t,o)=>s.transformResponse(e.post(c.setSSOApps,{loginId:t,ssoAppIds:o}),(e=>e.user)),removeSSOapps:(t,o)=>s.transformResponse(e.post(c.removeSSOApps,{loginId:t,ssoAppIds:o}),(e=>e.user)),generateOTPForTestUser:(t,o,a)=>s.transformResponse(e.post(c.generateOTPForTest,{deliveryMethod:t,loginId:o,loginOptions:a}),(e=>e)),generateMagicLinkForTestUser:(t,o,a,r)=>s.transformResponse(e.post(c.generateMagicLinkForTest,{deliveryMethod:t,loginId:o,URI:a,loginOptions:r}),(e=>e)),generateEnchantedLinkForTestUser:(t,o,a)=>s.transformResponse(e.post(c.generateEnchantedLinkForTest,{loginId:t,URI:o,loginOptions:a}),(e=>e)),generateEmbeddedLink:(t,o,a)=>s.transformResponse(e.post(c.generateEmbeddedLink,{loginId:t,customClaims:o,timeout:a}),(e=>e)),generateSignUpEmbeddedLink:(t,o,a,r,n,i)=>s.transformResponse(e.post(c.generateSignUpEmbeddedLink,{loginId:t,user:o,emailVerified:a,phoneVerified:r,loginOptions:n,timeout:i}),(e=>e)),setTemporaryPassword:(t,o)=>s.transformResponse(e.post(c.setTemporaryPassword,{loginId:t,password:o}),(e=>e)),setActivePassword:(t,o)=>s.transformResponse(e.post(c.setActivePassword,{loginId:t,password:o}),(e=>e)),setPassword:(t,o)=>s.transformResponse(e.post(c.setPassword,{loginId:t,password:o}),(e=>e)),expirePassword:t=>s.transformResponse(e.post(c.expirePassword,{loginId:t}),(e=>e)),removeAllPasskeys:t=>s.transformResponse(e.post(c.removeAllPasskeys,{loginId:t}),(e=>e)),removeTOTPSeed:t=>s.transformResponse(e.post(c.removeTOTPSeed,{loginId:t}),(e=>e)),history:t=>s.transformResponse(e.post(c.history,t),(e=>e))}},U=e=>({create:(t,o,a,r,n)=>s.transformResponse(e.post(v.create,{name:t,selfProvisioningDomains:o,customAttributes:a,enforceSSO:r,disabled:n})),createWithId:(t,o,a,r,n,i)=>s.transformResponse(e.post(v.create,{id:t,name:o,selfProvisioningDomains:a,customAttributes:r,enforceSSO:n,disabled:i})),update:(t,o,a,r,n,i)=>s.transformResponse(e.post(v.update,{id:t,name:o,selfProvisioningDomains:a,customAttributes:r,enforceSSO:n,disabled:i})),delete:(t,o)=>s.transformResponse(e.post(v.delete,{id:t,cascade:o})),load:t=>s.transformResponse(e.get(v.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s.transformResponse(e.get(v.loadAll,{}),(e=>e.tenants)),searchAll:(t,o,a,r)=>s.transformResponse(e.post(v.searchAll,{tenantIds:t,tenantNames:o,tenantSelfProvisioningDomains:a,customAttributes:r}),(e=>e.tenants)),getSettings:t=>s.transformResponse(e.get(v.settings,{queryParams:{id:t}}),(e=>e)),configureSettings:(t,o)=>s.transformResponse(e.post(v.settings,Object.assign(Object.assign({},o),{tenantId:t}),{})),generateSSOConfigurationLink:(t,o,a,r,n)=>s.transformResponse(e.post(v.generateSSOConfigurationLink,{tenantId:t,expireTime:o,ssoId:a,email:r,templateId:n},{}),(e=>e))}),x=e=>({update:(t,o,a)=>s.transformResponse(e.post(I.update,{jwt:t,customClaims:o,refreshDuration:a})),impersonate:(t,o,a,r,n,i)=>s.transformResponse(e.post(I.impersonate,{impersonatorId:t,loginId:o,validateConsent:a,customClaims:r,selectedTenant:n,refreshDuration:i})),stopImpersonation:(t,o,a,r)=>s.transformResponse(e.post(I.stopImpersonation,{jwt:t,customClaims:o,selectedTenant:a,refreshDuration:r})),signIn:(t,o)=>s.transformResponse(e.post(I.signIn,Object.assign({loginId:t},o))),signUp:(t,o,a)=>s.transformResponse(e.post(I.signUp,Object.assign({loginId:t,user:o},a))),signUpOrIn:(t,o,a)=>s.transformResponse(e.post(I.signUpOrIn,Object.assign({loginId:t,user:o},a))),anonymous:(t,o,a)=>s.transformResponse(e.post(I.anonymous,{customClaims:t,selectedTenant:o,refreshDuration:a})),generateClientAssertionJwt:(t,o,a,r,n)=>s.transformResponse(e.post(I.clientAssertion,{issuer:t,subject:o,audience:a,expiresIn:r,flattenAudience:n}))}),D=e=>({create:(t,o)=>s.transformResponse(e.post(A.create,{name:t,description:o})),update:(t,o,a)=>s.transformResponse(e.post(A.update,{name:t,newName:o,description:a})),delete:t=>s.transformResponse(e.post(A.delete,{name:t})),loadAll:()=>s.transformResponse(e.get(A.loadAll,{}),(e=>e.permissions))}),L=e=>({create:(t,o,a,r,n)=>s.transformResponse(e.post(S.create,{name:t,description:o,permissionNames:a,tenantId:r,default:n})),update:(t,o,a,r,n,i)=>s.transformResponse(e.post(S.update,{name:t,newName:o,description:a,permissionNames:r,tenantId:n,default:i})),delete:(t,o)=>s.transformResponse(e.post(S.delete,{name:t,tenantId:o})),loadAll:()=>s.transformResponse(e.get(S.loadAll,{}),(e=>e.roles)),search:t=>s.transformResponse(e.post(S.search,t,{}),(e=>e.roles))}),C=e=>({loadAllGroups:t=>s.transformResponse(e.post(T.loadAllGroups,{tenantId:t})),loadAllGroupsForMember:(t,o,a)=>s.transformResponse(e.post(T.loadAllGroupsForMember,{tenantId:t,loginIds:a,userIds:o})),loadAllGroupMembers:(t,o)=>s.transformResponse(e.post(T.loadAllGroupMembers,{tenantId:t,groupId:o}))});function q(e){var s,t;const o=e;return o.oidc&&(o.oidc=Object.assign(Object.assign({},o.oidc),{attributeMapping:o.oidc.userAttrMapping}),delete o.oidc.userAttrMapping),(null===(s=o.saml)||void 0===s?void 0:s.groupsMapping)&&(o.saml.groupsMapping=null===(t=o.saml)||void 0===t?void 0:t.groupsMapping.map((e=>{const s=e;return s.roleName=s.role.name,delete s.role,s}))),o}const F=e=>({getSettings:t=>s.transformResponse(e.get(y.settings,{queryParams:{tenantId:t}}),(e=>e)),newSettings:(t,o,a)=>s.transformResponse(e.post(y.settingsNew,Object.assign(Object.assign({tenantId:t},o?{ssoId:o}:{}),{displayName:a})),(e=>q(e))),deleteSettings:(t,o)=>s.transformResponse(e.delete(y.settings,{queryParams:Object.assign({tenantId:t},o?{ssoId:o}:{})})),configureSettings:(t,o,a,r,n,i)=>s.transformResponse(e.post(y.settings,{tenantId:t,idpURL:o,entityId:r,idpCert:a,redirectURL:n,domains:i})),configureMetadata:(t,o,a,r)=>s.transformResponse(e.post(y.metadata,{tenantId:t,idpMetadataURL:o,redirectURL:a,domains:r})),configureMapping:(t,o,a)=>s.transformResponse(e.post(y.mapping,{tenantId:t,roleMappings:o,attributeMapping:a})),configureOIDCSettings:(t,o,a,r)=>{const n=Object.assign(Object.assign({},o),{userAttrMapping:o.attributeMapping});return delete n.attributeMapping,s.transformResponse(e.post(y.oidc.configure,Object.assign({tenantId:t,settings:n,domains:a},r?{ssoId:r}:{})))},configureSAMLSettings:(t,o,a,r,n)=>s.transformResponse(e.post(y.saml.configure,Object.assign({tenantId:t,settings:o,redirectUrl:a,domains:r},n?{ssoId:n}:{}))),configureSAMLByMetadata:(t,o,a,r,n)=>s.transformResponse(e.post(y.saml.metadata,Object.assign({tenantId:t,settings:o,redirectUrl:a,domains:r},n?{ssoId:n}:{}))),loadSettings:(t,o)=>s.transformResponse(e.get(y.settingsv2,{queryParams:Object.assign({tenantId:t},o?{ssoId:o}:{})}),(e=>q(e))),loadAllSettings:t=>s.transformResponse(e.get(y.settingsAllV2,{queryParams:{tenantId:t}}),(e=>function(e){const s=e.SSOSettings,t=[];return s.forEach((e=>t.push(q(e)))),t}(e)))}),B=e=>({create:(t,o,a,r,n,i,p,m)=>s.transformResponse(e.post(g.create,{name:t,expireTime:o,roleNames:a,keyTenants:r,userId:n,customClaims:i,description:p,permittedIps:m})),load:t=>s.transformResponse(e.get(g.load,{queryParams:{id:t}}),(e=>e.key)),searchAll:t=>s.transformResponse(e.post(g.search,{tenantIds:t}),(e=>e.keys)),update:(t,o,a,r,n,i,p)=>s.transformResponse(e.post(g.update,{id:t,name:o,description:a,roleNames:r,keyTenants:n,customClaims:i,permittedIps:p}),(e=>e.key)),deactivate:t=>s.transformResponse(e.post(g.deactivate,{id:t})),activate:t=>s.transformResponse(e.post(g.activate,{id:t})),delete:t=>s.transformResponse(e.post(g.delete,{id:t}))}),z=e=>({list:()=>s.transformResponse(e.post(O.list,{})),delete:t=>s.transformResponse(e.post(O.delete,{ids:t})),export:t=>s.transformResponse(e.post(O.export,{flowId:t})),import:(t,o,a)=>s.transformResponse(e.post(O.import,{flowId:t,flow:o,screens:a})),run:(t,o)=>s.transformResponse(e.post(O.run,{flowId:t,options:o}),(e=>null==e?void 0:e.output))}),J=e=>({export:()=>s.transformResponse(e.post(w.export,{})),import:t=>s.transformResponse(e.post(w.import,{theme:t}))}),$=e=>({search:t=>{const o=Object.assign(Object.assign({},t),{externalIds:t.loginIds});return delete o.loginIds,s.transformResponse(e.post(j.search,o),(e=>null==e?void 0:e.audits.map((e=>{const s=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete s.externalIds,s}))))},createEvent:t=>{const o=Object.assign({},t);return s.transformResponse(e.post(j.createEvent,o))}}),K=e=>({saveSchema:(t,o)=>s.transformResponse(e.post(N.schemaSave,{schema:t,upgrade:o})),deleteSchema:()=>s.transformResponse(e.post(N.schemaDelete,{})),loadSchema:()=>s.transformResponse(e.post(N.schemaLoad,{}),(e=>e.schema)),saveNamespace:(t,o,a)=>s.transformResponse(e.post(N.nsSave,{namespace:t,oldName:o,schemaName:a})),deleteNamespace:(t,o)=>s.transformResponse(e.post(N.nsDelete,{name:t,schemaName:o})),saveRelationDefinition:(t,o,a,r)=>s.transformResponse(e.post(N.rdSave,{relationDefinition:t,namespace:o,oldName:a,schemaName:r})),deleteRelationDefinition:(t,o,a)=>s.transformResponse(e.post(N.rdDelete,{name:t,namespace:o,schemaName:a})),createRelations:t=>s.transformResponse(e.post(N.reCreate,{relations:t})),deleteRelations:t=>s.transformResponse(e.post(N.reDelete,{relations:t})),deleteRelationsForResources:t=>s.transformResponse(e.post(N.reDeleteResources,{resources:t})),deleteResourceRelationsForResources:t=>s.transformResponse(e.post(N.reDeleteResourceRelationsForResources,{resources:t})),deleteRelationsForIds:t=>s.transformResponse(e.post(N.reDeleteResources,{resources:t})),hasRelations:t=>s.transformResponse(e.post(N.hasRelations,{relationQueries:t}),(e=>e.relationQueries)),whoCanAccess:(t,o,a)=>s.transformResponse(e.post(N.who,{resource:t,relationDefinition:o,namespace:a}),(e=>e.targets)),resourceRelations:(t,o=!1)=>s.transformResponse(e.post(N.resource,{resource:t,ignoreTargetSetRelations:o}),(e=>e.relations)),targetsRelations:(t,o=!1)=>s.transformResponse(e.post(N.targets,{targets:t,includeTargetSetRelations:o}),(e=>e.relations)),whatCanTargetAccess:t=>s.transformResponse(e.post(N.targetAll,{target:t}),(e=>e.relations)),whatCanTargetAccessWithRelation:(t,o,a)=>s.transformResponse(e.post(N.targetWithRelation,{target:t,relationDefinition:o,namespace:a}),(e=>e.resources.map((e=>({resource:e}))))),getModified:t=>s.transformResponse(e.post(N.getModified,{since:t?t.getTime():0}),(e=>e))}),W=e=>({createOidcApplication:t=>{var o;return s.transformResponse(e.post(f.oidcCreate,Object.assign(Object.assign({},t),{enabled:null===(o=t.enabled)||void 0===o||o})))},createSamlApplication:t=>{var o;return s.transformResponse(e.post(f.samlCreate,Object.assign(Object.assign({},t),{enabled:null===(o=t.enabled)||void 0===o||o})))},updateOidcApplication:t=>s.transformResponse(e.post(f.oidcUpdate,Object.assign({},t))),updateSamlApplication:t=>s.transformResponse(e.post(f.samlUpdate,Object.assign({},t))),delete:t=>s.transformResponse(e.post(f.delete,{id:t})),load:t=>s.transformResponse(e.get(f.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s.transformResponse(e.get(f.loadAll,{}),(e=>e.apps))}),G=e=>({getSettings:t=>s.transformResponse(e.get(k.settings,{queryParams:{tenantId:t}}),(e=>e)),configureSettings:(t,o)=>s.transformResponse(e.post(k.settings,Object.assign(Object.assign({},o),{tenantId:t})))}),H=e=>({saveSchema:t=>s.transformResponse(e.post(P.schema,t)),deleteSchema:()=>s.transformResponse(e.post(N.schemaDelete,{})),createRelations:t=>s.transformResponse(e.post(P.relations,{tuples:t})),deleteRelations:t=>s.transformResponse(e.post(P.deleteRelations,{tuples:t})),check:t=>s.transformResponse(e.post(P.check,{tuples:t}),(e=>e.tuples)),loadResourcesDetails:t=>s.transformResponse(e.post(P.resourcesLoad,{resourceIdentifiers:t}),(e=>e.resourcesDetails)),saveResourcesDetails:t=>s.transformResponse(e.post(P.resourcesSave,{resourcesDetails:t})),deleteAllRelations:()=>s.transformResponse(e.delete(P.relations))}),V=e=>({createApplication:t=>s.transformResponse(e.post(h.create,Object.assign({},t))),updateApplication:t=>s.transformResponse(e.post(h.update,Object.assign({},t))),patchApplication:t=>s.transformResponse(e.post(h.patch,Object.assign({},t))),deleteApplication:t=>s.transformResponse(e.post(h.delete,{id:t})),loadApplication:t=>s.transformResponse(e.get(h.load,{queryParams:{id:t}}),(e=>e)),loadAllApplications:()=>s.transformResponse(e.get(h.loadAll,{}),(e=>e.apps)),getApplicationSecret:t=>s.transformResponse(e.get(h.secret,{queryParams:{id:t}}),(e=>e)),rotateApplicationSecret:t=>s.transformResponse(e.post(h.rotate,{id:t})),searchConsents:t=>s.transformResponse(e.post(R.search,Object.assign({},t)),(e=>e.consents)),deleteConsents:t=>s.transformResponse(e.post(R.delete,Object.assign({},t)))}),_=e=>({createApplication:t=>s.transformResponse(e.post(b.create,Object.assign({},t)),(e=>e.app)),updateApplication:t=>s.transformResponse(e.post(b.update,{app:t}),(e=>e.app)),deleteApplication:t=>s.transformResponse(e.post(b.delete,{id:t})),loadApplication:t=>s.transformResponse(e.get(`${b.load}/${t}`),(e=>e.app)),loadAllApplications:()=>s.transformResponse(e.get(b.loadAll,{}),(e=>e.apps)),fetchTokenByScopes:(t,o,a,r,n)=>s.transformResponse(e.post(b.fetchTokenByScopes,{appId:t,userId:o,scopes:a,options:r,tenantId:n}),(e=>e.token)),fetchToken:(t,o,a,r)=>s.transformResponse(e.post(b.fetchToken,{appId:t,userId:o,tenantId:a,options:r}),(e=>e.token)),fetchTenantTokenByScopes:(t,o,a,r)=>s.transformResponse(e.post(b.fetchTenantTokenByScopes,{appId:t,tenantId:o,scopes:a,options:r}),(e=>e.token)),fetchTenantToken:(t,o,a)=>s.transformResponse(e.post(b.fetchTenantToken,{appId:t,tenantId:o,options:a}),(e=>e.token))});const Q=o=>{var a,n,c,{authManagementKey:g,managementKey:v,publicKey:f}=o,h=e.__rest(o,["authManagementKey","managementKey","publicKey"]);const R={"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(a=null===process||void 0===process?void 0:process.versions)||void 0===a?void 0:a.node)||"","x-descope-sdk-version":"1.7.17"},b=Object.assign(Object.assign({fetch:i},h),{baseHeaders:Object.assign(Object.assign({},h.baseHeaders),R),hooks:Object.assign(Object.assign({},h.hooks),{beforeRequest:[e=>(g&&(e.token=e.token?`${e.token}:${g}`:g),e)].concat((null===(n=h.hooks)||void 0===n?void 0:n.beforeRequest)||[])})}),y=r.default(b),{projectId:I,logger:k}=h,A={},S=Object.assign(Object.assign({fetch:i},h),{baseConfig:{baseHeaders:Object.assign(Object.assign({},h.baseHeaders),R)},hooks:Object.assign(Object.assign({},h.hooks),{beforeRequest:[e=>(e.token=v,e)].concat((null===(c=h.hooks)||void 0===c?void 0:c.beforeRequest)||[])})}),O=s.createHttpClient(S),w={user:M(T=O),project:(j=T,{updateName:e=>s.transformResponse(j.post(u.updateName,{name:e})),updateTags:e=>s.transformResponse(j.post(u.updateTags,{tags:e})),clone:(e,t,o)=>s.transformResponse(j.post(u.clone,{name:e,environment:t,tags:o})),listProjects:async()=>s.transformResponse(j.post(u.projectsList,{}),(e=>e.projects.map((({id:e,name:s,environment:t,tags:o})=>({id:e,name:s,environment:t,tags:o}))))),exportSnapshot:()=>s.transformResponse(j.post(u.exportSnapshot,{})),importSnapshot:e=>s.transformResponse(j.post(u.importSnapshot,e)),validateSnapshot:e=>s.transformResponse(j.post(u.validateSnapshot,e)),export:()=>s.transformResponse(j.post(u.exportSnapshot,{}),(e=>e.files)),import:e=>s.transformResponse(j.post(u.importSnapshot,{files:e}))}),accessKey:B(T),tenant:U(T),ssoApplication:W(T),inboundApplication:V(T),outboundApplication:_(T),sso:F(T),jwt:x(T),permission:D(T),password:G(T),role:L(T),group:C(T),flow:z(T),theme:J(T),audit:$(T),authz:K(T),fga:H(T)};var T,j;const N=Object.assign(Object.assign({},y),{refresh:async(e,s)=>y.refresh(e,void 0,s),management:w,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(A[e.kid])return A[e.kid];if(Object.assign(A,await(async()=>{if(f)try{const e=JSON.parse(f),s=await t.importJWK(e);return{[e.kid]:s}}catch(e){throw null==k||k.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await y.httpClient.get(`v2/keys/${I}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await t.importJWK(e)])))).reduce(((e,[s,t])=>s?Object.assign(Object.assign({},e),{[s.toString()]:t}):e),{}):{}})()),!A[e.kid])throw Error("failed to fetch matching key");return A[e.kid]},async validateJwt(e,s){var o;const a={clockTolerance:5};(null==s?void 0:s.audience)&&(a.audience=s.audience);const r=(await t.jwtVerify(e,N.getKey,a)).payload;if(r&&(r.iss=null===(o=r.iss)||void 0===o?void 0:o.split("/").pop(),r.iss!==I))throw new t.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:r}},async validateSession(e,s){if(!e)throw Error("session token is required for validation");try{return await N.validateJwt(e,s)}catch(e){throw null==k||k.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e,s){var t,o,a,r,n,i;if(!e)throw Error("refresh token is required to refresh a session");try{await N.validateJwt(e);const m=await N.refresh(e);if(m.ok){const e=p(null===(o=null===(t=m.data)||void 0===t?void 0:t.cookies)||void 0===o?void 0:o.join(";"),"DS")||(null===(a=m.data)||void 0===a?void 0:a.sessionJwt),i=await N.validateJwt(e,s);return i.cookies=(null===(r=m.data)||void 0===r?void 0:r.cookies)||[],(null===(n=m.data)||void 0===n?void 0:n.refreshJwt)&&(i.refreshJwt=m.data.refreshJwt),i}throw Error(null===(i=m.error)||void 0===i?void 0:i.errorMessage)}catch(e){throw null==k||k.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,s,t){if(!e&&!s)throw Error("both session and refresh tokens are empty");try{return await N.validateSession(e,t)}catch(e){null==k||k.log(`session validation failed with error ${e} - trying to refresh it`)}return N.refreshSession(s,t)},async exchangeAccessKey(e,s,t){var o;if(!e)throw Error("access key must not be empty");let a;try{a=await N.accessKey.exchange(e,s)}catch(e){throw null==k||k.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!a.ok)throw null==k||k.error("failed to exchange access key",a.error),Error(`could not exchange access key - ${null===(o=a.error)||void 0===o?void 0:o.errorMessage}`);const{sessionJwt:r}=a.data;if(!r)throw null==k||k.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await N.validateJwt(r,t)}catch(e){throw null==k||k.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,s)=>N.validateTenantPermissions(e,"",s),getMatchedPermissions:(e,s)=>N.getMatchedTenantPermissions(e,"",s),validateTenantPermissions(e,s,t){if(s&&!l(e,s))return!1;const o=d(e,"permissions",s);return t.every((e=>o.includes(e)))},getMatchedTenantPermissions(e,s,t){if(s&&!l(e,s))return[];const o=d(e,"permissions",s);return t.filter((e=>o.includes(e)))},validateRoles:(e,s)=>N.validateTenantRoles(e,"",s),getMatchedRoles:(e,s)=>N.getMatchedTenantRoles(e,"",s),validateTenantRoles(e,s,t){if(s&&!l(e,s))return!1;const o=d(e,"roles",s);return t.every((e=>o.includes(e)))},getMatchedTenantRoles(e,s,t){if(s&&!l(e,s))return[];const o=d(e,"roles",s);return t.filter((e=>o.includes(e)))}});return s.wrapWith(N,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],m)};Q.RefreshTokenCookieName="DSR",Q.SessionTokenCookieName="DS",Q.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"},module.exports=Q;
2
2
  //# sourceMappingURL=index.cjs.js.map
package/dist/index.d.ts CHANGED
@@ -1573,16 +1573,20 @@ declare const nodeSdk: {
1573
1573
  };
1574
1574
  enchantedLink: {
1575
1575
  verify: (token: string) => Promise<SdkResponse<never>>;
1576
- signIn: (loginId: string, URI?: string, loginOptions?: _descope_core_js_sdk.LoginOptions, token?: string) => Promise<SdkResponse<_descope_core_js_sdk.EnchantedLinkResponse & {
1576
+ signIn: (loginId: string, URI?: string, args_2?: _descope_core_js_sdk.LoginOptions & {
1577
+ providerId?: string;
1578
+ }, token?: string) => Promise<SdkResponse<_descope_core_js_sdk.EnchantedLinkResponse & {
1577
1579
  refreshJwt?: string;
1578
1580
  cookies?: string[];
1579
1581
  }>>;
1580
- signUpOrIn: (loginId: string, URI?: string, signUpOptions?: {
1582
+ signUpOrIn: (loginId: string, URI?: string, args_2?: {
1581
1583
  customClaims?: Record<string, any>;
1582
1584
  templateId?: string;
1583
1585
  templateOptions?: {
1584
1586
  [x: string]: string;
1585
1587
  };
1588
+ } & {
1589
+ providerId?: string;
1586
1590
  }) => Promise<SdkResponse<_descope_core_js_sdk.EnchantedLinkResponse>>;
1587
1591
  signUp: (loginId: string, URI?: string, user?: {
1588
1592
  email?: string;
@@ -1591,12 +1595,14 @@ declare const nodeSdk: {
1591
1595
  middleName?: string;
1592
1596
  familyName?: string;
1593
1597
  phone?: string;
1594
- }, signUpOptions?: {
1598
+ }, args_3?: {
1595
1599
  customClaims?: Record<string, any>;
1596
1600
  templateId?: string;
1597
1601
  templateOptions?: {
1598
1602
  [x: string]: string;
1599
1603
  };
1604
+ } & {
1605
+ providerId?: string;
1600
1606
  }) => Promise<SdkResponse<_descope_core_js_sdk.EnchantedLinkResponse & {
1601
1607
  refreshJwt?: string;
1602
1608
  cookies?: string[];
@@ -1674,12 +1680,14 @@ declare const nodeSdk: {
1674
1680
  update: (loginId: string, token?: string) => Promise<SdkResponse<_descope_core_js_sdk.TOTPResponse>>;
1675
1681
  };
1676
1682
  notp: {
1677
- signUpOrIn: (loginId?: string, signUpOptions?: {
1683
+ signUpOrIn: (loginId?: string, args_1?: {
1678
1684
  customClaims?: Record<string, any>;
1679
1685
  templateId?: string;
1680
1686
  templateOptions?: {
1681
1687
  [x: string]: string;
1682
1688
  };
1689
+ } & {
1690
+ providerId?: string;
1683
1691
  }) => Promise<SdkResponse<{
1684
1692
  pendingRef: string;
1685
1693
  redirectUrl: string;
@@ -1692,18 +1700,22 @@ declare const nodeSdk: {
1692
1700
  middleName?: string;
1693
1701
  familyName?: string;
1694
1702
  phone?: string;
1695
- }, signUpOptions?: {
1703
+ }, args_2?: {
1696
1704
  customClaims?: Record<string, any>;
1697
1705
  templateId?: string;
1698
1706
  templateOptions?: {
1699
1707
  [x: string]: string;
1700
1708
  };
1709
+ } & {
1710
+ providerId?: string;
1701
1711
  }) => Promise<SdkResponse<{
1702
1712
  pendingRef: string;
1703
1713
  redirectUrl: string;
1704
1714
  image: string;
1705
1715
  }>>;
1706
- signIn: (loginId?: string, loginOptions?: _descope_core_js_sdk.LoginOptions, token?: string) => Promise<SdkResponse<{
1716
+ signIn: (loginId?: string, args_1?: _descope_core_js_sdk.LoginOptions & {
1717
+ providerId?: string;
1718
+ }, token?: string) => Promise<SdkResponse<{
1707
1719
  pendingRef: string;
1708
1720
  redirectUrl: string;
1709
1721
  image: string;
@@ -1760,14 +1772,18 @@ declare const nodeSdk: {
1760
1772
  middleName?: string;
1761
1773
  familyName?: string;
1762
1774
  phone?: string;
1763
- }, signUpOptions?: {
1775
+ }, args_3?: {
1764
1776
  customClaims?: Record<string, any>;
1765
1777
  templateId?: string;
1766
1778
  templateOptions?: {
1767
1779
  [x: string]: string;
1768
1780
  };
1781
+ } & {
1782
+ providerId?: string;
1783
+ }) => Promise<SdkResponse<JWTResponse>>;
1784
+ signIn: (loginId: string, password: string, args_2?: _descope_core_js_sdk.LoginOptions & {
1785
+ providerId?: string;
1769
1786
  }) => Promise<SdkResponse<JWTResponse>>;
1770
- signIn: (loginId: string, password: string, loginOptions?: _descope_core_js_sdk.LoginOptions) => Promise<SdkResponse<JWTResponse>>;
1771
1787
  sendReset: (loginId: string, redirectUrl?: string, templateOptions?: {
1772
1788
  [x: string]: string;
1773
1789
  }) => Promise<SdkResponse<{
package/dist/index.esm.js CHANGED
@@ -1,2 +1,2 @@
1
- import{__rest as e}from"tslib";import t,{transformResponse as s,createHttpClient as a,wrapWith as o}from"@descope/core-js-sdk";import{jwtVerify as r,errors as n,importJWK as i}from"jose";import{Headers as d,fetch as l}from"cross-fetch";var p;null!==(p=globalThis.Headers)&&void 0!==p||(globalThis.Headers=d);const m=(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),l(...e)),c=(e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|[;,]\\s*)${t}=([^;]*)`));return s?s[1]:null},u=t=>async(...s)=>{var a,o,r;const n=await t(...s);if(!n.data)return n;let i=n.data,{refreshJwt:d}=i,l=e(i,["refreshJwt"]);const p=[];var m;return d?p.push(`${"DSR"}=${d}; Domain=${(null==(m=l)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=n.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(d=c(null===(o=n.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(r=n.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},n),{data:Object.assign(Object.assign({},n.data),{refreshJwt:d,cookies:p})})};function g(e,t,s){var a,o;const r=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(r)?r:[]}function v(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var h={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",patchBatch:"/v1/mgmt/user/patch/batch",delete:"/v1/mgmt/user/delete",deleteBatch:"/v1/mgmt/user/delete/batch",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",generateSignUpEmbeddedLink:"/v1/mgmt/user/signup/embeddedlink",history:"/v1/mgmt/user/history"},f={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},b={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},y={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate"},I={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},k={create:"/v1/mgmt/thirdparty/app/create",update:"/v1/mgmt/thirdparty/app/update",patch:"/v1/mgmt/thirdparty/app/patch",delete:"/v1/mgmt/thirdparty/app/delete",load:"/v1/mgmt/thirdparty/app/load",loadAll:"/v1/mgmt/thirdparty/apps/load",secret:"/v1/mgmt/thirdparty/app/secret",rotate:"/v1/mgmt/thirdparty/app/rotate"},A={delete:"/v1/mgmt/thirdparty/consents/delete",search:"/v1/mgmt/thirdparty/consents/search"},S={create:"/v1/mgmt/outbound/app/create",update:"/v1/mgmt/outbound/app/update",delete:"/v1/mgmt/outbound/app/delete",load:"/v1/mgmt/outbound/app",loadAll:"/v1/mgmt/outbound/apps",fetchToken:"/v1/mgmt/outbound/app/user/token/latest",fetchTokenByScopes:"/v1/mgmt/outbound/app/user/token",fetchTenantToken:"/v1/mgmt/outbound/app/tenant/token/latest",fetchTenantTokenByScopes:"/v1/mgmt/outbound/app/tenant/token"},O={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},w={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous",clientAssertion:"/v1/mgmt/token/clientassertion"},T={settings:"/v1/mgmt/password/settings"},j={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},N={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},R={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import",run:"/v1/mgmt/flow/run"},P={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},E={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},M={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},U={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},x={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save"};function D(t){return t.map((t=>{var{roles:s}=t,a=e(t,["roles"]);return Object.assign(Object.assign({},a),{roleNames:s})}))}const L=e=>{function t(e,t){const s={loginId:e};return void 0!==t.email&&(s.email=t.email),void 0!==t.phone&&(s.phone=t.phone),void 0!==t.displayName&&(s.displayName=t.displayName),void 0!==t.givenName&&(s.givenName=t.givenName),void 0!==t.middleName&&(s.middleName=t.middleName),void 0!==t.familyName&&(s.familyName=t.familyName),void 0!==t.roles&&(s.roleNames=t.roles),void 0!==t.userTenants&&(s.userTenants=t.userTenants),void 0!==t.customAttributes&&(s.customAttributes=t.customAttributes),void 0!==t.picture&&(s.picture=t.picture),void 0!==t.verifiedEmail&&(s.verifiedEmail=t.verifiedEmail),void 0!==t.verifiedPhone&&(s.verifiedPhone=t.verifiedPhone),void 0!==t.ssoAppIds&&(s.ssoAppIds=t.ssoAppIds),void 0!==t.scim&&(s.scim=t.scim),void 0!==t.status&&(s.status=t.status),s}return{create:function(t,a,o,r,n,i,d,l,p,m,c,u,g,v){const f="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:n,userTenants:i,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.post(h.create,f),(e=>e.user))},createTestUser:function(t,a,o,r,n,i,d,l,p,m,c,u,g,v){const f="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:n,userTenants:i,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v,test:!0}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0,test:!0});return s(e.post(h.createTestUser,f),(e=>e.user))},invite:function(t,a,o,r,n,i,d,l,p,m,c,u,g,v,f,b,y,I){const k="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:v,middleName:f,familyName:b,roleNames:n,userTenants:i,invite:!0,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,inviteUrl:c,sendMail:u,sendSMS:g,additionalLoginIds:y,templateId:I}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0,invite:!0});return s(e.post(h.create,k),(e=>e.user))},inviteBatch:(t,a,o,r,n,i)=>s(e.post(h.createBatch,{users:D(t),invite:!0,inviteUrl:a,sendMail:o,sendSMS:r,templateOptions:n,templateId:i}),(e=>e)),createBatch:t=>s(e.post(h.createBatch,{users:D(t)}),(e=>e)),deleteBatch:t=>s(e.post(h.deleteBatch,{userIds:t})),update:function(t,a,o,r,n,i,d,l,p,m,c,u,g,v){const f="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:n,userTenants:i,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.post(h.update,f),(e=>e.user))},patch:function(a,o){const r=t(a,o);return s(e.patch(h.patch,r),(e=>e.user))},patchBatch:function(a){const o={users:a.map((e=>t(e.loginId,e)))};return s(e.patch(h.patchBatch,o),(e=>e))},delete:t=>s(e.post(h.delete,{loginId:t})),deleteByUserId:t=>s(e.post(h.delete,{userId:t})),deleteAllTestUsers:()=>s(e.delete(h.deleteAllTestUsers)),load:t=>s(e.get(h.load,{queryParams:{loginId:t}}),(e=>e.user)),loadByUserId:t=>s(e.get(h.load,{queryParams:{userId:t}}),(e=>e.user)),logoutUser:t=>s(e.post(h.logout,{loginId:t})),logoutUserByUserId:t=>s(e.post(h.logout,{userId:t})),searchAll:(t,a,o,r,n,i,d,l,p,m)=>s(e.post(h.search,{tenantIds:t,roleNames:a,limit:o,page:r,testUsersOnly:n,withTestUser:i,customAttributes:d,statuses:l,emails:p,phones:m}),(e=>e.users)),searchTestUsers:t=>s(e.post(h.searchTestUsers,Object.assign(Object.assign({},t),{withTestUser:!0,testUsersOnly:!0,roleNames:t.roles,roles:void 0})),(e=>e.users)),search:t=>s(e.post(h.search,Object.assign(Object.assign({},t),{roleNames:t.roles,roles:void 0})),(e=>e.users)),getProviderToken:(t,a,o)=>s(e.get(h.getProviderToken,{queryParams:{loginId:t,provider:a,withRefreshToken:(null==o?void 0:o.withRefreshToken)?"true":"false",forceRefresh:(null==o?void 0:o.forceRefresh)?"true":"false"}}),(e=>e)),activate:t=>s(e.post(h.updateStatus,{loginId:t,status:"enabled"}),(e=>e.user)),deactivate:t=>s(e.post(h.updateStatus,{loginId:t,status:"disabled"}),(e=>e.user)),updateLoginId:(t,a)=>s(e.post(h.updateLoginId,{loginId:t,newLoginId:a}),(e=>e.user)),updateEmail:(t,a,o)=>s(e.post(h.updateEmail,{loginId:t,email:a,verified:o}),(e=>e.user)),updatePhone:(t,a,o)=>s(e.post(h.updatePhone,{loginId:t,phone:a,verified:o}),(e=>e.user)),updateDisplayName:(t,a,o,r,n)=>s(e.post(h.updateDisplayName,{loginId:t,displayName:a,givenName:o,middleName:r,familyName:n}),(e=>e.user)),updatePicture:(t,a)=>s(e.post(h.updatePicture,{loginId:t,picture:a}),(e=>e.user)),updateCustomAttribute:(t,a,o)=>s(e.post(h.updateCustomAttribute,{loginId:t,attributeKey:a,attributeValue:o}),(e=>e.user)),setRoles:(t,a)=>s(e.post(h.setRole,{loginId:t,roleNames:a}),(e=>e.user)),addRoles:(t,a)=>s(e.post(h.addRole,{loginId:t,roleNames:a}),(e=>e.user)),removeRoles:(t,a)=>s(e.post(h.removeRole,{loginId:t,roleNames:a}),(e=>e.user)),addTenant:(t,a)=>s(e.post(h.addTenant,{loginId:t,tenantId:a}),(e=>e.user)),removeTenant:(t,a)=>s(e.post(h.removeTenant,{loginId:t,tenantId:a}),(e=>e.user)),setTenantRoles:(t,a,o)=>s(e.post(h.setRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),addTenantRoles:(t,a,o)=>s(e.post(h.addRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),removeTenantRoles:(t,a,o)=>s(e.post(h.removeRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),addSSOapps:(t,a)=>s(e.post(h.addSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),setSSOapps:(t,a)=>s(e.post(h.setSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),removeSSOapps:(t,a)=>s(e.post(h.removeSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),generateOTPForTestUser:(t,a,o)=>s(e.post(h.generateOTPForTest,{deliveryMethod:t,loginId:a,loginOptions:o}),(e=>e)),generateMagicLinkForTestUser:(t,a,o,r)=>s(e.post(h.generateMagicLinkForTest,{deliveryMethod:t,loginId:a,URI:o,loginOptions:r}),(e=>e)),generateEnchantedLinkForTestUser:(t,a,o)=>s(e.post(h.generateEnchantedLinkForTest,{loginId:t,URI:a,loginOptions:o}),(e=>e)),generateEmbeddedLink:(t,a,o)=>s(e.post(h.generateEmbeddedLink,{loginId:t,customClaims:a,timeout:o}),(e=>e)),generateSignUpEmbeddedLink:(t,a,o,r,n,i)=>s(e.post(h.generateSignUpEmbeddedLink,{loginId:t,user:a,emailVerified:o,phoneVerified:r,loginOptions:n,timeout:i}),(e=>e)),setTemporaryPassword:(t,a)=>s(e.post(h.setTemporaryPassword,{loginId:t,password:a}),(e=>e)),setActivePassword:(t,a)=>s(e.post(h.setActivePassword,{loginId:t,password:a}),(e=>e)),setPassword:(t,a)=>s(e.post(h.setPassword,{loginId:t,password:a}),(e=>e)),expirePassword:t=>s(e.post(h.expirePassword,{loginId:t}),(e=>e)),removeAllPasskeys:t=>s(e.post(h.removeAllPasskeys,{loginId:t}),(e=>e)),removeTOTPSeed:t=>s(e.post(h.removeTOTPSeed,{loginId:t}),(e=>e)),history:t=>s(e.post(h.history,t),(e=>e))}},C=e=>({create:(t,a,o,r,n)=>s(e.post(y.create,{name:t,selfProvisioningDomains:a,customAttributes:o,enforceSSO:r,disabled:n})),createWithId:(t,a,o,r,n,i)=>s(e.post(y.create,{id:t,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:n,disabled:i})),update:(t,a,o,r,n,i)=>s(e.post(y.update,{id:t,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:n,disabled:i})),delete:(t,a)=>s(e.post(y.delete,{id:t,cascade:a})),load:t=>s(e.get(y.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s(e.get(y.loadAll,{}),(e=>e.tenants)),searchAll:(t,a,o,r)=>s(e.post(y.searchAll,{tenantIds:t,tenantNames:a,tenantSelfProvisioningDomains:o,customAttributes:r}),(e=>e.tenants)),getSettings:t=>s(e.get(y.settings,{queryParams:{id:t}}),(e=>e)),configureSettings:(t,a)=>s(e.post(y.settings,Object.assign(Object.assign({},a),{tenantId:t}),{})),generateSSOConfigurationLink:(t,a,o,r,n)=>s(e.post(y.generateSSOConfigurationLink,{tenantId:t,expireTime:a,ssoId:o,email:r,templateId:n},{}),(e=>e))}),F=e=>({update:(t,a,o)=>s(e.post(w.update,{jwt:t,customClaims:a,refreshDuration:o})),impersonate:(t,a,o,r,n,i)=>s(e.post(w.impersonate,{impersonatorId:t,loginId:a,validateConsent:o,customClaims:r,selectedTenant:n,refreshDuration:i})),stopImpersonation:(t,a,o,r)=>s(e.post(w.stopImpersonation,{jwt:t,customClaims:a,selectedTenant:o,refreshDuration:r})),signIn:(t,a)=>s(e.post(w.signIn,Object.assign({loginId:t},a))),signUp:(t,a,o)=>s(e.post(w.signUp,Object.assign({loginId:t,user:a},o))),signUpOrIn:(t,a,o)=>s(e.post(w.signUpOrIn,Object.assign({loginId:t,user:a},o))),anonymous:(t,a,o)=>s(e.post(w.anonymous,{customClaims:t,selectedTenant:a,refreshDuration:o})),generateClientAssertionJwt:(t,a,o,r,n)=>s(e.post(w.clientAssertion,{issuer:t,subject:a,audience:o,expiresIn:r,flattenAudience:n}))}),q=e=>({create:(t,a)=>s(e.post(j.create,{name:t,description:a})),update:(t,a,o)=>s(e.post(j.update,{name:t,newName:a,description:o})),delete:t=>s(e.post(j.delete,{name:t})),loadAll:()=>s(e.get(j.loadAll,{}),(e=>e.permissions))}),B=e=>({create:(t,a,o,r,n)=>s(e.post(N.create,{name:t,description:a,permissionNames:o,tenantId:r,default:n})),update:(t,a,o,r,n,i)=>s(e.post(N.update,{name:t,newName:a,description:o,permissionNames:r,tenantId:n,default:i})),delete:(t,a)=>s(e.post(N.delete,{name:t,tenantId:a})),loadAll:()=>s(e.get(N.loadAll,{}),(e=>e.roles)),search:t=>s(e.post(N.search,t,{}),(e=>e.roles))}),z=e=>({loadAllGroups:t=>s(e.post(E.loadAllGroups,{tenantId:t})),loadAllGroupsForMember:(t,a,o)=>s(e.post(E.loadAllGroupsForMember,{tenantId:t,loginIds:o,userIds:a})),loadAllGroupMembers:(t,a)=>s(e.post(E.loadAllGroupMembers,{tenantId:t,groupId:a}))});function $(e){var t,s;const a=e;return a.oidc&&(a.oidc=Object.assign(Object.assign({},a.oidc),{attributeMapping:a.oidc.userAttrMapping}),delete a.oidc.userAttrMapping),(null===(t=a.saml)||void 0===t?void 0:t.groupsMapping)&&(a.saml.groupsMapping=null===(s=a.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),a}const J=e=>({getSettings:t=>s(e.get(O.settings,{queryParams:{tenantId:t}}),(e=>e)),newSettings:(t,a,o)=>s(e.post(O.settingsNew,Object.assign(Object.assign({tenantId:t},a?{ssoId:a}:{}),{displayName:o})),(e=>$(e))),deleteSettings:(t,a)=>s(e.delete(O.settings,{queryParams:Object.assign({tenantId:t},a?{ssoId:a}:{})})),configureSettings:(t,a,o,r,n,i)=>s(e.post(O.settings,{tenantId:t,idpURL:a,entityId:r,idpCert:o,redirectURL:n,domains:i})),configureMetadata:(t,a,o,r)=>s(e.post(O.metadata,{tenantId:t,idpMetadataURL:a,redirectURL:o,domains:r})),configureMapping:(t,a,o)=>s(e.post(O.mapping,{tenantId:t,roleMappings:a,attributeMapping:o})),configureOIDCSettings:(t,a,o,r)=>{const n=Object.assign(Object.assign({},a),{userAttrMapping:a.attributeMapping});return delete n.attributeMapping,s(e.post(O.oidc.configure,Object.assign({tenantId:t,settings:n,domains:o},r?{ssoId:r}:{})))},configureSAMLSettings:(t,a,o,r,n)=>s(e.post(O.saml.configure,Object.assign({tenantId:t,settings:a,redirectUrl:o,domains:r},n?{ssoId:n}:{}))),configureSAMLByMetadata:(t,a,o,r,n)=>s(e.post(O.saml.metadata,Object.assign({tenantId:t,settings:a,redirectUrl:o,domains:r},n?{ssoId:n}:{}))),loadSettings:(t,a)=>s(e.get(O.settingsv2,{queryParams:Object.assign({tenantId:t},a?{ssoId:a}:{})}),(e=>$(e))),loadAllSettings:t=>s(e.get(O.settingsAllV2,{queryParams:{tenantId:t}}),(e=>function(e){const t=e.SSOSettings,s=[];return t.forEach((e=>s.push($(e)))),s}(e)))}),K=e=>({create:(t,a,o,r,n,i,d,l)=>s(e.post(b.create,{name:t,expireTime:a,roleNames:o,keyTenants:r,userId:n,customClaims:i,description:d,permittedIps:l})),load:t=>s(e.get(b.load,{queryParams:{id:t}}),(e=>e.key)),searchAll:t=>s(e.post(b.search,{tenantIds:t}),(e=>e.keys)),update:(t,a,o,r,n,i,d)=>s(e.post(b.update,{id:t,name:a,description:o,roleNames:r,keyTenants:n,customClaims:i,permittedIps:d}),(e=>e.key)),deactivate:t=>s(e.post(b.deactivate,{id:t})),activate:t=>s(e.post(b.activate,{id:t})),delete:t=>s(e.post(b.delete,{id:t}))}),G=e=>({list:()=>s(e.post(R.list,{})),delete:t=>s(e.post(R.delete,{ids:t})),export:t=>s(e.post(R.export,{flowId:t})),import:(t,a,o)=>s(e.post(R.import,{flowId:t,flow:a,screens:o})),run:(t,a)=>s(e.post(R.run,{flowId:t,options:a}),(e=>null==e?void 0:e.output))}),H=e=>({export:()=>s(e.post(P.export,{})),import:t=>s(e.post(P.import,{theme:t}))}),W=e=>({search:t=>{const a=Object.assign(Object.assign({},t),{externalIds:t.loginIds});return delete a.loginIds,s(e.post(M.search,a),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))},createEvent:t=>{const a=Object.assign({},t);return s(e.post(M.createEvent,a))}}),V=e=>({saveSchema:(t,a)=>s(e.post(U.schemaSave,{schema:t,upgrade:a})),deleteSchema:()=>s(e.post(U.schemaDelete,{})),loadSchema:()=>s(e.post(U.schemaLoad,{}),(e=>e.schema)),saveNamespace:(t,a,o)=>s(e.post(U.nsSave,{namespace:t,oldName:a,schemaName:o})),deleteNamespace:(t,a)=>s(e.post(U.nsDelete,{name:t,schemaName:a})),saveRelationDefinition:(t,a,o,r)=>s(e.post(U.rdSave,{relationDefinition:t,namespace:a,oldName:o,schemaName:r})),deleteRelationDefinition:(t,a,o)=>s(e.post(U.rdDelete,{name:t,namespace:a,schemaName:o})),createRelations:t=>s(e.post(U.reCreate,{relations:t})),deleteRelations:t=>s(e.post(U.reDelete,{relations:t})),deleteRelationsForResources:t=>s(e.post(U.reDeleteResources,{resources:t})),deleteResourceRelationsForResources:t=>s(e.post(U.reDeleteResourceRelationsForResources,{resources:t})),deleteRelationsForIds:t=>s(e.post(U.reDeleteResources,{resources:t})),hasRelations:t=>s(e.post(U.hasRelations,{relationQueries:t}),(e=>e.relationQueries)),whoCanAccess:(t,a,o)=>s(e.post(U.who,{resource:t,relationDefinition:a,namespace:o}),(e=>e.targets)),resourceRelations:(t,a=!1)=>s(e.post(U.resource,{resource:t,ignoreTargetSetRelations:a}),(e=>e.relations)),targetsRelations:(t,a=!1)=>s(e.post(U.targets,{targets:t,includeTargetSetRelations:a}),(e=>e.relations)),whatCanTargetAccess:t=>s(e.post(U.targetAll,{target:t}),(e=>e.relations)),whatCanTargetAccessWithRelation:(t,a,o)=>s(e.post(U.targetWithRelation,{target:t,relationDefinition:a,namespace:o}),(e=>e.resources.map((e=>({resource:e}))))),getModified:t=>s(e.post(U.getModified,{since:t?t.getTime():0}),(e=>e))}),Q=e=>({createOidcApplication:t=>{var a;return s(e.post(I.oidcCreate,Object.assign(Object.assign({},t),{enabled:null===(a=t.enabled)||void 0===a||a})))},createSamlApplication:t=>{var a;return s(e.post(I.samlCreate,Object.assign(Object.assign({},t),{enabled:null===(a=t.enabled)||void 0===a||a})))},updateOidcApplication:t=>s(e.post(I.oidcUpdate,Object.assign({},t))),updateSamlApplication:t=>s(e.post(I.samlUpdate,Object.assign({},t))),delete:t=>s(e.post(I.delete,{id:t})),load:t=>s(e.get(I.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s(e.get(I.loadAll,{}),(e=>e.apps))}),_=e=>({getSettings:t=>s(e.get(T.settings,{queryParams:{tenantId:t}}),(e=>e)),configureSettings:(t,a)=>s(e.post(T.settings,Object.assign(Object.assign({},a),{tenantId:t})))}),X=e=>({saveSchema:t=>s(e.post(x.schema,t)),deleteSchema:()=>s(e.post(U.schemaDelete,{})),createRelations:t=>s(e.post(x.relations,{tuples:t})),deleteRelations:t=>s(e.post(x.deleteRelations,{tuples:t})),check:t=>s(e.post(x.check,{tuples:t}),(e=>e.tuples)),loadResourcesDetails:t=>s(e.post(x.resourcesLoad,{resourceIdentifiers:t}),(e=>e.resourcesDetails)),saveResourcesDetails:t=>s(e.post(x.resourcesSave,{resourcesDetails:t})),deleteAllRelations:()=>s(e.delete(x.relations))}),Y=e=>({createApplication:t=>s(e.post(k.create,Object.assign({},t))),updateApplication:t=>s(e.post(k.update,Object.assign({},t))),patchApplication:t=>s(e.post(k.patch,Object.assign({},t))),deleteApplication:t=>s(e.post(k.delete,{id:t})),loadApplication:t=>s(e.get(k.load,{queryParams:{id:t}}),(e=>e)),loadAllApplications:()=>s(e.get(k.loadAll,{}),(e=>e.apps)),getApplicationSecret:t=>s(e.get(k.secret,{queryParams:{id:t}}),(e=>e)),rotateApplicationSecret:t=>s(e.post(k.rotate,{id:t})),searchConsents:t=>s(e.post(A.search,Object.assign({},t)),(e=>e.consents)),deleteConsents:t=>s(e.post(A.delete,Object.assign({},t)))}),Z=e=>({createApplication:t=>s(e.post(S.create,Object.assign({},t)),(e=>e.app)),updateApplication:t=>s(e.post(S.update,{app:t}),(e=>e.app)),deleteApplication:t=>s(e.post(S.delete,{id:t})),loadApplication:t=>s(e.get(`${S.load}/${t}`),(e=>e.app)),loadAllApplications:()=>s(e.get(S.loadAll,{}),(e=>e.apps)),fetchTokenByScopes:(t,a,o,r,n)=>s(e.post(S.fetchTokenByScopes,{appId:t,userId:a,scopes:o,options:r,tenantId:n}),(e=>e.token)),fetchToken:(t,a,o,r)=>s(e.post(S.fetchToken,{appId:t,userId:a,tenantId:o,options:r}),(e=>e.token)),fetchTenantTokenByScopes:(t,a,o,r)=>s(e.post(S.fetchTenantTokenByScopes,{appId:t,tenantId:a,scopes:o,options:r}),(e=>e.token)),fetchTenantToken:(t,a,o)=>s(e.post(S.fetchTenantToken,{appId:t,tenantId:a,options:o}),(e=>e.token))});const ee=d=>{var l,p,h,{authManagementKey:b,managementKey:y,publicKey:I}=d,k=e(d,["authManagementKey","managementKey","publicKey"]);const A={"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(l=null===process||void 0===process?void 0:process.versions)||void 0===l?void 0:l.node)||"","x-descope-sdk-version":"1.7.16"},S=Object.assign(Object.assign({fetch:m},k),{baseHeaders:Object.assign(Object.assign({},k.baseHeaders),A),hooks:Object.assign(Object.assign({},k.hooks),{beforeRequest:[e=>(b&&(e.token=e.token?`${e.token}:${b}`:b),e)].concat((null===(p=k.hooks)||void 0===p?void 0:p.beforeRequest)||[])})}),O=t(S),{projectId:w,logger:T}=k,j={},N=Object.assign(Object.assign({fetch:m},k),{baseConfig:{baseHeaders:Object.assign(Object.assign({},k.baseHeaders),A)},hooks:Object.assign(Object.assign({},k.hooks),{beforeRequest:[e=>(e.token=y,e)].concat((null===(h=k.hooks)||void 0===h?void 0:h.beforeRequest)||[])})}),R=a(N),P={user:L(E=R),project:(M=E,{updateName:e=>s(M.post(f.updateName,{name:e})),updateTags:e=>s(M.post(f.updateTags,{tags:e})),clone:(e,t,a)=>s(M.post(f.clone,{name:e,environment:t,tags:a})),listProjects:async()=>s(M.post(f.projectsList,{}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:a})=>({id:e,name:t,environment:s,tags:a}))))),exportSnapshot:()=>s(M.post(f.exportSnapshot,{})),importSnapshot:e=>s(M.post(f.importSnapshot,e)),validateSnapshot:e=>s(M.post(f.validateSnapshot,e)),export:()=>s(M.post(f.exportSnapshot,{}),(e=>e.files)),import:e=>s(M.post(f.importSnapshot,{files:e}))}),accessKey:K(E),tenant:C(E),ssoApplication:Q(E),inboundApplication:Y(E),outboundApplication:Z(E),sso:J(E),jwt:F(E),permission:q(E),password:_(E),role:B(E),group:z(E),flow:G(E),theme:H(E),audit:W(E),authz:V(E),fga:X(E)};var E,M;const U=Object.assign(Object.assign({},O),{refresh:async(e,t)=>O.refresh(e,void 0,t),management:P,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(j[e.kid])return j[e.kid];if(Object.assign(j,await(async()=>{if(I)try{const e=JSON.parse(I),t=await i(e);return{[e.kid]:t}}catch(e){throw null==T||T.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await O.httpClient.get(`v2/keys/${w}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await i(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!j[e.kid])throw Error("failed to fetch matching key");return j[e.kid]},async validateJwt(e,t){var s;const a={clockTolerance:5};(null==t?void 0:t.audience)&&(a.audience=t.audience);const o=(await r(e,U.getKey,a)).payload;if(o&&(o.iss=null===(s=o.iss)||void 0===s?void 0:s.split("/").pop(),o.iss!==w))throw new n.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:o}},async validateSession(e,t){if(!e)throw Error("session token is required for validation");try{return await U.validateJwt(e,t)}catch(e){throw null==T||T.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e,t){var s,a,o,r,n,i;if(!e)throw Error("refresh token is required to refresh a session");try{await U.validateJwt(e);const d=await U.refresh(e);if(d.ok){const e=c(null===(a=null===(s=d.data)||void 0===s?void 0:s.cookies)||void 0===a?void 0:a.join(";"),"DS")||(null===(o=d.data)||void 0===o?void 0:o.sessionJwt),i=await U.validateJwt(e,t);return i.cookies=(null===(r=d.data)||void 0===r?void 0:r.cookies)||[],(null===(n=d.data)||void 0===n?void 0:n.refreshJwt)&&(i.refreshJwt=d.data.refreshJwt),i}throw Error(null===(i=d.error)||void 0===i?void 0:i.errorMessage)}catch(e){throw null==T||T.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t,s){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await U.validateSession(e,s)}catch(e){null==T||T.log(`session validation failed with error ${e} - trying to refresh it`)}return U.refreshSession(t,s)},async exchangeAccessKey(e,t,s){var a;if(!e)throw Error("access key must not be empty");let o;try{o=await U.accessKey.exchange(e,t)}catch(e){throw null==T||T.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!o.ok)throw null==T||T.error("failed to exchange access key",o.error),Error(`could not exchange access key - ${null===(a=o.error)||void 0===a?void 0:a.errorMessage}`);const{sessionJwt:r}=o.data;if(!r)throw null==T||T.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await U.validateJwt(r,s)}catch(e){throw null==T||T.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>U.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>U.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!v(e,t))return!1;const a=g(e,"permissions",t);return s.every((e=>a.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!v(e,t))return[];const a=g(e,"permissions",t);return s.filter((e=>a.includes(e)))},validateRoles:(e,t)=>U.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>U.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!v(e,t))return!1;const a=g(e,"roles",t);return s.every((e=>a.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!v(e,t))return[];const a=g(e,"roles",t);return s.filter((e=>a.includes(e)))}});return o(U,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],u)};ee.RefreshTokenCookieName="DSR",ee.SessionTokenCookieName="DS",ee.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"};export{ee as default};
1
+ import{__rest as e}from"tslib";import t,{transformResponse as s,createHttpClient as a,wrapWith as o}from"@descope/core-js-sdk";import{jwtVerify as r,errors as n,importJWK as i}from"jose";import{Headers as d,fetch as l}from"cross-fetch";var p;null!==(p=globalThis.Headers)&&void 0!==p||(globalThis.Headers=d);const m=(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),l(...e)),c=(e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|[;,]\\s*)${t}=([^;]*)`));return s?s[1]:null},u=t=>async(...s)=>{var a,o,r;const n=await t(...s);if(!n.data)return n;let i=n.data,{refreshJwt:d}=i,l=e(i,["refreshJwt"]);const p=[];var m;return d?p.push(`${"DSR"}=${d}; Domain=${(null==(m=l)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=n.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(d=c(null===(o=n.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(r=n.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},n),{data:Object.assign(Object.assign({},n.data),{refreshJwt:d,cookies:p})})};function g(e,t,s){var a,o;const r=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(r)?r:[]}function v(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var h={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",patchBatch:"/v1/mgmt/user/patch/batch",delete:"/v1/mgmt/user/delete",deleteBatch:"/v1/mgmt/user/delete/batch",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",generateSignUpEmbeddedLink:"/v1/mgmt/user/signup/embeddedlink",history:"/v1/mgmt/user/history"},f={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},b={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},y={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate"},I={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},k={create:"/v1/mgmt/thirdparty/app/create",update:"/v1/mgmt/thirdparty/app/update",patch:"/v1/mgmt/thirdparty/app/patch",delete:"/v1/mgmt/thirdparty/app/delete",load:"/v1/mgmt/thirdparty/app/load",loadAll:"/v1/mgmt/thirdparty/apps/load",secret:"/v1/mgmt/thirdparty/app/secret",rotate:"/v1/mgmt/thirdparty/app/rotate"},A={delete:"/v1/mgmt/thirdparty/consents/delete",search:"/v1/mgmt/thirdparty/consents/search"},S={create:"/v1/mgmt/outbound/app/create",update:"/v1/mgmt/outbound/app/update",delete:"/v1/mgmt/outbound/app/delete",load:"/v1/mgmt/outbound/app",loadAll:"/v1/mgmt/outbound/apps",fetchToken:"/v1/mgmt/outbound/app/user/token/latest",fetchTokenByScopes:"/v1/mgmt/outbound/app/user/token",fetchTenantToken:"/v1/mgmt/outbound/app/tenant/token/latest",fetchTenantTokenByScopes:"/v1/mgmt/outbound/app/tenant/token"},O={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},w={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous",clientAssertion:"/v1/mgmt/token/clientassertion"},T={settings:"/v1/mgmt/password/settings"},j={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},N={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},R={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import",run:"/v1/mgmt/flow/run"},P={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},E={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},M={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},U={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},x={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save"};function D(t){return t.map((t=>{var{roles:s}=t,a=e(t,["roles"]);return Object.assign(Object.assign({},a),{roleNames:s})}))}const L=e=>{function t(e,t){const s={loginId:e};return void 0!==t.email&&(s.email=t.email),void 0!==t.phone&&(s.phone=t.phone),void 0!==t.displayName&&(s.displayName=t.displayName),void 0!==t.givenName&&(s.givenName=t.givenName),void 0!==t.middleName&&(s.middleName=t.middleName),void 0!==t.familyName&&(s.familyName=t.familyName),void 0!==t.roles&&(s.roleNames=t.roles),void 0!==t.userTenants&&(s.userTenants=t.userTenants),void 0!==t.customAttributes&&(s.customAttributes=t.customAttributes),void 0!==t.picture&&(s.picture=t.picture),void 0!==t.verifiedEmail&&(s.verifiedEmail=t.verifiedEmail),void 0!==t.verifiedPhone&&(s.verifiedPhone=t.verifiedPhone),void 0!==t.ssoAppIds&&(s.ssoAppIds=t.ssoAppIds),void 0!==t.scim&&(s.scim=t.scim),void 0!==t.status&&(s.status=t.status),s}return{create:function(t,a,o,r,n,i,d,l,p,m,c,u,g,v){const f="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:n,userTenants:i,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.post(h.create,f),(e=>e.user))},createTestUser:function(t,a,o,r,n,i,d,l,p,m,c,u,g,v){const f="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:n,userTenants:i,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v,test:!0}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0,test:!0});return s(e.post(h.createTestUser,f),(e=>e.user))},invite:function(t,a,o,r,n,i,d,l,p,m,c,u,g,v,f,b,y,I){const k="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:v,middleName:f,familyName:b,roleNames:n,userTenants:i,invite:!0,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,inviteUrl:c,sendMail:u,sendSMS:g,additionalLoginIds:y,templateId:I}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0,invite:!0});return s(e.post(h.create,k),(e=>e.user))},inviteBatch:(t,a,o,r,n,i)=>s(e.post(h.createBatch,{users:D(t),invite:!0,inviteUrl:a,sendMail:o,sendSMS:r,templateOptions:n,templateId:i}),(e=>e)),createBatch:t=>s(e.post(h.createBatch,{users:D(t)}),(e=>e)),deleteBatch:t=>s(e.post(h.deleteBatch,{userIds:t})),update:function(t,a,o,r,n,i,d,l,p,m,c,u,g,v){const f="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:n,userTenants:i,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.post(h.update,f),(e=>e.user))},patch:function(a,o){const r=t(a,o);return s(e.patch(h.patch,r),(e=>e.user))},patchBatch:function(a){const o={users:a.map((e=>t(e.loginId,e)))};return s(e.patch(h.patchBatch,o),(e=>e))},delete:t=>s(e.post(h.delete,{loginId:t})),deleteByUserId:t=>s(e.post(h.delete,{userId:t})),deleteAllTestUsers:()=>s(e.delete(h.deleteAllTestUsers)),load:t=>s(e.get(h.load,{queryParams:{loginId:t}}),(e=>e.user)),loadByUserId:t=>s(e.get(h.load,{queryParams:{userId:t}}),(e=>e.user)),logoutUser:t=>s(e.post(h.logout,{loginId:t})),logoutUserByUserId:t=>s(e.post(h.logout,{userId:t})),searchAll:(t,a,o,r,n,i,d,l,p,m)=>s(e.post(h.search,{tenantIds:t,roleNames:a,limit:o,page:r,testUsersOnly:n,withTestUser:i,customAttributes:d,statuses:l,emails:p,phones:m}),(e=>e.users)),searchTestUsers:t=>s(e.post(h.searchTestUsers,Object.assign(Object.assign({},t),{withTestUser:!0,testUsersOnly:!0,roleNames:t.roles,roles:void 0})),(e=>e.users)),search:t=>s(e.post(h.search,Object.assign(Object.assign({},t),{roleNames:t.roles,roles:void 0})),(e=>e.users)),getProviderToken:(t,a,o)=>s(e.get(h.getProviderToken,{queryParams:{loginId:t,provider:a,withRefreshToken:(null==o?void 0:o.withRefreshToken)?"true":"false",forceRefresh:(null==o?void 0:o.forceRefresh)?"true":"false"}}),(e=>e)),activate:t=>s(e.post(h.updateStatus,{loginId:t,status:"enabled"}),(e=>e.user)),deactivate:t=>s(e.post(h.updateStatus,{loginId:t,status:"disabled"}),(e=>e.user)),updateLoginId:(t,a)=>s(e.post(h.updateLoginId,{loginId:t,newLoginId:a}),(e=>e.user)),updateEmail:(t,a,o)=>s(e.post(h.updateEmail,{loginId:t,email:a,verified:o}),(e=>e.user)),updatePhone:(t,a,o)=>s(e.post(h.updatePhone,{loginId:t,phone:a,verified:o}),(e=>e.user)),updateDisplayName:(t,a,o,r,n)=>s(e.post(h.updateDisplayName,{loginId:t,displayName:a,givenName:o,middleName:r,familyName:n}),(e=>e.user)),updatePicture:(t,a)=>s(e.post(h.updatePicture,{loginId:t,picture:a}),(e=>e.user)),updateCustomAttribute:(t,a,o)=>s(e.post(h.updateCustomAttribute,{loginId:t,attributeKey:a,attributeValue:o}),(e=>e.user)),setRoles:(t,a)=>s(e.post(h.setRole,{loginId:t,roleNames:a}),(e=>e.user)),addRoles:(t,a)=>s(e.post(h.addRole,{loginId:t,roleNames:a}),(e=>e.user)),removeRoles:(t,a)=>s(e.post(h.removeRole,{loginId:t,roleNames:a}),(e=>e.user)),addTenant:(t,a)=>s(e.post(h.addTenant,{loginId:t,tenantId:a}),(e=>e.user)),removeTenant:(t,a)=>s(e.post(h.removeTenant,{loginId:t,tenantId:a}),(e=>e.user)),setTenantRoles:(t,a,o)=>s(e.post(h.setRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),addTenantRoles:(t,a,o)=>s(e.post(h.addRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),removeTenantRoles:(t,a,o)=>s(e.post(h.removeRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),addSSOapps:(t,a)=>s(e.post(h.addSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),setSSOapps:(t,a)=>s(e.post(h.setSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),removeSSOapps:(t,a)=>s(e.post(h.removeSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),generateOTPForTestUser:(t,a,o)=>s(e.post(h.generateOTPForTest,{deliveryMethod:t,loginId:a,loginOptions:o}),(e=>e)),generateMagicLinkForTestUser:(t,a,o,r)=>s(e.post(h.generateMagicLinkForTest,{deliveryMethod:t,loginId:a,URI:o,loginOptions:r}),(e=>e)),generateEnchantedLinkForTestUser:(t,a,o)=>s(e.post(h.generateEnchantedLinkForTest,{loginId:t,URI:a,loginOptions:o}),(e=>e)),generateEmbeddedLink:(t,a,o)=>s(e.post(h.generateEmbeddedLink,{loginId:t,customClaims:a,timeout:o}),(e=>e)),generateSignUpEmbeddedLink:(t,a,o,r,n,i)=>s(e.post(h.generateSignUpEmbeddedLink,{loginId:t,user:a,emailVerified:o,phoneVerified:r,loginOptions:n,timeout:i}),(e=>e)),setTemporaryPassword:(t,a)=>s(e.post(h.setTemporaryPassword,{loginId:t,password:a}),(e=>e)),setActivePassword:(t,a)=>s(e.post(h.setActivePassword,{loginId:t,password:a}),(e=>e)),setPassword:(t,a)=>s(e.post(h.setPassword,{loginId:t,password:a}),(e=>e)),expirePassword:t=>s(e.post(h.expirePassword,{loginId:t}),(e=>e)),removeAllPasskeys:t=>s(e.post(h.removeAllPasskeys,{loginId:t}),(e=>e)),removeTOTPSeed:t=>s(e.post(h.removeTOTPSeed,{loginId:t}),(e=>e)),history:t=>s(e.post(h.history,t),(e=>e))}},C=e=>({create:(t,a,o,r,n)=>s(e.post(y.create,{name:t,selfProvisioningDomains:a,customAttributes:o,enforceSSO:r,disabled:n})),createWithId:(t,a,o,r,n,i)=>s(e.post(y.create,{id:t,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:n,disabled:i})),update:(t,a,o,r,n,i)=>s(e.post(y.update,{id:t,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:n,disabled:i})),delete:(t,a)=>s(e.post(y.delete,{id:t,cascade:a})),load:t=>s(e.get(y.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s(e.get(y.loadAll,{}),(e=>e.tenants)),searchAll:(t,a,o,r)=>s(e.post(y.searchAll,{tenantIds:t,tenantNames:a,tenantSelfProvisioningDomains:o,customAttributes:r}),(e=>e.tenants)),getSettings:t=>s(e.get(y.settings,{queryParams:{id:t}}),(e=>e)),configureSettings:(t,a)=>s(e.post(y.settings,Object.assign(Object.assign({},a),{tenantId:t}),{})),generateSSOConfigurationLink:(t,a,o,r,n)=>s(e.post(y.generateSSOConfigurationLink,{tenantId:t,expireTime:a,ssoId:o,email:r,templateId:n},{}),(e=>e))}),F=e=>({update:(t,a,o)=>s(e.post(w.update,{jwt:t,customClaims:a,refreshDuration:o})),impersonate:(t,a,o,r,n,i)=>s(e.post(w.impersonate,{impersonatorId:t,loginId:a,validateConsent:o,customClaims:r,selectedTenant:n,refreshDuration:i})),stopImpersonation:(t,a,o,r)=>s(e.post(w.stopImpersonation,{jwt:t,customClaims:a,selectedTenant:o,refreshDuration:r})),signIn:(t,a)=>s(e.post(w.signIn,Object.assign({loginId:t},a))),signUp:(t,a,o)=>s(e.post(w.signUp,Object.assign({loginId:t,user:a},o))),signUpOrIn:(t,a,o)=>s(e.post(w.signUpOrIn,Object.assign({loginId:t,user:a},o))),anonymous:(t,a,o)=>s(e.post(w.anonymous,{customClaims:t,selectedTenant:a,refreshDuration:o})),generateClientAssertionJwt:(t,a,o,r,n)=>s(e.post(w.clientAssertion,{issuer:t,subject:a,audience:o,expiresIn:r,flattenAudience:n}))}),q=e=>({create:(t,a)=>s(e.post(j.create,{name:t,description:a})),update:(t,a,o)=>s(e.post(j.update,{name:t,newName:a,description:o})),delete:t=>s(e.post(j.delete,{name:t})),loadAll:()=>s(e.get(j.loadAll,{}),(e=>e.permissions))}),B=e=>({create:(t,a,o,r,n)=>s(e.post(N.create,{name:t,description:a,permissionNames:o,tenantId:r,default:n})),update:(t,a,o,r,n,i)=>s(e.post(N.update,{name:t,newName:a,description:o,permissionNames:r,tenantId:n,default:i})),delete:(t,a)=>s(e.post(N.delete,{name:t,tenantId:a})),loadAll:()=>s(e.get(N.loadAll,{}),(e=>e.roles)),search:t=>s(e.post(N.search,t,{}),(e=>e.roles))}),z=e=>({loadAllGroups:t=>s(e.post(E.loadAllGroups,{tenantId:t})),loadAllGroupsForMember:(t,a,o)=>s(e.post(E.loadAllGroupsForMember,{tenantId:t,loginIds:o,userIds:a})),loadAllGroupMembers:(t,a)=>s(e.post(E.loadAllGroupMembers,{tenantId:t,groupId:a}))});function $(e){var t,s;const a=e;return a.oidc&&(a.oidc=Object.assign(Object.assign({},a.oidc),{attributeMapping:a.oidc.userAttrMapping}),delete a.oidc.userAttrMapping),(null===(t=a.saml)||void 0===t?void 0:t.groupsMapping)&&(a.saml.groupsMapping=null===(s=a.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),a}const J=e=>({getSettings:t=>s(e.get(O.settings,{queryParams:{tenantId:t}}),(e=>e)),newSettings:(t,a,o)=>s(e.post(O.settingsNew,Object.assign(Object.assign({tenantId:t},a?{ssoId:a}:{}),{displayName:o})),(e=>$(e))),deleteSettings:(t,a)=>s(e.delete(O.settings,{queryParams:Object.assign({tenantId:t},a?{ssoId:a}:{})})),configureSettings:(t,a,o,r,n,i)=>s(e.post(O.settings,{tenantId:t,idpURL:a,entityId:r,idpCert:o,redirectURL:n,domains:i})),configureMetadata:(t,a,o,r)=>s(e.post(O.metadata,{tenantId:t,idpMetadataURL:a,redirectURL:o,domains:r})),configureMapping:(t,a,o)=>s(e.post(O.mapping,{tenantId:t,roleMappings:a,attributeMapping:o})),configureOIDCSettings:(t,a,o,r)=>{const n=Object.assign(Object.assign({},a),{userAttrMapping:a.attributeMapping});return delete n.attributeMapping,s(e.post(O.oidc.configure,Object.assign({tenantId:t,settings:n,domains:o},r?{ssoId:r}:{})))},configureSAMLSettings:(t,a,o,r,n)=>s(e.post(O.saml.configure,Object.assign({tenantId:t,settings:a,redirectUrl:o,domains:r},n?{ssoId:n}:{}))),configureSAMLByMetadata:(t,a,o,r,n)=>s(e.post(O.saml.metadata,Object.assign({tenantId:t,settings:a,redirectUrl:o,domains:r},n?{ssoId:n}:{}))),loadSettings:(t,a)=>s(e.get(O.settingsv2,{queryParams:Object.assign({tenantId:t},a?{ssoId:a}:{})}),(e=>$(e))),loadAllSettings:t=>s(e.get(O.settingsAllV2,{queryParams:{tenantId:t}}),(e=>function(e){const t=e.SSOSettings,s=[];return t.forEach((e=>s.push($(e)))),s}(e)))}),K=e=>({create:(t,a,o,r,n,i,d,l)=>s(e.post(b.create,{name:t,expireTime:a,roleNames:o,keyTenants:r,userId:n,customClaims:i,description:d,permittedIps:l})),load:t=>s(e.get(b.load,{queryParams:{id:t}}),(e=>e.key)),searchAll:t=>s(e.post(b.search,{tenantIds:t}),(e=>e.keys)),update:(t,a,o,r,n,i,d)=>s(e.post(b.update,{id:t,name:a,description:o,roleNames:r,keyTenants:n,customClaims:i,permittedIps:d}),(e=>e.key)),deactivate:t=>s(e.post(b.deactivate,{id:t})),activate:t=>s(e.post(b.activate,{id:t})),delete:t=>s(e.post(b.delete,{id:t}))}),G=e=>({list:()=>s(e.post(R.list,{})),delete:t=>s(e.post(R.delete,{ids:t})),export:t=>s(e.post(R.export,{flowId:t})),import:(t,a,o)=>s(e.post(R.import,{flowId:t,flow:a,screens:o})),run:(t,a)=>s(e.post(R.run,{flowId:t,options:a}),(e=>null==e?void 0:e.output))}),H=e=>({export:()=>s(e.post(P.export,{})),import:t=>s(e.post(P.import,{theme:t}))}),W=e=>({search:t=>{const a=Object.assign(Object.assign({},t),{externalIds:t.loginIds});return delete a.loginIds,s(e.post(M.search,a),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))},createEvent:t=>{const a=Object.assign({},t);return s(e.post(M.createEvent,a))}}),V=e=>({saveSchema:(t,a)=>s(e.post(U.schemaSave,{schema:t,upgrade:a})),deleteSchema:()=>s(e.post(U.schemaDelete,{})),loadSchema:()=>s(e.post(U.schemaLoad,{}),(e=>e.schema)),saveNamespace:(t,a,o)=>s(e.post(U.nsSave,{namespace:t,oldName:a,schemaName:o})),deleteNamespace:(t,a)=>s(e.post(U.nsDelete,{name:t,schemaName:a})),saveRelationDefinition:(t,a,o,r)=>s(e.post(U.rdSave,{relationDefinition:t,namespace:a,oldName:o,schemaName:r})),deleteRelationDefinition:(t,a,o)=>s(e.post(U.rdDelete,{name:t,namespace:a,schemaName:o})),createRelations:t=>s(e.post(U.reCreate,{relations:t})),deleteRelations:t=>s(e.post(U.reDelete,{relations:t})),deleteRelationsForResources:t=>s(e.post(U.reDeleteResources,{resources:t})),deleteResourceRelationsForResources:t=>s(e.post(U.reDeleteResourceRelationsForResources,{resources:t})),deleteRelationsForIds:t=>s(e.post(U.reDeleteResources,{resources:t})),hasRelations:t=>s(e.post(U.hasRelations,{relationQueries:t}),(e=>e.relationQueries)),whoCanAccess:(t,a,o)=>s(e.post(U.who,{resource:t,relationDefinition:a,namespace:o}),(e=>e.targets)),resourceRelations:(t,a=!1)=>s(e.post(U.resource,{resource:t,ignoreTargetSetRelations:a}),(e=>e.relations)),targetsRelations:(t,a=!1)=>s(e.post(U.targets,{targets:t,includeTargetSetRelations:a}),(e=>e.relations)),whatCanTargetAccess:t=>s(e.post(U.targetAll,{target:t}),(e=>e.relations)),whatCanTargetAccessWithRelation:(t,a,o)=>s(e.post(U.targetWithRelation,{target:t,relationDefinition:a,namespace:o}),(e=>e.resources.map((e=>({resource:e}))))),getModified:t=>s(e.post(U.getModified,{since:t?t.getTime():0}),(e=>e))}),Q=e=>({createOidcApplication:t=>{var a;return s(e.post(I.oidcCreate,Object.assign(Object.assign({},t),{enabled:null===(a=t.enabled)||void 0===a||a})))},createSamlApplication:t=>{var a;return s(e.post(I.samlCreate,Object.assign(Object.assign({},t),{enabled:null===(a=t.enabled)||void 0===a||a})))},updateOidcApplication:t=>s(e.post(I.oidcUpdate,Object.assign({},t))),updateSamlApplication:t=>s(e.post(I.samlUpdate,Object.assign({},t))),delete:t=>s(e.post(I.delete,{id:t})),load:t=>s(e.get(I.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s(e.get(I.loadAll,{}),(e=>e.apps))}),_=e=>({getSettings:t=>s(e.get(T.settings,{queryParams:{tenantId:t}}),(e=>e)),configureSettings:(t,a)=>s(e.post(T.settings,Object.assign(Object.assign({},a),{tenantId:t})))}),X=e=>({saveSchema:t=>s(e.post(x.schema,t)),deleteSchema:()=>s(e.post(U.schemaDelete,{})),createRelations:t=>s(e.post(x.relations,{tuples:t})),deleteRelations:t=>s(e.post(x.deleteRelations,{tuples:t})),check:t=>s(e.post(x.check,{tuples:t}),(e=>e.tuples)),loadResourcesDetails:t=>s(e.post(x.resourcesLoad,{resourceIdentifiers:t}),(e=>e.resourcesDetails)),saveResourcesDetails:t=>s(e.post(x.resourcesSave,{resourcesDetails:t})),deleteAllRelations:()=>s(e.delete(x.relations))}),Y=e=>({createApplication:t=>s(e.post(k.create,Object.assign({},t))),updateApplication:t=>s(e.post(k.update,Object.assign({},t))),patchApplication:t=>s(e.post(k.patch,Object.assign({},t))),deleteApplication:t=>s(e.post(k.delete,{id:t})),loadApplication:t=>s(e.get(k.load,{queryParams:{id:t}}),(e=>e)),loadAllApplications:()=>s(e.get(k.loadAll,{}),(e=>e.apps)),getApplicationSecret:t=>s(e.get(k.secret,{queryParams:{id:t}}),(e=>e)),rotateApplicationSecret:t=>s(e.post(k.rotate,{id:t})),searchConsents:t=>s(e.post(A.search,Object.assign({},t)),(e=>e.consents)),deleteConsents:t=>s(e.post(A.delete,Object.assign({},t)))}),Z=e=>({createApplication:t=>s(e.post(S.create,Object.assign({},t)),(e=>e.app)),updateApplication:t=>s(e.post(S.update,{app:t}),(e=>e.app)),deleteApplication:t=>s(e.post(S.delete,{id:t})),loadApplication:t=>s(e.get(`${S.load}/${t}`),(e=>e.app)),loadAllApplications:()=>s(e.get(S.loadAll,{}),(e=>e.apps)),fetchTokenByScopes:(t,a,o,r,n)=>s(e.post(S.fetchTokenByScopes,{appId:t,userId:a,scopes:o,options:r,tenantId:n}),(e=>e.token)),fetchToken:(t,a,o,r)=>s(e.post(S.fetchToken,{appId:t,userId:a,tenantId:o,options:r}),(e=>e.token)),fetchTenantTokenByScopes:(t,a,o,r)=>s(e.post(S.fetchTenantTokenByScopes,{appId:t,tenantId:a,scopes:o,options:r}),(e=>e.token)),fetchTenantToken:(t,a,o)=>s(e.post(S.fetchTenantToken,{appId:t,tenantId:a,options:o}),(e=>e.token))});const ee=d=>{var l,p,h,{authManagementKey:b,managementKey:y,publicKey:I}=d,k=e(d,["authManagementKey","managementKey","publicKey"]);const A={"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(l=null===process||void 0===process?void 0:process.versions)||void 0===l?void 0:l.node)||"","x-descope-sdk-version":"1.7.17"},S=Object.assign(Object.assign({fetch:m},k),{baseHeaders:Object.assign(Object.assign({},k.baseHeaders),A),hooks:Object.assign(Object.assign({},k.hooks),{beforeRequest:[e=>(b&&(e.token=e.token?`${e.token}:${b}`:b),e)].concat((null===(p=k.hooks)||void 0===p?void 0:p.beforeRequest)||[])})}),O=t(S),{projectId:w,logger:T}=k,j={},N=Object.assign(Object.assign({fetch:m},k),{baseConfig:{baseHeaders:Object.assign(Object.assign({},k.baseHeaders),A)},hooks:Object.assign(Object.assign({},k.hooks),{beforeRequest:[e=>(e.token=y,e)].concat((null===(h=k.hooks)||void 0===h?void 0:h.beforeRequest)||[])})}),R=a(N),P={user:L(E=R),project:(M=E,{updateName:e=>s(M.post(f.updateName,{name:e})),updateTags:e=>s(M.post(f.updateTags,{tags:e})),clone:(e,t,a)=>s(M.post(f.clone,{name:e,environment:t,tags:a})),listProjects:async()=>s(M.post(f.projectsList,{}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:a})=>({id:e,name:t,environment:s,tags:a}))))),exportSnapshot:()=>s(M.post(f.exportSnapshot,{})),importSnapshot:e=>s(M.post(f.importSnapshot,e)),validateSnapshot:e=>s(M.post(f.validateSnapshot,e)),export:()=>s(M.post(f.exportSnapshot,{}),(e=>e.files)),import:e=>s(M.post(f.importSnapshot,{files:e}))}),accessKey:K(E),tenant:C(E),ssoApplication:Q(E),inboundApplication:Y(E),outboundApplication:Z(E),sso:J(E),jwt:F(E),permission:q(E),password:_(E),role:B(E),group:z(E),flow:G(E),theme:H(E),audit:W(E),authz:V(E),fga:X(E)};var E,M;const U=Object.assign(Object.assign({},O),{refresh:async(e,t)=>O.refresh(e,void 0,t),management:P,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(j[e.kid])return j[e.kid];if(Object.assign(j,await(async()=>{if(I)try{const e=JSON.parse(I),t=await i(e);return{[e.kid]:t}}catch(e){throw null==T||T.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await O.httpClient.get(`v2/keys/${w}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await i(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!j[e.kid])throw Error("failed to fetch matching key");return j[e.kid]},async validateJwt(e,t){var s;const a={clockTolerance:5};(null==t?void 0:t.audience)&&(a.audience=t.audience);const o=(await r(e,U.getKey,a)).payload;if(o&&(o.iss=null===(s=o.iss)||void 0===s?void 0:s.split("/").pop(),o.iss!==w))throw new n.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:o}},async validateSession(e,t){if(!e)throw Error("session token is required for validation");try{return await U.validateJwt(e,t)}catch(e){throw null==T||T.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e,t){var s,a,o,r,n,i;if(!e)throw Error("refresh token is required to refresh a session");try{await U.validateJwt(e);const d=await U.refresh(e);if(d.ok){const e=c(null===(a=null===(s=d.data)||void 0===s?void 0:s.cookies)||void 0===a?void 0:a.join(";"),"DS")||(null===(o=d.data)||void 0===o?void 0:o.sessionJwt),i=await U.validateJwt(e,t);return i.cookies=(null===(r=d.data)||void 0===r?void 0:r.cookies)||[],(null===(n=d.data)||void 0===n?void 0:n.refreshJwt)&&(i.refreshJwt=d.data.refreshJwt),i}throw Error(null===(i=d.error)||void 0===i?void 0:i.errorMessage)}catch(e){throw null==T||T.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t,s){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await U.validateSession(e,s)}catch(e){null==T||T.log(`session validation failed with error ${e} - trying to refresh it`)}return U.refreshSession(t,s)},async exchangeAccessKey(e,t,s){var a;if(!e)throw Error("access key must not be empty");let o;try{o=await U.accessKey.exchange(e,t)}catch(e){throw null==T||T.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!o.ok)throw null==T||T.error("failed to exchange access key",o.error),Error(`could not exchange access key - ${null===(a=o.error)||void 0===a?void 0:a.errorMessage}`);const{sessionJwt:r}=o.data;if(!r)throw null==T||T.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await U.validateJwt(r,s)}catch(e){throw null==T||T.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>U.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>U.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!v(e,t))return!1;const a=g(e,"permissions",t);return s.every((e=>a.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!v(e,t))return[];const a=g(e,"permissions",t);return s.filter((e=>a.includes(e)))},validateRoles:(e,t)=>U.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>U.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!v(e,t))return!1;const a=g(e,"roles",t);return s.every((e=>a.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!v(e,t))return[];const a=g(e,"roles",t);return s.filter((e=>a.includes(e)))}});return o(U,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],u)};ee.RefreshTokenCookieName="DSR",ee.SessionTokenCookieName="DS",ee.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"};export{ee as default};
2
2
  //# sourceMappingURL=index.esm.js.map
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@descope/node-sdk",
3
- "version": "1.7.16",
3
+ "version": "1.7.17",
4
4
  "description": "Node.js library used to integrate with Descope",
5
5
  "typings": "./dist/index.d.ts",
6
6
  "main": "dist/cjs/index.cjs.js",
@@ -100,7 +100,7 @@
100
100
  "typescript": "^4.6.4"
101
101
  },
102
102
  "dependencies": {
103
- "@descope/core-js-sdk": "2.50.1",
103
+ "@descope/core-js-sdk": "2.51.0",
104
104
  "cross-fetch": "^4.0.0",
105
105
  "jose": "5.2.2",
106
106
  "tslib": "^2.0.0"