@descope/node-sdk 1.7.6 → 1.7.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +89 -7
- package/dist/cjs/index.cjs.js +1 -1
- package/dist/cjs/index.cjs.js.map +1 -1
- package/dist/index.d.ts +155 -21
- package/dist/index.esm.js +1 -1
- package/dist/index.esm.js.map +1 -1
- package/package.json +3 -3
package/README.md
CHANGED
|
@@ -634,13 +634,13 @@ await descopeClient.management.password.configureSettings('my-tenant-id', {
|
|
|
634
634
|
You can create, update, delete or load SSO applications:
|
|
635
635
|
|
|
636
636
|
```typescript
|
|
637
|
-
// Create OIDC
|
|
637
|
+
// Create OIDC SSO application
|
|
638
638
|
await descopeClient.management.ssoApplication.createOidcApplication({
|
|
639
639
|
name: 'My OIDC app name',
|
|
640
640
|
loginPageUrl: 'http://dummy.com/login',
|
|
641
641
|
});
|
|
642
642
|
|
|
643
|
-
// Create SAML
|
|
643
|
+
// Create SAML SSO application
|
|
644
644
|
await descopeClient.management.ssoApplication.createSamlApplication({
|
|
645
645
|
name: 'My SAML app name',
|
|
646
646
|
loginPageUrl: 'http://dummy.com/login',
|
|
@@ -648,7 +648,7 @@ await descopeClient.management.ssoApplication.createSamlApplication({
|
|
|
648
648
|
metadataUrl: 'http://dummy.com/metadata',
|
|
649
649
|
});
|
|
650
650
|
|
|
651
|
-
// Update OIDC
|
|
651
|
+
// Update OIDC SSO application.
|
|
652
652
|
// Update will override all fields as is. Use carefully.
|
|
653
653
|
await descopeClient.management.ssoApplication.updateOidcApplication({
|
|
654
654
|
id: 'my-app-id',
|
|
@@ -656,7 +656,7 @@ await descopeClient.management.ssoApplication.updateOidcApplication({
|
|
|
656
656
|
loginPageUrl: 'http://dummy.com/login',
|
|
657
657
|
});
|
|
658
658
|
|
|
659
|
-
// Update SAML
|
|
659
|
+
// Update SAML SSO application.
|
|
660
660
|
// Update will override all fields as is. Use carefully.
|
|
661
661
|
await descopeClient.management.ssoApplication.updateSamlApplication({
|
|
662
662
|
id: 'my-app-id',
|
|
@@ -669,13 +669,13 @@ await descopeClient.management.ssoApplication.updateSamlApplication({
|
|
|
669
669
|
certificate: 'certificate',
|
|
670
670
|
});
|
|
671
671
|
|
|
672
|
-
//
|
|
672
|
+
// SSO application deletion cannot be undone. Use carefully.
|
|
673
673
|
await descopeClient.management.ssoApplication.delete('my-app-id');
|
|
674
674
|
|
|
675
|
-
// Load
|
|
675
|
+
// Load SSO application by id
|
|
676
676
|
const app = await descopeClient.management.ssoApplication.load('my-app-id');
|
|
677
677
|
|
|
678
|
-
// Load all
|
|
678
|
+
// Load all SSO applications
|
|
679
679
|
const appsRes = await descopeClient.management.ssoApplication.loadAll();
|
|
680
680
|
appsRes.data.forEach((app) => {
|
|
681
681
|
// do something
|
|
@@ -1259,6 +1259,88 @@ const relations = await descopeClient.management.fga.check([
|
|
|
1259
1259
|
]);
|
|
1260
1260
|
```
|
|
1261
1261
|
|
|
1262
|
+
### Manage Inbound Applications
|
|
1263
|
+
|
|
1264
|
+
You can create, update, delete or load inbound applications:
|
|
1265
|
+
|
|
1266
|
+
```typescript
|
|
1267
|
+
// Create an inbound application.
|
|
1268
|
+
const { id, cleartext: secret } =
|
|
1269
|
+
await descopeClient.management.inboundApplication.createApplication({
|
|
1270
|
+
name: 'my new app',
|
|
1271
|
+
description: 'my desc',
|
|
1272
|
+
logo: 'data:image/png;..',
|
|
1273
|
+
approvedCallbackUrls: ['dummy.com'],
|
|
1274
|
+
permissionsScopes: [
|
|
1275
|
+
{
|
|
1276
|
+
name: 'read_support',
|
|
1277
|
+
description: 'read for support',
|
|
1278
|
+
values: ['Support'],
|
|
1279
|
+
},
|
|
1280
|
+
],
|
|
1281
|
+
attributesScopes: [
|
|
1282
|
+
{
|
|
1283
|
+
name: 'read_email',
|
|
1284
|
+
description: 'read user email',
|
|
1285
|
+
values: ['email'],
|
|
1286
|
+
},
|
|
1287
|
+
],
|
|
1288
|
+
loginPageUrl: 'http://dummy.com/login',
|
|
1289
|
+
});
|
|
1290
|
+
|
|
1291
|
+
// Update an inbound application.
|
|
1292
|
+
// Update will override all fields as is. Use carefully.
|
|
1293
|
+
await descopeClient.management.inboundApplication.updateApplication({
|
|
1294
|
+
id: 'my-app-id',
|
|
1295
|
+
name: 'my updated app',
|
|
1296
|
+
loginPageUrl: 'http://dummy.com/login',
|
|
1297
|
+
approvedCallbackUrls: ['dummy.com', 'myawesomedomain.com'],
|
|
1298
|
+
});
|
|
1299
|
+
|
|
1300
|
+
// Patch an inbound application.
|
|
1301
|
+
// patch will not override all fields, but update only what given.
|
|
1302
|
+
await descopeClient.management.inboundApplication.patchApplication({
|
|
1303
|
+
id: 'my-app-id',
|
|
1304
|
+
name: 'my updated app name',
|
|
1305
|
+
description: 'my new description',
|
|
1306
|
+
});
|
|
1307
|
+
|
|
1308
|
+
// delete an inbound application by id.
|
|
1309
|
+
// inbound application deletion cannot be undone. Use carefully.
|
|
1310
|
+
await descopeClient.management.inboundApplication.deleteApplication('my-app-id');
|
|
1311
|
+
|
|
1312
|
+
// Load an inbound application by id
|
|
1313
|
+
const app = await descopeClient.management.inboundApplication.loadApplication('my-app-id');
|
|
1314
|
+
|
|
1315
|
+
// Load all inbound applications
|
|
1316
|
+
const appsRes = await descopeClient.management.inboundApplication.loadAllApplications();
|
|
1317
|
+
appsRes.data.forEach((app) => {
|
|
1318
|
+
// do something
|
|
1319
|
+
});
|
|
1320
|
+
|
|
1321
|
+
// Get an inbound application secret by application id.
|
|
1322
|
+
const { cleartext } = await descopeClient.management.inboundApplication.getApplicationSecret(
|
|
1323
|
+
'my-app-id',
|
|
1324
|
+
);
|
|
1325
|
+
|
|
1326
|
+
// Rotate an inbound application secret by application id.
|
|
1327
|
+
const { cleartext } = await descopeClient.management.inboundApplication.rotateApplicationSecret(
|
|
1328
|
+
'my-app-id',
|
|
1329
|
+
);
|
|
1330
|
+
|
|
1331
|
+
// Search in all consents. search consents by the given app id and offset to the third page.
|
|
1332
|
+
const consentsRes = await descopeClient.management.inboundApplication.searchConsents({
|
|
1333
|
+
appId: 'my-app',
|
|
1334
|
+
page: 2,
|
|
1335
|
+
});
|
|
1336
|
+
|
|
1337
|
+
// Delete consents. delete all user consents, application consents or specific consents by id.
|
|
1338
|
+
// inbound application consents deletion cannot be undone. Use carefully.
|
|
1339
|
+
await descopeClient.management.inboundApplication.deleteConsents({
|
|
1340
|
+
userIds: ['user'],
|
|
1341
|
+
});
|
|
1342
|
+
```
|
|
1343
|
+
|
|
1262
1344
|
### Utils for your end to end (e2e) tests and integration tests
|
|
1263
1345
|
|
|
1264
1346
|
To ease your e2e tests, we exposed dedicated management methods,
|
package/dist/cjs/index.cjs.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
"use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),n=require("cross-fetch");function o(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var a=o(t);var r;null!==(r=globalThis.Headers)&&void 0!==r||(globalThis.Headers=n.Headers);const i=(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),n.fetch(...e)),p=t=>async(...s)=>{var n,o,a;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:p}=i,l=e.__rest(i,["refreshJwt"]);const m=[];var d;return p?m.push(`${"DSR"}=${p}; Domain=${(null==(d=l)?void 0:d.cookieDomain)||""}; Max-Age=${(null==d?void 0:d.cookieMaxAge)||""}; Path=${(null==d?void 0:d.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))&&(p=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),m.push(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:p,cookies:m})})};function l(e,t,s){var n,o;const a=s?null===(o=null===(n=e.token.tenants)||void 0===n?void 0:n[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(a)?a:[]}function m(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var d={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",history:"/v1/mgmt/user/history"},c={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},u={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate"},h={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},v={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},f={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous"},k={settings:"/v1/mgmt/password/settings"},R={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},C={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},I={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},y={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},b={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},w={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},S={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},O={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save"};const A=(e,s)=>({create:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:p,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.httpClient.post(d.create,k,{token:s}),(e=>e.user))},createTestUser:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:p,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f,test:!0}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0,test:!0});return t.transformResponse(e.httpClient.post(d.createTestUser,k,{token:s}),(e=>e.user))},invite:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f,k,R,C,I){const y="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:f,middleName:k,familyName:R,roleNames:i,userTenants:p,invite:!0,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,inviteUrl:u,sendMail:h,sendSMS:v,additionalLoginIds:C,templateId:I}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0,invite:!0});return t.transformResponse(e.httpClient.post(d.create,y,{token:s}),(e=>e.user))},inviteBatch:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(d.createBatch,{users:n.map((e=>{const t=Object.assign(Object.assign({},e),{roleNames:e.roles});return delete t.roles,t})),invite:!0,inviteUrl:o,sendMail:a,sendSMS:r,templateOptions:i,templateId:p},{token:s}),(e=>e)),update:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:p,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.httpClient.post(d.update,k,{token:s}),(e=>e.user))},patch:function(n,o){const a={loginId:n};return void 0!==o.email&&(a.email=o.email),void 0!==o.phone&&(a.phone=o.phone),void 0!==o.displayName&&(a.displayName=o.displayName),void 0!==o.givenName&&(a.givenName=o.givenName),void 0!==o.middleName&&(a.middleName=o.middleName),void 0!==o.familyName&&(a.familyName=o.familyName),void 0!==o.roles&&(a.roleNames=o.roles),void 0!==o.userTenants&&(a.userTenants=o.userTenants),void 0!==o.customAttributes&&(a.customAttributes=o.customAttributes),void 0!==o.picture&&(a.picture=o.picture),void 0!==o.verifiedEmail&&(a.verifiedEmail=o.verifiedEmail),void 0!==o.verifiedPhone&&(a.verifiedPhone=o.verifiedPhone),void 0!==o.ssoAppIds&&(a.ssoAppIds=o.ssoAppIds),void 0!==o.scim&&(a.scim=o.scim),t.transformResponse(e.httpClient.patch(d.patch,a,{token:s}),(e=>e.user))},delete:n=>t.transformResponse(e.httpClient.post(d.delete,{loginId:n},{token:s})),deleteByUserId:n=>t.transformResponse(e.httpClient.post(d.delete,{userId:n},{token:s})),deleteAllTestUsers:()=>t.transformResponse(e.httpClient.delete(d.deleteAllTestUsers,{token:s})),load:n=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{loginId:n},token:s}),(e=>e.user)),loadByUserId:n=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{userId:n},token:s}),(e=>e.user)),logoutUser:n=>t.transformResponse(e.httpClient.post(d.logout,{loginId:n},{token:s})),logoutUserByUserId:n=>t.transformResponse(e.httpClient.post(d.logout,{userId:n},{token:s})),searchAll:(n,o,a,r,i,p,l,m,c,g)=>t.transformResponse(e.httpClient.post(d.search,{tenantIds:n,roleNames:o,limit:a,page:r,testUsersOnly:i,withTestUser:p,customAttributes:l,statuses:m,emails:c,phones:g},{token:s}),(e=>e.users)),searchTestUsers:n=>t.transformResponse(e.httpClient.post(d.searchTestUsers,Object.assign(Object.assign({},n),{withTestUser:!0,testUsersOnly:!0,roleNames:n.roles,roles:void 0}),{token:s}),(e=>e.users)),search:n=>t.transformResponse(e.httpClient.post(d.search,Object.assign(Object.assign({},n),{roleNames:n.roles,roles:void 0}),{token:s}),(e=>e.users)),getProviderToken:(n,o,a)=>t.transformResponse(e.httpClient.get(d.getProviderToken,{queryParams:{loginId:n,provider:o,withRefreshToken:(null==a?void 0:a.withRefreshToken)?"true":"false",forceRefresh:(null==a?void 0:a.forceRefresh)?"true":"false"},token:s}),(e=>e)),activate:n=>t.transformResponse(e.httpClient.post(d.updateStatus,{loginId:n,status:"enabled"},{token:s}),(e=>e.user)),deactivate:n=>t.transformResponse(e.httpClient.post(d.updateStatus,{loginId:n,status:"disabled"},{token:s}),(e=>e.user)),updateLoginId:(n,o)=>t.transformResponse(e.httpClient.post(d.updateLoginId,{loginId:n,newLoginId:o},{token:s}),(e=>e.user)),updateEmail:(n,o,a)=>t.transformResponse(e.httpClient.post(d.updateEmail,{loginId:n,email:o,verified:a},{token:s}),(e=>e.user)),updatePhone:(n,o,a)=>t.transformResponse(e.httpClient.post(d.updatePhone,{loginId:n,phone:o,verified:a},{token:s}),(e=>e.user)),updateDisplayName:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(d.updateDisplayName,{loginId:n,displayName:o,givenName:a,middleName:r,familyName:i},{token:s}),(e=>e.user)),updatePicture:(n,o)=>t.transformResponse(e.httpClient.post(d.updatePicture,{loginId:n,picture:o},{token:s}),(e=>e.user)),updateCustomAttribute:(n,o,a)=>t.transformResponse(e.httpClient.post(d.updateCustomAttribute,{loginId:n,attributeKey:o,attributeValue:a},{token:s}),(e=>e.user)),setRoles:(n,o)=>t.transformResponse(e.httpClient.post(d.setRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addRoles:(n,o)=>t.transformResponse(e.httpClient.post(d.addRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),removeRoles:(n,o)=>t.transformResponse(e.httpClient.post(d.removeRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addTenant:(n,o)=>t.transformResponse(e.httpClient.post(d.addTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),removeTenant:(n,o)=>t.transformResponse(e.httpClient.post(d.removeTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),setTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(d.setRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),addTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(d.addRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),removeTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(d.removeRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),addSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(d.addSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),setSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(d.setSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),removeSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(d.removeSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),generateOTPForTestUser:(n,o,a)=>t.transformResponse(e.httpClient.post(d.generateOTPForTest,{deliveryMethod:n,loginId:o,loginOptions:a},{token:s}),(e=>e)),generateMagicLinkForTestUser:(n,o,a,r)=>t.transformResponse(e.httpClient.post(d.generateMagicLinkForTest,{deliveryMethod:n,loginId:o,URI:a,loginOptions:r},{token:s}),(e=>e)),generateEnchantedLinkForTestUser:(n,o,a)=>t.transformResponse(e.httpClient.post(d.generateEnchantedLinkForTest,{loginId:n,URI:o,loginOptions:a},{token:s}),(e=>e)),generateEmbeddedLink:(n,o)=>t.transformResponse(e.httpClient.post(d.generateEmbeddedLink,{loginId:n,customClaims:o},{token:s}),(e=>e)),setTemporaryPassword:(n,o)=>t.transformResponse(e.httpClient.post(d.setTemporaryPassword,{loginId:n,password:o},{token:s}),(e=>e)),setActivePassword:(n,o)=>t.transformResponse(e.httpClient.post(d.setActivePassword,{loginId:n,password:o},{token:s}),(e=>e)),setPassword:(n,o)=>t.transformResponse(e.httpClient.post(d.setPassword,{loginId:n,password:o},{token:s}),(e=>e)),expirePassword:n=>t.transformResponse(e.httpClient.post(d.expirePassword,{loginId:n},{token:s}),(e=>e)),removeAllPasskeys:n=>t.transformResponse(e.httpClient.post(d.removeAllPasskeys,{loginId:n},{token:s}),(e=>e)),removeTOTPSeed:n=>t.transformResponse(e.httpClient.post(d.removeTOTPSeed,{loginId:n},{token:s}),(e=>e)),history:n=>t.transformResponse(e.httpClient.post(d.history,n,{token:s}),(e=>e))}),T=(e,s)=>({updateName:n=>t.transformResponse(e.httpClient.post(c.updateName,{name:n},{token:s})),updateTags:n=>t.transformResponse(e.httpClient.post(c.updateTags,{tags:n},{token:s})),clone:(n,o,a)=>t.transformResponse(e.httpClient.post(c.clone,{name:n,environment:o,tags:a},{token:s})),listProjects:async()=>t.transformResponse(e.httpClient.post(c.projectsList,{},{token:s}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:n})=>({id:e,name:t,environment:s,tags:n}))))),exportSnapshot:()=>t.transformResponse(e.httpClient.post(c.exportSnapshot,{},{token:s})),importSnapshot:n=>t.transformResponse(e.httpClient.post(c.importSnapshot,n,{token:s})),validateSnapshot:n=>t.transformResponse(e.httpClient.post(c.validateSnapshot,n,{token:s})),export:()=>t.transformResponse(e.httpClient.post(c.exportSnapshot,{},{token:s}),(e=>e.files)),import:n=>t.transformResponse(e.httpClient.post(c.importSnapshot,{files:n},{token:s}))}),j=(e,s)=>({create:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(u.create,{name:n,selfProvisioningDomains:o,customAttributes:a,enforceSSO:r,disabled:i},{token:s})),createWithId:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(u.create,{id:n,name:o,selfProvisioningDomains:a,customAttributes:r,enforceSSO:i,disabled:p},{token:s})),update:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(u.update,{id:n,name:o,selfProvisioningDomains:a,customAttributes:r,enforceSSO:i,disabled:p},{token:s})),delete:(n,o)=>t.transformResponse(e.httpClient.post(u.delete,{id:n,cascade:o},{token:s})),load:n=>t.transformResponse(e.httpClient.get(u.load,{queryParams:{id:n},token:s}),(e=>e)),loadAll:()=>t.transformResponse(e.httpClient.get(u.loadAll,{token:s}),(e=>e.tenants)),searchAll:(n,o,a,r)=>t.transformResponse(e.httpClient.post(u.searchAll,{tenantIds:n,tenantNames:o,tenantSelfProvisioningDomains:a,customAttributes:r},{token:s}),(e=>e.tenants)),getSettings:n=>t.transformResponse(e.httpClient.get(u.settings,{queryParams:{id:n},token:s}),(e=>e)),configureSettings:(n,o)=>t.transformResponse(e.httpClient.post(u.settings,Object.assign(Object.assign({},o),{tenantId:n}),{token:s})),generateSSOConfigurationLink:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(u.generateSSOConfigurationLink,{tenantId:n,expireTime:o,ssoId:a,email:r,templateId:i},{token:s}),(e=>e))}),N=(e,s)=>({update:(n,o,a)=>t.transformResponse(e.httpClient.post(f.update,{jwt:n,customClaims:o,refreshDuration:a},{token:s})),impersonate:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(f.impersonate,{impersonatorId:n,loginId:o,validateConsent:a,customClaims:r,selectedTenant:i,refreshDuration:p},{token:s})),stopImpersonation:(n,o,a,r)=>t.transformResponse(e.httpClient.post(f.stopImpersonation,{jwt:n,customClaims:o,selectedTenant:a,refreshDuration:r},{token:s})),signIn:(n,o)=>t.transformResponse(e.httpClient.post(f.signIn,Object.assign({loginId:n},o),{token:s})),signUp:(n,o,a)=>t.transformResponse(e.httpClient.post(f.signUp,Object.assign({loginId:n,user:o},a),{token:s})),signUpOrIn:(n,o,a)=>t.transformResponse(e.httpClient.post(f.signUpOrIn,Object.assign({loginId:n,user:o},a),{token:s})),anonymous:(n,o,a)=>t.transformResponse(e.httpClient.post(f.anonymous,{customClaims:n,selectedTenant:o,refreshDuration:a},{token:s}))}),P=(e,s)=>({create:(n,o)=>t.transformResponse(e.httpClient.post(R.create,{name:n,description:o},{token:s})),update:(n,o,a)=>t.transformResponse(e.httpClient.post(R.update,{name:n,newName:o,description:a},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(R.delete,{name:n},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(R.loadAll,{token:s}),(e=>e.permissions))}),E=(e,s)=>({create:(n,o,a,r)=>t.transformResponse(e.httpClient.post(C.create,{name:n,description:o,permissionNames:a,tenantId:r},{token:s})),update:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(C.update,{name:n,newName:o,description:a,permissionNames:r,tenantId:i},{token:s})),delete:(n,o)=>t.transformResponse(e.httpClient.post(C.delete,{name:n,tenantId:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(C.loadAll,{token:s}),(e=>e.roles)),search:n=>t.transformResponse(e.httpClient.post(C.search,n,{token:s}),(e=>e.roles))}),M=(e,s)=>({loadAllGroups:n=>t.transformResponse(e.httpClient.post(b.loadAllGroups,{tenantId:n},{token:s})),loadAllGroupsForMember:(n,o,a)=>t.transformResponse(e.httpClient.post(b.loadAllGroupsForMember,{tenantId:n,loginIds:a,userIds:o},{token:s})),loadAllGroupMembers:(n,o)=>t.transformResponse(e.httpClient.post(b.loadAllGroupMembers,{tenantId:n,groupId:o},{token:s}))});function x(e){var t,s;const n=e;return n.oidc&&(n.oidc=Object.assign(Object.assign({},n.oidc),{attributeMapping:n.oidc.userAttrMapping}),delete n.oidc.userAttrMapping),(null===(t=n.saml)||void 0===t?void 0:t.groupsMapping)&&(n.saml.groupsMapping=null===(s=n.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),n}const U=(e,s)=>({getSettings:n=>t.transformResponse(e.httpClient.get(v.settings,{queryParams:{tenantId:n},token:s}),(e=>e)),newSettings:(n,o,a)=>t.transformResponse(e.httpClient.post(v.settingsNew,Object.assign(Object.assign({tenantId:n},o?{ssoId:o}:{}),{displayName:a}),{token:s}),(e=>x(e))),deleteSettings:(n,o)=>t.transformResponse(e.httpClient.delete(v.settings,{queryParams:Object.assign({tenantId:n},o?{ssoId:o}:{}),token:s})),configureSettings:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(v.settings,{tenantId:n,idpURL:o,entityId:r,idpCert:a,redirectURL:i,domains:p},{token:s})),configureMetadata:(n,o,a,r)=>t.transformResponse(e.httpClient.post(v.metadata,{tenantId:n,idpMetadataURL:o,redirectURL:a,domains:r},{token:s})),configureMapping:(n,o,a)=>t.transformResponse(e.httpClient.post(v.mapping,{tenantId:n,roleMappings:o,attributeMapping:a},{token:s})),configureOIDCSettings:(n,o,a,r)=>{const i=Object.assign(Object.assign({},o),{userAttrMapping:o.attributeMapping});return delete i.attributeMapping,t.transformResponse(e.httpClient.post(v.oidc.configure,Object.assign({tenantId:n,settings:i,domains:a},r?{ssoId:r}:{}),{token:s}))},configureSAMLSettings:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(v.saml.configure,Object.assign({tenantId:n,settings:o,redirectUrl:a,domains:r},i?{ssoId:i}:{}),{token:s})),configureSAMLByMetadata:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(v.saml.metadata,Object.assign({tenantId:n,settings:o,redirectUrl:a,domains:r},i?{ssoId:i}:{}),{token:s})),loadSettings:(n,o)=>t.transformResponse(e.httpClient.get(v.settingsv2,{queryParams:Object.assign({tenantId:n},o?{ssoId:o}:{}),token:s}),(e=>x(e))),loadAllSettings:n=>t.transformResponse(e.httpClient.get(v.settingsAllV2,{queryParams:{tenantId:n},token:s}),(e=>function(e){const t=e.SSOSettings,s=[];return t.forEach((e=>s.push(x(e)))),s}(e)))}),D=(e,s)=>({create:(n,o,a,r,i,p,l,m)=>t.transformResponse(e.httpClient.post(g.create,{name:n,expireTime:o,roleNames:a,keyTenants:r,userId:i,customClaims:p,description:l,permittedIps:m},{token:s})),load:n=>t.transformResponse(e.httpClient.get(g.load,{queryParams:{id:n},token:s}),(e=>e.key)),searchAll:n=>t.transformResponse(e.httpClient.post(g.search,{tenantIds:n},{token:s}),(e=>e.keys)),update:(n,o,a,r,i,p,l)=>t.transformResponse(e.httpClient.post(g.update,{id:n,name:o,description:a,roleNames:r,keyTenants:i,customClaims:p,permittedIps:l},{token:s}),(e=>e.key)),deactivate:n=>t.transformResponse(e.httpClient.post(g.deactivate,{id:n},{token:s})),activate:n=>t.transformResponse(e.httpClient.post(g.activate,{id:n},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(g.delete,{id:n},{token:s}))}),L=(e,s)=>({list:()=>t.transformResponse(e.httpClient.post(I.list,{},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(I.delete,{ids:n},{token:s})),export:n=>t.transformResponse(e.httpClient.post(I.export,{flowId:n},{token:s})),import:(n,o,a)=>t.transformResponse(e.httpClient.post(I.import,{flowId:n,flow:o,screens:a},{token:s}))}),F=(e,s)=>({export:()=>t.transformResponse(e.httpClient.post(y.export,{},{token:s})),import:n=>t.transformResponse(e.httpClient.post(y.import,{theme:n},{token:s}))}),q=(e,s)=>({search:n=>{const o=Object.assign(Object.assign({},n),{externalIds:n.loginIds});return delete o.loginIds,t.transformResponse(e.httpClient.post(w.search,o,{token:s}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))},createEvent:n=>{const o=Object.assign({},n);return t.transformResponse(e.httpClient.post(w.createEvent,o,{token:s}))}}),z=(e,s)=>({saveSchema:(n,o)=>t.transformResponse(e.httpClient.post(S.schemaSave,{schema:n,upgrade:o},{token:s})),deleteSchema:()=>t.transformResponse(e.httpClient.post(S.schemaDelete,{},{token:s})),loadSchema:()=>t.transformResponse(e.httpClient.post(S.schemaLoad,{},{token:s}),(e=>e.schema)),saveNamespace:(n,o,a)=>t.transformResponse(e.httpClient.post(S.nsSave,{namespace:n,oldName:o,schemaName:a},{token:s})),deleteNamespace:(n,o)=>t.transformResponse(e.httpClient.post(S.nsDelete,{name:n,schemaName:o},{token:s})),saveRelationDefinition:(n,o,a,r)=>t.transformResponse(e.httpClient.post(S.rdSave,{relationDefinition:n,namespace:o,oldName:a,schemaName:r},{token:s})),deleteRelationDefinition:(n,o,a)=>t.transformResponse(e.httpClient.post(S.rdDelete,{name:n,namespace:o,schemaName:a},{token:s})),createRelations:n=>t.transformResponse(e.httpClient.post(S.reCreate,{relations:n},{token:s})),deleteRelations:n=>t.transformResponse(e.httpClient.post(S.reDelete,{relations:n},{token:s})),deleteRelationsForResources:n=>t.transformResponse(e.httpClient.post(S.reDeleteResources,{resources:n},{token:s})),deleteResourceRelationsForResources:n=>t.transformResponse(e.httpClient.post(S.reDeleteResourceRelationsForResources,{resources:n},{token:s})),deleteRelationsForIds:n=>t.transformResponse(e.httpClient.post(S.reDeleteResources,{resources:n},{token:s})),hasRelations:n=>t.transformResponse(e.httpClient.post(S.hasRelations,{relationQueries:n},{token:s}),(e=>e.relationQueries)),whoCanAccess:(n,o,a)=>t.transformResponse(e.httpClient.post(S.who,{resource:n,relationDefinition:o,namespace:a},{token:s}),(e=>e.targets)),resourceRelations:(n,o=!1)=>t.transformResponse(e.httpClient.post(S.resource,{resource:n,ignoreTargetSetRelations:o},{token:s}),(e=>e.relations)),targetsRelations:(n,o=!1)=>t.transformResponse(e.httpClient.post(S.targets,{targets:n,includeTargetSetRelations:o},{token:s}),(e=>e.relations)),whatCanTargetAccess:n=>t.transformResponse(e.httpClient.post(S.targetAll,{target:n},{token:s}),(e=>e.relations)),whatCanTargetAccessWithRelation:(n,o,a)=>t.transformResponse(e.httpClient.post(S.targetWithRelation,{target:n,relationDefinition:o,namespace:a},{token:s}),(e=>e.resources.map((e=>({resource:e}))))),getModified:n=>t.transformResponse(e.httpClient.post(S.getModified,{since:n?n.getTime():0},{token:s}),(e=>e))}),J=(e,s)=>({createOidcApplication:n=>{var o;return t.transformResponse(e.httpClient.post(h.oidcCreate,Object.assign(Object.assign({},n),{enabled:null===(o=n.enabled)||void 0===o||o}),{token:s}))},createSamlApplication:n=>{var o;return t.transformResponse(e.httpClient.post(h.samlCreate,Object.assign(Object.assign({},n),{enabled:null===(o=n.enabled)||void 0===o||o}),{token:s}))},updateOidcApplication:n=>t.transformResponse(e.httpClient.post(h.oidcUpdate,Object.assign({},n),{token:s})),updateSamlApplication:n=>t.transformResponse(e.httpClient.post(h.samlUpdate,Object.assign({},n),{token:s})),delete:n=>t.transformResponse(e.httpClient.post(h.delete,{id:n},{token:s})),load:n=>t.transformResponse(e.httpClient.get(h.load,{queryParams:{id:n},token:s}),(e=>e)),loadAll:()=>t.transformResponse(e.httpClient.get(h.loadAll,{token:s}),(e=>e.apps))}),$=(e,s)=>({getSettings:n=>t.transformResponse(e.httpClient.get(k.settings,{queryParams:{tenantId:n},token:s}),(e=>e)),configureSettings:(n,o)=>t.transformResponse(e.httpClient.post(k.settings,Object.assign(Object.assign({},o),{tenantId:n}),{token:s}))}),K=(e,s)=>({saveSchema:n=>t.transformResponse(e.httpClient.post(O.schema,n,{token:s})),deleteSchema:()=>t.transformResponse(e.httpClient.post(S.schemaDelete,{},{token:s})),createRelations:n=>t.transformResponse(e.httpClient.post(O.relations,{tuples:n},{token:s})),deleteRelations:n=>t.transformResponse(e.httpClient.post(O.deleteRelations,{tuples:n},{token:s})),check:n=>t.transformResponse(e.httpClient.post(O.check,{tuples:n},{token:s}),(e=>e.tuples)),loadResourcesDetails:n=>t.transformResponse(e.httpClient.post(O.resourcesLoad,{resourceIdentifiers:n},{token:s}),(e=>e.resourcesDetails)),saveResourcesDetails:n=>t.transformResponse(e.httpClient.post(O.resourcesSave,{resourcesDetails:n},{token:s})),deleteAllRelations:()=>t.transformResponse(e.httpClient.delete(O.relations,{token:s}))});const W=n=>{var o,{managementKey:r,publicKey:d}=n,c=e.__rest(n,["managementKey","publicKey"]);const g=a.default(Object.assign(Object.assign({fetch:i},c),{baseHeaders:Object.assign(Object.assign({},c.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(o=null===process||void 0===process?void 0:process.versions)||void 0===o?void 0:o.node)||"","x-descope-sdk-version":"1.7.6"})})),{projectId:u,logger:h}=c,v={},f=((e,t)=>({user:A(e,t),project:T(e,t),accessKey:D(e,t),tenant:j(e,t),ssoApplication:J(e,t),sso:U(e,t),jwt:N(e,t),permission:P(e,t),password:$(e,t),role:E(e,t),group:M(e,t),flow:L(e,t),theme:F(e,t),audit:q(e,t),authz:z(e,t),fga:K(e,t)}))(g,r),k=Object.assign(Object.assign({},g),{refresh:async e=>g.refresh(e),management:f,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(v[e.kid])return v[e.kid];if(Object.assign(v,await(async()=>{if(d)try{const e=JSON.parse(d),t=await s.importJWK(e);return{[e.kid]:t}}catch(e){throw null==h||h.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await g.httpClient.get(`v2/keys/${u}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!v[e.kid])throw Error("failed to fetch matching key");return v[e.kid]},async validateJwt(e){var t;const n=(await s.jwtVerify(e,k.getKey,{clockTolerance:5})).payload;if(n&&(n.iss=null===(t=n.iss)||void 0===t?void 0:t.split("/").pop(),n.iss!==u))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:n}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await k.validateJwt(e)}catch(e){throw null==h||h.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await k.validateJwt(e);const n=await k.refresh(e);if(n.ok){return await k.validateJwt(null===(t=n.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=n.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==h||h.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await k.validateSession(e)}catch(e){null==h||h.log(`session validation failed with error ${e} - trying to refresh it`)}return k.refreshSession(t)},async exchangeAccessKey(e,t){var s;if(!e)throw Error("access key must not be empty");let n;try{n=await k.accessKey.exchange(e,t)}catch(e){throw null==h||h.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!n.ok)throw null==h||h.error("failed to exchange access key",n.error),Error(`could not exchange access key - ${null===(s=n.error)||void 0===s?void 0:s.errorMessage}`);const{sessionJwt:o}=n.data;if(!o)throw null==h||h.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await k.validateJwt(o)}catch(e){throw null==h||h.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>k.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>k.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!m(e,t))return!1;const n=l(e,"permissions",t);return s.every((e=>n.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!m(e,t))return[];const n=l(e,"permissions",t);return s.filter((e=>n.includes(e)))},validateRoles:(e,t)=>k.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>k.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!m(e,t))return!1;const n=l(e,"roles",t);return s.every((e=>n.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!m(e,t))return[];const n=l(e,"roles",t);return s.filter((e=>n.includes(e)))}});return t.wrapWith(k,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],p)};W.RefreshTokenCookieName="DSR",W.SessionTokenCookieName="DS",W.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"},module.exports=W;
|
|
1
|
+
"use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),n=require("cross-fetch");function o(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var a=o(t);var r;null!==(r=globalThis.Headers)&&void 0!==r||(globalThis.Headers=n.Headers);const i=(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),n.fetch(...e)),p=t=>async(...s)=>{var n,o,a;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:p}=i,l=e.__rest(i,["refreshJwt"]);const m=[];var d;return p?m.push(`${"DSR"}=${p}; Domain=${(null==(d=l)?void 0:d.cookieDomain)||""}; Max-Age=${(null==d?void 0:d.cookieMaxAge)||""}; Path=${(null==d?void 0:d.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))&&(p=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),m.push(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:p,cookies:m})})};function l(e,t,s){var n,o;const a=s?null===(o=null===(n=e.token.tenants)||void 0===n?void 0:n[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(a)?a:[]}function m(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var d={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",generateSignUpEmbeddedLink:"/v1/mgmt/user/signup/embeddedlink",history:"/v1/mgmt/user/history"},c={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},u={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate"},h={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},v={create:"/v1/mgmt/thirdparty/app/create",update:"/v1/mgmt/thirdparty/app/update",patch:"/v1/mgmt/thirdparty/app/patch",delete:"/v1/mgmt/thirdparty/app/delete",load:"/v1/mgmt/thirdparty/app/load",loadAll:"/v1/mgmt/thirdparty/apps/load",secret:"/v1/mgmt/thirdparty/app/secret",rotate:"/v1/mgmt/thirdparty/app/rotate"},f={delete:"/v1/mgmt/thirdparty/consents/delete",search:"/v1/mgmt/thirdparty/consents/search"},k={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},R={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous"},C={settings:"/v1/mgmt/password/settings"},y={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},I={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},b={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},S={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},A={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},w={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},O={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},j={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save"};const T=(e,s)=>({create:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:p,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.httpClient.post(d.create,k,{token:s}),(e=>e.user))},createTestUser:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:p,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f,test:!0}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0,test:!0});return t.transformResponse(e.httpClient.post(d.createTestUser,k,{token:s}),(e=>e.user))},invite:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f,k,R,C,y){const I="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:f,middleName:k,familyName:R,roleNames:i,userTenants:p,invite:!0,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,inviteUrl:u,sendMail:h,sendSMS:v,additionalLoginIds:C,templateId:y}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0,invite:!0});return t.transformResponse(e.httpClient.post(d.create,I,{token:s}),(e=>e.user))},inviteBatch:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(d.createBatch,{users:n.map((e=>{const t=Object.assign(Object.assign({},e),{roleNames:e.roles});return delete t.roles,t})),invite:!0,inviteUrl:o,sendMail:a,sendSMS:r,templateOptions:i,templateId:p},{token:s}),(e=>e)),update:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:p,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.httpClient.post(d.update,k,{token:s}),(e=>e.user))},patch:function(n,o){const a={loginId:n};return void 0!==o.email&&(a.email=o.email),void 0!==o.phone&&(a.phone=o.phone),void 0!==o.displayName&&(a.displayName=o.displayName),void 0!==o.givenName&&(a.givenName=o.givenName),void 0!==o.middleName&&(a.middleName=o.middleName),void 0!==o.familyName&&(a.familyName=o.familyName),void 0!==o.roles&&(a.roleNames=o.roles),void 0!==o.userTenants&&(a.userTenants=o.userTenants),void 0!==o.customAttributes&&(a.customAttributes=o.customAttributes),void 0!==o.picture&&(a.picture=o.picture),void 0!==o.verifiedEmail&&(a.verifiedEmail=o.verifiedEmail),void 0!==o.verifiedPhone&&(a.verifiedPhone=o.verifiedPhone),void 0!==o.ssoAppIds&&(a.ssoAppIds=o.ssoAppIds),void 0!==o.scim&&(a.scim=o.scim),t.transformResponse(e.httpClient.patch(d.patch,a,{token:s}),(e=>e.user))},delete:n=>t.transformResponse(e.httpClient.post(d.delete,{loginId:n},{token:s})),deleteByUserId:n=>t.transformResponse(e.httpClient.post(d.delete,{userId:n},{token:s})),deleteAllTestUsers:()=>t.transformResponse(e.httpClient.delete(d.deleteAllTestUsers,{token:s})),load:n=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{loginId:n},token:s}),(e=>e.user)),loadByUserId:n=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{userId:n},token:s}),(e=>e.user)),logoutUser:n=>t.transformResponse(e.httpClient.post(d.logout,{loginId:n},{token:s})),logoutUserByUserId:n=>t.transformResponse(e.httpClient.post(d.logout,{userId:n},{token:s})),searchAll:(n,o,a,r,i,p,l,m,c,g)=>t.transformResponse(e.httpClient.post(d.search,{tenantIds:n,roleNames:o,limit:a,page:r,testUsersOnly:i,withTestUser:p,customAttributes:l,statuses:m,emails:c,phones:g},{token:s}),(e=>e.users)),searchTestUsers:n=>t.transformResponse(e.httpClient.post(d.searchTestUsers,Object.assign(Object.assign({},n),{withTestUser:!0,testUsersOnly:!0,roleNames:n.roles,roles:void 0}),{token:s}),(e=>e.users)),search:n=>t.transformResponse(e.httpClient.post(d.search,Object.assign(Object.assign({},n),{roleNames:n.roles,roles:void 0}),{token:s}),(e=>e.users)),getProviderToken:(n,o,a)=>t.transformResponse(e.httpClient.get(d.getProviderToken,{queryParams:{loginId:n,provider:o,withRefreshToken:(null==a?void 0:a.withRefreshToken)?"true":"false",forceRefresh:(null==a?void 0:a.forceRefresh)?"true":"false"},token:s}),(e=>e)),activate:n=>t.transformResponse(e.httpClient.post(d.updateStatus,{loginId:n,status:"enabled"},{token:s}),(e=>e.user)),deactivate:n=>t.transformResponse(e.httpClient.post(d.updateStatus,{loginId:n,status:"disabled"},{token:s}),(e=>e.user)),updateLoginId:(n,o)=>t.transformResponse(e.httpClient.post(d.updateLoginId,{loginId:n,newLoginId:o},{token:s}),(e=>e.user)),updateEmail:(n,o,a)=>t.transformResponse(e.httpClient.post(d.updateEmail,{loginId:n,email:o,verified:a},{token:s}),(e=>e.user)),updatePhone:(n,o,a)=>t.transformResponse(e.httpClient.post(d.updatePhone,{loginId:n,phone:o,verified:a},{token:s}),(e=>e.user)),updateDisplayName:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(d.updateDisplayName,{loginId:n,displayName:o,givenName:a,middleName:r,familyName:i},{token:s}),(e=>e.user)),updatePicture:(n,o)=>t.transformResponse(e.httpClient.post(d.updatePicture,{loginId:n,picture:o},{token:s}),(e=>e.user)),updateCustomAttribute:(n,o,a)=>t.transformResponse(e.httpClient.post(d.updateCustomAttribute,{loginId:n,attributeKey:o,attributeValue:a},{token:s}),(e=>e.user)),setRoles:(n,o)=>t.transformResponse(e.httpClient.post(d.setRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addRoles:(n,o)=>t.transformResponse(e.httpClient.post(d.addRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),removeRoles:(n,o)=>t.transformResponse(e.httpClient.post(d.removeRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addTenant:(n,o)=>t.transformResponse(e.httpClient.post(d.addTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),removeTenant:(n,o)=>t.transformResponse(e.httpClient.post(d.removeTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),setTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(d.setRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),addTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(d.addRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),removeTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(d.removeRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),addSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(d.addSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),setSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(d.setSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),removeSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(d.removeSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),generateOTPForTestUser:(n,o,a)=>t.transformResponse(e.httpClient.post(d.generateOTPForTest,{deliveryMethod:n,loginId:o,loginOptions:a},{token:s}),(e=>e)),generateMagicLinkForTestUser:(n,o,a,r)=>t.transformResponse(e.httpClient.post(d.generateMagicLinkForTest,{deliveryMethod:n,loginId:o,URI:a,loginOptions:r},{token:s}),(e=>e)),generateEnchantedLinkForTestUser:(n,o,a)=>t.transformResponse(e.httpClient.post(d.generateEnchantedLinkForTest,{loginId:n,URI:o,loginOptions:a},{token:s}),(e=>e)),generateEmbeddedLink:(n,o,a)=>t.transformResponse(e.httpClient.post(d.generateEmbeddedLink,{loginId:n,customClaims:o,timeout:a},{token:s}),(e=>e)),generateSignUpEmbeddedLink:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(d.generateSignUpEmbeddedLink,{loginId:n,user:o,emailVerified:a,phoneVerified:r,loginOptions:i,timeout:p},{token:s}),(e=>e)),setTemporaryPassword:(n,o)=>t.transformResponse(e.httpClient.post(d.setTemporaryPassword,{loginId:n,password:o},{token:s}),(e=>e)),setActivePassword:(n,o)=>t.transformResponse(e.httpClient.post(d.setActivePassword,{loginId:n,password:o},{token:s}),(e=>e)),setPassword:(n,o)=>t.transformResponse(e.httpClient.post(d.setPassword,{loginId:n,password:o},{token:s}),(e=>e)),expirePassword:n=>t.transformResponse(e.httpClient.post(d.expirePassword,{loginId:n},{token:s}),(e=>e)),removeAllPasskeys:n=>t.transformResponse(e.httpClient.post(d.removeAllPasskeys,{loginId:n},{token:s}),(e=>e)),removeTOTPSeed:n=>t.transformResponse(e.httpClient.post(d.removeTOTPSeed,{loginId:n},{token:s}),(e=>e)),history:n=>t.transformResponse(e.httpClient.post(d.history,n,{token:s}),(e=>e))}),N=(e,s)=>({updateName:n=>t.transformResponse(e.httpClient.post(c.updateName,{name:n},{token:s})),updateTags:n=>t.transformResponse(e.httpClient.post(c.updateTags,{tags:n},{token:s})),clone:(n,o,a)=>t.transformResponse(e.httpClient.post(c.clone,{name:n,environment:o,tags:a},{token:s})),listProjects:async()=>t.transformResponse(e.httpClient.post(c.projectsList,{},{token:s}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:n})=>({id:e,name:t,environment:s,tags:n}))))),exportSnapshot:()=>t.transformResponse(e.httpClient.post(c.exportSnapshot,{},{token:s})),importSnapshot:n=>t.transformResponse(e.httpClient.post(c.importSnapshot,n,{token:s})),validateSnapshot:n=>t.transformResponse(e.httpClient.post(c.validateSnapshot,n,{token:s})),export:()=>t.transformResponse(e.httpClient.post(c.exportSnapshot,{},{token:s}),(e=>e.files)),import:n=>t.transformResponse(e.httpClient.post(c.importSnapshot,{files:n},{token:s}))}),P=(e,s)=>({create:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(u.create,{name:n,selfProvisioningDomains:o,customAttributes:a,enforceSSO:r,disabled:i},{token:s})),createWithId:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(u.create,{id:n,name:o,selfProvisioningDomains:a,customAttributes:r,enforceSSO:i,disabled:p},{token:s})),update:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(u.update,{id:n,name:o,selfProvisioningDomains:a,customAttributes:r,enforceSSO:i,disabled:p},{token:s})),delete:(n,o)=>t.transformResponse(e.httpClient.post(u.delete,{id:n,cascade:o},{token:s})),load:n=>t.transformResponse(e.httpClient.get(u.load,{queryParams:{id:n},token:s}),(e=>e)),loadAll:()=>t.transformResponse(e.httpClient.get(u.loadAll,{token:s}),(e=>e.tenants)),searchAll:(n,o,a,r)=>t.transformResponse(e.httpClient.post(u.searchAll,{tenantIds:n,tenantNames:o,tenantSelfProvisioningDomains:a,customAttributes:r},{token:s}),(e=>e.tenants)),getSettings:n=>t.transformResponse(e.httpClient.get(u.settings,{queryParams:{id:n},token:s}),(e=>e)),configureSettings:(n,o)=>t.transformResponse(e.httpClient.post(u.settings,Object.assign(Object.assign({},o),{tenantId:n}),{token:s})),generateSSOConfigurationLink:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(u.generateSSOConfigurationLink,{tenantId:n,expireTime:o,ssoId:a,email:r,templateId:i},{token:s}),(e=>e))}),E=(e,s)=>({update:(n,o,a)=>t.transformResponse(e.httpClient.post(R.update,{jwt:n,customClaims:o,refreshDuration:a},{token:s})),impersonate:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(R.impersonate,{impersonatorId:n,loginId:o,validateConsent:a,customClaims:r,selectedTenant:i,refreshDuration:p},{token:s})),stopImpersonation:(n,o,a,r)=>t.transformResponse(e.httpClient.post(R.stopImpersonation,{jwt:n,customClaims:o,selectedTenant:a,refreshDuration:r},{token:s})),signIn:(n,o)=>t.transformResponse(e.httpClient.post(R.signIn,Object.assign({loginId:n},o),{token:s})),signUp:(n,o,a)=>t.transformResponse(e.httpClient.post(R.signUp,Object.assign({loginId:n,user:o},a),{token:s})),signUpOrIn:(n,o,a)=>t.transformResponse(e.httpClient.post(R.signUpOrIn,Object.assign({loginId:n,user:o},a),{token:s})),anonymous:(n,o,a)=>t.transformResponse(e.httpClient.post(R.anonymous,{customClaims:n,selectedTenant:o,refreshDuration:a},{token:s}))}),M=(e,s)=>({create:(n,o)=>t.transformResponse(e.httpClient.post(y.create,{name:n,description:o},{token:s})),update:(n,o,a)=>t.transformResponse(e.httpClient.post(y.update,{name:n,newName:o,description:a},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(y.delete,{name:n},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(y.loadAll,{token:s}),(e=>e.permissions))}),U=(e,s)=>({create:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(I.create,{name:n,description:o,permissionNames:a,tenantId:r,default:i},{token:s})),update:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(I.update,{name:n,newName:o,description:a,permissionNames:r,tenantId:i,default:p},{token:s})),delete:(n,o)=>t.transformResponse(e.httpClient.post(I.delete,{name:n,tenantId:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(I.loadAll,{token:s}),(e=>e.roles)),search:n=>t.transformResponse(e.httpClient.post(I.search,n,{token:s}),(e=>e.roles))}),x=(e,s)=>({loadAllGroups:n=>t.transformResponse(e.httpClient.post(A.loadAllGroups,{tenantId:n},{token:s})),loadAllGroupsForMember:(n,o,a)=>t.transformResponse(e.httpClient.post(A.loadAllGroupsForMember,{tenantId:n,loginIds:a,userIds:o},{token:s})),loadAllGroupMembers:(n,o)=>t.transformResponse(e.httpClient.post(A.loadAllGroupMembers,{tenantId:n,groupId:o},{token:s}))});function D(e){var t,s;const n=e;return n.oidc&&(n.oidc=Object.assign(Object.assign({},n.oidc),{attributeMapping:n.oidc.userAttrMapping}),delete n.oidc.userAttrMapping),(null===(t=n.saml)||void 0===t?void 0:t.groupsMapping)&&(n.saml.groupsMapping=null===(s=n.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),n}const L=(e,s)=>({getSettings:n=>t.transformResponse(e.httpClient.get(k.settings,{queryParams:{tenantId:n},token:s}),(e=>e)),newSettings:(n,o,a)=>t.transformResponse(e.httpClient.post(k.settingsNew,Object.assign(Object.assign({tenantId:n},o?{ssoId:o}:{}),{displayName:a}),{token:s}),(e=>D(e))),deleteSettings:(n,o)=>t.transformResponse(e.httpClient.delete(k.settings,{queryParams:Object.assign({tenantId:n},o?{ssoId:o}:{}),token:s})),configureSettings:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(k.settings,{tenantId:n,idpURL:o,entityId:r,idpCert:a,redirectURL:i,domains:p},{token:s})),configureMetadata:(n,o,a,r)=>t.transformResponse(e.httpClient.post(k.metadata,{tenantId:n,idpMetadataURL:o,redirectURL:a,domains:r},{token:s})),configureMapping:(n,o,a)=>t.transformResponse(e.httpClient.post(k.mapping,{tenantId:n,roleMappings:o,attributeMapping:a},{token:s})),configureOIDCSettings:(n,o,a,r)=>{const i=Object.assign(Object.assign({},o),{userAttrMapping:o.attributeMapping});return delete i.attributeMapping,t.transformResponse(e.httpClient.post(k.oidc.configure,Object.assign({tenantId:n,settings:i,domains:a},r?{ssoId:r}:{}),{token:s}))},configureSAMLSettings:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(k.saml.configure,Object.assign({tenantId:n,settings:o,redirectUrl:a,domains:r},i?{ssoId:i}:{}),{token:s})),configureSAMLByMetadata:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(k.saml.metadata,Object.assign({tenantId:n,settings:o,redirectUrl:a,domains:r},i?{ssoId:i}:{}),{token:s})),loadSettings:(n,o)=>t.transformResponse(e.httpClient.get(k.settingsv2,{queryParams:Object.assign({tenantId:n},o?{ssoId:o}:{}),token:s}),(e=>D(e))),loadAllSettings:n=>t.transformResponse(e.httpClient.get(k.settingsAllV2,{queryParams:{tenantId:n},token:s}),(e=>function(e){const t=e.SSOSettings,s=[];return t.forEach((e=>s.push(D(e)))),s}(e)))}),F=(e,s)=>({create:(n,o,a,r,i,p,l,m)=>t.transformResponse(e.httpClient.post(g.create,{name:n,expireTime:o,roleNames:a,keyTenants:r,userId:i,customClaims:p,description:l,permittedIps:m},{token:s})),load:n=>t.transformResponse(e.httpClient.get(g.load,{queryParams:{id:n},token:s}),(e=>e.key)),searchAll:n=>t.transformResponse(e.httpClient.post(g.search,{tenantIds:n},{token:s}),(e=>e.keys)),update:(n,o,a,r,i,p,l)=>t.transformResponse(e.httpClient.post(g.update,{id:n,name:o,description:a,roleNames:r,keyTenants:i,customClaims:p,permittedIps:l},{token:s}),(e=>e.key)),deactivate:n=>t.transformResponse(e.httpClient.post(g.deactivate,{id:n},{token:s})),activate:n=>t.transformResponse(e.httpClient.post(g.activate,{id:n},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(g.delete,{id:n},{token:s}))}),q=(e,s)=>({list:()=>t.transformResponse(e.httpClient.post(b.list,{},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(b.delete,{ids:n},{token:s})),export:n=>t.transformResponse(e.httpClient.post(b.export,{flowId:n},{token:s})),import:(n,o,a)=>t.transformResponse(e.httpClient.post(b.import,{flowId:n,flow:o,screens:a},{token:s}))}),z=(e,s)=>({export:()=>t.transformResponse(e.httpClient.post(S.export,{},{token:s})),import:n=>t.transformResponse(e.httpClient.post(S.import,{theme:n},{token:s}))}),J=(e,s)=>({search:n=>{const o=Object.assign(Object.assign({},n),{externalIds:n.loginIds});return delete o.loginIds,t.transformResponse(e.httpClient.post(w.search,o,{token:s}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))},createEvent:n=>{const o=Object.assign({},n);return t.transformResponse(e.httpClient.post(w.createEvent,o,{token:s}))}}),$=(e,s)=>({saveSchema:(n,o)=>t.transformResponse(e.httpClient.post(O.schemaSave,{schema:n,upgrade:o},{token:s})),deleteSchema:()=>t.transformResponse(e.httpClient.post(O.schemaDelete,{},{token:s})),loadSchema:()=>t.transformResponse(e.httpClient.post(O.schemaLoad,{},{token:s}),(e=>e.schema)),saveNamespace:(n,o,a)=>t.transformResponse(e.httpClient.post(O.nsSave,{namespace:n,oldName:o,schemaName:a},{token:s})),deleteNamespace:(n,o)=>t.transformResponse(e.httpClient.post(O.nsDelete,{name:n,schemaName:o},{token:s})),saveRelationDefinition:(n,o,a,r)=>t.transformResponse(e.httpClient.post(O.rdSave,{relationDefinition:n,namespace:o,oldName:a,schemaName:r},{token:s})),deleteRelationDefinition:(n,o,a)=>t.transformResponse(e.httpClient.post(O.rdDelete,{name:n,namespace:o,schemaName:a},{token:s})),createRelations:n=>t.transformResponse(e.httpClient.post(O.reCreate,{relations:n},{token:s})),deleteRelations:n=>t.transformResponse(e.httpClient.post(O.reDelete,{relations:n},{token:s})),deleteRelationsForResources:n=>t.transformResponse(e.httpClient.post(O.reDeleteResources,{resources:n},{token:s})),deleteResourceRelationsForResources:n=>t.transformResponse(e.httpClient.post(O.reDeleteResourceRelationsForResources,{resources:n},{token:s})),deleteRelationsForIds:n=>t.transformResponse(e.httpClient.post(O.reDeleteResources,{resources:n},{token:s})),hasRelations:n=>t.transformResponse(e.httpClient.post(O.hasRelations,{relationQueries:n},{token:s}),(e=>e.relationQueries)),whoCanAccess:(n,o,a)=>t.transformResponse(e.httpClient.post(O.who,{resource:n,relationDefinition:o,namespace:a},{token:s}),(e=>e.targets)),resourceRelations:(n,o=!1)=>t.transformResponse(e.httpClient.post(O.resource,{resource:n,ignoreTargetSetRelations:o},{token:s}),(e=>e.relations)),targetsRelations:(n,o=!1)=>t.transformResponse(e.httpClient.post(O.targets,{targets:n,includeTargetSetRelations:o},{token:s}),(e=>e.relations)),whatCanTargetAccess:n=>t.transformResponse(e.httpClient.post(O.targetAll,{target:n},{token:s}),(e=>e.relations)),whatCanTargetAccessWithRelation:(n,o,a)=>t.transformResponse(e.httpClient.post(O.targetWithRelation,{target:n,relationDefinition:o,namespace:a},{token:s}),(e=>e.resources.map((e=>({resource:e}))))),getModified:n=>t.transformResponse(e.httpClient.post(O.getModified,{since:n?n.getTime():0},{token:s}),(e=>e))}),K=(e,s)=>({createOidcApplication:n=>{var o;return t.transformResponse(e.httpClient.post(h.oidcCreate,Object.assign(Object.assign({},n),{enabled:null===(o=n.enabled)||void 0===o||o}),{token:s}))},createSamlApplication:n=>{var o;return t.transformResponse(e.httpClient.post(h.samlCreate,Object.assign(Object.assign({},n),{enabled:null===(o=n.enabled)||void 0===o||o}),{token:s}))},updateOidcApplication:n=>t.transformResponse(e.httpClient.post(h.oidcUpdate,Object.assign({},n),{token:s})),updateSamlApplication:n=>t.transformResponse(e.httpClient.post(h.samlUpdate,Object.assign({},n),{token:s})),delete:n=>t.transformResponse(e.httpClient.post(h.delete,{id:n},{token:s})),load:n=>t.transformResponse(e.httpClient.get(h.load,{queryParams:{id:n},token:s}),(e=>e)),loadAll:()=>t.transformResponse(e.httpClient.get(h.loadAll,{token:s}),(e=>e.apps))}),W=(e,s)=>({getSettings:n=>t.transformResponse(e.httpClient.get(C.settings,{queryParams:{tenantId:n},token:s}),(e=>e)),configureSettings:(n,o)=>t.transformResponse(e.httpClient.post(C.settings,Object.assign(Object.assign({},o),{tenantId:n}),{token:s}))}),G=(e,s)=>({saveSchema:n=>t.transformResponse(e.httpClient.post(j.schema,n,{token:s})),deleteSchema:()=>t.transformResponse(e.httpClient.post(O.schemaDelete,{},{token:s})),createRelations:n=>t.transformResponse(e.httpClient.post(j.relations,{tuples:n},{token:s})),deleteRelations:n=>t.transformResponse(e.httpClient.post(j.deleteRelations,{tuples:n},{token:s})),check:n=>t.transformResponse(e.httpClient.post(j.check,{tuples:n},{token:s}),(e=>e.tuples)),loadResourcesDetails:n=>t.transformResponse(e.httpClient.post(j.resourcesLoad,{resourceIdentifiers:n},{token:s}),(e=>e.resourcesDetails)),saveResourcesDetails:n=>t.transformResponse(e.httpClient.post(j.resourcesSave,{resourcesDetails:n},{token:s})),deleteAllRelations:()=>t.transformResponse(e.httpClient.delete(j.relations,{token:s}))}),B=(e,s)=>({createApplication:n=>t.transformResponse(e.httpClient.post(v.create,Object.assign({},n),{token:s})),updateApplication:n=>t.transformResponse(e.httpClient.post(v.update,Object.assign({},n),{token:s})),patchApplication:n=>t.transformResponse(e.httpClient.post(v.patch,Object.assign({},n),{token:s})),deleteApplication:n=>t.transformResponse(e.httpClient.post(v.delete,{id:n},{token:s})),loadApplication:n=>t.transformResponse(e.httpClient.get(v.load,{queryParams:{id:n},token:s}),(e=>e)),loadAllApplications:()=>t.transformResponse(e.httpClient.get(v.loadAll,{token:s}),(e=>e.apps)),getApplicationSecret:n=>t.transformResponse(e.httpClient.get(v.secret,{queryParams:{id:n},token:s}),(e=>e)),rotateApplicationSecret:n=>t.transformResponse(e.httpClient.post(v.rotate,{id:n},{token:s})),searchConsents:n=>t.transformResponse(e.httpClient.post(f.search,Object.assign({},n),{token:s}),(e=>e.consents)),deleteConsents:n=>t.transformResponse(e.httpClient.post(f.delete,Object.assign({},n),{token:s}))});const V=n=>{var o,{managementKey:r,publicKey:d}=n,c=e.__rest(n,["managementKey","publicKey"]);const g=a.default(Object.assign(Object.assign({fetch:i},c),{baseHeaders:Object.assign(Object.assign({},c.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(o=null===process||void 0===process?void 0:process.versions)||void 0===o?void 0:o.node)||"","x-descope-sdk-version":"1.7.7"})})),{projectId:u,logger:h}=c,v={},f=((e,t)=>({user:T(e,t),project:N(e,t),accessKey:F(e,t),tenant:P(e,t),ssoApplication:K(e,t),inboundApplication:B(e,t),sso:L(e,t),jwt:E(e,t),permission:M(e,t),password:W(e,t),role:U(e,t),group:x(e,t),flow:q(e,t),theme:z(e,t),audit:J(e,t),authz:$(e,t),fga:G(e,t)}))(g,r),k=Object.assign(Object.assign({},g),{refresh:async e=>g.refresh(e),management:f,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(v[e.kid])return v[e.kid];if(Object.assign(v,await(async()=>{if(d)try{const e=JSON.parse(d),t=await s.importJWK(e);return{[e.kid]:t}}catch(e){throw null==h||h.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await g.httpClient.get(`v2/keys/${u}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!v[e.kid])throw Error("failed to fetch matching key");return v[e.kid]},async validateJwt(e){var t;const n=(await s.jwtVerify(e,k.getKey,{clockTolerance:5})).payload;if(n&&(n.iss=null===(t=n.iss)||void 0===t?void 0:t.split("/").pop(),n.iss!==u))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:n}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await k.validateJwt(e)}catch(e){throw null==h||h.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await k.validateJwt(e);const n=await k.refresh(e);if(n.ok){return await k.validateJwt(null===(t=n.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=n.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==h||h.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await k.validateSession(e)}catch(e){null==h||h.log(`session validation failed with error ${e} - trying to refresh it`)}return k.refreshSession(t)},async exchangeAccessKey(e,t){var s;if(!e)throw Error("access key must not be empty");let n;try{n=await k.accessKey.exchange(e,t)}catch(e){throw null==h||h.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!n.ok)throw null==h||h.error("failed to exchange access key",n.error),Error(`could not exchange access key - ${null===(s=n.error)||void 0===s?void 0:s.errorMessage}`);const{sessionJwt:o}=n.data;if(!o)throw null==h||h.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await k.validateJwt(o)}catch(e){throw null==h||h.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>k.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>k.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!m(e,t))return!1;const n=l(e,"permissions",t);return s.every((e=>n.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!m(e,t))return[];const n=l(e,"permissions",t);return s.filter((e=>n.includes(e)))},validateRoles:(e,t)=>k.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>k.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!m(e,t))return!1;const n=l(e,"roles",t);return s.every((e=>n.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!m(e,t))return[];const n=l(e,"roles",t);return s.filter((e=>n.includes(e)))}});return t.wrapWith(k,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],p)};V.RefreshTokenCookieName="DSR",V.SessionTokenCookieName="DS",V.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"},module.exports=V;
|
|
2
2
|
//# sourceMappingURL=index.cjs.js.map
|