@descope/node-sdk 2.10.0 → 2.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +31 -0
- package/dist/cjs/index.cjs.js +1 -1
- package/dist/cjs/index.cjs.js.map +1 -1
- package/dist/index.d.ts +30 -4
- package/dist/index.esm.js +1 -1
- package/dist/index.esm.js.map +1 -1
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -78,6 +78,7 @@ Then, you can use that to work with the following functions:
|
|
|
78
78
|
15. [Manage SSO applications](#manage-sso-applications)
|
|
79
79
|
16. [Manage Management Keys](#manage-management-keys)
|
|
80
80
|
17. [Manage Descopers](#manage-descopers)
|
|
81
|
+
18. [Manage Engines](#manage-engines)
|
|
81
82
|
|
|
82
83
|
If you wish to run any of our code samples and play with them, check out our [Code Examples](#code-examples) section.
|
|
83
84
|
|
|
@@ -1780,6 +1781,36 @@ await descopeClient.management.descoper.update(
|
|
|
1780
1781
|
await descopeClient.management.descoper.delete('descoper-id');
|
|
1781
1782
|
```
|
|
1782
1783
|
|
|
1784
|
+
### Manage Engines
|
|
1785
|
+
|
|
1786
|
+
You can create, update, delete, load engines, and rotate their secrets. The engine secret
|
|
1787
|
+
is returned only on create and rotate — store it securely, as it cannot be retrieved again.
|
|
1788
|
+
|
|
1789
|
+
```typescript
|
|
1790
|
+
// Create an engine. The response includes the generated id and secret.
|
|
1791
|
+
const createRes = await descopeClient.management.engine.create('My Engine');
|
|
1792
|
+
const { id, secret } = createRes.data; // save `secret` securely!
|
|
1793
|
+
|
|
1794
|
+
// Update an engine's name (the response does not include the secret).
|
|
1795
|
+
await descopeClient.management.engine.update(id, 'Updated Engine Name');
|
|
1796
|
+
|
|
1797
|
+
// Load a specific engine by id (the secret is always empty).
|
|
1798
|
+
const engineRes = await descopeClient.management.engine.load(id);
|
|
1799
|
+
|
|
1800
|
+
// Load all engines (secrets are always empty).
|
|
1801
|
+
const enginesRes = await descopeClient.management.engine.loadAll();
|
|
1802
|
+
enginesRes.data.forEach((engine) => {
|
|
1803
|
+
// do something
|
|
1804
|
+
});
|
|
1805
|
+
|
|
1806
|
+
// Rotate an engine's secret. The previous secret is invalidated and the new one returned.
|
|
1807
|
+
const rotateRes = await descopeClient.management.engine.rotateSecret(id);
|
|
1808
|
+
const newSecret = rotateRes.data.secret;
|
|
1809
|
+
|
|
1810
|
+
// Engine deletion cannot be undone. Use carefully.
|
|
1811
|
+
await descopeClient.management.engine.delete(id);
|
|
1812
|
+
```
|
|
1813
|
+
|
|
1783
1814
|
### Utils for your end to end (e2e) tests and integration tests
|
|
1784
1815
|
|
|
1785
1816
|
To ease your e2e tests, we exposed dedicated management methods,
|
package/dist/cjs/index.cjs.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
"use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),o=require("cross-fetch");function a(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var r=a(t);var n;null!==(n=globalThis.Headers)&&void 0!==n||(globalThis.Headers=o.Headers);const i="function"==typeof globalThis.fetch?(...e)=>globalThis.fetch(...e):(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),o.fetch(...e)),p=(e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|[;,]\\s*)${t}=([^;]*)`));return s?s[1]:null};const d=t=>async(...s)=>{var o,a,r;const n=await t(...s);if(!n.data)return n;let i=n.data,{refreshJwt:d}=i,m=e.__rest(i,["refreshJwt"]);const l=[];var c;return d?l.push(`${"DSR"}=${d}; Domain=${(null==(c=m)?void 0:c.cookieDomain)||""}; Max-Age=${(null==c?void 0:c.cookieMaxAge)||""}; Path=${(null==c?void 0:c.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(o=n.response)||void 0===o?void 0:o.headers.get("set-cookie"))&&(d=p(null===(a=n.response)||void 0===a?void 0:a.headers.get("set-cookie"),"DSR"),l.push(null===(r=n.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},n),{data:Object.assign(Object.assign({},n.data),{refreshJwt:d,cookies:l})})};function m(e,t,s){var o,a;const r=s?null===(a=null===(o=e.token.tenants)||void 0===o?void 0:o[s])||void 0===a?void 0:a[t]:e.token[t];return Array.isArray(r)?r:[]}function l(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var c={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",patchBatch:"/v1/mgmt/user/patch/batch",delete:"/v1/mgmt/user/delete",deleteBatch:"/v1/mgmt/user/delete/batch",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",loadUsers:"/v1/mgmt/users/load",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",generateSignUpEmbeddedLink:"/v1/mgmt/user/signup/embeddedlink",history:"/v1/mgmt/user/history"},u={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},f={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",updateDefaultRoles:"/v1/mgmt/tenant/updateDefaultRoles",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate"},v={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",wsfedCreate:"/v1/mgmt/sso/idp/app/wsfed/create",wsfedUpdate:"/v1/mgmt/sso/idp/app/wsfed/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},h={create:"/v1/mgmt/thirdparty/app/create",update:"/v1/mgmt/thirdparty/app/update",patch:"/v1/mgmt/thirdparty/app/patch",delete:"/v1/mgmt/thirdparty/app/delete",load:"/v1/mgmt/thirdparty/app/load",loadAll:"/v1/mgmt/thirdparty/apps/load",secret:"/v1/mgmt/thirdparty/app/secret",rotate:"/v1/mgmt/thirdparty/app/rotate"},R={delete:"/v1/mgmt/thirdparty/consents/delete",search:"/v1/mgmt/thirdparty/consents/search"},y={create:"/v1/mgmt/outbound/app/create",createByTemplate:"/v1/mgmt/outbound/app/create/bytemplate",update:"/v1/mgmt/outbound/app/update",delete:"/v1/mgmt/outbound/app/delete",load:"/v1/mgmt/outbound/app",loadAll:"/v1/mgmt/outbound/apps",fetchToken:"/v1/mgmt/outbound/app/user/token/latest",fetchTokenByScopes:"/v1/mgmt/outbound/app/user/token",fetchTenantToken:"/v1/mgmt/outbound/app/tenant/token/latest",fetchTenantTokenByScopes:"/v1/mgmt/outbound/app/tenant/token",deleteUserTokens:"/v1/mgmt/outbound/user/tokens",deleteTokenById:"/v1/mgmt/outbound/token",listAppsWithUserToken:"/v1/mgmt/outbound/apps-with-user-token",uploadUserApiKey:"/v1/mgmt/outbound/app/user/apikey/upload",uploadTenantApiKey:"/v1/mgmt/outbound/app/tenant/apikey/upload",uploadUserToken:"/v1/mgmt/outbound/app/user/oauthtoken/upload",uploadTenantToken:"/v1/mgmt/outbound/app/tenant/oauthtoken/upload",batchUploadUserTokens:"/v1/mgmt/outbound/app/user/oauthtoken/batch/upload",batchUploadTenantTokens:"/v1/mgmt/outbound/app/tenant/oauthtoken/batch/upload"},b={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},I={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous",clientAssertion:"/v1/mgmt/token/clientassertion"},k={settings:"/v1/mgmt/password/settings"},T={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},A={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},O={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import",run:"/v1/mgmt/flow/run"},w={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},j={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},S={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},U={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},N={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save"},P={create:"/v1/mgmt/descoper",update:"/v1/mgmt/descoper",get:"/v1/mgmt/descoper",delete:"/v1/mgmt/descoper",list:"/v1/mgmt/descoper/list"},E={create:"/v1/mgmt/managementkey",update:"/v1/mgmt/managementkey",load:"/v1/mgmt/managementkey",delete:"/v1/mgmt/managementkey/delete",search:"/v1/mgmt/managementkey/search"},x={get:"/v1/mgmt/license"};function C(t){return t.map((t=>{var{loginIdOrUserId:s,loginId:o,roles:a}=t,r=e.__rest(t,["loginIdOrUserId","loginId","roles"]);return Object.assign(Object.assign({},r),{loginId:null!=s?s:o,roleNames:a})}))}const M=e=>{function s(e,t){const s={loginId:e};return void 0!==t.email&&(s.email=t.email),void 0!==t.phone&&(s.phone=t.phone),void 0!==t.displayName&&(s.displayName=t.displayName),void 0!==t.givenName&&(s.givenName=t.givenName),void 0!==t.middleName&&(s.middleName=t.middleName),void 0!==t.familyName&&(s.familyName=t.familyName),void 0!==t.roles&&(s.roleNames=t.roles),void 0!==t.userTenants&&(s.userTenants=t.userTenants),void 0!==t.customAttributes&&(s.customAttributes=t.customAttributes),void 0!==t.picture&&(s.picture=t.picture),void 0!==t.verifiedEmail&&(s.verifiedEmail=t.verifiedEmail),void 0!==t.verifiedPhone&&(s.verifiedPhone=t.verifiedPhone),void 0!==t.ssoAppIds&&(s.ssoAppIds=t.ssoAppIds),void 0!==t.scim&&(s.scim=t.scim),void 0!==t.status&&(s.status=t.status),void 0!==t.additionalIdentifiers&&(s.additionalIdentifiers=t.additionalIdentifiers),s}return{create:function(s,o,a,r,n,i,p,d,m,l,u,g,f,v){const h="string"==typeof o?{loginId:s,email:o,phone:a,displayName:r,givenName:u,middleName:g,familyName:f,roleNames:n,userTenants:i,customAttributes:p,picture:d,verifiedEmail:m,verifiedPhone:l,additionalLoginIds:v}:Object.assign(Object.assign({loginId:s},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.post(c.create,h),(e=>e.user))},createTestUser:function(s,o,a,r,n,i,p,d,m,l,u,g,f,v){const h="string"==typeof o?{loginId:s,email:o,phone:a,displayName:r,givenName:u,middleName:g,familyName:f,roleNames:n,userTenants:i,customAttributes:p,picture:d,verifiedEmail:m,verifiedPhone:l,additionalLoginIds:v,test:!0}:Object.assign(Object.assign({loginId:s},o),{roleNames:null==o?void 0:o.roles,roles:void 0,test:!0});return t.transformResponse(e.post(c.createTestUser,h),(e=>e.user))},invite:function(s,o,a,r,n,i,p,d,m,l,u,g,f,v,h,R,y,b,I){const k="string"==typeof o?{loginId:s,email:o,phone:a,displayName:r,givenName:v,middleName:h,familyName:R,roleNames:n,userTenants:i,invite:!0,customAttributes:p,picture:d,verifiedEmail:m,verifiedPhone:l,inviteUrl:u,sendMail:g,sendSMS:f,additionalLoginIds:y,templateId:b,locale:I}:Object.assign(Object.assign({loginId:s},o),{roleNames:null==o?void 0:o.roles,roles:void 0,invite:!0});return t.transformResponse(e.post(c.create,k),(e=>e.user))},inviteBatch:(s,o,a,r,n,i,p)=>t.transformResponse(e.post(c.createBatch,{users:C(s),invite:!0,inviteUrl:o,sendMail:a,sendSMS:r,templateOptions:n,templateId:i,locale:p}),(e=>e)),createBatch:s=>t.transformResponse(e.post(c.createBatch,{users:C(s)}),(e=>e)),deleteBatch:s=>t.transformResponse(e.post(c.deleteBatch,{userIds:s})),update:function(s,o,a,r,n,i,p,d,m,l,u,g,f,v){const h="string"==typeof o?{loginId:s,email:o,phone:a,displayName:r,givenName:u,middleName:g,familyName:f,roleNames:n,userTenants:i,customAttributes:p,picture:d,verifiedEmail:m,verifiedPhone:l,additionalLoginIds:v}:Object.assign(Object.assign({loginId:s},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.post(c.update,h),(e=>e.user))},patch:function(o,a){const r=s(o,a);return t.transformResponse(e.patch(c.patch,r),(e=>e.user))},patchBatch:function(o){if(o.find((e=>!e.loginIdOrUserId&&!e.loginId)))return Promise.reject(new Error("patchBatch: each user must have loginIdOrUserId or loginId"));const a={users:o.map((e=>{var t;return s(null!==(t=e.loginIdOrUserId)&&void 0!==t?t:e.loginId,e)}))};return t.transformResponse(e.patch(c.patchBatch,a),(e=>e))},delete:s=>t.transformResponse(e.post(c.delete,{loginId:s})),deleteByUserId:s=>t.transformResponse(e.post(c.delete,{userId:s})),deleteAllTestUsers:()=>t.transformResponse(e.delete(c.deleteAllTestUsers)),load:s=>t.transformResponse(e.get(c.load,{queryParams:{loginId:s}}),(e=>e.user)),loadByUserId:s=>t.transformResponse(e.get(c.load,{queryParams:{userId:s}}),(e=>e.user)),logoutUser:s=>t.transformResponse(e.post(c.logout,{loginId:s})),logoutUserByUserId:s=>t.transformResponse(e.post(c.logout,{userId:s})),loadUsers:(s,o)=>t.transformResponse(e.post(c.loadUsers,{userIds:s,includeInvalidUsers:o}),(e=>e.users)),searchAll:(s,o,a,r,n,i,p,d,m,l)=>t.transformResponse(e.post(c.search,{tenantIds:s,roleNames:o,limit:a,page:r,testUsersOnly:n,withTestUser:i,customAttributes:p,statuses:d,emails:m,phones:l}),(e=>e.users)),searchTestUsers:s=>t.transformResponse(e.post(c.searchTestUsers,Object.assign(Object.assign({},s),{withTestUser:!0,testUsersOnly:!0,roleNames:s.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),search:s=>t.transformResponse(e.post(c.search,Object.assign(Object.assign({},s),{roleNames:s.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),getProviderToken:(s,o,a)=>t.transformResponse(e.get(c.getProviderToken,{queryParams:{loginId:s,provider:o,withRefreshToken:(null==a?void 0:a.withRefreshToken)?"true":"false",forceRefresh:(null==a?void 0:a.forceRefresh)?"true":"false"}}),(e=>e)),activate:s=>t.transformResponse(e.post(c.updateStatus,{loginId:s,status:"enabled"}),(e=>e.user)),deactivate:s=>t.transformResponse(e.post(c.updateStatus,{loginId:s,status:"disabled"}),(e=>e.user)),updateLoginId:(s,o)=>t.transformResponse(e.post(c.updateLoginId,{loginId:s,newLoginId:o}),(e=>e.user)),updateEmail:(s,o,a,r)=>t.transformResponse(e.post(c.updateEmail,{loginId:s,email:o,verified:a,failOnConflict:r}),(e=>e.user)),updatePhone:(s,o,a,r)=>t.transformResponse(e.post(c.updatePhone,{loginId:s,phone:o,verified:a,failOnConflict:r}),(e=>e.user)),updateDisplayName:(s,o,a,r,n)=>t.transformResponse(e.post(c.updateDisplayName,{loginId:s,displayName:o,givenName:a,middleName:r,familyName:n}),(e=>e.user)),updatePicture:(s,o)=>t.transformResponse(e.post(c.updatePicture,{loginId:s,picture:o}),(e=>e.user)),updateCustomAttribute:(s,o,a)=>t.transformResponse(e.post(c.updateCustomAttribute,{loginId:s,attributeKey:o,attributeValue:a}),(e=>e.user)),setRoles:(s,o)=>t.transformResponse(e.post(c.setRole,{loginId:s,roleNames:o}),(e=>e.user)),addRoles:(s,o)=>t.transformResponse(e.post(c.addRole,{loginId:s,roleNames:o}),(e=>e.user)),removeRoles:(s,o)=>t.transformResponse(e.post(c.removeRole,{loginId:s,roleNames:o}),(e=>e.user)),addTenant:(s,o)=>t.transformResponse(e.post(c.addTenant,{loginId:s,tenantId:o}),(e=>e.user)),removeTenant:(s,o)=>t.transformResponse(e.post(c.removeTenant,{loginId:s,tenantId:o}),(e=>e.user)),setTenantRoles:(s,o,a)=>t.transformResponse(e.post(c.setRole,{loginId:s,tenantId:o,roleNames:a}),(e=>e.user)),addTenantRoles:(s,o,a)=>t.transformResponse(e.post(c.addRole,{loginId:s,tenantId:o,roleNames:a}),(e=>e.user)),removeTenantRoles:(s,o,a)=>t.transformResponse(e.post(c.removeRole,{loginId:s,tenantId:o,roleNames:a}),(e=>e.user)),addSSOapps:(s,o)=>t.transformResponse(e.post(c.addSSOApps,{loginId:s,ssoAppIds:o}),(e=>e.user)),setSSOapps:(s,o)=>t.transformResponse(e.post(c.setSSOApps,{loginId:s,ssoAppIds:o}),(e=>e.user)),removeSSOapps:(s,o)=>t.transformResponse(e.post(c.removeSSOApps,{loginId:s,ssoAppIds:o}),(e=>e.user)),generateOTPForTestUser:(s,o,a)=>t.transformResponse(e.post(c.generateOTPForTest,{deliveryMethod:s,loginId:o,loginOptions:a}),(e=>e)),generateMagicLinkForTestUser:(s,o,a,r)=>t.transformResponse(e.post(c.generateMagicLinkForTest,{deliveryMethod:s,loginId:o,URI:a,loginOptions:r}),(e=>e)),generateEnchantedLinkForTestUser:(s,o,a)=>t.transformResponse(e.post(c.generateEnchantedLinkForTest,{loginId:s,URI:o,loginOptions:a}),(e=>e)),generateEmbeddedLink:(s,o,a)=>t.transformResponse(e.post(c.generateEmbeddedLink,{loginId:s,customClaims:o,timeout:a}),(e=>e)),generateSignUpEmbeddedLink:(s,o,a,r,n,i)=>t.transformResponse(e.post(c.generateSignUpEmbeddedLink,{loginId:s,user:o,emailVerified:a,phoneVerified:r,loginOptions:n,timeout:i}),(e=>e)),setTemporaryPassword:(s,o)=>t.transformResponse(e.post(c.setTemporaryPassword,{loginId:s,password:o}),(e=>e)),setActivePassword:(s,o)=>t.transformResponse(e.post(c.setActivePassword,{loginId:s,password:o}),(e=>e)),setPassword:(s,o)=>t.transformResponse(e.post(c.setPassword,{loginId:s,password:o}),(e=>e)),expirePassword:s=>t.transformResponse(e.post(c.expirePassword,{loginId:s}),(e=>e)),removeAllPasskeys:s=>t.transformResponse(e.post(c.removeAllPasskeys,{loginId:s}),(e=>e)),removeTOTPSeed:s=>t.transformResponse(e.post(c.removeTOTPSeed,{loginId:s}),(e=>e)),history:s=>t.transformResponse(e.post(c.history,s),(e=>e))}},D=e=>({create:(s,o,a,r,n,i,p)=>t.transformResponse(e.post(f.create,{name:s,selfProvisioningDomains:o,customAttributes:a,enforceSSO:r,disabled:n,parent:i,roleInheritance:p})),createWithId:(s,o,a,r,n,i,p,d)=>t.transformResponse(e.post(f.create,{id:s,name:o,selfProvisioningDomains:a,customAttributes:r,enforceSSO:n,disabled:i,parent:p,roleInheritance:d})),update:(s,o,a,r,n,i,p)=>t.transformResponse(e.post(f.update,{id:s,name:o,selfProvisioningDomains:a,customAttributes:r,enforceSSO:n,disabled:i,roleInheritance:p})),updateDefaultRoles:(s,o)=>t.transformResponse(e.post(f.updateDefaultRoles,{id:s,defaultRoles:o})),delete:(s,o)=>t.transformResponse(e.post(f.delete,{id:s,cascade:o})),load:s=>t.transformResponse(e.get(f.load,{queryParams:{id:s}}),(e=>e)),loadAll:()=>t.transformResponse(e.get(f.loadAll,{}),(e=>e.tenants)),searchAll:(s,o,a,r,n)=>t.transformResponse(e.post(f.searchAll,{tenantIds:s,tenantNames:o,tenantSelfProvisioningDomains:a,customAttributes:r,parentTenantId:n}),(e=>e.tenants)),getSettings:s=>t.transformResponse(e.get(f.settings,{queryParams:{id:s}}),(e=>e)),configureSettings:(s,o)=>t.transformResponse(e.post(f.settings,Object.assign(Object.assign({},o),{tenantId:s}),{})),generateSSOConfigurationLink:(s,o,a,r,n,i)=>t.transformResponse(e.post(f.generateSSOConfigurationLink,{tenantId:s,expireTime:o,ssoId:a,email:r,templateId:n,actorId:i},{}),(e=>e))}),L=e=>({update:(s,o,a)=>t.transformResponse(e.post(I.update,{jwt:s,customClaims:o,refreshDuration:a})),impersonate:(s,o,a,r,n,i)=>t.transformResponse(e.post(I.impersonate,{impersonatorId:s,loginId:o,validateConsent:a,customClaims:r,selectedTenant:n,refreshDuration:i})),stopImpersonation:(s,o,a,r)=>t.transformResponse(e.post(I.stopImpersonation,{jwt:s,customClaims:o,selectedTenant:a,refreshDuration:r})),signIn:(s,o)=>t.transformResponse(e.post(I.signIn,Object.assign({loginId:s},o))),signUp:(s,o,a)=>t.transformResponse(e.post(I.signUp,Object.assign({loginId:s,user:o},a))),signUpOrIn:(s,o,a)=>t.transformResponse(e.post(I.signUpOrIn,Object.assign({loginId:s,user:o},a))),anonymous:(s,o,a)=>t.transformResponse(e.post(I.anonymous,{customClaims:s,selectedTenant:o,refreshDuration:a})),generateClientAssertionJwt:(s,o,a,r,n,i)=>t.transformResponse(e.post(I.clientAssertion,{issuer:s,subject:o,audience:a,expiresIn:r,flattenAudience:n,algorithm:i}))}),q=e=>({create:(s,o)=>t.transformResponse(e.post(T.create,{name:s,description:o})),update:(s,o,a)=>t.transformResponse(e.post(T.update,{name:s,newName:o,description:a})),delete:s=>t.transformResponse(e.post(T.delete,{name:s})),loadAll:()=>t.transformResponse(e.get(T.loadAll,{}),(e=>e.permissions))}),B=e=>({create:(s,o,a,r,n)=>t.transformResponse(e.post(A.create,{name:s,description:o,permissionNames:a,tenantId:r,default:n})),update:(s,o,a,r,n,i)=>t.transformResponse(e.post(A.update,{name:s,newName:o,description:a,permissionNames:r,tenantId:n,default:i})),delete:(s,o)=>t.transformResponse(e.post(A.delete,{name:s,tenantId:o})),loadAll:()=>t.transformResponse(e.get(A.loadAll,{}),(e=>e.roles)),search:s=>t.transformResponse(e.post(A.search,s,{}),(e=>e.roles))}),F=e=>({loadAllGroups:s=>t.transformResponse(e.post(j.loadAllGroups,{tenantId:s})),loadAllGroupsForMember:(s,o,a)=>t.transformResponse(e.post(j.loadAllGroupsForMember,{tenantId:s,loginIds:a,userIds:o})),loadAllGroupMembers:(s,o)=>t.transformResponse(e.post(j.loadAllGroupMembers,{tenantId:s,groupId:o}))});function K(e){var t,s;const o=e;return o.oidc&&(o.oidc=Object.assign(Object.assign({},o.oidc),{attributeMapping:o.oidc.userAttrMapping}),delete o.oidc.userAttrMapping),(null===(t=o.saml)||void 0===t?void 0:t.groupsMapping)&&(o.saml.groupsMapping=null===(s=o.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),o}const $=e=>({getSettings:s=>t.transformResponse(e.get(b.settings,{queryParams:{tenantId:s}}),(e=>e)),newSettings:(s,o,a)=>t.transformResponse(e.post(b.settingsNew,Object.assign(Object.assign({tenantId:s},o?{ssoId:o}:{}),{displayName:a})),(e=>K(e))),deleteSettings:(s,o)=>t.transformResponse(e.delete(b.settings,{queryParams:Object.assign({tenantId:s},o?{ssoId:o}:{})})),configureSettings:(s,o,a,r,n,i)=>t.transformResponse(e.post(b.settings,{tenantId:s,idpURL:o,entityId:r,idpCert:a,redirectURL:n,domains:i})),configureMetadata:(s,o,a,r)=>t.transformResponse(e.post(b.metadata,{tenantId:s,idpMetadataURL:o,redirectURL:a,domains:r})),configureMapping:(s,o,a,r)=>t.transformResponse(e.post(b.mapping,{tenantId:s,roleMappings:o,attributeMapping:a,defaultSSORoles:r})),configureOIDCSettings:(s,o,a,r)=>{const n=Object.assign(Object.assign({},o),{userAttrMapping:o.attributeMapping});return delete n.attributeMapping,t.transformResponse(e.post(b.oidc.configure,Object.assign({tenantId:s,settings:n,domains:a},r?{ssoId:r}:{})))},configureSAMLSettings:(s,o,a,r,n)=>t.transformResponse(e.post(b.saml.configure,Object.assign({tenantId:s,settings:o,redirectUrl:a,domains:r},n?{ssoId:n}:{}))),configureSAMLByMetadata:(s,o,a,r,n)=>t.transformResponse(e.post(b.saml.metadata,Object.assign({tenantId:s,settings:o,redirectUrl:a,domains:r},n?{ssoId:n}:{}))),loadSettings:(s,o)=>t.transformResponse(e.get(b.settingsv2,{queryParams:Object.assign({tenantId:s},o?{ssoId:o}:{})}),(e=>K(e))),loadAllSettings:s=>t.transformResponse(e.get(b.settingsAllV2,{queryParams:{tenantId:s}}),(e=>function(e){const t=e.SSOSettings,s=[];return t.forEach((e=>s.push(K(e)))),s}(e)))}),J=e=>({create:(s,o,a,r,n,i,p,d,m)=>t.transformResponse(e.post(g.create,{name:s,expireTime:o,roleNames:a,keyTenants:r,userId:n,customClaims:i,description:p,permittedIps:d,customAttributes:m})),load:s=>t.transformResponse(e.get(g.load,{queryParams:{id:s}}),(e=>e.key)),searchAll:(s,o,a,r)=>t.transformResponse(e.post(g.search,{tenantIds:s,boundUserId:o,creatingUser:a,customAttributes:r}),(e=>e.keys)),update:(s,o,a,r,n,i,p,d)=>t.transformResponse(e.post(g.update,{id:s,name:o,description:a,roleNames:r,keyTenants:n,customClaims:i,permittedIps:p,customAttributes:d}),(e=>e.key)),deactivate:s=>t.transformResponse(e.post(g.deactivate,{id:s})),activate:s=>t.transformResponse(e.post(g.activate,{id:s})),delete:s=>t.transformResponse(e.post(g.delete,{id:s}))}),z=e=>({list:()=>t.transformResponse(e.post(O.list,{})),delete:s=>t.transformResponse(e.post(O.delete,{ids:s})),export:s=>t.transformResponse(e.post(O.export,{flowId:s})),import:(s,o,a)=>t.transformResponse(e.post(O.import,{flowId:s,flow:o,screens:a})),run:(s,o)=>t.transformResponse(e.post(O.run,{flowId:s,options:o}),(e=>null==e?void 0:e.output))}),W=e=>({export:()=>t.transformResponse(e.post(w.export,{})),import:s=>t.transformResponse(e.post(w.import,{theme:s}))}),G=e=>({search:s=>{const o=Object.assign(Object.assign({},s),{externalIds:s.loginIds});return delete o.loginIds,t.transformResponse(e.post(S.search,o),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))},createEvent:s=>{const o=Object.assign({},s);return t.transformResponse(e.post(S.createEvent,o))}}),H=(e,s)=>{var o;const a=null!==(o=null==s?void 0:s.fgaCacheTimeoutMs)&&void 0!==o?o:3e4,r=Number.isFinite(a)&&a>0?a:3e4,n=async(t,o)=>{if((null==s?void 0:s.fgaCacheUrl)&&s.managementKey){const e=`${s.fgaCacheUrl}${t}`,a=new AbortController,n=setTimeout((()=>a.abort()),r);try{const t=await i(e,{method:"POST",headers:Object.assign(Object.assign({},s.headers),{"Content-Type":"application/json",Authorization:`Bearer ${s.projectId}:${s.managementKey}`,"x-descope-project-id":s.projectId}),body:JSON.stringify(o),signal:a.signal});if(t.ok){const e=await t.text();return t.text=()=>Promise.resolve(e),t.json=async()=>JSON.parse(e),t.clone=()=>t,t}}catch(e){}finally{clearTimeout(n)}}return e.post(t,o)};return{saveSchema:(s,o)=>t.transformResponse(e.post(U.schemaSave,{schema:s,upgrade:o})),deleteSchema:()=>t.transformResponse(e.post(U.schemaDelete,{})),loadSchema:()=>t.transformResponse(e.post(U.schemaLoad,{}),(e=>e.schema)),saveNamespace:(s,o,a)=>t.transformResponse(e.post(U.nsSave,{namespace:s,oldName:o,schemaName:a})),deleteNamespace:(s,o)=>t.transformResponse(e.post(U.nsDelete,{name:s,schemaName:o})),saveRelationDefinition:(s,o,a,r)=>t.transformResponse(e.post(U.rdSave,{relationDefinition:s,namespace:o,oldName:a,schemaName:r})),deleteRelationDefinition:(s,o,a)=>t.transformResponse(e.post(U.rdDelete,{name:s,namespace:o,schemaName:a})),createRelations:s=>t.transformResponse(e.post(U.reCreate,{relations:s})),deleteRelations:s=>t.transformResponse(e.post(U.reDelete,{relations:s})),deleteRelationsForResources:s=>t.transformResponse(e.post(U.reDeleteResources,{resources:s})),deleteResourceRelationsForResources:s=>t.transformResponse(e.post(U.reDeleteResourceRelationsForResources,{resources:s})),deleteRelationsForIds:s=>t.transformResponse(e.post(U.reDeleteResources,{resources:s})),hasRelations:s=>t.transformResponse(e.post(U.hasRelations,{relationQueries:s}),(e=>e.relationQueries)),whoCanAccess:(e,s,o)=>t.transformResponse(n(U.who,{resource:e,relationDefinition:s,namespace:o}),(e=>e.targets)),resourceRelations:(s,o=!1)=>t.transformResponse(e.post(U.resource,{resource:s,ignoreTargetSetRelations:o}),(e=>e.relations)),targetsRelations:(s,o=!1)=>t.transformResponse(e.post(U.targets,{targets:s,includeTargetSetRelations:o}),(e=>e.relations)),whatCanTargetAccess:e=>t.transformResponse(n(U.targetAll,{target:e}),(e=>e.relations)),whatCanTargetAccessWithRelation:(s,o,a)=>t.transformResponse(e.post(U.targetWithRelation,{target:s,relationDefinition:o,namespace:a}),(e=>e.resources.map((e=>({resource:e}))))),getModified:s=>t.transformResponse(e.post(U.getModified,{since:s?s.getTime():0}),(e=>e))}},V=e=>({createOidcApplication:s=>{var o;return t.transformResponse(e.post(v.oidcCreate,Object.assign(Object.assign({},s),{enabled:null===(o=s.enabled)||void 0===o||o})))},createSamlApplication:s=>{var o;return t.transformResponse(e.post(v.samlCreate,Object.assign(Object.assign({},s),{enabled:null===(o=s.enabled)||void 0===o||o})))},updateOidcApplication:s=>t.transformResponse(e.post(v.oidcUpdate,Object.assign({},s))),updateSamlApplication:s=>t.transformResponse(e.post(v.samlUpdate,Object.assign({},s))),createWsFedApplication:s=>{var o;return t.transformResponse(e.post(v.wsfedCreate,Object.assign(Object.assign({},s),{enabled:null===(o=s.enabled)||void 0===o||o})))},updateWsFedApplication:s=>t.transformResponse(e.post(v.wsfedUpdate,Object.assign({},s))),delete:s=>t.transformResponse(e.post(v.delete,{id:s})),load:s=>t.transformResponse(e.get(v.load,{queryParams:{id:s}}),(e=>e)),loadAll:()=>t.transformResponse(e.get(v.loadAll,{}),(e=>e.apps))}),_=e=>({getSettings:s=>t.transformResponse(e.get(k.settings,{queryParams:{tenantId:s}}),(e=>e)),configureSettings:(s,o)=>t.transformResponse(e.post(k.settings,Object.assign(Object.assign({},o),{tenantId:s})))}),Q=(e,s)=>{var o;const a=null!==(o=null==s?void 0:s.fgaCacheTimeoutMs)&&void 0!==o?o:3e4,r=Number.isFinite(a)&&a>0?a:3e4,n=async(t,o)=>{if((null==s?void 0:s.fgaCacheUrl)&&s.managementKey){const e=`${s.fgaCacheUrl}${t}`,a=new AbortController,n=setTimeout((()=>a.abort()),r);try{const t=await i(e,{method:"POST",headers:Object.assign(Object.assign({},s.headers),{"Content-Type":"application/json",Authorization:`Bearer ${s.projectId}:${s.managementKey}`,"x-descope-project-id":s.projectId}),body:JSON.stringify(o),signal:a.signal});if(t.ok){const e=await t.text();return t.text=()=>Promise.resolve(e),t.json=async()=>JSON.parse(e),t.clone=()=>t,t}}catch(e){}finally{clearTimeout(n)}}return e.post(t,o)};return{saveSchema:e=>t.transformResponse(n(N.schema,e)),deleteSchema:()=>t.transformResponse(e.post(U.schemaDelete,{})),createRelations:e=>t.transformResponse(n(N.relations,{tuples:e})),deleteRelations:e=>t.transformResponse(n(N.deleteRelations,{tuples:e})),check:e=>t.transformResponse(n(N.check,{tuples:e}),(e=>e.tuples)),loadResourcesDetails:s=>t.transformResponse(e.post(N.resourcesLoad,{resourceIdentifiers:s}),(e=>e.resourcesDetails)),saveResourcesDetails:s=>t.transformResponse(e.post(N.resourcesSave,{resourcesDetails:s})),deleteAllRelations:()=>t.transformResponse(e.delete(N.relations))}},X=e=>({createApplication:s=>t.transformResponse(e.post(h.create,Object.assign({},s))),updateApplication:s=>t.transformResponse(e.post(h.update,Object.assign({},s))),patchApplication:s=>t.transformResponse(e.post(h.patch,Object.assign({},s))),deleteApplication:s=>t.transformResponse(e.post(h.delete,{id:s})),loadApplication:s=>t.transformResponse(e.get(h.load,{queryParams:{id:s}}),(e=>e)),loadAllApplications:()=>t.transformResponse(e.get(h.loadAll,{}),(e=>e.apps)),getApplicationSecret:s=>t.transformResponse(e.get(h.secret,{queryParams:{id:s}}),(e=>e)),rotateApplicationSecret:s=>t.transformResponse(e.post(h.rotate,{id:s})),searchConsents:s=>t.transformResponse(e.post(R.search,Object.assign({},s)),(e=>e.consents)),deleteConsents:s=>t.transformResponse(e.post(R.delete,Object.assign({},s)))}),Y=e=>({createApplication:s=>t.transformResponse(e.post(y.create,Object.assign({},s)),(e=>e.app)),createApplicationByTemplate:s=>t.transformResponse(e.post(y.createByTemplate,Object.assign({},s)),(e=>e.app)),updateApplication:s=>t.transformResponse(e.post(y.update,{app:s}),(e=>e.app)),deleteApplication:s=>t.transformResponse(e.post(y.delete,{id:s})),loadApplication:s=>t.transformResponse(e.get(`${y.load}/${s}`),(e=>e.app)),loadAllApplications:()=>t.transformResponse(e.get(y.loadAll,{}),(e=>e.apps)),fetchTokenByScopes:(s,o,a,r,n)=>t.transformResponse(e.post(y.fetchTokenByScopes,{appId:s,userId:o,scopes:a,options:r,tenantId:n}),(e=>e.token)),fetchToken:(s,o,a,r)=>t.transformResponse(e.post(y.fetchToken,{appId:s,userId:o,tenantId:a,options:r}),(e=>e.token)),fetchTenantTokenByScopes:(s,o,a,r)=>t.transformResponse(e.post(y.fetchTenantTokenByScopes,{appId:s,tenantId:o,scopes:a,options:r}),(e=>e.token)),fetchTenantToken:(s,o,a)=>t.transformResponse(e.post(y.fetchTenantToken,{appId:s,tenantId:o,options:a}),(e=>e.token)),deleteUserTokens:(s,o)=>t.transformResponse(e.delete(y.deleteUserTokens,{queryParams:{appId:s,userId:o}})),deleteTokenById:s=>t.transformResponse(e.delete(y.deleteTokenById,{queryParams:{id:s}})),listAppsWithUserToken:(s,o)=>t.transformResponse(e.get(y.listAppsWithUserToken,{queryParams:Object.assign({userId:s},o?{tenantId:o}:{})}),(e=>e.appIds)),uploadUserApiKey:(s,o,a,r)=>t.transformResponse(e.post(y.uploadUserApiKey,{appId:s,userId:o,apiKey:a,tenantId:r})),uploadTenantApiKey:(s,o,a)=>t.transformResponse(e.post(y.uploadTenantApiKey,{appId:s,tenantId:o,apiKey:a})),uploadUserToken:s=>t.transformResponse(e.post(y.uploadUserToken,Object.assign({},s))),uploadTenantToken:s=>t.transformResponse(e.post(y.uploadTenantToken,Object.assign({},s))),batchUploadUserTokens:s=>t.transformResponse(e.post(y.batchUploadUserTokens,{tokens:s})),batchUploadTenantTokens:s=>t.transformResponse(e.post(y.batchUploadTenantTokens,{tokens:s}))}),Z=e=>({create:s=>t.transformResponse(e.put(P.create,{descopers:s}),(e=>({descopers:e.descopers,total:e.total}))),update:(s,o,a)=>t.transformResponse(e.patch(P.update,{id:s,attributes:o,rbac:a}),(e=>e.descoper)),load:s=>t.transformResponse(e.get(P.get,{queryParams:{id:s}}),(e=>e.descoper)),delete:s=>t.transformResponse(e.delete(P.delete,{queryParams:{id:s}})),list:()=>t.transformResponse(e.post(P.list),(e=>({descopers:e.descopers,total:e.total})))}),ee=e=>({create:(s,o,a,r,n)=>t.transformResponse(e.put(E.create,{name:s,description:a,expiresIn:r,permittedIps:n,reBac:o})),update:(s,o,a,r,n)=>t.transformResponse(e.patch(E.update,{id:s,name:o,description:a,permittedIps:n,status:r}),(e=>e.key)),delete:s=>t.transformResponse(e.post(E.delete,{ids:s})),load:s=>t.transformResponse(e.get(E.load,{queryParams:{id:s}}),(e=>e.key)),search:()=>t.transformResponse(e.get(E.search),(e=>e.keys))});const te=o=>{var a,n,c,{authManagementKey:g,managementKey:f,publicKey:v,fgaCacheUrl:h}=o,R=e.__rest(o,["authManagementKey","managementKey","publicKey","fgaCacheUrl"]);const y={"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(a=null===process||void 0===process?void 0:process.versions)||void 0===a?void 0:a.node)||"","x-descope-sdk-version":"2.10.0"},b=Object.assign(Object.assign({fetch:i},R),{baseHeaders:Object.assign(Object.assign({},R.baseHeaders),y),hooks:Object.assign(Object.assign({},R.hooks),{beforeRequest:[e=>(g&&(e.token=e.token?`${e.token}:${g}`:g),e)].concat((null===(n=R.hooks)||void 0===n?void 0:n.beforeRequest)||[])})}),I=r.default(b),{projectId:k,logger:T}=R,A={};let O;const w=Object.assign(Object.assign({fetch:i},R),{baseConfig:{baseHeaders:Object.assign(Object.assign({},R.baseHeaders),y)},hooks:Object.assign(Object.assign({},R.hooks),{beforeRequest:[e=>(e.token=f,O&&(e.headers=Object.assign(Object.assign({},e.headers),{"x-descope-license":O})),e)].concat((null===(c=R.hooks)||void 0===c?void 0:c.beforeRequest)||[])})}),j=t.createHttpClient(w),S=(N={fgaCacheUrl:h,managementKey:f,projectId:k,headers:y},{user:M(U=j),project:(P=U,{updateName:e=>t.transformResponse(P.post(u.updateName,{name:e})),updateTags:e=>t.transformResponse(P.post(u.updateTags,{tags:e})),clone:(e,s,o)=>t.transformResponse(P.post(u.clone,{name:e,environment:s,tags:o})),listProjects:async()=>t.transformResponse(P.post(u.projectsList,{}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:o})=>({id:e,name:t,environment:s,tags:o}))))),exportSnapshot:()=>t.transformResponse(P.post(u.exportSnapshot,{})),importSnapshot:e=>t.transformResponse(P.post(u.importSnapshot,e)),validateSnapshot:e=>t.transformResponse(P.post(u.validateSnapshot,e)),export:()=>t.transformResponse(P.post(u.exportSnapshot,{}),(e=>e.files)),import:e=>t.transformResponse(P.post(u.importSnapshot,{files:e}))}),accessKey:J(U),tenant:D(U),ssoApplication:V(U),inboundApplication:X(U),outboundApplication:Y(U),sso:$(U),jwt:L(U),permission:q(U),password:_(U),role:B(U),group:F(U),flow:z(U),theme:W(U),audit:G(U),authz:H(U,N),fga:Q(U,N),descoper:Z(U),managementKey:ee(U)});var U,N,P;f&&(e=>({get:()=>t.transformResponse(e.get(x.get))}))(j).get().then((e=>{var t;e.ok&&(null===(t=e.data)||void 0===t?void 0:t.rateLimitTier)&&(O=e.data.rateLimitTier)})).catch((e=>{var t;null===(t=null==T?void 0:T.warn)||void 0===t||t.call(T,"License handshake failed",e)}));const E=Object.assign(Object.assign({},I),{refresh:async(e,t)=>I.refresh(e,void 0,t),management:S,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(A[e.kid])return A[e.kid];if(Object.assign(A,await(async()=>{if(v)try{const e=JSON.parse(v),t=await s.importJWK(e);return{[e.kid]:t}}catch(e){throw null==T||T.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await I.httpClient.get(`v2/keys/${k}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!A[e.kid])throw Error("failed to fetch matching key");return A[e.kid]},async validateJwt(e,t){const o={clockTolerance:5};(null==t?void 0:t.audience)&&(o.audience=t.audience);const a=(await s.jwtVerify(e,E.getKey,o)).payload;if(a){const e=a.iss;if(!function(e,t){if(e===t)return!0;if(!e||!t)return!1;const s=e=>e[e.length-1]===t||e[e.length-2]===t;try{const{pathname:t}=new URL(e);return s(t.split("/").filter((e=>e.length>0)))}catch(t){return s(e.split("/").filter((e=>e.length>0)))}}("string"==typeof e?e:void 0,k))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");a.iss=k}return{jwt:e,token:a}},async validateSession(e,t){if(!e)throw Error("session token is required for validation");try{return await E.validateJwt(e,t)}catch(e){throw null==T||T.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e,t){var s,o,a,r,n,i;if(!e)throw Error("refresh token is required to refresh a session");try{await E.validateJwt(e);const d=await E.refresh(e);if(d.ok){const e=p(null===(o=null===(s=d.data)||void 0===s?void 0:s.cookies)||void 0===o?void 0:o.join(";"),"DS")||(null===(a=d.data)||void 0===a?void 0:a.sessionJwt),i=await E.validateJwt(e,t);return i.cookies=(null===(r=d.data)||void 0===r?void 0:r.cookies)||[],(null===(n=d.data)||void 0===n?void 0:n.refreshJwt)&&(i.refreshJwt=d.data.refreshJwt),i}throw Error(null===(i=d.error)||void 0===i?void 0:i.errorMessage)}catch(e){throw null==T||T.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t,s){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await E.validateSession(e,s)}catch(e){null==T||T.log(`session validation failed with error ${e} - trying to refresh it`)}return E.refreshSession(t,s)},async exchangeAccessKey(e,t,s){var o;if(!e)throw Error("access key must not be empty");let a;try{a=await E.accessKey.exchange(e,t)}catch(e){throw null==T||T.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!a.ok)throw null==T||T.error("failed to exchange access key",a.error),Error(`could not exchange access key - ${null===(o=a.error)||void 0===o?void 0:o.errorMessage}`);const{sessionJwt:r}=a.data;if(!r)throw null==T||T.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await E.validateJwt(r,s)}catch(e){throw null==T||T.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>E.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>E.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!l(e,t))return!1;const o=m(e,"permissions",t);return s.every((e=>o.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!l(e,t))return[];const o=m(e,"permissions",t);return s.filter((e=>o.includes(e)))},validateRoles:(e,t)=>E.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>E.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!l(e,t))return!1;const o=m(e,"roles",t);return s.every((e=>o.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!l(e,t))return[];const o=m(e,"roles",t);return s.filter((e=>o.includes(e)))}});return t.wrapWith(E,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","otp.verify.im","notp.waitForSession","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","enchantedLink.waitForSession","oauth.exchangeOneTapIDToken","password.signIn","password.signUp","password.replace","oauth.exchange","saml.exchange","totp.verify","selectTenant","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],d)};te.RefreshTokenCookieName="DSR",te.SessionTokenCookieName="DS",te.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"},module.exports=te;
|
|
1
|
+
"use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),o=require("cross-fetch");function a(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var n=a(t);var r;null!==(r=globalThis.Headers)&&void 0!==r||(globalThis.Headers=o.Headers);const i="function"==typeof globalThis.fetch?(...e)=>globalThis.fetch(...e):(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),o.fetch(...e)),p=(e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|[;,]\\s*)${t}=([^;]*)`));return s?s[1]:null};const d=t=>async(...s)=>{var o,a,n;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:d}=i,m=e.__rest(i,["refreshJwt"]);const l=[];var c;return d?l.push(`${"DSR"}=${d}; Domain=${(null==(c=m)?void 0:c.cookieDomain)||""}; Max-Age=${(null==c?void 0:c.cookieMaxAge)||""}; Path=${(null==c?void 0:c.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"))&&(d=p(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"),"DSR"),l.push(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:d,cookies:l})})};function m(e,t,s){var o,a;const n=s?null===(a=null===(o=e.token.tenants)||void 0===o?void 0:o[s])||void 0===a?void 0:a[t]:e.token[t];return Array.isArray(n)?n:[]}function l(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var c={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",patchBatch:"/v1/mgmt/user/patch/batch",delete:"/v1/mgmt/user/delete",deleteBatch:"/v1/mgmt/user/delete/batch",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",loadUsers:"/v1/mgmt/users/load",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",generateSignUpEmbeddedLink:"/v1/mgmt/user/signup/embeddedlink",history:"/v1/mgmt/user/history"},u={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},f={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",updateDefaultRoles:"/v1/mgmt/tenant/updateDefaultRoles",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate"},v={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",wsfedCreate:"/v1/mgmt/sso/idp/app/wsfed/create",wsfedUpdate:"/v1/mgmt/sso/idp/app/wsfed/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},h={create:"/v1/mgmt/thirdparty/app/create",update:"/v1/mgmt/thirdparty/app/update",patch:"/v1/mgmt/thirdparty/app/patch",delete:"/v1/mgmt/thirdparty/app/delete",load:"/v1/mgmt/thirdparty/app/load",loadAll:"/v1/mgmt/thirdparty/apps/load",secret:"/v1/mgmt/thirdparty/app/secret",rotate:"/v1/mgmt/thirdparty/app/rotate"},R={delete:"/v1/mgmt/thirdparty/consents/delete",search:"/v1/mgmt/thirdparty/consents/search"},y={create:"/v1/mgmt/outbound/app/create",createByTemplate:"/v1/mgmt/outbound/app/create/bytemplate",update:"/v1/mgmt/outbound/app/update",delete:"/v1/mgmt/outbound/app/delete",load:"/v1/mgmt/outbound/app",loadAll:"/v1/mgmt/outbound/apps",fetchToken:"/v1/mgmt/outbound/app/user/token/latest",fetchTokenByScopes:"/v1/mgmt/outbound/app/user/token",fetchTenantToken:"/v1/mgmt/outbound/app/tenant/token/latest",fetchTenantTokenByScopes:"/v1/mgmt/outbound/app/tenant/token",deleteUserTokens:"/v1/mgmt/outbound/user/tokens",deleteTokenById:"/v1/mgmt/outbound/token",listAppsWithUserToken:"/v1/mgmt/outbound/apps-with-user-token",uploadUserApiKey:"/v1/mgmt/outbound/app/user/apikey/upload",uploadTenantApiKey:"/v1/mgmt/outbound/app/tenant/apikey/upload",uploadUserToken:"/v1/mgmt/outbound/app/user/oauthtoken/upload",uploadTenantToken:"/v1/mgmt/outbound/app/tenant/oauthtoken/upload",batchUploadUserTokens:"/v1/mgmt/outbound/app/user/oauthtoken/batch/upload",batchUploadTenantTokens:"/v1/mgmt/outbound/app/tenant/oauthtoken/batch/upload"},b={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},I={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous",clientAssertion:"/v1/mgmt/token/clientassertion"},k={settings:"/v1/mgmt/password/settings"},T={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},A={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},O={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import",run:"/v1/mgmt/flow/run"},w={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},j={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},S={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},U={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},N={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save"},P={create:"/v1/mgmt/descoper",update:"/v1/mgmt/descoper",get:"/v1/mgmt/descoper",delete:"/v1/mgmt/descoper",list:"/v1/mgmt/descoper/list"},E={create:"/v1/mgmt/managementkey",update:"/v1/mgmt/managementkey",load:"/v1/mgmt/managementkey",delete:"/v1/mgmt/managementkey/delete",search:"/v1/mgmt/managementkey/search"},x={get:"/v1/mgmt/license"},C={create:"/v1/mgmt/engine/create",update:"/v1/mgmt/engine/update",delete:"/v1/mgmt/engine/delete",load:"/v1/mgmt/engine/load",loadAll:"/v1/mgmt/engines/load",rotate:"/v1/mgmt/engine/rotate"};function M(t){return t.map((t=>{var{loginIdOrUserId:s,loginId:o,roles:a}=t,n=e.__rest(t,["loginIdOrUserId","loginId","roles"]);return Object.assign(Object.assign({},n),{loginId:null!=s?s:o,roleNames:a})}))}const D=e=>{function s(e,t){const s={loginId:e};return void 0!==t.email&&(s.email=t.email),void 0!==t.phone&&(s.phone=t.phone),void 0!==t.displayName&&(s.displayName=t.displayName),void 0!==t.givenName&&(s.givenName=t.givenName),void 0!==t.middleName&&(s.middleName=t.middleName),void 0!==t.familyName&&(s.familyName=t.familyName),void 0!==t.roles&&(s.roleNames=t.roles),void 0!==t.userTenants&&(s.userTenants=t.userTenants),void 0!==t.customAttributes&&(s.customAttributes=t.customAttributes),void 0!==t.picture&&(s.picture=t.picture),void 0!==t.verifiedEmail&&(s.verifiedEmail=t.verifiedEmail),void 0!==t.verifiedPhone&&(s.verifiedPhone=t.verifiedPhone),void 0!==t.ssoAppIds&&(s.ssoAppIds=t.ssoAppIds),void 0!==t.scim&&(s.scim=t.scim),void 0!==t.status&&(s.status=t.status),void 0!==t.additionalIdentifiers&&(s.additionalIdentifiers=t.additionalIdentifiers),s}return{create:function(s,o,a,n,r,i,p,d,m,l,u,g,f,v){const h="string"==typeof o?{loginId:s,email:o,phone:a,displayName:n,givenName:u,middleName:g,familyName:f,roleNames:r,userTenants:i,customAttributes:p,picture:d,verifiedEmail:m,verifiedPhone:l,additionalLoginIds:v}:Object.assign(Object.assign({loginId:s},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.post(c.create,h),(e=>e.user))},createTestUser:function(s,o,a,n,r,i,p,d,m,l,u,g,f,v){const h="string"==typeof o?{loginId:s,email:o,phone:a,displayName:n,givenName:u,middleName:g,familyName:f,roleNames:r,userTenants:i,customAttributes:p,picture:d,verifiedEmail:m,verifiedPhone:l,additionalLoginIds:v,test:!0}:Object.assign(Object.assign({loginId:s},o),{roleNames:null==o?void 0:o.roles,roles:void 0,test:!0});return t.transformResponse(e.post(c.createTestUser,h),(e=>e.user))},invite:function(s,o,a,n,r,i,p,d,m,l,u,g,f,v,h,R,y,b,I){const k="string"==typeof o?{loginId:s,email:o,phone:a,displayName:n,givenName:v,middleName:h,familyName:R,roleNames:r,userTenants:i,invite:!0,customAttributes:p,picture:d,verifiedEmail:m,verifiedPhone:l,inviteUrl:u,sendMail:g,sendSMS:f,additionalLoginIds:y,templateId:b,locale:I}:Object.assign(Object.assign({loginId:s},o),{roleNames:null==o?void 0:o.roles,roles:void 0,invite:!0});return t.transformResponse(e.post(c.create,k),(e=>e.user))},inviteBatch:(s,o,a,n,r,i,p)=>t.transformResponse(e.post(c.createBatch,{users:M(s),invite:!0,inviteUrl:o,sendMail:a,sendSMS:n,templateOptions:r,templateId:i,locale:p}),(e=>e)),createBatch:s=>t.transformResponse(e.post(c.createBatch,{users:M(s)}),(e=>e)),deleteBatch:s=>t.transformResponse(e.post(c.deleteBatch,{userIds:s})),update:function(s,o,a,n,r,i,p,d,m,l,u,g,f,v){const h="string"==typeof o?{loginId:s,email:o,phone:a,displayName:n,givenName:u,middleName:g,familyName:f,roleNames:r,userTenants:i,customAttributes:p,picture:d,verifiedEmail:m,verifiedPhone:l,additionalLoginIds:v}:Object.assign(Object.assign({loginId:s},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.post(c.update,h),(e=>e.user))},patch:function(o,a){const n=s(o,a);return t.transformResponse(e.patch(c.patch,n),(e=>e.user))},patchBatch:function(o){if(o.find((e=>!e.loginIdOrUserId&&!e.loginId)))return Promise.reject(new Error("patchBatch: each user must have loginIdOrUserId or loginId"));const a={users:o.map((e=>{var t;return s(null!==(t=e.loginIdOrUserId)&&void 0!==t?t:e.loginId,e)}))};return t.transformResponse(e.patch(c.patchBatch,a),(e=>e))},delete:s=>t.transformResponse(e.post(c.delete,{loginId:s})),deleteByUserId:s=>t.transformResponse(e.post(c.delete,{userId:s})),deleteAllTestUsers:()=>t.transformResponse(e.delete(c.deleteAllTestUsers)),load:s=>t.transformResponse(e.get(c.load,{queryParams:{loginId:s}}),(e=>e.user)),loadByUserId:s=>t.transformResponse(e.get(c.load,{queryParams:{userId:s}}),(e=>e.user)),logoutUser:s=>t.transformResponse(e.post(c.logout,{loginId:s})),logoutUserByUserId:s=>t.transformResponse(e.post(c.logout,{userId:s})),loadUsers:(s,o)=>t.transformResponse(e.post(c.loadUsers,{userIds:s,includeInvalidUsers:o}),(e=>e.users)),searchAll:(s,o,a,n,r,i,p,d,m,l)=>t.transformResponse(e.post(c.search,{tenantIds:s,roleNames:o,limit:a,page:n,testUsersOnly:r,withTestUser:i,customAttributes:p,statuses:d,emails:m,phones:l}),(e=>e.users)),searchTestUsers:s=>t.transformResponse(e.post(c.searchTestUsers,Object.assign(Object.assign({},s),{withTestUser:!0,testUsersOnly:!0,roleNames:s.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),search:s=>t.transformResponse(e.post(c.search,Object.assign(Object.assign({},s),{roleNames:s.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),getProviderToken:(s,o,a)=>t.transformResponse(e.get(c.getProviderToken,{queryParams:{loginId:s,provider:o,withRefreshToken:(null==a?void 0:a.withRefreshToken)?"true":"false",forceRefresh:(null==a?void 0:a.forceRefresh)?"true":"false"}}),(e=>e)),activate:s=>t.transformResponse(e.post(c.updateStatus,{loginId:s,status:"enabled"}),(e=>e.user)),deactivate:s=>t.transformResponse(e.post(c.updateStatus,{loginId:s,status:"disabled"}),(e=>e.user)),updateLoginId:(s,o)=>t.transformResponse(e.post(c.updateLoginId,{loginId:s,newLoginId:o}),(e=>e.user)),updateEmail:(s,o,a,n)=>t.transformResponse(e.post(c.updateEmail,{loginId:s,email:o,verified:a,failOnConflict:n}),(e=>e.user)),updatePhone:(s,o,a,n)=>t.transformResponse(e.post(c.updatePhone,{loginId:s,phone:o,verified:a,failOnConflict:n}),(e=>e.user)),updateDisplayName:(s,o,a,n,r)=>t.transformResponse(e.post(c.updateDisplayName,{loginId:s,displayName:o,givenName:a,middleName:n,familyName:r}),(e=>e.user)),updatePicture:(s,o)=>t.transformResponse(e.post(c.updatePicture,{loginId:s,picture:o}),(e=>e.user)),updateCustomAttribute:(s,o,a)=>t.transformResponse(e.post(c.updateCustomAttribute,{loginId:s,attributeKey:o,attributeValue:a}),(e=>e.user)),setRoles:(s,o)=>t.transformResponse(e.post(c.setRole,{loginId:s,roleNames:o}),(e=>e.user)),addRoles:(s,o)=>t.transformResponse(e.post(c.addRole,{loginId:s,roleNames:o}),(e=>e.user)),removeRoles:(s,o)=>t.transformResponse(e.post(c.removeRole,{loginId:s,roleNames:o}),(e=>e.user)),addTenant:(s,o)=>t.transformResponse(e.post(c.addTenant,{loginId:s,tenantId:o}),(e=>e.user)),removeTenant:(s,o)=>t.transformResponse(e.post(c.removeTenant,{loginId:s,tenantId:o}),(e=>e.user)),setTenantRoles:(s,o,a)=>t.transformResponse(e.post(c.setRole,{loginId:s,tenantId:o,roleNames:a}),(e=>e.user)),addTenantRoles:(s,o,a)=>t.transformResponse(e.post(c.addRole,{loginId:s,tenantId:o,roleNames:a}),(e=>e.user)),removeTenantRoles:(s,o,a)=>t.transformResponse(e.post(c.removeRole,{loginId:s,tenantId:o,roleNames:a}),(e=>e.user)),addSSOapps:(s,o)=>t.transformResponse(e.post(c.addSSOApps,{loginId:s,ssoAppIds:o}),(e=>e.user)),setSSOapps:(s,o)=>t.transformResponse(e.post(c.setSSOApps,{loginId:s,ssoAppIds:o}),(e=>e.user)),removeSSOapps:(s,o)=>t.transformResponse(e.post(c.removeSSOApps,{loginId:s,ssoAppIds:o}),(e=>e.user)),generateOTPForTestUser:(s,o,a)=>t.transformResponse(e.post(c.generateOTPForTest,{deliveryMethod:s,loginId:o,loginOptions:a}),(e=>e)),generateMagicLinkForTestUser:(s,o,a,n)=>t.transformResponse(e.post(c.generateMagicLinkForTest,{deliveryMethod:s,loginId:o,URI:a,loginOptions:n}),(e=>e)),generateEnchantedLinkForTestUser:(s,o,a)=>t.transformResponse(e.post(c.generateEnchantedLinkForTest,{loginId:s,URI:o,loginOptions:a}),(e=>e)),generateEmbeddedLink:(s,o,a)=>t.transformResponse(e.post(c.generateEmbeddedLink,{loginId:s,customClaims:o,timeout:a}),(e=>e)),generateSignUpEmbeddedLink:(s,o,a,n,r,i)=>t.transformResponse(e.post(c.generateSignUpEmbeddedLink,{loginId:s,user:o,emailVerified:a,phoneVerified:n,loginOptions:r,timeout:i}),(e=>e)),setTemporaryPassword:(s,o)=>t.transformResponse(e.post(c.setTemporaryPassword,{loginId:s,password:o}),(e=>e)),setActivePassword:(s,o)=>t.transformResponse(e.post(c.setActivePassword,{loginId:s,password:o}),(e=>e)),setPassword:(s,o)=>t.transformResponse(e.post(c.setPassword,{loginId:s,password:o}),(e=>e)),expirePassword:s=>t.transformResponse(e.post(c.expirePassword,{loginId:s}),(e=>e)),removeAllPasskeys:s=>t.transformResponse(e.post(c.removeAllPasskeys,{loginId:s}),(e=>e)),removeTOTPSeed:s=>t.transformResponse(e.post(c.removeTOTPSeed,{loginId:s}),(e=>e)),history:s=>t.transformResponse(e.post(c.history,s),(e=>e))}},L=e=>({create:(s,o,a,n,r,i,p)=>t.transformResponse(e.post(f.create,{name:s,selfProvisioningDomains:o,customAttributes:a,enforceSSO:n,disabled:r,parent:i,roleInheritance:p})),createWithId:(s,o,a,n,r,i,p,d)=>t.transformResponse(e.post(f.create,{id:s,name:o,selfProvisioningDomains:a,customAttributes:n,enforceSSO:r,disabled:i,parent:p,roleInheritance:d})),update:(s,o,a,n,r,i,p)=>t.transformResponse(e.post(f.update,{id:s,name:o,selfProvisioningDomains:a,customAttributes:n,enforceSSO:r,disabled:i,roleInheritance:p})),updateDefaultRoles:(s,o)=>t.transformResponse(e.post(f.updateDefaultRoles,{id:s,defaultRoles:o})),delete:(s,o)=>t.transformResponse(e.post(f.delete,{id:s,cascade:o})),load:s=>t.transformResponse(e.get(f.load,{queryParams:{id:s}}),(e=>e)),loadAll:()=>t.transformResponse(e.get(f.loadAll,{}),(e=>e.tenants)),searchAll:(s,o,a,n,r)=>t.transformResponse(e.post(f.searchAll,{tenantIds:s,tenantNames:o,tenantSelfProvisioningDomains:a,customAttributes:n,parentTenantId:r}),(e=>e.tenants)),getSettings:s=>t.transformResponse(e.get(f.settings,{queryParams:{id:s}}),(e=>e)),configureSettings:(s,o)=>t.transformResponse(e.post(f.settings,Object.assign(Object.assign({},o),{tenantId:s}),{})),generateSSOConfigurationLink:(s,o,a,n,r,i)=>t.transformResponse(e.post(f.generateSSOConfigurationLink,{tenantId:s,expireTime:o,ssoId:a,email:n,templateId:r,actorId:i},{}),(e=>e))}),q=e=>({update:(s,o,a)=>t.transformResponse(e.post(I.update,{jwt:s,customClaims:o,refreshDuration:a})),impersonate:(s,o,a,n,r,i)=>t.transformResponse(e.post(I.impersonate,{impersonatorId:s,loginId:o,validateConsent:a,customClaims:n,selectedTenant:r,refreshDuration:i})),stopImpersonation:(s,o,a,n)=>t.transformResponse(e.post(I.stopImpersonation,{jwt:s,customClaims:o,selectedTenant:a,refreshDuration:n})),signIn:(s,o)=>t.transformResponse(e.post(I.signIn,Object.assign({loginId:s},o))),signUp:(s,o,a)=>t.transformResponse(e.post(I.signUp,Object.assign({loginId:s,user:o},a))),signUpOrIn:(s,o,a)=>t.transformResponse(e.post(I.signUpOrIn,Object.assign({loginId:s,user:o},a))),anonymous:(s,o,a)=>t.transformResponse(e.post(I.anonymous,{customClaims:s,selectedTenant:o,refreshDuration:a})),generateClientAssertionJwt:(s,o,a,n,r,i)=>t.transformResponse(e.post(I.clientAssertion,{issuer:s,subject:o,audience:a,expiresIn:n,flattenAudience:r,algorithm:i}))}),B=e=>({create:(s,o)=>t.transformResponse(e.post(T.create,{name:s,description:o})),update:(s,o,a)=>t.transformResponse(e.post(T.update,{name:s,newName:o,description:a})),delete:s=>t.transformResponse(e.post(T.delete,{name:s})),loadAll:()=>t.transformResponse(e.get(T.loadAll,{}),(e=>e.permissions))}),F=e=>({create:(s,o,a,n,r)=>t.transformResponse(e.post(A.create,{name:s,description:o,permissionNames:a,tenantId:n,default:r})),update:(s,o,a,n,r,i)=>t.transformResponse(e.post(A.update,{name:s,newName:o,description:a,permissionNames:n,tenantId:r,default:i})),delete:(s,o)=>t.transformResponse(e.post(A.delete,{name:s,tenantId:o})),loadAll:()=>t.transformResponse(e.get(A.loadAll,{}),(e=>e.roles)),search:s=>t.transformResponse(e.post(A.search,s,{}),(e=>e.roles))}),K=e=>({loadAllGroups:s=>t.transformResponse(e.post(j.loadAllGroups,{tenantId:s})),loadAllGroupsForMember:(s,o,a)=>t.transformResponse(e.post(j.loadAllGroupsForMember,{tenantId:s,loginIds:a,userIds:o})),loadAllGroupMembers:(s,o)=>t.transformResponse(e.post(j.loadAllGroupMembers,{tenantId:s,groupId:o}))});function $(e){var t,s;const o=e;return o.oidc&&(o.oidc=Object.assign(Object.assign({},o.oidc),{attributeMapping:o.oidc.userAttrMapping}),delete o.oidc.userAttrMapping),(null===(t=o.saml)||void 0===t?void 0:t.groupsMapping)&&(o.saml.groupsMapping=null===(s=o.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),o}const J=e=>({getSettings:s=>t.transformResponse(e.get(b.settings,{queryParams:{tenantId:s}}),(e=>e)),newSettings:(s,o,a)=>t.transformResponse(e.post(b.settingsNew,Object.assign(Object.assign({tenantId:s},o?{ssoId:o}:{}),{displayName:a})),(e=>$(e))),deleteSettings:(s,o)=>t.transformResponse(e.delete(b.settings,{queryParams:Object.assign({tenantId:s},o?{ssoId:o}:{})})),configureSettings:(s,o,a,n,r,i)=>t.transformResponse(e.post(b.settings,{tenantId:s,idpURL:o,entityId:n,idpCert:a,redirectURL:r,domains:i})),configureMetadata:(s,o,a,n)=>t.transformResponse(e.post(b.metadata,{tenantId:s,idpMetadataURL:o,redirectURL:a,domains:n})),configureMapping:(s,o,a,n)=>t.transformResponse(e.post(b.mapping,{tenantId:s,roleMappings:o,attributeMapping:a,defaultSSORoles:n})),configureOIDCSettings:(s,o,a,n)=>{const r=Object.assign(Object.assign({},o),{userAttrMapping:o.attributeMapping});return delete r.attributeMapping,t.transformResponse(e.post(b.oidc.configure,Object.assign({tenantId:s,settings:r,domains:a},n?{ssoId:n}:{})))},configureSAMLSettings:(s,o,a,n,r)=>t.transformResponse(e.post(b.saml.configure,Object.assign({tenantId:s,settings:o,redirectUrl:a,domains:n},r?{ssoId:r}:{}))),configureSAMLByMetadata:(s,o,a,n,r)=>t.transformResponse(e.post(b.saml.metadata,Object.assign({tenantId:s,settings:o,redirectUrl:a,domains:n},r?{ssoId:r}:{}))),loadSettings:(s,o)=>t.transformResponse(e.get(b.settingsv2,{queryParams:Object.assign({tenantId:s},o?{ssoId:o}:{})}),(e=>$(e))),loadAllSettings:s=>t.transformResponse(e.get(b.settingsAllV2,{queryParams:{tenantId:s}}),(e=>function(e){const t=e.SSOSettings,s=[];return t.forEach((e=>s.push($(e)))),s}(e)))}),z=e=>({create:(s,o,a,n,r,i,p,d,m)=>t.transformResponse(e.post(g.create,{name:s,expireTime:o,roleNames:a,keyTenants:n,userId:r,customClaims:i,description:p,permittedIps:d,customAttributes:m})),load:s=>t.transformResponse(e.get(g.load,{queryParams:{id:s}}),(e=>e.key)),searchAll:(s,o,a,n)=>t.transformResponse(e.post(g.search,{tenantIds:s,boundUserId:o,creatingUser:a,customAttributes:n}),(e=>e.keys)),update:(s,o,a,n,r,i,p,d)=>t.transformResponse(e.post(g.update,{id:s,name:o,description:a,roleNames:n,keyTenants:r,customClaims:i,permittedIps:p,customAttributes:d}),(e=>e.key)),deactivate:s=>t.transformResponse(e.post(g.deactivate,{id:s})),activate:s=>t.transformResponse(e.post(g.activate,{id:s})),delete:s=>t.transformResponse(e.post(g.delete,{id:s}))}),W=e=>({list:()=>t.transformResponse(e.post(O.list,{})),delete:s=>t.transformResponse(e.post(O.delete,{ids:s})),export:s=>t.transformResponse(e.post(O.export,{flowId:s})),import:(s,o,a)=>t.transformResponse(e.post(O.import,{flowId:s,flow:o,screens:a})),run:(s,o)=>t.transformResponse(e.post(O.run,{flowId:s,options:o}),(e=>null==e?void 0:e.output))}),G=e=>({export:()=>t.transformResponse(e.post(w.export,{})),import:s=>t.transformResponse(e.post(w.import,{theme:s}))}),H=e=>({search:s=>{const o=Object.assign(Object.assign({},s),{externalIds:s.loginIds});return delete o.loginIds,t.transformResponse(e.post(S.search,o),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))},createEvent:s=>{const o=Object.assign({},s);return t.transformResponse(e.post(S.createEvent,o))}}),V=(e,s)=>{var o;const a=null!==(o=null==s?void 0:s.fgaCacheTimeoutMs)&&void 0!==o?o:3e4,n=Number.isFinite(a)&&a>0?a:3e4,r=async(t,o)=>{if((null==s?void 0:s.fgaCacheUrl)&&s.managementKey){const e=`${s.fgaCacheUrl}${t}`,a=new AbortController,r=setTimeout((()=>a.abort()),n);try{const t=await i(e,{method:"POST",headers:Object.assign(Object.assign({},s.headers),{"Content-Type":"application/json",Authorization:`Bearer ${s.projectId}:${s.managementKey}`,"x-descope-project-id":s.projectId}),body:JSON.stringify(o),signal:a.signal});if(t.ok){const e=await t.text();return t.text=()=>Promise.resolve(e),t.json=async()=>JSON.parse(e),t.clone=()=>t,t}}catch(e){}finally{clearTimeout(r)}}return e.post(t,o)};return{saveSchema:(s,o)=>t.transformResponse(e.post(U.schemaSave,{schema:s,upgrade:o})),deleteSchema:()=>t.transformResponse(e.post(U.schemaDelete,{})),loadSchema:()=>t.transformResponse(e.post(U.schemaLoad,{}),(e=>e.schema)),saveNamespace:(s,o,a)=>t.transformResponse(e.post(U.nsSave,{namespace:s,oldName:o,schemaName:a})),deleteNamespace:(s,o)=>t.transformResponse(e.post(U.nsDelete,{name:s,schemaName:o})),saveRelationDefinition:(s,o,a,n)=>t.transformResponse(e.post(U.rdSave,{relationDefinition:s,namespace:o,oldName:a,schemaName:n})),deleteRelationDefinition:(s,o,a)=>t.transformResponse(e.post(U.rdDelete,{name:s,namespace:o,schemaName:a})),createRelations:s=>t.transformResponse(e.post(U.reCreate,{relations:s})),deleteRelations:s=>t.transformResponse(e.post(U.reDelete,{relations:s})),deleteRelationsForResources:s=>t.transformResponse(e.post(U.reDeleteResources,{resources:s})),deleteResourceRelationsForResources:s=>t.transformResponse(e.post(U.reDeleteResourceRelationsForResources,{resources:s})),deleteRelationsForIds:s=>t.transformResponse(e.post(U.reDeleteResources,{resources:s})),hasRelations:s=>t.transformResponse(e.post(U.hasRelations,{relationQueries:s}),(e=>e.relationQueries)),whoCanAccess:(e,s,o)=>t.transformResponse(r(U.who,{resource:e,relationDefinition:s,namespace:o}),(e=>e.targets)),resourceRelations:(s,o=!1)=>t.transformResponse(e.post(U.resource,{resource:s,ignoreTargetSetRelations:o}),(e=>e.relations)),targetsRelations:(s,o=!1)=>t.transformResponse(e.post(U.targets,{targets:s,includeTargetSetRelations:o}),(e=>e.relations)),whatCanTargetAccess:e=>t.transformResponse(r(U.targetAll,{target:e}),(e=>e.relations)),whatCanTargetAccessWithRelation:(s,o,a)=>t.transformResponse(e.post(U.targetWithRelation,{target:s,relationDefinition:o,namespace:a}),(e=>e.resources.map((e=>({resource:e}))))),getModified:s=>t.transformResponse(e.post(U.getModified,{since:s?s.getTime():0}),(e=>e))}},_=e=>({createOidcApplication:s=>{var o;return t.transformResponse(e.post(v.oidcCreate,Object.assign(Object.assign({},s),{enabled:null===(o=s.enabled)||void 0===o||o})))},createSamlApplication:s=>{var o;return t.transformResponse(e.post(v.samlCreate,Object.assign(Object.assign({},s),{enabled:null===(o=s.enabled)||void 0===o||o})))},updateOidcApplication:s=>t.transformResponse(e.post(v.oidcUpdate,Object.assign({},s))),updateSamlApplication:s=>t.transformResponse(e.post(v.samlUpdate,Object.assign({},s))),createWsFedApplication:s=>{var o;return t.transformResponse(e.post(v.wsfedCreate,Object.assign(Object.assign({},s),{enabled:null===(o=s.enabled)||void 0===o||o})))},updateWsFedApplication:s=>t.transformResponse(e.post(v.wsfedUpdate,Object.assign({},s))),delete:s=>t.transformResponse(e.post(v.delete,{id:s})),load:s=>t.transformResponse(e.get(v.load,{queryParams:{id:s}}),(e=>e)),loadAll:()=>t.transformResponse(e.get(v.loadAll,{}),(e=>e.apps))}),Q=e=>({getSettings:s=>t.transformResponse(e.get(k.settings,{queryParams:{tenantId:s}}),(e=>e)),configureSettings:(s,o)=>t.transformResponse(e.post(k.settings,Object.assign(Object.assign({},o),{tenantId:s})))}),X=(e,s)=>{var o;const a=null!==(o=null==s?void 0:s.fgaCacheTimeoutMs)&&void 0!==o?o:3e4,n=Number.isFinite(a)&&a>0?a:3e4,r=async(t,o)=>{if((null==s?void 0:s.fgaCacheUrl)&&s.managementKey){const e=`${s.fgaCacheUrl}${t}`,a=new AbortController,r=setTimeout((()=>a.abort()),n);try{const t=await i(e,{method:"POST",headers:Object.assign(Object.assign({},s.headers),{"Content-Type":"application/json",Authorization:`Bearer ${s.projectId}:${s.managementKey}`,"x-descope-project-id":s.projectId}),body:JSON.stringify(o),signal:a.signal});if(t.ok){const e=await t.text();return t.text=()=>Promise.resolve(e),t.json=async()=>JSON.parse(e),t.clone=()=>t,t}}catch(e){}finally{clearTimeout(r)}}return e.post(t,o)};return{saveSchema:e=>t.transformResponse(r(N.schema,e)),deleteSchema:()=>t.transformResponse(e.post(U.schemaDelete,{})),createRelations:e=>t.transformResponse(r(N.relations,{tuples:e})),deleteRelations:e=>t.transformResponse(r(N.deleteRelations,{tuples:e})),check:e=>t.transformResponse(r(N.check,{tuples:e}),(e=>e.tuples)),loadResourcesDetails:s=>t.transformResponse(e.post(N.resourcesLoad,{resourceIdentifiers:s}),(e=>e.resourcesDetails)),saveResourcesDetails:s=>t.transformResponse(e.post(N.resourcesSave,{resourcesDetails:s})),deleteAllRelations:()=>t.transformResponse(e.delete(N.relations))}},Y=e=>({createApplication:s=>t.transformResponse(e.post(h.create,Object.assign({},s))),updateApplication:s=>t.transformResponse(e.post(h.update,Object.assign({},s))),patchApplication:s=>t.transformResponse(e.post(h.patch,Object.assign({},s))),deleteApplication:s=>t.transformResponse(e.post(h.delete,{id:s})),loadApplication:s=>t.transformResponse(e.get(h.load,{queryParams:{id:s}}),(e=>e)),loadAllApplications:()=>t.transformResponse(e.get(h.loadAll,{}),(e=>e.apps)),getApplicationSecret:s=>t.transformResponse(e.get(h.secret,{queryParams:{id:s}}),(e=>e)),rotateApplicationSecret:s=>t.transformResponse(e.post(h.rotate,{id:s})),searchConsents:s=>t.transformResponse(e.post(R.search,Object.assign({},s)),(e=>e.consents)),deleteConsents:s=>t.transformResponse(e.post(R.delete,Object.assign({},s)))}),Z=e=>({createApplication:s=>t.transformResponse(e.post(y.create,Object.assign({},s)),(e=>e.app)),createApplicationByTemplate:s=>t.transformResponse(e.post(y.createByTemplate,Object.assign({},s)),(e=>e.app)),updateApplication:s=>t.transformResponse(e.post(y.update,{app:s}),(e=>e.app)),deleteApplication:s=>t.transformResponse(e.post(y.delete,{id:s})),loadApplication:s=>t.transformResponse(e.get(`${y.load}/${s}`),(e=>e.app)),loadAllApplications:()=>t.transformResponse(e.get(y.loadAll,{}),(e=>e.apps)),fetchTokenByScopes:(s,o,a,n,r)=>t.transformResponse(e.post(y.fetchTokenByScopes,{appId:s,userId:o,scopes:a,options:n,tenantId:r}),(e=>e.token)),fetchToken:(s,o,a,n)=>t.transformResponse(e.post(y.fetchToken,{appId:s,userId:o,tenantId:a,options:n}),(e=>e.token)),fetchTenantTokenByScopes:(s,o,a,n)=>t.transformResponse(e.post(y.fetchTenantTokenByScopes,{appId:s,tenantId:o,scopes:a,options:n}),(e=>e.token)),fetchTenantToken:(s,o,a)=>t.transformResponse(e.post(y.fetchTenantToken,{appId:s,tenantId:o,options:a}),(e=>e.token)),deleteUserTokens:(s,o)=>t.transformResponse(e.delete(y.deleteUserTokens,{queryParams:{appId:s,userId:o}})),deleteTokenById:s=>t.transformResponse(e.delete(y.deleteTokenById,{queryParams:{id:s}})),listAppsWithUserToken:(s,o)=>t.transformResponse(e.get(y.listAppsWithUserToken,{queryParams:Object.assign({userId:s},o?{tenantId:o}:{})}),(e=>e.appIds)),uploadUserApiKey:(s,o,a,n)=>t.transformResponse(e.post(y.uploadUserApiKey,{appId:s,userId:o,apiKey:a,tenantId:n})),uploadTenantApiKey:(s,o,a)=>t.transformResponse(e.post(y.uploadTenantApiKey,{appId:s,tenantId:o,apiKey:a})),uploadUserToken:s=>t.transformResponse(e.post(y.uploadUserToken,Object.assign({},s))),uploadTenantToken:s=>t.transformResponse(e.post(y.uploadTenantToken,Object.assign({},s))),batchUploadUserTokens:s=>t.transformResponse(e.post(y.batchUploadUserTokens,{tokens:s})),batchUploadTenantTokens:s=>t.transformResponse(e.post(y.batchUploadTenantTokens,{tokens:s}))}),ee=e=>({create:s=>t.transformResponse(e.put(P.create,{descopers:s}),(e=>({descopers:e.descopers,total:e.total}))),update:(s,o,a)=>t.transformResponse(e.patch(P.update,{id:s,attributes:o,rbac:a}),(e=>e.descoper)),load:s=>t.transformResponse(e.get(P.get,{queryParams:{id:s}}),(e=>e.descoper)),delete:s=>t.transformResponse(e.delete(P.delete,{queryParams:{id:s}})),list:()=>t.transformResponse(e.post(P.list),(e=>({descopers:e.descopers,total:e.total})))}),te=e=>({create:(s,o,a,n,r)=>t.transformResponse(e.put(E.create,{name:s,description:a,expiresIn:n,permittedIps:r,reBac:o})),update:(s,o,a,n,r)=>t.transformResponse(e.patch(E.update,{id:s,name:o,description:a,permittedIps:r,status:n}),(e=>e.key)),delete:s=>t.transformResponse(e.post(E.delete,{ids:s})),load:s=>t.transformResponse(e.get(E.load,{queryParams:{id:s}}),(e=>e.key)),search:()=>t.transformResponse(e.get(E.search),(e=>e.keys))}),se=e=>({create:s=>t.transformResponse(e.post(C.create,{name:s}),(e=>e.engine)),update:(s,o)=>t.transformResponse(e.post(C.update,{id:s,name:o}),(e=>e.engine)),delete:s=>t.transformResponse(e.post(C.delete,{id:s})),load:s=>t.transformResponse(e.get(C.load,{queryParams:{id:s}}),(e=>e.engine)),loadAll:()=>t.transformResponse(e.get(C.loadAll,{}),(e=>e.engines)),rotateSecret:s=>t.transformResponse(e.post(C.rotate,{id:s}),(e=>e))});const oe=o=>{var a,r,c,{authManagementKey:g,managementKey:f,publicKey:v,fgaCacheUrl:h}=o,R=e.__rest(o,["authManagementKey","managementKey","publicKey","fgaCacheUrl"]);const y={"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(a=null===process||void 0===process?void 0:process.versions)||void 0===a?void 0:a.node)||"","x-descope-sdk-version":"2.11.0"},b=Object.assign(Object.assign({fetch:i},R),{baseHeaders:Object.assign(Object.assign({},R.baseHeaders),y),hooks:Object.assign(Object.assign({},R.hooks),{beforeRequest:[e=>(g&&(e.token=e.token?`${e.token}:${g}`:g),e)].concat((null===(r=R.hooks)||void 0===r?void 0:r.beforeRequest)||[])})}),I=n.default(b),{projectId:k,logger:T}=R,A={};let O;const w=Object.assign(Object.assign({fetch:i},R),{baseConfig:{baseHeaders:Object.assign(Object.assign({},R.baseHeaders),y)},hooks:Object.assign(Object.assign({},R.hooks),{beforeRequest:[e=>(e.token=f,O&&(e.headers=Object.assign(Object.assign({},e.headers),{"x-descope-license":O})),e)].concat((null===(c=R.hooks)||void 0===c?void 0:c.beforeRequest)||[])})}),j=t.createHttpClient(w),S=(N={fgaCacheUrl:h,managementKey:f,projectId:k,headers:y},{user:D(U=j),project:(P=U,{updateName:e=>t.transformResponse(P.post(u.updateName,{name:e})),updateTags:e=>t.transformResponse(P.post(u.updateTags,{tags:e})),clone:(e,s,o)=>t.transformResponse(P.post(u.clone,{name:e,environment:s,tags:o})),listProjects:async()=>t.transformResponse(P.post(u.projectsList,{}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:o})=>({id:e,name:t,environment:s,tags:o}))))),exportSnapshot:()=>t.transformResponse(P.post(u.exportSnapshot,{})),importSnapshot:e=>t.transformResponse(P.post(u.importSnapshot,e)),validateSnapshot:e=>t.transformResponse(P.post(u.validateSnapshot,e)),export:()=>t.transformResponse(P.post(u.exportSnapshot,{}),(e=>e.files)),import:e=>t.transformResponse(P.post(u.importSnapshot,{files:e}))}),accessKey:z(U),tenant:L(U),ssoApplication:_(U),inboundApplication:Y(U),outboundApplication:Z(U),sso:J(U),jwt:q(U),permission:B(U),password:Q(U),role:F(U),group:K(U),flow:W(U),theme:G(U),audit:H(U),authz:V(U,N),fga:X(U,N),descoper:ee(U),managementKey:te(U),engine:se(U)});var U,N,P;f&&(e=>({get:()=>t.transformResponse(e.get(x.get))}))(j).get().then((e=>{var t;e.ok&&(null===(t=e.data)||void 0===t?void 0:t.rateLimitTier)&&(O=e.data.rateLimitTier)})).catch((e=>{var t;null===(t=null==T?void 0:T.warn)||void 0===t||t.call(T,"License handshake failed",e)}));const E=Object.assign(Object.assign({},I),{refresh:async(e,t)=>I.refresh(e,void 0,t),management:S,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(A[e.kid])return A[e.kid];if(Object.assign(A,await(async()=>{if(v)try{const e=JSON.parse(v),t=await s.importJWK(e);return{[e.kid]:t}}catch(e){throw null==T||T.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await I.httpClient.get(`v2/keys/${k}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!A[e.kid])throw Error("failed to fetch matching key");return A[e.kid]},async validateJwt(e,t){const o={clockTolerance:5};(null==t?void 0:t.audience)&&(o.audience=t.audience);const a=(await s.jwtVerify(e,E.getKey,o)).payload;if(a){const e=a.iss;if(!function(e,t){if(e===t)return!0;if(!e||!t)return!1;const s=e=>e[e.length-1]===t||e[e.length-2]===t;try{const{pathname:t}=new URL(e);return s(t.split("/").filter((e=>e.length>0)))}catch(t){return s(e.split("/").filter((e=>e.length>0)))}}("string"==typeof e?e:void 0,k))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");a.iss=k}return{jwt:e,token:a}},async validateSession(e,t){if(!e)throw Error("session token is required for validation");try{return await E.validateJwt(e,t)}catch(e){throw null==T||T.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e,t){var s,o,a,n,r,i;if(!e)throw Error("refresh token is required to refresh a session");try{await E.validateJwt(e);const d=await E.refresh(e);if(d.ok){const e=p(null===(o=null===(s=d.data)||void 0===s?void 0:s.cookies)||void 0===o?void 0:o.join(";"),"DS")||(null===(a=d.data)||void 0===a?void 0:a.sessionJwt),i=await E.validateJwt(e,t);return i.cookies=(null===(n=d.data)||void 0===n?void 0:n.cookies)||[],(null===(r=d.data)||void 0===r?void 0:r.refreshJwt)&&(i.refreshJwt=d.data.refreshJwt),i}throw Error(null===(i=d.error)||void 0===i?void 0:i.errorMessage)}catch(e){throw null==T||T.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t,s){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await E.validateSession(e,s)}catch(e){null==T||T.log(`session validation failed with error ${e} - trying to refresh it`)}return E.refreshSession(t,s)},async exchangeAccessKey(e,t,s){var o;if(!e)throw Error("access key must not be empty");let a;try{a=await E.accessKey.exchange(e,t)}catch(e){throw null==T||T.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!a.ok)throw null==T||T.error("failed to exchange access key",a.error),Error(`could not exchange access key - ${null===(o=a.error)||void 0===o?void 0:o.errorMessage}`);const{sessionJwt:n}=a.data;if(!n)throw null==T||T.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await E.validateJwt(n,s)}catch(e){throw null==T||T.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>E.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>E.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!l(e,t))return!1;const o=m(e,"permissions",t);return s.every((e=>o.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!l(e,t))return[];const o=m(e,"permissions",t);return s.filter((e=>o.includes(e)))},validateRoles:(e,t)=>E.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>E.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!l(e,t))return!1;const o=m(e,"roles",t);return s.every((e=>o.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!l(e,t))return[];const o=m(e,"roles",t);return s.filter((e=>o.includes(e)))}});return t.wrapWith(E,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","otp.verify.im","notp.waitForSession","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","enchantedLink.waitForSession","oauth.exchangeOneTapIDToken","password.signIn","password.signUp","password.replace","oauth.exchange","saml.exchange","totp.verify","selectTenant","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],d)};oe.RefreshTokenCookieName="DSR",oe.SessionTokenCookieName="DS",oe.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"},module.exports=oe;
|
|
2
2
|
//# sourceMappingURL=index.cjs.js.map
|