@famgia/omnify-client-sso-react 1.0.1 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/index.d.mts +348 -7
  2. package/dist/index.d.ts +348 -7
  3. package/dist/index.js +380 -0
  4. package/dist/index.mjs +379 -0
  5. package/package.json +1 -1
package/dist/index.d.mts CHANGED
@@ -4,7 +4,7 @@ import * as react_jsx_runtime from 'react/jsx-runtime';
4
4
  /**
5
5
  * User information from SSO
6
6
  */
7
- interface SsoUser {
7
+ interface SsoUser$1 {
8
8
  id: number;
9
9
  consoleUserId: number;
10
10
  email: string;
@@ -40,7 +40,7 @@ interface SsoConfig {
40
40
  */
41
41
  interface SsoContextValue {
42
42
  /** Current authenticated user */
43
- user: SsoUser | null;
43
+ user: SsoUser$1 | null;
44
44
  /** List of organizations user has access to */
45
45
  organizations: SsoOrganization[];
46
46
  /** Currently selected organization */
@@ -90,14 +90,14 @@ interface SsoProviderProps {
90
90
  children: React.ReactNode;
91
91
  config: SsoConfig;
92
92
  /** Called when auth state changes */
93
- onAuthChange?: (isAuthenticated: boolean, user: SsoUser | null) => void;
93
+ onAuthChange?: (isAuthenticated: boolean, user: SsoUser$1 | null) => void;
94
94
  }
95
95
  /**
96
96
  * Props for SsoCallback component
97
97
  */
98
98
  interface SsoCallbackProps {
99
99
  /** Called on successful login */
100
- onSuccess?: (user: SsoUser, organizations: SsoOrganization[]) => void;
100
+ onSuccess?: (user: SsoUser$1, organizations: SsoOrganization[]) => void;
101
101
  /** Called on error */
102
102
  onError?: (error: Error) => void;
103
103
  /** Redirect path after login */
@@ -151,7 +151,7 @@ declare function SsoProvider({ children, config, onAuthChange }: SsoProviderProp
151
151
  */
152
152
  interface UseAuthReturn {
153
153
  /** Current user or null */
154
- user: SsoUser | null;
154
+ user: SsoUser$1 | null;
155
155
  /** Whether auth is being loaded */
156
156
  isLoading: boolean;
157
157
  /** Whether user is authenticated */
@@ -233,7 +233,7 @@ declare function useOrganization(): UseOrganizationReturn;
233
233
  * Combined SSO hook return type
234
234
  */
235
235
  interface UseSsoReturn {
236
- user: SsoUser | null;
236
+ user: SsoUser$1 | null;
237
237
  isLoading: boolean;
238
238
  isAuthenticated: boolean;
239
239
  login: (redirectTo?: string) => void;
@@ -363,4 +363,345 @@ declare function OrganizationSwitcher({ className, renderTrigger, renderOption,
363
363
  */
364
364
  declare function ProtectedRoute({ children, fallback, loginFallback, requiredRole, requiredPermission, onAccessDenied, }: ProtectedRouteProps): react_jsx_runtime.JSX.Element;
365
365
 
366
- export { OrganizationSwitcher, type OrganizationSwitcherProps, ProtectedRoute, type ProtectedRouteProps, SsoCallback, type SsoCallbackProps, type SsoCallbackResponse, type SsoConfig, SsoContext, type SsoContextValue, type SsoOrganization, SsoProvider, type SsoProviderProps, type SsoUser, type UseAuthReturn, type UseOrganizationReturn, type UseSsoReturn, useAuth, useOrganization, useSso };
366
+ /**
367
+ * SSO Service - API client for SSO endpoints
368
+ *
369
+ * Provides methods for SSO authentication, tokens, roles, permissions, teams
370
+ */
371
+ interface SsoUser {
372
+ id: number;
373
+ console_user_id: number;
374
+ email: string;
375
+ name: string;
376
+ }
377
+ interface Organization {
378
+ id: number;
379
+ slug: string;
380
+ name: string;
381
+ role: string;
382
+ }
383
+ interface Role {
384
+ id: number;
385
+ name: string;
386
+ slug: string;
387
+ description: string | null;
388
+ level: number;
389
+ permissions_count?: number;
390
+ created_at: string;
391
+ updated_at: string;
392
+ }
393
+ interface Permission {
394
+ id: number;
395
+ name: string;
396
+ slug: string;
397
+ group: string | null;
398
+ description?: string | null;
399
+ roles_count?: number;
400
+ created_at: string;
401
+ updated_at: string;
402
+ }
403
+ interface RoleWithPermissions extends Role {
404
+ permissions: Permission[];
405
+ }
406
+ interface PermissionMatrix {
407
+ roles: Pick<Role, "id" | "slug" | "name">[];
408
+ permissions: Record<string, Pick<Permission, "id" | "slug" | "name">[]>;
409
+ matrix: Record<string, string[]>;
410
+ }
411
+ interface ApiToken {
412
+ id: number;
413
+ name: string;
414
+ last_used_at: string | null;
415
+ created_at: string;
416
+ is_current: boolean;
417
+ }
418
+ interface TeamWithPermissions {
419
+ console_team_id: number;
420
+ name: string;
421
+ path: string | null;
422
+ permissions: Pick<Permission, "id" | "slug">[];
423
+ }
424
+ interface TeamPermissionDetail {
425
+ console_team_id: number;
426
+ permissions: Pick<Permission, "id" | "slug" | "name">[];
427
+ }
428
+ interface OrphanedTeam {
429
+ console_team_id: number;
430
+ permissions_count: number;
431
+ permissions: string[];
432
+ deleted_at: string | null;
433
+ }
434
+ interface SsoCallbackInput {
435
+ code: string;
436
+ device_name?: string;
437
+ }
438
+ interface CreateRoleInput {
439
+ slug: string;
440
+ name: string;
441
+ level: number;
442
+ description?: string;
443
+ }
444
+ interface UpdateRoleInput {
445
+ name?: string;
446
+ level?: number;
447
+ description?: string | null;
448
+ }
449
+ interface CreatePermissionInput {
450
+ slug: string;
451
+ name: string;
452
+ group?: string;
453
+ description?: string;
454
+ }
455
+ interface UpdatePermissionInput {
456
+ name?: string;
457
+ group?: string | null;
458
+ description?: string | null;
459
+ }
460
+ interface SyncPermissionsInput {
461
+ permissions: (number | string)[];
462
+ }
463
+ interface CleanupOrphanedInput {
464
+ console_team_id?: number;
465
+ older_than_days?: number;
466
+ }
467
+ interface SsoServiceConfig {
468
+ apiUrl: string;
469
+ }
470
+ declare function createSsoService(config: SsoServiceConfig): {
471
+ /**
472
+ * Exchange SSO authorization code for tokens
473
+ * POST /api/sso/callback
474
+ */
475
+ callback: (input: SsoCallbackInput) => Promise<{
476
+ user: SsoUser;
477
+ organizations: Organization[];
478
+ token?: string;
479
+ }>;
480
+ /**
481
+ * Logout current user and revoke tokens
482
+ * POST /api/sso/logout
483
+ */
484
+ logout: () => Promise<{
485
+ message: string;
486
+ }>;
487
+ /**
488
+ * Get current authenticated user with organizations
489
+ * GET /api/sso/user
490
+ */
491
+ getUser: () => Promise<{
492
+ user: SsoUser;
493
+ organizations: Organization[];
494
+ }>;
495
+ /**
496
+ * Get Console SSO global logout URL
497
+ * GET /api/sso/global-logout-url
498
+ */
499
+ getGlobalLogoutUrl: (redirectUri?: string) => Promise<{
500
+ logout_url: string;
501
+ }>;
502
+ /**
503
+ * List all API tokens for current user
504
+ * GET /api/sso/tokens
505
+ */
506
+ getTokens: () => Promise<{
507
+ tokens: ApiToken[];
508
+ }>;
509
+ /**
510
+ * Revoke a specific token
511
+ * DELETE /api/sso/tokens/{tokenId}
512
+ */
513
+ revokeToken: (tokenId: number) => Promise<{
514
+ message: string;
515
+ }>;
516
+ /**
517
+ * Revoke all tokens except current
518
+ * POST /api/sso/tokens/revoke-others
519
+ */
520
+ revokeOtherTokens: () => Promise<{
521
+ message: string;
522
+ revoked_count: number;
523
+ }>;
524
+ /**
525
+ * Get all roles
526
+ * GET /api/sso/roles
527
+ */
528
+ getRoles: () => Promise<{
529
+ data: Role[];
530
+ }>;
531
+ /**
532
+ * Get single role with permissions
533
+ * GET /api/sso/roles/{id}
534
+ */
535
+ getRole: (id: number) => Promise<{
536
+ data: RoleWithPermissions;
537
+ }>;
538
+ /**
539
+ * Get all permissions
540
+ * GET /api/sso/permissions
541
+ */
542
+ getPermissions: (params?: {
543
+ group?: string;
544
+ search?: string;
545
+ grouped?: boolean;
546
+ }) => Promise<{
547
+ data: Permission[];
548
+ groups: string[];
549
+ }>;
550
+ /**
551
+ * Get permission matrix (roles x permissions)
552
+ * GET /api/sso/permission-matrix
553
+ */
554
+ getPermissionMatrix: () => Promise<PermissionMatrix>;
555
+ /**
556
+ * List all roles (admin)
557
+ * GET /api/admin/sso/roles
558
+ */
559
+ adminGetRoles: (orgSlug: string) => Promise<{
560
+ data: Role[];
561
+ }>;
562
+ /**
563
+ * Get single role (admin)
564
+ * GET /api/admin/sso/roles/{id}
565
+ */
566
+ adminGetRole: (id: number, orgSlug: string) => Promise<{
567
+ data: RoleWithPermissions;
568
+ }>;
569
+ /**
570
+ * Create role (admin only)
571
+ * POST /api/admin/sso/roles
572
+ */
573
+ createRole: (input: CreateRoleInput, orgSlug: string) => Promise<{
574
+ data: Role;
575
+ message: string;
576
+ }>;
577
+ /**
578
+ * Update role (admin only)
579
+ * PUT /api/admin/sso/roles/{id}
580
+ */
581
+ updateRole: (id: number, input: UpdateRoleInput, orgSlug: string) => Promise<{
582
+ data: Role;
583
+ message: string;
584
+ }>;
585
+ /**
586
+ * Delete role (admin only)
587
+ * DELETE /api/admin/sso/roles/{id}
588
+ */
589
+ deleteRole: (id: number, orgSlug: string) => Promise<void>;
590
+ /**
591
+ * Get role's permissions (admin)
592
+ * GET /api/admin/sso/roles/{id}/permissions
593
+ */
594
+ getRolePermissions: (id: number, orgSlug: string) => Promise<{
595
+ role: Pick<Role, "id" | "slug" | "name">;
596
+ permissions: Permission[];
597
+ }>;
598
+ /**
599
+ * Sync role's permissions (admin)
600
+ * PUT /api/admin/sso/roles/{id}/permissions
601
+ */
602
+ syncRolePermissions: (id: number, input: SyncPermissionsInput, orgSlug: string) => Promise<{
603
+ message: string;
604
+ attached: number;
605
+ detached: number;
606
+ }>;
607
+ /**
608
+ * List all permissions (admin)
609
+ * GET /api/admin/sso/permissions
610
+ */
611
+ adminGetPermissions: (orgSlug: string, params?: {
612
+ group?: string;
613
+ search?: string;
614
+ grouped?: boolean;
615
+ }) => Promise<{
616
+ data: Permission[];
617
+ groups: string[];
618
+ }>;
619
+ /**
620
+ * Get single permission (admin)
621
+ * GET /api/admin/sso/permissions/{id}
622
+ */
623
+ adminGetPermission: (id: number, orgSlug: string) => Promise<{
624
+ data: Permission;
625
+ }>;
626
+ /**
627
+ * Create permission (admin only)
628
+ * POST /api/admin/sso/permissions
629
+ */
630
+ createPermission: (input: CreatePermissionInput, orgSlug: string) => Promise<{
631
+ data: Permission;
632
+ message: string;
633
+ }>;
634
+ /**
635
+ * Update permission (admin only)
636
+ * PUT /api/admin/sso/permissions/{id}
637
+ */
638
+ updatePermission: (id: number, input: UpdatePermissionInput, orgSlug: string) => Promise<{
639
+ data: Permission;
640
+ message: string;
641
+ }>;
642
+ /**
643
+ * Delete permission (admin only)
644
+ * DELETE /api/admin/sso/permissions/{id}
645
+ */
646
+ deletePermission: (id: number, orgSlug: string) => Promise<void>;
647
+ /**
648
+ * Get permission matrix (admin)
649
+ * GET /api/admin/sso/permission-matrix
650
+ */
651
+ adminGetPermissionMatrix: (orgSlug: string) => Promise<PermissionMatrix>;
652
+ /**
653
+ * Get all teams with their permissions (admin only)
654
+ * GET /api/admin/sso/teams/permissions
655
+ */
656
+ getTeamPermissions: (orgSlug: string) => Promise<{
657
+ teams: TeamWithPermissions[];
658
+ }>;
659
+ /**
660
+ * Get specific team permissions (admin only)
661
+ * GET /api/admin/sso/teams/{teamId}/permissions
662
+ */
663
+ getTeamPermission: (teamId: number, orgSlug: string) => Promise<TeamPermissionDetail>;
664
+ /**
665
+ * Sync team permissions (admin only)
666
+ * PUT /api/admin/sso/teams/{teamId}/permissions
667
+ */
668
+ syncTeamPermissions: (teamId: number, input: SyncPermissionsInput, orgSlug: string) => Promise<{
669
+ message: string;
670
+ console_team_id: number;
671
+ attached: number;
672
+ detached: number;
673
+ }>;
674
+ /**
675
+ * Remove all permissions for a team (admin only)
676
+ * DELETE /api/admin/sso/teams/{teamId}/permissions
677
+ */
678
+ removeTeamPermissions: (teamId: number, orgSlug: string) => Promise<void>;
679
+ /**
680
+ * List orphaned team permissions (admin only)
681
+ * GET /api/admin/sso/teams/orphaned
682
+ */
683
+ getOrphanedTeamPermissions: (orgSlug: string) => Promise<{
684
+ orphaned_teams: OrphanedTeam[];
685
+ total_orphaned_permissions: number;
686
+ }>;
687
+ /**
688
+ * Restore orphaned team permissions (admin only)
689
+ * POST /api/admin/sso/teams/orphaned/{teamId}/restore
690
+ */
691
+ restoreOrphanedTeamPermissions: (teamId: number, orgSlug: string) => Promise<{
692
+ message: string;
693
+ console_team_id: number;
694
+ restored_count: number;
695
+ }>;
696
+ /**
697
+ * Cleanup orphaned team permissions (admin only)
698
+ * DELETE /api/admin/sso/teams/orphaned
699
+ */
700
+ cleanupOrphanedTeamPermissions: (orgSlug: string, input?: CleanupOrphanedInput) => Promise<{
701
+ message: string;
702
+ deleted_count: number;
703
+ }>;
704
+ };
705
+ type SsoService = ReturnType<typeof createSsoService>;
706
+
707
+ export { type ApiToken, type CleanupOrphanedInput, type CreatePermissionInput, type CreateRoleInput, type Organization, OrganizationSwitcher, type OrganizationSwitcherProps, type OrphanedTeam, type Permission, type PermissionMatrix, ProtectedRoute, type ProtectedRouteProps, type Role, type RoleWithPermissions, SsoCallback, type SsoCallbackInput, type SsoCallbackProps, type SsoCallbackResponse, type SsoConfig, SsoContext, type SsoContextValue, type SsoOrganization, SsoProvider, type SsoProviderProps, type SsoService, type SsoServiceConfig, type SsoUser as SsoServiceUser, type SsoUser$1 as SsoUser, type SyncPermissionsInput, type TeamPermissionDetail, type TeamWithPermissions, type UpdatePermissionInput, type UpdateRoleInput, type UseAuthReturn, type UseOrganizationReturn, type UseSsoReturn, createSsoService, useAuth, useOrganization, useSso };