@feelflow/ffid-sdk 1.10.0 → 1.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-PSSNMEJB.js → chunk-GW23IWNE.js} +502 -387
- package/dist/{chunk-OAPA5VKR.cjs → chunk-WZZP7SQB.cjs} +502 -387
- package/dist/components/index.cjs +7 -7
- package/dist/components/index.d.cts +1 -1
- package/dist/components/index.d.ts +1 -1
- package/dist/components/index.js +1 -1
- package/dist/{index-DsXjcF0i.d.cts → index-DMgtXEt5.d.cts} +20 -5
- package/dist/{index-DsXjcF0i.d.ts → index-DMgtXEt5.d.ts} +20 -5
- package/dist/index.cjs +22 -22
- package/dist/index.d.cts +6 -6
- package/dist/index.d.ts +6 -6
- package/dist/index.js +2 -2
- package/dist/server/index.cjs +487 -374
- package/dist/server/index.d.cts +24 -9
- package/dist/server/index.d.ts +24 -9
- package/dist/server/index.js +487 -374
- package/package.json +1 -1
package/dist/server/index.d.cts
CHANGED
|
@@ -27,6 +27,8 @@ interface FFIDCacheConfig {
|
|
|
27
27
|
* Core types for the FeelFlow ID SDK
|
|
28
28
|
*/
|
|
29
29
|
|
|
30
|
+
/** Authentication mode for FFID client */
|
|
31
|
+
type FFIDAuthMode = 'cookie' | 'token' | 'service-key';
|
|
30
32
|
/**
|
|
31
33
|
* User information from FFID
|
|
32
34
|
*/
|
|
@@ -129,6 +131,17 @@ interface FFIDOAuthUserInfo {
|
|
|
129
131
|
organizationId?: string | null | undefined;
|
|
130
132
|
subscription?: FFIDOAuthUserInfoSubscription | undefined;
|
|
131
133
|
}
|
|
134
|
+
/** Options for verifyAccessToken */
|
|
135
|
+
interface FFIDVerifyAccessTokenOptions {
|
|
136
|
+
/**
|
|
137
|
+
* When true, fetches profile info (email, name, picture) via introspect API
|
|
138
|
+
* after local JWT verification. No effect when verifyStrategy is 'introspect'
|
|
139
|
+
* (profile is always included).
|
|
140
|
+
* Requires {@link FFIDConfig.serviceApiKey} to be configured when using jwt strategy.
|
|
141
|
+
* @default false
|
|
142
|
+
*/
|
|
143
|
+
includeProfile?: boolean;
|
|
144
|
+
}
|
|
132
145
|
/**
|
|
133
146
|
* SDK configuration options
|
|
134
147
|
*/
|
|
@@ -156,7 +169,7 @@ interface FFIDConfig {
|
|
|
156
169
|
/** Callback on authentication error */
|
|
157
170
|
onError?: ((error: FFIDError) => void) | undefined;
|
|
158
171
|
/** Authentication mode: 'cookie' (default), 'token' (OAuth Bearer), or 'service-key' (server-to-server) */
|
|
159
|
-
authMode?:
|
|
172
|
+
authMode?: FFIDAuthMode | undefined;
|
|
160
173
|
/** Client ID for token mode (defaults to serviceCode if not set) */
|
|
161
174
|
clientId?: string | undefined;
|
|
162
175
|
/** Custom redirect URI for OAuth flow (defaults to window.location.origin + window.location.pathname) */
|
|
@@ -168,14 +181,16 @@ interface FFIDConfig {
|
|
|
168
181
|
* - 'jwt': Local JWT verification via JWKS (default, lower latency)
|
|
169
182
|
* - 'introspect': Remote introspection via /api/v1/oauth/introspect
|
|
170
183
|
*
|
|
171
|
-
* JWT verification returns limited claims (no email/name/picture/subscription).
|
|
172
|
-
* Use 'introspect' if you need full user profile data
|
|
184
|
+
* JWT verification returns limited claims (no email/name/picture/subscription) by default.
|
|
185
|
+
* Use 'introspect' if you always need full user profile data, or pass
|
|
186
|
+
* { includeProfile: true } to verifyAccessToken() for on-demand profile fetching.
|
|
173
187
|
*/
|
|
174
188
|
verifyStrategy?: 'jwt' | 'introspect' | undefined;
|
|
175
189
|
/**
|
|
176
190
|
* Cache configuration for token verification results.
|
|
177
191
|
* When set, introspect/userinfo responses are cached to reduce API calls.
|
|
178
|
-
*
|
|
192
|
+
* Effective in service-key mode with verifyStrategy: 'introspect',
|
|
193
|
+
* or with verifyStrategy: 'jwt' when includeProfile: true is used.
|
|
179
194
|
*/
|
|
180
195
|
cache?: FFIDCacheConfig | undefined;
|
|
181
196
|
/**
|
|
@@ -332,7 +347,7 @@ declare function createTokenStore(storageType?: 'localStorage' | 'memory'): Toke
|
|
|
332
347
|
declare function createFFIDClient(config: FFIDConfig): {
|
|
333
348
|
getSession: () => Promise<FFIDApiResponse<FFIDSessionResponse>>;
|
|
334
349
|
signOut: () => Promise<FFIDApiResponse<void>>;
|
|
335
|
-
redirectToLogin: () => boolean
|
|
350
|
+
redirectToLogin: () => Promise<boolean>;
|
|
336
351
|
getLoginUrl: (redirectUrl?: string) => string;
|
|
337
352
|
getSignupUrl: (redirectUrl?: string) => string;
|
|
338
353
|
createError: (code: string, message: string) => FFIDError;
|
|
@@ -344,11 +359,11 @@ declare function createFFIDClient(config: FFIDConfig): {
|
|
|
344
359
|
}) => Promise<FFIDApiResponse<FFIDSubscriptionCheckResponse>>;
|
|
345
360
|
createCheckoutSession: (params: FFIDCreateCheckoutParams) => Promise<FFIDApiResponse<FFIDCheckoutSessionResponse>>;
|
|
346
361
|
createPortalSession: (params: FFIDCreatePortalParams) => Promise<FFIDApiResponse<FFIDPortalSessionResponse>>;
|
|
347
|
-
verifyAccessToken: (accessToken: string) => Promise<FFIDApiResponse<FFIDOAuthUserInfo>>;
|
|
362
|
+
verifyAccessToken: (accessToken: string, options?: FFIDVerifyAccessTokenOptions) => Promise<FFIDApiResponse<FFIDOAuthUserInfo>>;
|
|
348
363
|
/** Token store (token mode only) */
|
|
349
364
|
tokenStore: TokenStore;
|
|
350
365
|
/** Resolved auth mode */
|
|
351
|
-
authMode:
|
|
366
|
+
authMode: FFIDAuthMode;
|
|
352
367
|
/** Resolved logger instance */
|
|
353
368
|
logger: FFIDLogger;
|
|
354
369
|
baseUrl: string;
|
|
@@ -388,7 +403,7 @@ interface VerifyAccessTokenDeps {
|
|
|
388
403
|
* - 'jwt': Local JWT verification via JWKS (default, lower latency)
|
|
389
404
|
* - 'introspect': Remote token introspection (full user profile data)
|
|
390
405
|
*/
|
|
391
|
-
declare function createVerifyAccessToken(deps: VerifyAccessTokenDeps): (accessToken: string) => Promise<FFIDApiResponse<FFIDOAuthUserInfo>>;
|
|
406
|
+
declare function createVerifyAccessToken(deps: VerifyAccessTokenDeps): (accessToken: string, options?: FFIDVerifyAccessTokenOptions) => Promise<FFIDApiResponse<FFIDOAuthUserInfo>>;
|
|
392
407
|
|
|
393
408
|
/**
|
|
394
409
|
* Create an in-memory cache adapter using a Map.
|
|
@@ -413,4 +428,4 @@ interface KVNamespaceLike {
|
|
|
413
428
|
*/
|
|
414
429
|
declare function createKVCacheAdapter(kv: KVNamespaceLike): FFIDCacheAdapter;
|
|
415
430
|
|
|
416
|
-
export { type FFIDCacheAdapter, type FFIDCacheConfig, type FFIDClient, type FFIDConfig, type FFIDOAuthUserInfo, type FFIDOrganization, type FFIDSubscription, type FFIDUser, type KVNamespaceLike, type TokenData, type TokenStore, createFFIDClient, createKVCacheAdapter, createMemoryCacheAdapter, createTokenStore, createVerifyAccessToken };
|
|
431
|
+
export { type FFIDCacheAdapter, type FFIDCacheConfig, type FFIDClient, type FFIDConfig, type FFIDOAuthUserInfo, type FFIDOrganization, type FFIDSubscription, type FFIDUser, type FFIDVerifyAccessTokenOptions, type KVNamespaceLike, type TokenData, type TokenStore, createFFIDClient, createKVCacheAdapter, createMemoryCacheAdapter, createTokenStore, createVerifyAccessToken };
|
package/dist/server/index.d.ts
CHANGED
|
@@ -27,6 +27,8 @@ interface FFIDCacheConfig {
|
|
|
27
27
|
* Core types for the FeelFlow ID SDK
|
|
28
28
|
*/
|
|
29
29
|
|
|
30
|
+
/** Authentication mode for FFID client */
|
|
31
|
+
type FFIDAuthMode = 'cookie' | 'token' | 'service-key';
|
|
30
32
|
/**
|
|
31
33
|
* User information from FFID
|
|
32
34
|
*/
|
|
@@ -129,6 +131,17 @@ interface FFIDOAuthUserInfo {
|
|
|
129
131
|
organizationId?: string | null | undefined;
|
|
130
132
|
subscription?: FFIDOAuthUserInfoSubscription | undefined;
|
|
131
133
|
}
|
|
134
|
+
/** Options for verifyAccessToken */
|
|
135
|
+
interface FFIDVerifyAccessTokenOptions {
|
|
136
|
+
/**
|
|
137
|
+
* When true, fetches profile info (email, name, picture) via introspect API
|
|
138
|
+
* after local JWT verification. No effect when verifyStrategy is 'introspect'
|
|
139
|
+
* (profile is always included).
|
|
140
|
+
* Requires {@link FFIDConfig.serviceApiKey} to be configured when using jwt strategy.
|
|
141
|
+
* @default false
|
|
142
|
+
*/
|
|
143
|
+
includeProfile?: boolean;
|
|
144
|
+
}
|
|
132
145
|
/**
|
|
133
146
|
* SDK configuration options
|
|
134
147
|
*/
|
|
@@ -156,7 +169,7 @@ interface FFIDConfig {
|
|
|
156
169
|
/** Callback on authentication error */
|
|
157
170
|
onError?: ((error: FFIDError) => void) | undefined;
|
|
158
171
|
/** Authentication mode: 'cookie' (default), 'token' (OAuth Bearer), or 'service-key' (server-to-server) */
|
|
159
|
-
authMode?:
|
|
172
|
+
authMode?: FFIDAuthMode | undefined;
|
|
160
173
|
/** Client ID for token mode (defaults to serviceCode if not set) */
|
|
161
174
|
clientId?: string | undefined;
|
|
162
175
|
/** Custom redirect URI for OAuth flow (defaults to window.location.origin + window.location.pathname) */
|
|
@@ -168,14 +181,16 @@ interface FFIDConfig {
|
|
|
168
181
|
* - 'jwt': Local JWT verification via JWKS (default, lower latency)
|
|
169
182
|
* - 'introspect': Remote introspection via /api/v1/oauth/introspect
|
|
170
183
|
*
|
|
171
|
-
* JWT verification returns limited claims (no email/name/picture/subscription).
|
|
172
|
-
* Use 'introspect' if you need full user profile data
|
|
184
|
+
* JWT verification returns limited claims (no email/name/picture/subscription) by default.
|
|
185
|
+
* Use 'introspect' if you always need full user profile data, or pass
|
|
186
|
+
* { includeProfile: true } to verifyAccessToken() for on-demand profile fetching.
|
|
173
187
|
*/
|
|
174
188
|
verifyStrategy?: 'jwt' | 'introspect' | undefined;
|
|
175
189
|
/**
|
|
176
190
|
* Cache configuration for token verification results.
|
|
177
191
|
* When set, introspect/userinfo responses are cached to reduce API calls.
|
|
178
|
-
*
|
|
192
|
+
* Effective in service-key mode with verifyStrategy: 'introspect',
|
|
193
|
+
* or with verifyStrategy: 'jwt' when includeProfile: true is used.
|
|
179
194
|
*/
|
|
180
195
|
cache?: FFIDCacheConfig | undefined;
|
|
181
196
|
/**
|
|
@@ -332,7 +347,7 @@ declare function createTokenStore(storageType?: 'localStorage' | 'memory'): Toke
|
|
|
332
347
|
declare function createFFIDClient(config: FFIDConfig): {
|
|
333
348
|
getSession: () => Promise<FFIDApiResponse<FFIDSessionResponse>>;
|
|
334
349
|
signOut: () => Promise<FFIDApiResponse<void>>;
|
|
335
|
-
redirectToLogin: () => boolean
|
|
350
|
+
redirectToLogin: () => Promise<boolean>;
|
|
336
351
|
getLoginUrl: (redirectUrl?: string) => string;
|
|
337
352
|
getSignupUrl: (redirectUrl?: string) => string;
|
|
338
353
|
createError: (code: string, message: string) => FFIDError;
|
|
@@ -344,11 +359,11 @@ declare function createFFIDClient(config: FFIDConfig): {
|
|
|
344
359
|
}) => Promise<FFIDApiResponse<FFIDSubscriptionCheckResponse>>;
|
|
345
360
|
createCheckoutSession: (params: FFIDCreateCheckoutParams) => Promise<FFIDApiResponse<FFIDCheckoutSessionResponse>>;
|
|
346
361
|
createPortalSession: (params: FFIDCreatePortalParams) => Promise<FFIDApiResponse<FFIDPortalSessionResponse>>;
|
|
347
|
-
verifyAccessToken: (accessToken: string) => Promise<FFIDApiResponse<FFIDOAuthUserInfo>>;
|
|
362
|
+
verifyAccessToken: (accessToken: string, options?: FFIDVerifyAccessTokenOptions) => Promise<FFIDApiResponse<FFIDOAuthUserInfo>>;
|
|
348
363
|
/** Token store (token mode only) */
|
|
349
364
|
tokenStore: TokenStore;
|
|
350
365
|
/** Resolved auth mode */
|
|
351
|
-
authMode:
|
|
366
|
+
authMode: FFIDAuthMode;
|
|
352
367
|
/** Resolved logger instance */
|
|
353
368
|
logger: FFIDLogger;
|
|
354
369
|
baseUrl: string;
|
|
@@ -388,7 +403,7 @@ interface VerifyAccessTokenDeps {
|
|
|
388
403
|
* - 'jwt': Local JWT verification via JWKS (default, lower latency)
|
|
389
404
|
* - 'introspect': Remote token introspection (full user profile data)
|
|
390
405
|
*/
|
|
391
|
-
declare function createVerifyAccessToken(deps: VerifyAccessTokenDeps): (accessToken: string) => Promise<FFIDApiResponse<FFIDOAuthUserInfo>>;
|
|
406
|
+
declare function createVerifyAccessToken(deps: VerifyAccessTokenDeps): (accessToken: string, options?: FFIDVerifyAccessTokenOptions) => Promise<FFIDApiResponse<FFIDOAuthUserInfo>>;
|
|
392
407
|
|
|
393
408
|
/**
|
|
394
409
|
* Create an in-memory cache adapter using a Map.
|
|
@@ -413,4 +428,4 @@ interface KVNamespaceLike {
|
|
|
413
428
|
*/
|
|
414
429
|
declare function createKVCacheAdapter(kv: KVNamespaceLike): FFIDCacheAdapter;
|
|
415
430
|
|
|
416
|
-
export { type FFIDCacheAdapter, type FFIDCacheConfig, type FFIDClient, type FFIDConfig, type FFIDOAuthUserInfo, type FFIDOrganization, type FFIDSubscription, type FFIDUser, type KVNamespaceLike, type TokenData, type TokenStore, createFFIDClient, createKVCacheAdapter, createMemoryCacheAdapter, createTokenStore, createVerifyAccessToken };
|
|
431
|
+
export { type FFIDCacheAdapter, type FFIDCacheConfig, type FFIDClient, type FFIDConfig, type FFIDOAuthUserInfo, type FFIDOrganization, type FFIDSubscription, type FFIDUser, type FFIDVerifyAccessTokenOptions, type KVNamespaceLike, type TokenData, type TokenStore, createFFIDClient, createKVCacheAdapter, createMemoryCacheAdapter, createTokenStore, createVerifyAccessToken };
|