@flashbacktech/flashbackclient 0.1.74 → 0.1.76
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api/client.d.ts +13 -0
- package/dist/api/client.js +42 -0
- package/dist/api/index.d.ts +2 -1
- package/dist/api/index.js +3 -1
- package/dist/api/types/auth.d.ts +1 -1
- package/dist/api/types/mfa.d.ts +232 -0
- package/dist/api/types/mfa.js +25 -0
- package/package.json +1 -1
package/dist/api/client.d.ts
CHANGED
|
@@ -6,6 +6,7 @@ import { NodeInfo } from './types/bridge';
|
|
|
6
6
|
import { QuotaResponse } from './types/quota';
|
|
7
7
|
import { DeviceListResponse, DeviceDetailsResponse, SessionListResponse, TrustDeviceRequest, TrustDeviceResponse, UntrustDeviceResponse, RemoveDeviceResponse, RevokeSessionResponse, RevokeAllSessionsResponse, SessionHeartbeatResponse, DeviceInfo } from './types/device';
|
|
8
8
|
import { BuySubscriptionRequest, BuySubscriptionResponse, GetSubscriptionsResponse, MySubscriptionResponse, PaymentsListResponse, PaymentsQueryParams, CancelSubscriptionResponse } from './types/subscriptions';
|
|
9
|
+
import { MFAMethodsResponse, MFASetupRequest, MFASetupResponse, MFAStatusResponse, MFAVerificationSetupRequest, MFAVerificationSetupResponse, MFAEnableRequest, MFAEnableResponse, MFADisableResponse, MFAPrimaryRequest, MFAPrimaryResponse, MFAResetResponse, MFAOrganizationEnforceRequest, MFAOrganizationEnforceResponse, MagicLinkSendResponse, PasskeyAuthOptionsResult, PasskeyCompleteRegistrationRequest, PasskeyCompleteRegistrationResponse } from './types/mfa';
|
|
9
10
|
interface ErrorResponse {
|
|
10
11
|
message?: string;
|
|
11
12
|
[key: string]: any;
|
|
@@ -120,5 +121,17 @@ export declare class ApiClient implements IApiClient {
|
|
|
120
121
|
revokeSession: (sessionId: string) => Promise<RevokeSessionResponse>;
|
|
121
122
|
revokeAllSessions: () => Promise<RevokeAllSessionsResponse>;
|
|
122
123
|
updateSessionHeartbeat: (sessionId: string) => Promise<SessionHeartbeatResponse>;
|
|
124
|
+
getMFAStatus: () => Promise<MFAStatusResponse>;
|
|
125
|
+
getAvailableMethods: () => Promise<MFAMethodsResponse>;
|
|
126
|
+
setupMFA: (request: MFASetupRequest) => Promise<MFASetupResponse>;
|
|
127
|
+
verifyMFASetup: (request: MFAVerificationSetupRequest) => Promise<MFAVerificationSetupResponse>;
|
|
128
|
+
enableMFA: (request: MFAEnableRequest) => Promise<MFAEnableResponse>;
|
|
129
|
+
disableMFA: (request: MFAEnableRequest) => Promise<MFADisableResponse>;
|
|
130
|
+
setPrimaryMFA: (request: MFAPrimaryRequest) => Promise<MFAPrimaryResponse>;
|
|
131
|
+
resetMFA: () => Promise<MFAResetResponse>;
|
|
132
|
+
enforceOrganizationMFA: (request: MFAOrganizationEnforceRequest) => Promise<MFAOrganizationEnforceResponse>;
|
|
133
|
+
sendMagicLink: () => Promise<MagicLinkSendResponse>;
|
|
134
|
+
getPasskeyAuthOptions: () => Promise<PasskeyAuthOptionsResult>;
|
|
135
|
+
completePasskeyRegistration: (request: PasskeyCompleteRegistrationRequest) => Promise<PasskeyCompleteRegistrationResponse>;
|
|
123
136
|
}
|
|
124
137
|
export {};
|
package/dist/api/client.js
CHANGED
|
@@ -334,6 +334,48 @@ class ApiClient {
|
|
|
334
334
|
this.updateSessionHeartbeat = async (sessionId) => {
|
|
335
335
|
return this.makeRequest(`sessions/${sessionId}/heartbeat`, 'POST', null);
|
|
336
336
|
};
|
|
337
|
+
////// MFA Status & Methods API
|
|
338
|
+
this.getMFAStatus = async () => {
|
|
339
|
+
return this.makeRequest('mfa/status', 'GET', null);
|
|
340
|
+
};
|
|
341
|
+
this.getAvailableMethods = async () => {
|
|
342
|
+
return this.makeRequest('mfa/methods', 'GET', null);
|
|
343
|
+
};
|
|
344
|
+
////// MFA Setup & Verification API
|
|
345
|
+
this.setupMFA = async (request) => {
|
|
346
|
+
return this.makeRequest('mfa/setup', 'POST', request);
|
|
347
|
+
};
|
|
348
|
+
this.verifyMFASetup = async (request) => {
|
|
349
|
+
return this.makeRequest('mfa/verify-setup', 'POST', request);
|
|
350
|
+
};
|
|
351
|
+
////// MFA Management API
|
|
352
|
+
this.enableMFA = async (request) => {
|
|
353
|
+
return this.makeRequest('mfa/enable', 'POST', request);
|
|
354
|
+
};
|
|
355
|
+
this.disableMFA = async (request) => {
|
|
356
|
+
return this.makeRequest('mfa/disable', 'POST', request);
|
|
357
|
+
};
|
|
358
|
+
this.setPrimaryMFA = async (request) => {
|
|
359
|
+
return this.makeRequest('mfa/primary', 'POST', request);
|
|
360
|
+
};
|
|
361
|
+
this.resetMFA = async () => {
|
|
362
|
+
return this.makeRequest('mfa/reset', 'POST', null);
|
|
363
|
+
};
|
|
364
|
+
////// Organization MFA API
|
|
365
|
+
this.enforceOrganizationMFA = async (request) => {
|
|
366
|
+
return this.makeRequest('mfa/organization/enforce', 'POST', request);
|
|
367
|
+
};
|
|
368
|
+
////// Magic Link MFA API
|
|
369
|
+
this.sendMagicLink = async () => {
|
|
370
|
+
return this.makeRequest('mfa/magic-link/send', 'POST', null);
|
|
371
|
+
};
|
|
372
|
+
////// Passkey MFA API
|
|
373
|
+
this.getPasskeyAuthOptions = async () => {
|
|
374
|
+
return this.makeRequest('mfa/passkey/auth-options', 'POST', null);
|
|
375
|
+
};
|
|
376
|
+
this.completePasskeyRegistration = async (request) => {
|
|
377
|
+
return this.makeRequest('mfa/passkey/complete-registration', 'POST', request);
|
|
378
|
+
};
|
|
337
379
|
this.baseURL = baseURL;
|
|
338
380
|
this.headers = {};
|
|
339
381
|
this.debug = false;
|
package/dist/api/index.d.ts
CHANGED
|
@@ -8,4 +8,5 @@ import * as EmailTypes from './types/email';
|
|
|
8
8
|
import * as QuotaTypes from './types/quota';
|
|
9
9
|
import * as SubscriptionTypes from './types/subscriptions';
|
|
10
10
|
import * as DeviceTypes from './types/device';
|
|
11
|
-
|
|
11
|
+
import * as MFATypes from './types/mfa';
|
|
12
|
+
export { ApiClient, ApiTypes, AuthTypes, StatsTypes, ApiInterfaces, HttpError, BridgeTypes, EmailTypes, QuotaTypes, SubscriptionTypes, DeviceTypes, MFATypes };
|
package/dist/api/index.js
CHANGED
|
@@ -33,7 +33,7 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
33
33
|
};
|
|
34
34
|
})();
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
-
exports.DeviceTypes = exports.SubscriptionTypes = exports.QuotaTypes = exports.EmailTypes = exports.BridgeTypes = exports.HttpError = exports.ApiInterfaces = exports.StatsTypes = exports.AuthTypes = exports.ApiTypes = exports.ApiClient = void 0;
|
|
36
|
+
exports.MFATypes = exports.DeviceTypes = exports.SubscriptionTypes = exports.QuotaTypes = exports.EmailTypes = exports.BridgeTypes = exports.HttpError = exports.ApiInterfaces = exports.StatsTypes = exports.AuthTypes = exports.ApiTypes = exports.ApiClient = void 0;
|
|
37
37
|
const client_1 = require("./client");
|
|
38
38
|
Object.defineProperty(exports, "ApiClient", { enumerable: true, get: function () { return client_1.ApiClient; } });
|
|
39
39
|
Object.defineProperty(exports, "HttpError", { enumerable: true, get: function () { return client_1.HttpError; } });
|
|
@@ -55,3 +55,5 @@ const SubscriptionTypes = __importStar(require("./types/subscriptions"));
|
|
|
55
55
|
exports.SubscriptionTypes = SubscriptionTypes;
|
|
56
56
|
const DeviceTypes = __importStar(require("./types/device"));
|
|
57
57
|
exports.DeviceTypes = DeviceTypes;
|
|
58
|
+
const MFATypes = __importStar(require("./types/mfa"));
|
|
59
|
+
exports.MFATypes = MFATypes;
|
package/dist/api/types/auth.d.ts
CHANGED
|
@@ -0,0 +1,232 @@
|
|
|
1
|
+
import { DeviceInfo } from "./device";
|
|
2
|
+
export declare enum MFAType {
|
|
3
|
+
GOOGLE_AUTH = "GOOGLE_AUTH",
|
|
4
|
+
MAGIC_LINK = "MAGIC_LINK",
|
|
5
|
+
PASSKEY = "PASSKEY"
|
|
6
|
+
}
|
|
7
|
+
export declare enum MFAAttemptType {
|
|
8
|
+
VERIFICATION = "VERIFICATION",
|
|
9
|
+
SETUP = "SETUP",
|
|
10
|
+
DISABLE = "DISABLE"
|
|
11
|
+
}
|
|
12
|
+
export interface PasskeyCredential {
|
|
13
|
+
id: string;
|
|
14
|
+
rawId: string;
|
|
15
|
+
response: {
|
|
16
|
+
clientDataJSON: string;
|
|
17
|
+
authenticatorData: string;
|
|
18
|
+
signature: string;
|
|
19
|
+
userHandle?: string;
|
|
20
|
+
};
|
|
21
|
+
type: 'public-key';
|
|
22
|
+
}
|
|
23
|
+
export interface PasskeyRegistrationCredential {
|
|
24
|
+
id: string;
|
|
25
|
+
rawId: string;
|
|
26
|
+
response: {
|
|
27
|
+
clientDataJSON: string;
|
|
28
|
+
attestationObject: string;
|
|
29
|
+
};
|
|
30
|
+
type: 'public-key';
|
|
31
|
+
}
|
|
32
|
+
export interface PasskeyAuthenticationCredential {
|
|
33
|
+
id: string;
|
|
34
|
+
rawId: string;
|
|
35
|
+
response: {
|
|
36
|
+
clientDataJSON: string;
|
|
37
|
+
authenticatorData: string;
|
|
38
|
+
signature: string;
|
|
39
|
+
userHandle?: string;
|
|
40
|
+
};
|
|
41
|
+
type: 'public-key';
|
|
42
|
+
}
|
|
43
|
+
export interface PasskeyChallengeOptions {
|
|
44
|
+
challenge: string;
|
|
45
|
+
rpId: string;
|
|
46
|
+
userVerification?: 'required' | 'preferred' | 'discouraged';
|
|
47
|
+
timeout?: number;
|
|
48
|
+
}
|
|
49
|
+
export interface PasskeyRegistrationOptions extends PasskeyChallengeOptions {
|
|
50
|
+
rp: {
|
|
51
|
+
name: string;
|
|
52
|
+
id: string;
|
|
53
|
+
};
|
|
54
|
+
user: {
|
|
55
|
+
id: string;
|
|
56
|
+
name: string;
|
|
57
|
+
displayName: string;
|
|
58
|
+
};
|
|
59
|
+
pubKeyCredParams: Array<{
|
|
60
|
+
type: 'public-key';
|
|
61
|
+
alg: number;
|
|
62
|
+
}>;
|
|
63
|
+
authenticatorSelection?: {
|
|
64
|
+
authenticatorAttachment?: 'platform' | 'cross-platform';
|
|
65
|
+
residentKey?: 'required' | 'preferred' | 'discouraged';
|
|
66
|
+
userVerification?: 'required' | 'preferred' | 'discouraged';
|
|
67
|
+
};
|
|
68
|
+
attestation?: 'none' | 'indirect' | 'direct';
|
|
69
|
+
}
|
|
70
|
+
export interface MFASetupRequest {
|
|
71
|
+
mfaType: MFAType;
|
|
72
|
+
email?: string;
|
|
73
|
+
deviceInfo?: DeviceInfo;
|
|
74
|
+
}
|
|
75
|
+
export interface MFAVerificationRequest {
|
|
76
|
+
mfaType: MFAType;
|
|
77
|
+
code?: string;
|
|
78
|
+
token?: string;
|
|
79
|
+
credential?: PasskeyAuthenticationCredential;
|
|
80
|
+
sessionId?: string;
|
|
81
|
+
ipAddress?: string;
|
|
82
|
+
userAgent?: string;
|
|
83
|
+
}
|
|
84
|
+
export interface MFAVerificationSetupRequest {
|
|
85
|
+
mfaType: MFAType;
|
|
86
|
+
code?: string;
|
|
87
|
+
credential?: PasskeyRegistrationCredential;
|
|
88
|
+
}
|
|
89
|
+
export interface MFAEnableRequest {
|
|
90
|
+
mfaType: MFAType;
|
|
91
|
+
}
|
|
92
|
+
export interface MFAPrimaryRequest {
|
|
93
|
+
mfaType: MFAType;
|
|
94
|
+
}
|
|
95
|
+
export interface MFAResetRequest {
|
|
96
|
+
_placeholder?: never;
|
|
97
|
+
}
|
|
98
|
+
export interface MFAOrganizationEnforceRequest {
|
|
99
|
+
enforced: boolean;
|
|
100
|
+
}
|
|
101
|
+
export interface PasskeyCompleteRegistrationRequest {
|
|
102
|
+
credential: PasskeyRegistrationCredential;
|
|
103
|
+
challenge: string;
|
|
104
|
+
}
|
|
105
|
+
export interface MFAVerificationResult {
|
|
106
|
+
success: boolean;
|
|
107
|
+
mfaMethod: MFAType;
|
|
108
|
+
metadata?: Record<string, unknown>;
|
|
109
|
+
error?: string;
|
|
110
|
+
}
|
|
111
|
+
export interface MFASetupResult {
|
|
112
|
+
success: boolean;
|
|
113
|
+
setupData?: Record<string, unknown>;
|
|
114
|
+
error?: string;
|
|
115
|
+
}
|
|
116
|
+
export interface MFAStatus {
|
|
117
|
+
isEnabled: boolean;
|
|
118
|
+
isRequired: boolean;
|
|
119
|
+
isEnforced: boolean;
|
|
120
|
+
enabledMethods: MFAType[];
|
|
121
|
+
primaryMethod?: MFAType;
|
|
122
|
+
}
|
|
123
|
+
export interface MFAVerificationSetupResult {
|
|
124
|
+
success: boolean;
|
|
125
|
+
message?: string;
|
|
126
|
+
error?: string;
|
|
127
|
+
}
|
|
128
|
+
export interface MFAEnableResult {
|
|
129
|
+
success: boolean;
|
|
130
|
+
message?: string;
|
|
131
|
+
error?: string;
|
|
132
|
+
}
|
|
133
|
+
export interface MFADisableResult {
|
|
134
|
+
success: boolean;
|
|
135
|
+
message?: string;
|
|
136
|
+
error?: string;
|
|
137
|
+
}
|
|
138
|
+
export interface MFAPrimaryResult {
|
|
139
|
+
success: boolean;
|
|
140
|
+
message?: string;
|
|
141
|
+
error?: string;
|
|
142
|
+
}
|
|
143
|
+
export interface MFAResetResult {
|
|
144
|
+
success: boolean;
|
|
145
|
+
message?: string;
|
|
146
|
+
error?: string;
|
|
147
|
+
}
|
|
148
|
+
export interface MFAOrganizationEnforceResult {
|
|
149
|
+
success: boolean;
|
|
150
|
+
message?: string;
|
|
151
|
+
error?: string;
|
|
152
|
+
}
|
|
153
|
+
export interface GoogleAuthSetupData {
|
|
154
|
+
secret: string;
|
|
155
|
+
qrCode: string;
|
|
156
|
+
backupCodes: string[];
|
|
157
|
+
}
|
|
158
|
+
export interface MagicLinkSetupData {
|
|
159
|
+
email: string;
|
|
160
|
+
verificationRequired: boolean;
|
|
161
|
+
}
|
|
162
|
+
export interface PasskeySetupData {
|
|
163
|
+
challenge: PasskeyRegistrationOptions;
|
|
164
|
+
rpName: string;
|
|
165
|
+
userName: string;
|
|
166
|
+
}
|
|
167
|
+
export interface PasskeyAuthOptionsResult {
|
|
168
|
+
success: boolean;
|
|
169
|
+
data?: PasskeyChallengeOptions;
|
|
170
|
+
error?: string;
|
|
171
|
+
}
|
|
172
|
+
export interface PasskeyCompleteRegistrationResult {
|
|
173
|
+
success: boolean;
|
|
174
|
+
message?: string;
|
|
175
|
+
error?: string;
|
|
176
|
+
}
|
|
177
|
+
export interface MFAConfig {
|
|
178
|
+
maxAttempts: number;
|
|
179
|
+
lockoutDuration: number;
|
|
180
|
+
backupCodeCount: number;
|
|
181
|
+
totpWindow: number;
|
|
182
|
+
magicLinkExpiry: number;
|
|
183
|
+
}
|
|
184
|
+
export declare const DEFAULT_MFA_CONFIG: MFAConfig;
|
|
185
|
+
export interface MFAChallenge {
|
|
186
|
+
challengeId: string;
|
|
187
|
+
userId: string;
|
|
188
|
+
mfaType: MFAType;
|
|
189
|
+
expiresAt: Date;
|
|
190
|
+
metadata?: Record<string, unknown>;
|
|
191
|
+
}
|
|
192
|
+
export interface MFAVerificationChallenge {
|
|
193
|
+
challengeId: string;
|
|
194
|
+
userId: string;
|
|
195
|
+
mfaType: MFAType;
|
|
196
|
+
expiresAt: Date;
|
|
197
|
+
attempts: number;
|
|
198
|
+
maxAttempts: number;
|
|
199
|
+
isLocked: boolean;
|
|
200
|
+
lockoutUntil?: Date;
|
|
201
|
+
}
|
|
202
|
+
export interface MFAAttemptLog {
|
|
203
|
+
userId: string;
|
|
204
|
+
mfaType: MFAType;
|
|
205
|
+
attemptType: MFAAttemptType;
|
|
206
|
+
success: boolean;
|
|
207
|
+
ipAddress?: string;
|
|
208
|
+
userAgent?: string;
|
|
209
|
+
metadata?: Record<string, unknown>;
|
|
210
|
+
}
|
|
211
|
+
export interface APIResponse<T = unknown> {
|
|
212
|
+
success: boolean;
|
|
213
|
+
data?: T;
|
|
214
|
+
message?: string;
|
|
215
|
+
error?: string;
|
|
216
|
+
}
|
|
217
|
+
export type MFAStatusResponse = APIResponse<MFAStatus>;
|
|
218
|
+
export type MFAMethodsResponse = APIResponse<MFAType[]>;
|
|
219
|
+
export type MFASetupResponse = APIResponse<Record<string, unknown>>;
|
|
220
|
+
export type MFAVerificationSetupResponse = APIResponse<MFAVerificationSetupResult>;
|
|
221
|
+
export type MFAEnableResponse = APIResponse<MFAEnableResult>;
|
|
222
|
+
export type MFADisableResponse = APIResponse<MFADisableResult>;
|
|
223
|
+
export type MFAPrimaryResponse = APIResponse<MFAPrimaryResult>;
|
|
224
|
+
export type MFAResetResponse = APIResponse<MFAResetResult>;
|
|
225
|
+
export type MFAOrganizationEnforceResponse = APIResponse<MFAOrganizationEnforceResult>;
|
|
226
|
+
export type PasskeyAuthOptionsResponse = APIResponse<PasskeyChallengeOptions>;
|
|
227
|
+
export type PasskeyCompleteRegistrationResponse = APIResponse<PasskeyCompleteRegistrationResult>;
|
|
228
|
+
export type MagicLinkSendResponse = APIResponse<{
|
|
229
|
+
message: string;
|
|
230
|
+
}>;
|
|
231
|
+
export type MFAMethodType = 'GOOGLE_AUTH' | 'MAGIC_LINK' | 'PASSKEY';
|
|
232
|
+
export type MFAAttemptTypeEnum = 'VERIFICATION' | 'SETUP' | 'DISABLE';
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.DEFAULT_MFA_CONFIG = exports.MFAAttemptType = exports.MFAType = void 0;
|
|
4
|
+
// ============================================================================
|
|
5
|
+
// SELF-CONTAINED ENUM DEFINITIONS (Mirror Prisma but independent)
|
|
6
|
+
// ============================================================================
|
|
7
|
+
var MFAType;
|
|
8
|
+
(function (MFAType) {
|
|
9
|
+
MFAType["GOOGLE_AUTH"] = "GOOGLE_AUTH";
|
|
10
|
+
MFAType["MAGIC_LINK"] = "MAGIC_LINK";
|
|
11
|
+
MFAType["PASSKEY"] = "PASSKEY";
|
|
12
|
+
})(MFAType || (exports.MFAType = MFAType = {}));
|
|
13
|
+
var MFAAttemptType;
|
|
14
|
+
(function (MFAAttemptType) {
|
|
15
|
+
MFAAttemptType["VERIFICATION"] = "VERIFICATION";
|
|
16
|
+
MFAAttemptType["SETUP"] = "SETUP";
|
|
17
|
+
MFAAttemptType["DISABLE"] = "DISABLE";
|
|
18
|
+
})(MFAAttemptType || (exports.MFAAttemptType = MFAAttemptType = {}));
|
|
19
|
+
exports.DEFAULT_MFA_CONFIG = {
|
|
20
|
+
maxAttempts: 5,
|
|
21
|
+
lockoutDuration: 15,
|
|
22
|
+
backupCodeCount: 10,
|
|
23
|
+
totpWindow: 2, // Allow 2 time steps before/after current time
|
|
24
|
+
magicLinkExpiry: 10,
|
|
25
|
+
};
|