@frontegg/rest-api 2.10.90 → 3.0.1

package/dist/auth/index.js

@@ -1,1042 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __rest = (this && this.__rest) || function (s, e) {
-    var t = {};
-    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
-        t[p] = s[p];
-    if (s != null && typeof Object.getOwnPropertySymbols === "function")
-        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
-            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
-                t[p[i]] = s[p[i]];
-        }
-    return t;
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.updateTenantApiTokensData = exports.updateUserApiTokensData = exports.getTenantApiTokensData = exports.getUserApiTokensData = exports.deleteAllSessionsForUser = exports.deleteSessionForUser = exports.createOrUpdateSessionConfigrations = exports.getSessionConfigurations = exports.getCurrentUserSessions = exports.signUpUser = exports.getVendorConfig = exports.loginViaSocialLogin = exports.getSocialLoginProvidersV2 = exports.getSocialLoginProviders = exports.getSSOPublicConfiguration = exports.getOidcConfiguration = exports.deleteSamlGroup = exports.updateSamlGroup = exports.createSamlGroup = exports.updateSamlRoles = exports.getSamlRolesGroups = exports.getSamlRoles = exports.validateSamlDomain = exports.updateSamlVendorMetadata = exports.getSamlVendorConfiguration = exports.updateSamlConfiguration = exports.getSamlConfiguration = exports.disableMfa = exports.verifyMfa = exports.enrollMfa = exports.recoverMfaToken = exports.loadPasswordConfig = exports.resetPassword = exports.forgotPassword = exports.logout = exports.refreshTokenV2 = exports.refreshToken = exports.acceptInvitation = exports.resendActivationEmail = exports.getActivateAccountStrategy = exports.activateAccount = exports.loginWithMfa = exports.login = exports.oidcPostLogin = exports.postLogin = exports.preLoginWithIdpType = exports.preLogin = exports.generateLoginResponseFromOAuthResponse = exports.generateLoginResponseV2 = exports.generateLoginResponse = void 0;
-exports.getVendorPublicAuthStrategiesConfig = exports.verifyNewDeviceSession = exports.webAuthnCreateNewDeviceSession = exports.webAuthnPostLogin = exports.webAuthnPreLogin = exports.changePhoneNumber = exports.verifyChangePhoneNumber = exports.changePhoneNumberWithVerification = exports.verifyResetPhoneNumber = exports.resetPhoneNumber = exports.exchangeOAuthTokens = exports.oidcPostLoginV2 = exports.preLoginV2 = exports.getSSOGroups = exports.deleteSSOGroup = exports.updateSSOGroup = exports.createSSOGroup = exports.setSSODefaultRoles = exports.getSSODefaultRoles = exports.validateSSODomain = exports.deleteSSODomain = exports.createSSODomain = exports.updateSSOConfigurationByMetadata = exports.createSSOConfigurationByMetadata = exports.deleteSSOConfiguration = exports.updateSSOConfiguration = exports.createSSOConfiguration = exports.getSSOConfigurations = exports.verifyInviteToken = exports.passwordlessPostLogin = exports.passwordlessPreLogin = exports.checkIfAllowToRememberMfaDevice = exports.getUserById = exports.deleteUserApiToken = exports.deleteTenantApiToken = void 0;
-const tenants_1 = require("../tenants");
-__exportStar(require("./secutiry-poilicy"), exports);
-__exportStar(require("./enums"), exports);
-const constants_1 = require("../constants");
-const ContextHolder_1 = require("../ContextHolder");
-const fetch_1 = require("../fetch");
-const jwt_1 = require("../jwt");
-/*****************************************
- * Authentication
- *****************************************/
-function generateLoginResponse(loginResponse) {
-    return __awaiter(this, void 0, void 0, function* () {
-        if (!loginResponse.accessToken) {
-            return loginResponse;
-        }
-        ContextHolder_1.ContextHolder.setAccessToken(loginResponse.accessToken);
-        const me = yield fetch_1.Get(`${constants_1.urls.identity.users.v2}/me`);
-        const decodedContent = loginResponse.accessToken ? jwt_1.jwtDecode(loginResponse.accessToken) : {};
-        const user = Object.assign(Object.assign(Object.assign({}, loginResponse), decodedContent), me);
-        ContextHolder_1.ContextHolder.setUser(user);
-        return user;
-    });
-}
-exports.generateLoginResponse = generateLoginResponse;
-function generateLoginResponseV2(loginResponse) {
-    return __awaiter(this, void 0, void 0, function* () {
-        if (!loginResponse.accessToken) {
-            return { user: loginResponse };
-        }
-        ContextHolder_1.ContextHolder.setAccessToken(loginResponse.accessToken);
-        const [me, tenants] = yield Promise.all([fetch_1.Get(`${constants_1.urls.identity.users.v2}/me`), tenants_1.getTenants()]);
-        const decodedContent = loginResponse.accessToken ? jwt_1.jwtDecode(loginResponse.accessToken) : {};
-        const user = Object.assign(Object.assign(Object.assign({}, loginResponse), decodedContent), me);
-        ContextHolder_1.ContextHolder.setUser(user);
-        return { user, tenants };
-    });
-}
-exports.generateLoginResponseV2 = generateLoginResponseV2;
-function generateLoginResponseFromOAuthResponse(oauthResponse) {
-    return __awaiter(this, void 0, void 0, function* () {
-        ContextHolder_1.ContextHolder.setAccessToken(oauthResponse.id_token);
-        const me = yield fetch_1.Get(`${constants_1.urls.identity.users.v2}/me`);
-        const decodedContent = oauthResponse.id_token ? jwt_1.jwtDecode(oauthResponse.id_token) : {};
-        const user = Object.assign(Object.assign({ mfaRequired: false, accessToken: oauthResponse.id_token, refreshToken: oauthResponse.refresh_token }, decodedContent), me);
-        ContextHolder_1.ContextHolder.setUser(user);
-        return user;
-    });
-}
-exports.generateLoginResponseFromOAuthResponse = generateLoginResponseFromOAuthResponse;
-/**
- * Check if requested email address has sso configuration
- * If true, this function will return the sso address to navigate to
- * else, return null
- */
-function preLogin(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('preLogin()', body);
-        try {
-            const { address } = yield fetch_1.Post(`${constants_1.urls.identity.auth.v1}/user/saml/prelogin`, body);
-            return address;
-        }
-        catch (_a) {
-            return null;
-        }
-    });
-}
-exports.preLogin = preLogin;
-/**
- * Check if requested email address has sso configuration
- * If true, this function will return the sso address and IdpType to navigate to
- */
-function preLoginWithIdpType(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('preLoginWithIdpType()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.auth.v1}/user/saml/prelogin`, body);
-    });
-}
-exports.preLoginWithIdpType = preLoginWithIdpType;
-/**
- * After calling preLogin and navigated to SSO url, the IDP will redirect you to the ACS Url
- * Which configured in the SSO configuraation
- * else, return null
- */
-function postLogin(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('postLogin()');
-        const data = yield fetch_1.Post(`${constants_1.urls.identity.auth.v1}/user/saml/postlogin`, body);
-        return generateLoginResponse(data);
-    });
-}
-exports.postLogin = postLogin;
-/**
- * After calling preLogin and navigated to SSO url, the IDP will redirect you to the redirect url
- * with code and state
- */
-function oidcPostLogin(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('oidcPostLogin()');
-        const data = yield fetch_1.Post(`${constants_1.urls.identity.auth.v1}/user/oidc/postlogin`, body);
-        return generateLoginResponse(data);
-    });
-}
-exports.oidcPostLogin = oidcPostLogin;
-/**
- * login with username and password.
- * if the user has two factor authentication
- *    the server will return mfaToken with mfaRequired: true,
- *    and then ``loginWithMfa`` should be called with the mfaToken and and generated code
- * else, the server will accessToken and refreshToken.
- * the refresh should be used to renew your access token by calling ``refreshToken``
- *
- * @throw exception if login failed
- */
-function login(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('login()');
-        const data = yield fetch_1.Post(`${constants_1.urls.identity.auth.v1}/user`, body);
-        return generateLoginResponse(data);
-    });
-}
-exports.login = login;
-/**
- * after login succeeded with mfaRequired token response, this function should be called
- * with the mfaToken and the generated code from your authenticator app.
- *
- * @throw exception if generated code or mfaToken are incorrect
- */
-function loginWithMfa(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('loginWithMfa()');
-        const data = yield fetch_1.Post(`${constants_1.urls.identity.auth.v1}/user/mfa/verify`, body);
-        return generateLoginResponse(data);
-    });
-}
-exports.loginWithMfa = loginWithMfa;
-/**
- * activating account should be called after registering new user of deactivate account
- * ``activateAccount`` should contains userId and the token that has been sent to the user after activation requested.
- *
- * @throws exception if activation failed
- */
-function activateAccount(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('activateAccount()');
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/activate`, body);
-    });
-}
-exports.activateAccount = activateAccount;
-/**
- * get account activation configuration.
- */
-function getActivateAccountStrategy(params) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getActivateAccountStrategy()');
-        return fetch_1.Get(`${constants_1.urls.identity.users.v1}/activate/strategy`, params);
-    });
-}
-exports.getActivateAccountStrategy = getActivateAccountStrategy;
-/**
- * resend activation email should be called after a failed user activation.
- * ``resend activation email`` should contain  the user email.
- *
- * @throws exception if resend failed
- */
-function resendActivationEmail(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('resendActivationEmail()');
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/activate/reset`, body);
-    });
-}
-exports.resendActivationEmail = resendActivationEmail;
-/**
- * activating account should be called after registering new user of deactivate account
- * ``activateAccount`` should contains userId and the token that has been sent to the user after activation requested.
- *
- * @throws exception if activation failed
- */
-function acceptInvitation(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('acceptInvitation()');
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/invitation/accept`, body);
-    });
-}
-exports.acceptInvitation = acceptInvitation;
-/**
- * refresh token called as authenticated use, access and refresh tokens resolved by the cookies.
- * the server will return ILoginResponse with new access Token and refresh token and store it in the browser cookies.
- */
-function refreshToken() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('refreshToken()');
-        const data = yield fetch_1.Post(`${constants_1.urls.identity.auth.v1}/user/token/refresh`);
-        return generateLoginResponse(data);
-    });
-}
-exports.refreshToken = refreshToken;
-/**
- * refresh token called as authenticated use, access and refresh tokens resolved by the cookies.
- * the server will return ILoginResponseV2 with new access Token and refresh token and store it in the browser cookies, as well as the tenants.
- */
-function refreshTokenV2() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('refreshTokenV2()');
-        const data = yield fetch_1.Post(`${constants_1.urls.identity.auth.v1}/user/token/refresh`);
-        return generateLoginResponseV2(data);
-    });
-}
-exports.refreshTokenV2 = refreshTokenV2;
-/**
- * logout from server, invalidate access and refresh token, remove it from cookies.
- */
-function logout() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('logout()');
-        return fetch_1.Post(`${constants_1.urls.identity.auth.v1}/logout`);
-    });
-}
-exports.logout = logout;
-/**
- * calling forgot password request will send email with link to reset user's password.
- *
- * @throws exception if the user not found
- */
-function forgotPassword(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('forgotPassword()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/passwords/reset`, body);
-    });
-}
-exports.forgotPassword = forgotPassword;
-/**
- * reset password should be called after forget password request.
- * userId, new password and the token has been sent to the user email.
- *
- * @throws exception if the user not found, password validation failed or invalid token.
- */
-function resetPassword(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('resetPassword()');
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/passwords/reset/verify`, body);
-    });
-}
-exports.resetPassword = resetPassword;
-/**
- * load password configuration for user.
- */
-function loadPasswordConfig(params) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('loadPasswordConfig()');
-        return fetch_1.Get(`${constants_1.urls.identity.users.v1}/passwords/config`, params);
-    });
-}
-exports.loadPasswordConfig = loadPasswordConfig;
-/**
- * recover Multi-Factor authentication by providing the recoveryCode
- * that has been received when activated it
- *
- * @throws exception if recovery code is not valid
- */
-function recoverMfaToken(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('recoverMfaToken()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.auth.v1}/user/mfa/recover`, body);
-    });
-}
-exports.recoverMfaToken = recoverMfaToken;
-/**
- * Multi-Factor Settings
- */
-/**
- * enroll Multi-Factor Auth Code to use in 3rd party apps like Google Authenticator.
- * the server returns qrCode as png image in base64 format
- *
- * @throws exception if the user already have mfa-enabled
- * ``authorized user``
- */
-function enrollMfa() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('enrollMfa()');
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/mfa/enroll`);
-    });
-}
-exports.enrollMfa = enrollMfa;
-/**
- * after enrolling MFA QR code, verify function should be called
- * with the generated code in the Authenticator App
- *
- * @return recoveryCode to use to disable mfa if your device is lost, this code won't show it again.
- * @throws exception if the generated token is invalid
- * ``authorized user``
- */
-function verifyMfa(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('verifyMfa()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/mfa/enroll/verify`, body);
-    });
-}
-exports.verifyMfa = verifyMfa;
-/**
- * disable MFA by either passing the recoveryCode or the generated code from the Authenticator App.
- *
- * @throws exception if the generated token or the recoveryCode are incorrect.
- * * ``authorized user``
- */
-function disableMfa(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('disableMfa()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/mfa/disable`, body);
-    });
-}
-exports.disableMfa = disableMfa;
-/**
- * SSO Configurations
- */
-/**
- *  Retrieve SAML configurations from server by logged in user (tenantId, vendorId)
- *
- *  @return {enabled: false} if no saml configuration found. else ISamlConfiguration
- * * ``authorized user``
- */
-function getSamlConfiguration() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getSamlConfiguration()');
-        return fetch_1.Get(`${constants_1.urls.team.sso.v1}/saml/configurations`);
-    });
-}
-exports.getSamlConfiguration = getSamlConfiguration;
-/**
- *  Update SAML configuration by logged in user (tenantId, vendorId)
- * * ``authorized user``
- */
-function updateSamlConfiguration(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('updateSamlConfiguration()', body);
-        return fetch_1.Post(`${constants_1.urls.team.sso.v1}/saml/configurations`, body);
-    });
-}
-exports.updateSamlConfiguration = updateSamlConfiguration;
-/**
- *  Retrieve 'Vendor' Saml config from server by logged in user (tenantId, vendorId)
- *
- *  @throws exception 'ACS url information not found' if no saml vendor configuration found.
- * * ``authorized user``
- */
-function getSamlVendorConfiguration() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getSamlVendorConfiguration()');
-        return fetch_1.Get(`${constants_1.urls.team.sso.v1}/saml/configurations/vendor-config`);
-    });
-}
-exports.getSamlVendorConfiguration = getSamlVendorConfiguration;
-/**
- *  Update Vendor Saml metadata by logged in user (tenantId, vendorId)
- *
- *  @return {enabled: false} if no saml configuration found. else ISamlConfiguration
- * * ``authorized user``
- */
-function updateSamlVendorMetadata(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('updateSamlVendorMetadata()', body);
-        return fetch_1.Put(`${constants_1.urls.team.sso.v1}/saml/configurations/metadata`, body);
-    });
-}
-exports.updateSamlVendorMetadata = updateSamlVendorMetadata;
-/**
- *  Validate Saml configuration's domain by logged in user (tenantId, vendorId)
- *
- *  @return {enabled: false} if no saml configuration found. else ISamlConfiguration
- * * ``authorized user``
- */
-function validateSamlDomain() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('validateSamlDomain()');
-        return fetch_1.Put(`${constants_1.urls.team.sso.v1}/saml/validations/domain`);
-    });
-}
-exports.validateSamlDomain = validateSamlDomain;
-/**
- *  Get Saml roles for authorization
- * @return array of role IDs
- */
-function getSamlRoles() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getSamlRoles()');
-        return fetch_1.Get(`${constants_1.urls.team.sso.v1}/saml/configurations/roles/default`);
-    });
-}
-exports.getSamlRoles = getSamlRoles;
-/**
- *  Get Saml roles groups
- * @return array of groups and assigend role IDs
- */
-function getSamlRolesGroups() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getSamlRoles()');
-        return fetch_1.Get(`${constants_1.urls.team.sso.v2}/saml/configurations/groups`);
-    });
-}
-exports.getSamlRolesGroups = getSamlRolesGroups;
-/**
- *  Update Saml roles for authorization
- */
-function updateSamlRoles({ roleIds }) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('updateSamlRoles()');
-        return fetch_1.Post(`${constants_1.urls.team.sso.v1}/saml/configurations/roles/default`, { roleIds });
-    });
-}
-exports.updateSamlRoles = updateSamlRoles;
-/**
- *  Create Saml group roles for authorization
- */
-function createSamlGroup({ roleIds, group }) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('createSamlGroup()');
-        return fetch_1.Post(`${constants_1.urls.team.sso.v2}/saml/configurations/groups`, { group, roleIds });
-    });
-}
-exports.createSamlGroup = createSamlGroup;
-/**
- *  Update Saml group roles for authorization
- */
-function updateSamlGroup({ roleIds, group, id }) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('updateSamlGroup()');
-        return fetch_1.Patch(`${constants_1.urls.team.sso.v2}/saml/configurations/groups/${id}`, { group, roleIds });
-    });
-}
-exports.updateSamlGroup = updateSamlGroup;
-/**
- *  Delete Saml group
- */
-function deleteSamlGroup({ id }) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('deleteSamlGroup()');
-        return fetch_1.Delete(`${constants_1.urls.team.sso.v2}/saml/configurations/groups/${id}`);
-    });
-}
-exports.deleteSamlGroup = deleteSamlGroup;
-/**
- *  Retrieve OIDC configurations from server by logged in user (vendorId)
- *
- *  @return {active: true} if no oidc configuration found. else IOidcConfiguration
- * * ``authorized user``
- */
-function getOidcConfiguration() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getOidcConfiguration()');
-        return fetch_1.Get(`${constants_1.urls.team.sso.v1}/oidc/configurations`);
-    });
-}
-exports.getOidcConfiguration = getOidcConfiguration;
-/**
- *  Check if one or more saml/oidc configuration are active
- *
- **  @return {isActive: true/false}
- */
-function getSSOPublicConfiguration() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getSSOPublicConfiguration()');
-        return fetch_1.Get(`${constants_1.urls.team.sso.v2}/configurations/public`);
-    });
-}
-exports.getSSOPublicConfiguration = getSSOPublicConfiguration;
-/**
- *  Get social logins providers configurations for vendor
- * @return array of providers configurations
- */
-function getSocialLoginProviders() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getSocialLoginProviders()');
-        return fetch_1.Get(constants_1.urls.identity.sso.v1);
-    });
-}
-exports.getSocialLoginProviders = getSocialLoginProviders;
-/**
- *  Get social logins providers configurations V2 supports dev credentials as well
- * @return array of providers configurations
- */
-function getSocialLoginProvidersV2() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getSocialLoginProvidersV2()');
-        return fetch_1.Get(constants_1.urls.identity.sso.v2);
-    });
-}
-exports.getSocialLoginProvidersV2 = getSocialLoginProvidersV2;
-/**
- * Login using social login
- * @return cookie with refresh token
- */
-function loginViaSocialLogin({ provider, code, redirectUri, codeVerifier, metadata, invitationToken, state, }) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('loginViaSocialLogin()');
-        const params = { code };
-        if (redirectUri) {
-            params.redirectUri = redirectUri;
-        }
-        if (codeVerifier) {
-            params.code_verifier = codeVerifier;
-        }
-        if (state) {
-            params.state = state;
-        }
-        return fetch_1.Post(`${constants_1.urls.identity.auth.v1}/user/sso/${provider}/postlogin`, { metadata, invitationToken }, { params });
-    });
-}
-exports.loginViaSocialLogin = loginViaSocialLogin;
-/**
- * Get vendor secure access configuration
- */
-function getVendorConfig() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getVendorConfig()');
-        return fetch_1.Get(`${constants_1.urls.identity.configurations.v1}/public`);
-    });
-}
-exports.getVendorConfig = getVendorConfig;
-/**
- * Sign up new user
- * create new user with a new tenant
- */
-function signUpUser(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('signUpUser()', body);
-        const { shouldActivate, authResponse, userId, tenantId } = yield fetch_1.Post(`${constants_1.urls.identity.users.v1}/signUp`, body);
-        const loginResponse = !shouldActivate && authResponse ? yield generateLoginResponse(authResponse) : undefined;
-        return { shouldActivate, user: loginResponse, userId, tenantId };
-    });
-}
-exports.signUpUser = signUpUser;
-/**
- * Get all current user active sessions
- */
-function getCurrentUserSessions() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getCurrentUserSessions');
-        const sessions = yield fetch_1.Get(constants_1.urls.identity.users.sessions.currentUser.v1);
-        return sessions;
-    });
-}
-exports.getCurrentUserSessions = getCurrentUserSessions;
-/**
- * Get session configurations
- */
-function getSessionConfigurations() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getSessionConfigurations');
-        const sessionsConfigurations = yield fetch_1.Get(constants_1.urls.identity.users.sessions.configurations.v1);
-        return sessionsConfigurations;
-    });
-}
-exports.getSessionConfigurations = getSessionConfigurations;
-/**
- * Create or update session configurations
- */
-function createOrUpdateSessionConfigrations(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('createOrUpdateSessionConfigrations');
-        yield fetch_1.Post(constants_1.urls.identity.users.sessions.configurations.v1, body);
-    });
-}
-exports.createOrUpdateSessionConfigrations = createOrUpdateSessionConfigrations;
-/**
- * Delete user session
- */
-function deleteSessionForUser(id) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('deleteSessionForUser', id);
-        yield fetch_1.Delete(`${constants_1.urls.identity.users.sessions.currentUser.v1}/${id}`);
-    });
-}
-exports.deleteSessionForUser = deleteSessionForUser;
-/**
- * Delete all user sessions
- */
-function deleteAllSessionsForUser() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('deleteAllSessionsForUser');
-        yield fetch_1.Delete(`${constants_1.urls.identity.users.sessions.currentUser.v1}/all`);
-    });
-}
-exports.deleteAllSessionsForUser = deleteAllSessionsForUser;
-/**
- * Api tokens Configurations
- */
-/**
- * Get user api tokens data
- */
-function getUserApiTokensData() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getUserApiTokensData()');
-        return fetch_1.Get(constants_1.urls.identity.users.apiTokens.v1);
-    });
-}
-exports.getUserApiTokensData = getUserApiTokensData;
-/**
- * Get tenant api tokens data
- */
-function getTenantApiTokensData() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('geTenantApiTokensData()');
-        return fetch_1.Get(constants_1.urls.identity.tenants.apiTokens.v1);
-    });
-}
-exports.getTenantApiTokensData = getTenantApiTokensData;
-/**
- *  Update User Api Tokens
- */
-function updateUserApiTokensData(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('updateUserApiTokensData()', body);
-        return fetch_1.Post(constants_1.urls.identity.users.apiTokens.v1, body);
-    });
-}
-exports.updateUserApiTokensData = updateUserApiTokensData;
-/**
- * Update Tenant Api Tokens
- */
-function updateTenantApiTokensData(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('updateTenantApiTokensData()', body);
-        return fetch_1.Post(constants_1.urls.identity.tenants.apiTokens.v2, body);
-    });
-}
-exports.updateTenantApiTokensData = updateTenantApiTokensData;
-/**
- * Delete Tenant Api Token
- */
-function deleteTenantApiToken({ tokenId }) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('deleteTenantApiToken()', tokenId);
-        return fetch_1.Delete(`${constants_1.urls.identity.tenants.apiTokens.v1}/${tokenId}`);
-    });
-}
-exports.deleteTenantApiToken = deleteTenantApiToken;
-/**
- * Delete Tenant Api Token
- */
-function deleteUserApiToken({ tokenId }) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('deleteUserApiToken()', tokenId);
-        return fetch_1.Delete(`${constants_1.urls.identity.users.apiTokens.v1}/${tokenId}`);
-    });
-}
-exports.deleteUserApiToken = deleteUserApiToken;
-/**
- * Get Tenant Api Token Creator User
- */
-function getUserById({ userId }) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getUserById()');
-        return fetch_1.Get(`${constants_1.urls.identity.users.v1}/${userId}`);
-    });
-}
-exports.getUserById = getUserById;
-/**
- * Checks if remember MFA device is enabled for user.
- */
-function checkIfAllowToRememberMfaDevice(mfaToken) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('checkIfAllowToRememberMfaDevice()');
-        return fetch_1.Get(`${constants_1.urls.identity.configurations.v1}/mfa-policy/allow-remember-device`, { mfaToken });
-    });
-}
-exports.checkIfAllowToRememberMfaDevice = checkIfAllowToRememberMfaDevice;
-/**
- * Passwordless prelogin authentication
- */
-function passwordlessPreLogin(_a) {
-    var { type } = _a, body = __rest(_a, ["type"]);
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('passwordlessPrelogin()');
-        return fetch_1.Post(`${constants_1.urls.identity.auth.v1}/passwordless/${type.toLocaleLowerCase()}/prelogin`, body);
-    });
-}
-exports.passwordlessPreLogin = passwordlessPreLogin;
-function passwordlessPostLogin(_a) {
-    var { type } = _a, body = __rest(_a, ["type"]);
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('passwordlessPostLogin()');
-        return fetch_1.Post(`${constants_1.urls.identity.auth.v1}/passwordless/${type.toLocaleLowerCase()}/postlogin`, body);
-    });
-}
-exports.passwordlessPostLogin = passwordlessPostLogin;
-/**
- * Check if tenant invitation token is valid
- * @param token - invitation token
- * @returns tenant name
- */
-function verifyInviteToken({ token }) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('verifyInviteToken()');
-        return fetch_1.Post(constants_1.urls.identity.tenants.invites.verify.v1, { token });
-    });
-}
-exports.verifyInviteToken = verifyInviteToken;
-/**
- * SSO Configurations V1
- */
-/**
- *  Retrieve SSO configurations from server by logged in user (tenantId, vendorId)
- *
- *  @return ISSOConfiguration[]
- * * ``authorized user``
- */
-function getSSOConfigurations() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getSSOConfigurations()');
-        return fetch_1.Get(`${constants_1.urls.team.sso.v1}/configurations`);
-    });
-}
-exports.getSSOConfigurations = getSSOConfigurations;
-/**
- *  Create SSO configuration by logged in user (tenantId, vendorId)
- *
- *  @returns ISSOConfiguration
- * * ``authorized user``
- */
-function createSSOConfiguration(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('createSSOConfiguration()', body);
-        return fetch_1.Post(`${constants_1.urls.team.sso.v1}/configurations`, body);
-    });
-}
-exports.createSSOConfiguration = createSSOConfiguration;
-/**
- *  Update SSO configuration by logged in user (tenantId, vendorId)
- *
- *  @returns ISSOConfiguration
- * * ``authorized user``
- */
-function updateSSOConfiguration(ssoConfigId, body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('updateSSOConfiguration()', { body, ssoConfigId });
-        return fetch_1.Patch(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}`, body);
-    });
-}
-exports.updateSSOConfiguration = updateSSOConfiguration;
-/**
- *  Delete SSO configuration by logged in user (tenantId, vendorId)
- * * ``authorized user``
- */
-function deleteSSOConfiguration(ssoConfigId) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('deleteSSOConfiguration()', { ssoConfigId });
-        return fetch_1.Delete(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}`);
-    });
-}
-exports.deleteSSOConfiguration = deleteSSOConfiguration;
-/**
- *  Create SSO configuration by metadata by logged in user (tenantId, vendorId)
- *
- *  @returns ISSOConfiguration
- * * ``authorized user``
- */
-function createSSOConfigurationByMetadata(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('createSSOConfigurationByMetadata()', body);
-        return fetch_1.Post(`${constants_1.urls.team.sso.v1}/configurations/metadata`, body);
-    });
-}
-exports.createSSOConfigurationByMetadata = createSSOConfigurationByMetadata;
-/**
- *  Update SSO configuration by metadata by logged in user (tenantId, vendorId)
- *
- *  @returns ISSOConfiguration
- * * ``authorized user``
- */
-function updateSSOConfigurationByMetadata(ssoConfigId, body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('updateSSOConfigurationByMetadata()', { body, ssoConfigId });
-        return fetch_1.Put(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}/metadata`, body);
-    });
-}
-exports.updateSSOConfigurationByMetadata = updateSSOConfigurationByMetadata;
-/**
- *  Create SSO configuration domain by logged in user (tenantId, vendorId)
- *
- *  @returns ISSODomain
- * * ``authorized user``
- */
-function createSSODomain(ssoConfigId, body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('createSSODomain()', { body, ssoConfigId });
-        return fetch_1.Post(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}/domains`, body);
-    });
-}
-exports.createSSODomain = createSSODomain;
-/**
- *  Create SSO configuration domain by logged in user (tenantId, vendorId)
- * * ``authorized user``
- */
-function deleteSSODomain(ssoConfigId, domainId) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('deleteSSODomain()', { domainId, ssoConfigId });
-        return fetch_1.Delete(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}/domains/${domainId}`);
-    });
-}
-exports.deleteSSODomain = deleteSSODomain;
-/**
- *  Validate SSO configuration domain by logged in user (tenantId, vendorId)
- * * ``authorized user``
- */
-function validateSSODomain(ssoConfigId, domainId) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('validateSSODomain()', { domainId, ssoConfigId });
-        return fetch_1.Put(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}/domains/${domainId}/validate`);
-    });
-}
-exports.validateSSODomain = validateSSODomain;
-/**
- *  Get SSO configuration default roles by logged in user (tenantId, vendorId)
- * * ``authorized user``
- */
-function getSSODefaultRoles(ssoConfigId) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getSSODefaultRoles()', { ssoConfigId });
-        return fetch_1.Get(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}/roles`);
-    });
-}
-exports.getSSODefaultRoles = getSSODefaultRoles;
-/**
- *  Create SSO configuration default roles by logged in user (tenantId, vendorId)
- * * ``authorized user``
- */
-function setSSODefaultRoles(ssoConfigId, body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('setSSODefaultRoles()', { body, ssoConfigId });
-        return fetch_1.Put(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}/roles`, body);
-    });
-}
-exports.setSSODefaultRoles = setSSODefaultRoles;
-/**
- *  Create SSO configuration group roles for authorization
- */
-function createSSOGroup(ssoConfigId, body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('createSSOGroup()', { body, ssoConfigId });
-        return fetch_1.Post(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}/groups`, body);
-    });
-}
-exports.createSSOGroup = createSSOGroup;
-/**
- *  Update SSO configuration group roles for authorization
- */
-function updateSSOGroup(ssoConfigId, { roleIds, group, id }) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('updateSSOGroup()', { ssoConfigId, roleIds, group });
-        return fetch_1.Patch(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}/groups/${id}`, { group, roleIds });
-    });
-}
-exports.updateSSOGroup = updateSSOGroup;
-/**
- *  Delete SSO configuration group
- */
-function deleteSSOGroup(ssoConfigId, groupId) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('deleteSSOGroup()', { ssoConfigId, groupId });
-        return fetch_1.Delete(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}/groups/${groupId}`);
-    });
-}
-exports.deleteSSOGroup = deleteSSOGroup;
-/**
- *  Get SSO configuration groups
- */
-function getSSOGroups(ssoConfigId) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getSSOGroups()', { ssoConfigId });
-        return fetch_1.Get(`${constants_1.urls.team.sso.v1}/configurations/${ssoConfigId}/groups`);
-    });
-}
-exports.getSSOGroups = getSSOGroups;
-/**
- * Check if requested email address has sso configuration
- * If true, this function will return the sso address to navigate to
- * else, return null
- */
-function preLoginV2(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('preLoginV2()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.auth.v2}/user/sso/prelogin`, body);
-    });
-}
-exports.preLoginV2 = preLoginV2;
-/**
- * After calling preLogin and navigated to SSO url, the IDP will redirect you to the redirect url
- * with code and state
- */
-function oidcPostLoginV2(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('oidcPostLoginV2()');
-        const data = yield fetch_1.Post(`${constants_1.urls.identity.auth.v2}/user/oidc/postlogin`, body);
-        return generateLoginResponse(data);
-    });
-}
-exports.oidcPostLoginV2 = oidcPostLoginV2;
-function exchangeOAuthTokens(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('exchangeOauthTokens()');
-        const data = yield fetch_1.Post(`${constants_1.urls.oauth.v1}/token`, body);
-        return generateLoginResponseFromOAuthResponse(data);
-    });
-}
-exports.exchangeOAuthTokens = exchangeOAuthTokens;
-/**
- * reset phone should be called in case user want to reset his phone number
- * when using sms authentication strategy. a 6-digits code will be send to the user email.
- */
-function resetPhoneNumber(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('resetPhoneNumber()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/phone/reset`, body);
-    });
-}
-exports.resetPhoneNumber = resetPhoneNumber;
-/**
- * verify reset phone should be called after reset phone number request
- * with the token received from the reset phone number request and a code that was sent to the user email
- */
-function verifyResetPhoneNumber(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('verifyResetPhoneNumber()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/phone/reset/verify`, body);
-    });
-}
-exports.verifyResetPhoneNumber = verifyResetPhoneNumber;
-/**
- * change phone number with verification.
- */
-function changePhoneNumberWithVerification(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('changePhoneNumberWithVerification()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/phone`, body);
-    });
-}
-exports.changePhoneNumberWithVerification = changePhoneNumberWithVerification;
-/**
- * verify new phone number.
- */
-function verifyChangePhoneNumber(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('verifyChangePhoneNumber()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.users.v1}/phone/verify`, body);
-    });
-}
-exports.verifyChangePhoneNumber = verifyChangePhoneNumber;
-/**
- * change phone number should be called after verify reset phone number with the new phone number
- */
-function changePhoneNumber(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('changePhoneNumber()', body);
-        return fetch_1.Put(`${constants_1.urls.identity.users.v1}/phone/change`, body);
-    });
-}
-exports.changePhoneNumber = changePhoneNumber;
-/**
- * webauthn prelogin should be called when the user wants to be authenticated using his device/android/usb key
- */
-function webAuthnPreLogin(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('webAuthnPreLogin()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.auth.v1}/webauthn/prelogin`, body);
-    });
-}
-exports.webAuthnPreLogin = webAuthnPreLogin;
-/**
- * webauthn postlogin should be called after the user used his authenticator (device/android/usb key) in order to login
- */
-function webAuthnPostLogin(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('webAuthnPostLogin()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.auth.v1}/webauthn/postlogin`, body);
-    });
-}
-exports.webAuthnPostLogin = webAuthnPostLogin;
-/**
- * webauthn create new device should be called once the user wants to add new device as authenticator
- */
-function webAuthnCreateNewDeviceSession() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('webAuthnCreateNewDeviceSession()');
-        return fetch_1.Post(constants_1.urls.identity.webAuthnDevices.v1);
-    });
-}
-exports.webAuthnCreateNewDeviceSession = webAuthnCreateNewDeviceSession;
-/**
- * webauthn verify new device should be called after the user used his authenticator in order to register the new device
- */
-function verifyNewDeviceSession(body) {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('verifyNewDeviceSession()', body);
-        return fetch_1.Post(`${constants_1.urls.identity.webAuthnDevices.v1}/verify`, body);
-    });
-}
-exports.verifyNewDeviceSession = verifyNewDeviceSession;
-/**
- * Get public vendor auth strategies public configuration
- */
-function getVendorPublicAuthStrategiesConfig() {
-    return __awaiter(this, void 0, void 0, function* () {
-        console.debug('getVendorPublicAuthStrategiesConfig()');
-        return fetch_1.Get(`${constants_1.urls.identity.configurations.v1}/auth/strategies/public`);
-    });
-}
-exports.getVendorPublicAuthStrategiesConfig = getVendorPublicAuthStrategiesConfig;
-;
-//# sourceMappingURL=index.js.map