@frontegg/rest-api 3.0.132 → 3.0.133
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/auth/index.d.ts +58 -0
- package/auth/index.js +92 -5
- package/auth/interfaces.d.ts +2 -0
- package/index.js +1 -1
- package/node/auth/index.js +131 -5
- package/node/index.js +1 -1
- package/package.json +1 -1
package/auth/index.d.ts
CHANGED
|
@@ -9,6 +9,7 @@ export declare function generateLoginResponse(loginResponse: ILoginResponse): Pr
|
|
|
9
9
|
export declare function generateLoginResponseV2(loginResponse: ILoginResponse): Promise<ILoginResponseV2>;
|
|
10
10
|
export declare function generateLoginResponseV3(loginResponse: ILoginResponse): Promise<ILoginResponseV3>;
|
|
11
11
|
export declare function generateLoginResponseFromOAuthResponse(oauthResponse: IOAuthTokenResponse): Promise<ILoginResponse>;
|
|
12
|
+
export declare function generateLoginResponseFromOAuthResponseV2(oauthResponse: IOAuthTokenResponse): Promise<ILoginResponseV3>;
|
|
12
13
|
/**
|
|
13
14
|
* Check if requested email address has sso configuration
|
|
14
15
|
* If true, this function will return the sso address to navigate to
|
|
@@ -42,6 +43,17 @@ export declare function oidcPostLogin(body: IOidcPostLogin): Promise<ILoginRespo
|
|
|
42
43
|
* @throw exception if login failed
|
|
43
44
|
*/
|
|
44
45
|
export declare function login(body: ILogin): Promise<ILoginResponse>;
|
|
46
|
+
/**
|
|
47
|
+
* login with username and password.
|
|
48
|
+
* if the user has two factor authentication
|
|
49
|
+
* the server will return mfaToken with mfaRequired: true,
|
|
50
|
+
* and then ``loginWithMfa`` should be called with the mfaToken and and generated code
|
|
51
|
+
* else, the server will accessToken and refreshToken.
|
|
52
|
+
* the refresh should be used to renew your access token by calling ``refreshToken``
|
|
53
|
+
*
|
|
54
|
+
* @throw exception if login failed
|
|
55
|
+
*/
|
|
56
|
+
export declare function loginv2(body: ILogin): Promise<ILoginResponseV3>;
|
|
45
57
|
/**
|
|
46
58
|
* after login succeeded with mfaRequired token response, this function should be called
|
|
47
59
|
* with the mfaToken and the generated code from your authenticator app.
|
|
@@ -49,6 +61,13 @@ export declare function login(body: ILogin): Promise<ILoginResponse>;
|
|
|
49
61
|
* @throw exception if generated code or mfaToken are incorrect
|
|
50
62
|
*/
|
|
51
63
|
export declare function loginWithMfa(body: ILoginWithMfa): Promise<ILoginResponse>;
|
|
64
|
+
/**
|
|
65
|
+
* after login succeeded with mfaRequired token response, this function should be called
|
|
66
|
+
* with the mfaToken and the generated code from your authenticator app.
|
|
67
|
+
*
|
|
68
|
+
* @throw exception if generated code or mfaToken are incorrect
|
|
69
|
+
*/
|
|
70
|
+
export declare function loginWithMfaV2(body: ILoginWithMfa): Promise<ILoginResponseV3>;
|
|
52
71
|
/**
|
|
53
72
|
* activating account should be called after registering new user of deactivate account
|
|
54
73
|
* ``activateAccount`` should contains userId and the token that has been sent to the user after activation requested.
|
|
@@ -56,6 +75,13 @@ export declare function loginWithMfa(body: ILoginWithMfa): Promise<ILoginRespons
|
|
|
56
75
|
* @throws exception if activation failed
|
|
57
76
|
*/
|
|
58
77
|
export declare function activateAccount(body: IActivateAccount): Promise<void>;
|
|
78
|
+
/**
|
|
79
|
+
* activating account should be called after registering new user of deactivate account
|
|
80
|
+
* ``activateAccount`` should contains userId and the token that has been sent to the user after activation requested.
|
|
81
|
+
*
|
|
82
|
+
* @throws exception if activation failed
|
|
83
|
+
*/
|
|
84
|
+
export declare function activateAccountV2(body: IActivateAccount): Promise<ILoginResponseV3>;
|
|
59
85
|
/**
|
|
60
86
|
* get account activation configuration.
|
|
61
87
|
*/
|
|
@@ -239,6 +265,11 @@ export declare function preEnrollMFAAuthenticatorAppForLogin(body: IPreEnrollMFA
|
|
|
239
265
|
* with the generated code in the Authenticator App
|
|
240
266
|
*/
|
|
241
267
|
export declare function enrollMFAAuthenticatorAppForLogin(body: IEnrollMFAAuthenticatorApp): Promise<ILoginResponse>;
|
|
268
|
+
/**
|
|
269
|
+
* after pre enroll with authenticator app, enroll authenticator app function should be called
|
|
270
|
+
* with the generated code in the Authenticator App
|
|
271
|
+
*/
|
|
272
|
+
export declare function enrollMFAAuthenticatorAppForLoginV2(body: IEnrollMFAAuthenticatorApp): Promise<ILoginResponseV3>;
|
|
242
273
|
/**
|
|
243
274
|
* after login succeeded with mfaRequired token response, this function should be called
|
|
244
275
|
* with the selected authenticator app id, mfaToken and the generated code from your authenticator app.
|
|
@@ -254,6 +285,11 @@ export declare function preVerifyMFAEmailCode(body: IPreVerifyMFA): Promise<IPre
|
|
|
254
285
|
* with the otcToken and the code that has been sent to the email
|
|
255
286
|
*/
|
|
256
287
|
export declare function verifyMFAEmailCode(body: IVerifyMFAEmailCode): Promise<ILoginResponse>;
|
|
288
|
+
/**
|
|
289
|
+
* after pre verify with Email Code, verify Email Code function should be called
|
|
290
|
+
* with the otcToken and the code that has been sent to the email
|
|
291
|
+
*/
|
|
292
|
+
export declare function verifyMFAEmailCodeV2(body: IVerifyMFAEmailCode): Promise<ILoginResponseV3>;
|
|
257
293
|
/**
|
|
258
294
|
* pre enroll Multi-Factor to use with SMS
|
|
259
295
|
* the server returns otcToken that should be sent to the enroll function with the code that was sent to
|
|
@@ -265,6 +301,11 @@ export declare function preEnrollMFASMSForLogin(body: IPreEnrollMFASMS): Promise
|
|
|
265
301
|
* with the otcToken and the code that has been sent to the phone number that was requested
|
|
266
302
|
*/
|
|
267
303
|
export declare function enrollMFASMSForLogin(body: IEnrollMFASMS): Promise<ILoginResponse>;
|
|
304
|
+
/**
|
|
305
|
+
* after pre enroll with SMS, enroll SMS function should be called
|
|
306
|
+
* with the otcToken and the code that has been sent to the phone number that was requested
|
|
307
|
+
*/
|
|
308
|
+
export declare function enrollMFASMSForLoginV2(body: IEnrollMFASMS): Promise<ILoginResponseV3>;
|
|
268
309
|
/**
|
|
269
310
|
* after login succeeded with mfaRequired token response, if the user asked to use SMS as MFA
|
|
270
311
|
* this function should be called with the selected device id and mfaToken
|
|
@@ -275,6 +316,11 @@ export declare function preVerifyMFASMSForLogin(deviceId: string, body: IPreVeri
|
|
|
275
316
|
* that has been sent to the selected device.
|
|
276
317
|
*/
|
|
277
318
|
export declare function verifyMFASMSForLogin(deviceId: string, body: IVerifyMFASMS): Promise<ILoginResponse>;
|
|
319
|
+
/**
|
|
320
|
+
* after pre verify with SMS, this function should be called with otcToken, mfaToken and the code
|
|
321
|
+
* that has been sent to the selected device.
|
|
322
|
+
*/
|
|
323
|
+
export declare function verifyMFASMSForLoginV2(deviceId: string, body: IVerifyMFASMS): Promise<ILoginResponseV3>;
|
|
278
324
|
/**
|
|
279
325
|
* pre enroll Multi-Factor to use with WebAuthn
|
|
280
326
|
* the server returns attestation object
|
|
@@ -286,6 +332,11 @@ export declare function preEnrollMFAWebAuthnForLogin(body: IPreEnrollMFA): Promi
|
|
|
286
332
|
* with the webauthnToken and the attestation object response
|
|
287
333
|
*/
|
|
288
334
|
export declare function enrollMFAWebAuthnForLogin(body: IEnrollMFAWebAuthn): Promise<ILoginResponse>;
|
|
335
|
+
/**
|
|
336
|
+
* after pre enroll with WebAuthn, enroll WebAuthn function should be called
|
|
337
|
+
* with the webauthnToken and the attestation object response
|
|
338
|
+
*/
|
|
339
|
+
export declare function enrollMFAWebAuthnForLoginV2(body: IEnrollMFAWebAuthn): Promise<ILoginResponseV3>;
|
|
289
340
|
/**
|
|
290
341
|
* after login succeeded with mfaRequired token response, if the user asked to use WebAuthn as MFA
|
|
291
342
|
* this function should be called with the selected device id and mfaToken.
|
|
@@ -503,6 +554,7 @@ export declare function checkIfAllowToRememberMfaDevice(mfaToken: string): Promi
|
|
|
503
554
|
* Passwordless prelogin authentication
|
|
504
555
|
*/
|
|
505
556
|
export declare function passwordlessPreLogin({ type, ...body }: IPasswordlessPreLogin): Promise<void>;
|
|
557
|
+
export declare function passwordlessPostLoginV2({ type, ...body }: IPasswordlessPostLogin): Promise<ILoginResponseV3>;
|
|
506
558
|
export declare function passwordlessPostLogin({ type, ...body }: IPasswordlessPostLogin): Promise<ILoginResponse>;
|
|
507
559
|
/**
|
|
508
560
|
* Check if tenant invitation token is valid
|
|
@@ -607,6 +659,8 @@ export declare function preLoginV2(body: IPreLogin): Promise<IPreLoginWithIdpTyp
|
|
|
607
659
|
* with code and state
|
|
608
660
|
*/
|
|
609
661
|
export declare function oidcPostLoginV2(body: IOidcPostLoginV2): Promise<ILoginResponse>;
|
|
662
|
+
export declare function exchangeOAuthTokensV2(body: IExchangeOAuthTokens): Promise<ILoginResponseV3>;
|
|
663
|
+
export declare function silentOAuthRefreshTokenV2(): Promise<ILoginResponseV3>;
|
|
610
664
|
export declare function exchangeOAuthTokens(body: IExchangeOAuthTokens): Promise<ILoginResponse>;
|
|
611
665
|
export declare function silentOAuthRefreshToken(): Promise<ILoginResponse>;
|
|
612
666
|
/**
|
|
@@ -639,6 +693,10 @@ export declare function webAuthnPreLogin(body: IWebAuthnPreLogin): Promise<IWebA
|
|
|
639
693
|
* webauthn postlogin should be called after the user used his authenticator (device/android/usb key) in order to login
|
|
640
694
|
*/
|
|
641
695
|
export declare function webAuthnPostLogin(body: IWebAuthnPostLogin): Promise<ILoginResponse>;
|
|
696
|
+
/**
|
|
697
|
+
* webauthn postlogin should be called after the user used his authenticator (device/android/usb key) in order to login
|
|
698
|
+
*/
|
|
699
|
+
export declare function webAuthnPostLoginV2(body: IWebAuthnPostLogin): Promise<ILoginResponseV3>;
|
|
642
700
|
/**
|
|
643
701
|
* webauthn create new device should be called once the user wants to add new device as authenticator
|
|
644
702
|
*/
|
package/auth/index.js
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import _objectWithoutPropertiesLoose from "@babel/runtime/helpers/esm/objectWithoutPropertiesLoose";
|
|
2
2
|
import _extends from "@babel/runtime/helpers/esm/extends";
|
|
3
3
|
const _excluded = ["type"],
|
|
4
|
-
_excluded2 = ["type"]
|
|
4
|
+
_excluded2 = ["type"],
|
|
5
|
+
_excluded3 = ["type"];
|
|
5
6
|
import { getTenants } from "../tenants";
|
|
6
7
|
export * from "./secutiry-poilicy";
|
|
7
8
|
export * from "./enums";
|
|
@@ -79,6 +80,26 @@ export async function generateLoginResponseFromOAuthResponse(oauthResponse) {
|
|
|
79
80
|
ContextHolder.setUser(user);
|
|
80
81
|
return user;
|
|
81
82
|
}
|
|
83
|
+
export async function generateLoginResponseFromOAuthResponseV2(oauthResponse) {
|
|
84
|
+
ContextHolder.setAccessToken(oauthResponse.id_token);
|
|
85
|
+
const [me, currentUserTenants] = await Promise.all([Get(`${urls.identity.users.v2}/me`), getCurrentUserTenantsV3()]);
|
|
86
|
+
const decodedContent = oauthResponse.id_token ? jwtDecode(oauthResponse.id_token) : {};
|
|
87
|
+
|
|
88
|
+
const user = _extends({
|
|
89
|
+
mfaRequired: false,
|
|
90
|
+
accessToken: oauthResponse.id_token,
|
|
91
|
+
refreshToken: oauthResponse.refresh_token
|
|
92
|
+
}, decodedContent, me, {
|
|
93
|
+
expiresIn: oauthResponse.expires_in || 300
|
|
94
|
+
});
|
|
95
|
+
|
|
96
|
+
ContextHolder.setUser(user);
|
|
97
|
+
return {
|
|
98
|
+
user,
|
|
99
|
+
tenants: currentUserTenants.tenants,
|
|
100
|
+
activeTenant: currentUserTenants.activeTenant
|
|
101
|
+
};
|
|
102
|
+
}
|
|
82
103
|
export async function preLogin(body) {
|
|
83
104
|
try {
|
|
84
105
|
const {
|
|
@@ -104,13 +125,25 @@ export async function login(body) {
|
|
|
104
125
|
const data = await Post(`${urls.identity.auth.v1}/user`, body);
|
|
105
126
|
return generateLoginResponse(data);
|
|
106
127
|
}
|
|
128
|
+
export async function loginv2(body) {
|
|
129
|
+
const data = await Post(`${urls.identity.auth.v1}/user`, body);
|
|
130
|
+
return generateLoginResponseV3(data);
|
|
131
|
+
}
|
|
107
132
|
export async function loginWithMfa(body) {
|
|
108
133
|
const data = await Post(`${urls.identity.auth.v1}/user/mfa/verify`, body);
|
|
109
134
|
return generateLoginResponse(data);
|
|
110
135
|
}
|
|
136
|
+
export async function loginWithMfaV2(body) {
|
|
137
|
+
const data = await Post(`${urls.identity.auth.v1}/user/mfa/verify`, body);
|
|
138
|
+
return generateLoginResponseV3(data);
|
|
139
|
+
}
|
|
111
140
|
export async function activateAccount(body) {
|
|
112
141
|
return Post(`${urls.identity.users.v1}/activate`, body);
|
|
113
142
|
}
|
|
143
|
+
export async function activateAccountV2(body) {
|
|
144
|
+
const data = await Post(`${urls.identity.users.v1}/activate`, body);
|
|
145
|
+
return generateLoginResponseV3(data);
|
|
146
|
+
}
|
|
114
147
|
export async function getActivateAccountStrategy(params) {
|
|
115
148
|
return Get(`${urls.identity.users.v1}/activate/strategy`, params);
|
|
116
149
|
}
|
|
@@ -204,6 +237,10 @@ export async function preEnrollMFAAuthenticatorAppForLogin(body) {
|
|
|
204
237
|
export async function enrollMFAAuthenticatorAppForLogin(body) {
|
|
205
238
|
return Post(`${urls.identity.auth.v1}/user/mfa/authenticator/enroll/verify`, body);
|
|
206
239
|
}
|
|
240
|
+
export async function enrollMFAAuthenticatorAppForLoginV2(body) {
|
|
241
|
+
const data = await Post(`${urls.identity.auth.v1}/user/mfa/authenticator/enroll/verify`, body);
|
|
242
|
+
return generateLoginResponseV3(data);
|
|
243
|
+
}
|
|
207
244
|
export async function verifyMFAAuthenticatorAppForLogin(deviceId, body) {
|
|
208
245
|
return Post(`${urls.identity.auth.v1}/user/mfa/authenticator/${deviceId}/verify`, body);
|
|
209
246
|
}
|
|
@@ -213,24 +250,40 @@ export async function preVerifyMFAEmailCode(body) {
|
|
|
213
250
|
export async function verifyMFAEmailCode(body) {
|
|
214
251
|
return Post(`${urls.identity.auth.v1}/user/mfa/emailcode/verify`, body);
|
|
215
252
|
}
|
|
253
|
+
export async function verifyMFAEmailCodeV2(body) {
|
|
254
|
+
const data = await Post(`${urls.identity.auth.v1}/user/mfa/emailcode/verify`, body);
|
|
255
|
+
return generateLoginResponseV3(data);
|
|
256
|
+
}
|
|
216
257
|
export async function preEnrollMFASMSForLogin(body) {
|
|
217
258
|
return Post(`${urls.identity.auth.v1}/user/mfa/sms/enroll`, body);
|
|
218
259
|
}
|
|
219
260
|
export async function enrollMFASMSForLogin(body) {
|
|
220
261
|
return Post(`${urls.identity.auth.v1}/user/mfa/sms/enroll/verify`, body);
|
|
221
262
|
}
|
|
263
|
+
export async function enrollMFASMSForLoginV2(body) {
|
|
264
|
+
const data = await Post(`${urls.identity.auth.v1}/user/mfa/sms/enroll/verify`, body);
|
|
265
|
+
return generateLoginResponseV3(data);
|
|
266
|
+
}
|
|
222
267
|
export async function preVerifyMFASMSForLogin(deviceId, body) {
|
|
223
268
|
return Post(`${urls.identity.auth.v1}/user/mfa/sms/${deviceId}`, body);
|
|
224
269
|
}
|
|
225
270
|
export async function verifyMFASMSForLogin(deviceId, body) {
|
|
226
271
|
return Post(`${urls.identity.auth.v1}/user/mfa/sms/${deviceId}/verify`, body);
|
|
227
272
|
}
|
|
273
|
+
export async function verifyMFASMSForLoginV2(deviceId, body) {
|
|
274
|
+
const data = await Post(`${urls.identity.auth.v1}/user/mfa/sms/${deviceId}/verify`, body);
|
|
275
|
+
return generateLoginResponseV3(data);
|
|
276
|
+
}
|
|
228
277
|
export async function preEnrollMFAWebAuthnForLogin(body) {
|
|
229
278
|
return Post(`${urls.identity.auth.v1}/user/mfa/webauthn/enroll`, body);
|
|
230
279
|
}
|
|
231
280
|
export async function enrollMFAWebAuthnForLogin(body) {
|
|
232
281
|
return Post(`${urls.identity.auth.v1}/user/mfa/webauthn/enroll/verify`, body);
|
|
233
282
|
}
|
|
283
|
+
export async function enrollMFAWebAuthnForLoginV2(body) {
|
|
284
|
+
const data = await Post(`${urls.identity.auth.v1}/user/mfa/webauthn/enroll/verify`, body);
|
|
285
|
+
return generateLoginResponseV3(data);
|
|
286
|
+
}
|
|
234
287
|
export async function preVerifyMFAWebAuthnForLogin(deviceId, body) {
|
|
235
288
|
return Post(`${urls.identity.auth.v1}/user/mfa/webauthn/${deviceId}`, body);
|
|
236
289
|
}
|
|
@@ -356,13 +409,26 @@ export async function signUpUser(body) {
|
|
|
356
409
|
userId,
|
|
357
410
|
tenantId
|
|
358
411
|
} = await Post(`${urls.identity.users.v1}/signUp`, body);
|
|
359
|
-
const
|
|
360
|
-
return {
|
|
412
|
+
const response = {
|
|
361
413
|
shouldActivate,
|
|
362
|
-
user: loginResponse,
|
|
363
414
|
userId,
|
|
364
415
|
tenantId
|
|
365
416
|
};
|
|
417
|
+
|
|
418
|
+
if (!shouldActivate && authResponse) {
|
|
419
|
+
const {
|
|
420
|
+
user,
|
|
421
|
+
tenants,
|
|
422
|
+
activeTenant
|
|
423
|
+
} = await generateLoginResponseV3(authResponse);
|
|
424
|
+
return _extends({}, response, {
|
|
425
|
+
user,
|
|
426
|
+
tenants,
|
|
427
|
+
activeTenant
|
|
428
|
+
});
|
|
429
|
+
}
|
|
430
|
+
|
|
431
|
+
return response;
|
|
366
432
|
}
|
|
367
433
|
export async function getCurrentUserSessions() {
|
|
368
434
|
return Get(urls.identity.users.sessions.currentUser.v1);
|
|
@@ -449,12 +515,21 @@ export async function passwordlessPreLogin(_ref) {
|
|
|
449
515
|
|
|
450
516
|
return Post(`${urls.identity.auth.v1}/passwordless/${type.toLocaleLowerCase()}/prelogin`, body);
|
|
451
517
|
}
|
|
452
|
-
export async function
|
|
518
|
+
export async function passwordlessPostLoginV2(_ref2) {
|
|
453
519
|
let {
|
|
454
520
|
type
|
|
455
521
|
} = _ref2,
|
|
456
522
|
body = _objectWithoutPropertiesLoose(_ref2, _excluded2);
|
|
457
523
|
|
|
524
|
+
const data = await Post(`${urls.identity.auth.v1}/passwordless/${type.toLocaleLowerCase()}/postlogin`, body);
|
|
525
|
+
return generateLoginResponseV3(data);
|
|
526
|
+
}
|
|
527
|
+
export async function passwordlessPostLogin(_ref3) {
|
|
528
|
+
let {
|
|
529
|
+
type
|
|
530
|
+
} = _ref3,
|
|
531
|
+
body = _objectWithoutPropertiesLoose(_ref3, _excluded3);
|
|
532
|
+
|
|
458
533
|
return Post(`${urls.identity.auth.v1}/passwordless/${type.toLocaleLowerCase()}/postlogin`, body);
|
|
459
534
|
}
|
|
460
535
|
export async function verifyInviteToken({
|
|
@@ -523,6 +598,14 @@ export async function oidcPostLoginV2(body) {
|
|
|
523
598
|
const data = await Post(`${urls.identity.auth.v2}/user/oidc/postlogin`, body);
|
|
524
599
|
return generateLoginResponse(data);
|
|
525
600
|
}
|
|
601
|
+
export async function exchangeOAuthTokensV2(body) {
|
|
602
|
+
const data = await Post(`${urls.oauth.v1}/token`, body);
|
|
603
|
+
return generateLoginResponseFromOAuthResponseV2(data);
|
|
604
|
+
}
|
|
605
|
+
export async function silentOAuthRefreshTokenV2() {
|
|
606
|
+
const data = await Post(`${urls.oauth.v1}/authorize/silent`);
|
|
607
|
+
return generateLoginResponseFromOAuthResponseV2(data);
|
|
608
|
+
}
|
|
526
609
|
export async function exchangeOAuthTokens(body) {
|
|
527
610
|
const data = await Post(`${urls.oauth.v1}/token`, body);
|
|
528
611
|
return generateLoginResponseFromOAuthResponse(data);
|
|
@@ -552,6 +635,10 @@ export async function webAuthnPreLogin(body) {
|
|
|
552
635
|
export async function webAuthnPostLogin(body) {
|
|
553
636
|
return Post(`${urls.identity.auth.v1}/webauthn/postlogin`, body);
|
|
554
637
|
}
|
|
638
|
+
export async function webAuthnPostLoginV2(body) {
|
|
639
|
+
const data = await Post(`${urls.identity.auth.v1}/webauthn/postlogin`, body);
|
|
640
|
+
return generateLoginResponseV3(data);
|
|
641
|
+
}
|
|
555
642
|
export async function webAuthnCreateNewDeviceSession() {
|
|
556
643
|
return Post(urls.identity.webAuthnDevices.v1);
|
|
557
644
|
}
|
package/auth/interfaces.d.ts
CHANGED
package/index.js
CHANGED
package/node/auth/index.js
CHANGED
|
@@ -10,13 +10,17 @@ var _exportNames = {
|
|
|
10
10
|
generateLoginResponseV2: true,
|
|
11
11
|
generateLoginResponseV3: true,
|
|
12
12
|
generateLoginResponseFromOAuthResponse: true,
|
|
13
|
+
generateLoginResponseFromOAuthResponseV2: true,
|
|
13
14
|
preLogin: true,
|
|
14
15
|
preLoginWithIdpType: true,
|
|
15
16
|
postLogin: true,
|
|
16
17
|
oidcPostLogin: true,
|
|
17
18
|
login: true,
|
|
19
|
+
loginv2: true,
|
|
18
20
|
loginWithMfa: true,
|
|
21
|
+
loginWithMfaV2: true,
|
|
19
22
|
activateAccount: true,
|
|
23
|
+
activateAccountV2: true,
|
|
20
24
|
getActivateAccountStrategy: true,
|
|
21
25
|
resendActivationEmail: true,
|
|
22
26
|
resendInvitationEmail: true,
|
|
@@ -47,15 +51,20 @@ var _exportNames = {
|
|
|
47
51
|
getMFADevices: true,
|
|
48
52
|
preEnrollMFAAuthenticatorAppForLogin: true,
|
|
49
53
|
enrollMFAAuthenticatorAppForLogin: true,
|
|
54
|
+
enrollMFAAuthenticatorAppForLoginV2: true,
|
|
50
55
|
verifyMFAAuthenticatorAppForLogin: true,
|
|
51
56
|
preVerifyMFAEmailCode: true,
|
|
52
57
|
verifyMFAEmailCode: true,
|
|
58
|
+
verifyMFAEmailCodeV2: true,
|
|
53
59
|
preEnrollMFASMSForLogin: true,
|
|
54
60
|
enrollMFASMSForLogin: true,
|
|
61
|
+
enrollMFASMSForLoginV2: true,
|
|
55
62
|
preVerifyMFASMSForLogin: true,
|
|
56
63
|
verifyMFASMSForLogin: true,
|
|
64
|
+
verifyMFASMSForLoginV2: true,
|
|
57
65
|
preEnrollMFAWebAuthnForLogin: true,
|
|
58
66
|
enrollMFAWebAuthnForLogin: true,
|
|
67
|
+
enrollMFAWebAuthnForLoginV2: true,
|
|
59
68
|
preVerifyMFAWebAuthnForLogin: true,
|
|
60
69
|
verifyMFAWebAuthnForLogin: true,
|
|
61
70
|
getSamlConfiguration: true,
|
|
@@ -100,6 +109,7 @@ var _exportNames = {
|
|
|
100
109
|
getUserById: true,
|
|
101
110
|
checkIfAllowToRememberMfaDevice: true,
|
|
102
111
|
passwordlessPreLogin: true,
|
|
112
|
+
passwordlessPostLoginV2: true,
|
|
103
113
|
passwordlessPostLogin: true,
|
|
104
114
|
verifyInviteToken: true,
|
|
105
115
|
getSSOConfigurations: true,
|
|
@@ -119,6 +129,8 @@ var _exportNames = {
|
|
|
119
129
|
getSSOGroups: true,
|
|
120
130
|
preLoginV2: true,
|
|
121
131
|
oidcPostLoginV2: true,
|
|
132
|
+
exchangeOAuthTokensV2: true,
|
|
133
|
+
silentOAuthRefreshTokenV2: true,
|
|
122
134
|
exchangeOAuthTokens: true,
|
|
123
135
|
silentOAuthRefreshToken: true,
|
|
124
136
|
resetPhoneNumber: true,
|
|
@@ -128,6 +140,7 @@ var _exportNames = {
|
|
|
128
140
|
changePhoneNumber: true,
|
|
129
141
|
webAuthnPreLogin: true,
|
|
130
142
|
webAuthnPostLogin: true,
|
|
143
|
+
webAuthnPostLoginV2: true,
|
|
131
144
|
webAuthnCreateNewDeviceSession: true,
|
|
132
145
|
getWebAuthnDevices: true,
|
|
133
146
|
deleteWebAuthnDevice: true,
|
|
@@ -139,6 +152,7 @@ var _exportNames = {
|
|
|
139
152
|
exports.OAuthLogout = OAuthLogout;
|
|
140
153
|
exports.acceptInvitation = acceptInvitation;
|
|
141
154
|
exports.activateAccount = activateAccount;
|
|
155
|
+
exports.activateAccountV2 = activateAccountV2;
|
|
142
156
|
exports.changePhoneNumber = changePhoneNumber;
|
|
143
157
|
exports.changePhoneNumberWithVerification = changePhoneNumberWithVerification;
|
|
144
158
|
exports.checkIfAllowToRememberMfaDevice = checkIfAllowToRememberMfaDevice;
|
|
@@ -167,15 +181,20 @@ exports.disableMFAWebAuthn = disableMFAWebAuthn;
|
|
|
167
181
|
exports.disableMfa = disableMfa;
|
|
168
182
|
exports.enrollMFAAuthenticatorApp = enrollMFAAuthenticatorApp;
|
|
169
183
|
exports.enrollMFAAuthenticatorAppForLogin = enrollMFAAuthenticatorAppForLogin;
|
|
184
|
+
exports.enrollMFAAuthenticatorAppForLoginV2 = enrollMFAAuthenticatorAppForLoginV2;
|
|
170
185
|
exports.enrollMFASMS = enrollMFASMS;
|
|
171
186
|
exports.enrollMFASMSForLogin = enrollMFASMSForLogin;
|
|
187
|
+
exports.enrollMFASMSForLoginV2 = enrollMFASMSForLoginV2;
|
|
172
188
|
exports.enrollMFAWebAuthn = enrollMFAWebAuthn;
|
|
173
189
|
exports.enrollMFAWebAuthnForLogin = enrollMFAWebAuthnForLogin;
|
|
190
|
+
exports.enrollMFAWebAuthnForLoginV2 = enrollMFAWebAuthnForLoginV2;
|
|
174
191
|
exports.enrollMfa = enrollMfa;
|
|
175
192
|
exports.exchangeOAuthTokens = exchangeOAuthTokens;
|
|
193
|
+
exports.exchangeOAuthTokensV2 = exchangeOAuthTokensV2;
|
|
176
194
|
exports.forgotPassword = forgotPassword;
|
|
177
195
|
exports.generateLoginResponse = generateLoginResponse;
|
|
178
196
|
exports.generateLoginResponseFromOAuthResponse = generateLoginResponseFromOAuthResponse;
|
|
197
|
+
exports.generateLoginResponseFromOAuthResponseV2 = generateLoginResponseFromOAuthResponseV2;
|
|
179
198
|
exports.generateLoginResponseV2 = generateLoginResponseV2;
|
|
180
199
|
exports.generateLoginResponseV3 = generateLoginResponseV3;
|
|
181
200
|
exports.getActivateAccountStrategy = getActivateAccountStrategy;
|
|
@@ -210,10 +229,13 @@ exports.loadPasswordConfig = loadPasswordConfig;
|
|
|
210
229
|
exports.login = login;
|
|
211
230
|
exports.loginViaSocialLogin = loginViaSocialLogin;
|
|
212
231
|
exports.loginWithMfa = loginWithMfa;
|
|
232
|
+
exports.loginWithMfaV2 = loginWithMfaV2;
|
|
233
|
+
exports.loginv2 = loginv2;
|
|
213
234
|
exports.logout = logout;
|
|
214
235
|
exports.oidcPostLogin = oidcPostLogin;
|
|
215
236
|
exports.oidcPostLoginV2 = oidcPostLoginV2;
|
|
216
237
|
exports.passwordlessPostLogin = passwordlessPostLogin;
|
|
238
|
+
exports.passwordlessPostLoginV2 = passwordlessPostLoginV2;
|
|
217
239
|
exports.passwordlessPreLogin = passwordlessPreLogin;
|
|
218
240
|
exports.postLogin = postLogin;
|
|
219
241
|
exports.preDisableMFASMS = preDisableMFASMS;
|
|
@@ -242,6 +264,7 @@ exports.revokeSessionsForUser = revokeSessionsForUser;
|
|
|
242
264
|
exports.setSSODefaultRoles = setSSODefaultRoles;
|
|
243
265
|
exports.signUpUser = signUpUser;
|
|
244
266
|
exports.silentOAuthRefreshToken = silentOAuthRefreshToken;
|
|
267
|
+
exports.silentOAuthRefreshTokenV2 = silentOAuthRefreshTokenV2;
|
|
245
268
|
exports.updateSSOConfiguration = updateSSOConfiguration;
|
|
246
269
|
exports.updateSSOConfigurationByMetadata = updateSSOConfigurationByMetadata;
|
|
247
270
|
exports.updateSSOGroup = updateSSOGroup;
|
|
@@ -257,13 +280,16 @@ exports.verifyChangePhoneNumber = verifyChangePhoneNumber;
|
|
|
257
280
|
exports.verifyInviteToken = verifyInviteToken;
|
|
258
281
|
exports.verifyMFAAuthenticatorAppForLogin = verifyMFAAuthenticatorAppForLogin;
|
|
259
282
|
exports.verifyMFAEmailCode = verifyMFAEmailCode;
|
|
283
|
+
exports.verifyMFAEmailCodeV2 = verifyMFAEmailCodeV2;
|
|
260
284
|
exports.verifyMFASMSForLogin = verifyMFASMSForLogin;
|
|
285
|
+
exports.verifyMFASMSForLoginV2 = verifyMFASMSForLoginV2;
|
|
261
286
|
exports.verifyMFAWebAuthnForLogin = verifyMFAWebAuthnForLogin;
|
|
262
287
|
exports.verifyMfa = verifyMfa;
|
|
263
288
|
exports.verifyNewDeviceSession = verifyNewDeviceSession;
|
|
264
289
|
exports.verifyResetPhoneNumber = verifyResetPhoneNumber;
|
|
265
290
|
exports.webAuthnCreateNewDeviceSession = webAuthnCreateNewDeviceSession;
|
|
266
291
|
exports.webAuthnPostLogin = webAuthnPostLogin;
|
|
292
|
+
exports.webAuthnPostLoginV2 = webAuthnPostLoginV2;
|
|
267
293
|
exports.webAuthnPreLogin = webAuthnPreLogin;
|
|
268
294
|
|
|
269
295
|
var _objectWithoutPropertiesLoose2 = _interopRequireDefault(require("@babel/runtime/helpers/objectWithoutPropertiesLoose"));
|
|
@@ -311,7 +337,8 @@ var _jwt = require("../jwt");
|
|
|
311
337
|
var _users = require("../users");
|
|
312
338
|
|
|
313
339
|
const _excluded = ["type"],
|
|
314
|
-
_excluded2 = ["type"]
|
|
340
|
+
_excluded2 = ["type"],
|
|
341
|
+
_excluded3 = ["type"];
|
|
315
342
|
|
|
316
343
|
async function generateLoginResponse(loginResponse) {
|
|
317
344
|
if (!loginResponse.accessToken) {
|
|
@@ -390,6 +417,28 @@ async function generateLoginResponseFromOAuthResponse(oauthResponse) {
|
|
|
390
417
|
return user;
|
|
391
418
|
}
|
|
392
419
|
|
|
420
|
+
async function generateLoginResponseFromOAuthResponseV2(oauthResponse) {
|
|
421
|
+
_ContextHolder.ContextHolder.setAccessToken(oauthResponse.id_token);
|
|
422
|
+
|
|
423
|
+
const [me, currentUserTenants] = await Promise.all([(0, _fetch.Get)(`${_constants.urls.identity.users.v2}/me`), (0, _users.getCurrentUserTenantsV3)()]);
|
|
424
|
+
const decodedContent = oauthResponse.id_token ? (0, _jwt.jwtDecode)(oauthResponse.id_token) : {};
|
|
425
|
+
const user = (0, _extends2.default)({
|
|
426
|
+
mfaRequired: false,
|
|
427
|
+
accessToken: oauthResponse.id_token,
|
|
428
|
+
refreshToken: oauthResponse.refresh_token
|
|
429
|
+
}, decodedContent, me, {
|
|
430
|
+
expiresIn: oauthResponse.expires_in || 300
|
|
431
|
+
});
|
|
432
|
+
|
|
433
|
+
_ContextHolder.ContextHolder.setUser(user);
|
|
434
|
+
|
|
435
|
+
return {
|
|
436
|
+
user,
|
|
437
|
+
tenants: currentUserTenants.tenants,
|
|
438
|
+
activeTenant: currentUserTenants.activeTenant
|
|
439
|
+
};
|
|
440
|
+
}
|
|
441
|
+
|
|
393
442
|
async function preLogin(body) {
|
|
394
443
|
try {
|
|
395
444
|
const {
|
|
@@ -420,15 +469,30 @@ async function login(body) {
|
|
|
420
469
|
return generateLoginResponse(data);
|
|
421
470
|
}
|
|
422
471
|
|
|
472
|
+
async function loginv2(body) {
|
|
473
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user`, body);
|
|
474
|
+
return generateLoginResponseV3(data);
|
|
475
|
+
}
|
|
476
|
+
|
|
423
477
|
async function loginWithMfa(body) {
|
|
424
478
|
const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/verify`, body);
|
|
425
479
|
return generateLoginResponse(data);
|
|
426
480
|
}
|
|
427
481
|
|
|
482
|
+
async function loginWithMfaV2(body) {
|
|
483
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/verify`, body);
|
|
484
|
+
return generateLoginResponseV3(data);
|
|
485
|
+
}
|
|
486
|
+
|
|
428
487
|
async function activateAccount(body) {
|
|
429
488
|
return (0, _fetch.Post)(`${_constants.urls.identity.users.v1}/activate`, body);
|
|
430
489
|
}
|
|
431
490
|
|
|
491
|
+
async function activateAccountV2(body) {
|
|
492
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.identity.users.v1}/activate`, body);
|
|
493
|
+
return generateLoginResponseV3(data);
|
|
494
|
+
}
|
|
495
|
+
|
|
432
496
|
async function getActivateAccountStrategy(params) {
|
|
433
497
|
return (0, _fetch.Get)(`${_constants.urls.identity.users.v1}/activate/strategy`, params);
|
|
434
498
|
}
|
|
@@ -552,6 +616,11 @@ async function enrollMFAAuthenticatorAppForLogin(body) {
|
|
|
552
616
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/authenticator/enroll/verify`, body);
|
|
553
617
|
}
|
|
554
618
|
|
|
619
|
+
async function enrollMFAAuthenticatorAppForLoginV2(body) {
|
|
620
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/authenticator/enroll/verify`, body);
|
|
621
|
+
return generateLoginResponseV3(data);
|
|
622
|
+
}
|
|
623
|
+
|
|
555
624
|
async function verifyMFAAuthenticatorAppForLogin(deviceId, body) {
|
|
556
625
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/authenticator/${deviceId}/verify`, body);
|
|
557
626
|
}
|
|
@@ -564,6 +633,11 @@ async function verifyMFAEmailCode(body) {
|
|
|
564
633
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/emailcode/verify`, body);
|
|
565
634
|
}
|
|
566
635
|
|
|
636
|
+
async function verifyMFAEmailCodeV2(body) {
|
|
637
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/emailcode/verify`, body);
|
|
638
|
+
return generateLoginResponseV3(data);
|
|
639
|
+
}
|
|
640
|
+
|
|
567
641
|
async function preEnrollMFASMSForLogin(body) {
|
|
568
642
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/sms/enroll`, body);
|
|
569
643
|
}
|
|
@@ -572,6 +646,11 @@ async function enrollMFASMSForLogin(body) {
|
|
|
572
646
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/sms/enroll/verify`, body);
|
|
573
647
|
}
|
|
574
648
|
|
|
649
|
+
async function enrollMFASMSForLoginV2(body) {
|
|
650
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/sms/enroll/verify`, body);
|
|
651
|
+
return generateLoginResponseV3(data);
|
|
652
|
+
}
|
|
653
|
+
|
|
575
654
|
async function preVerifyMFASMSForLogin(deviceId, body) {
|
|
576
655
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/sms/${deviceId}`, body);
|
|
577
656
|
}
|
|
@@ -580,6 +659,11 @@ async function verifyMFASMSForLogin(deviceId, body) {
|
|
|
580
659
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/sms/${deviceId}/verify`, body);
|
|
581
660
|
}
|
|
582
661
|
|
|
662
|
+
async function verifyMFASMSForLoginV2(deviceId, body) {
|
|
663
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/sms/${deviceId}/verify`, body);
|
|
664
|
+
return generateLoginResponseV3(data);
|
|
665
|
+
}
|
|
666
|
+
|
|
583
667
|
async function preEnrollMFAWebAuthnForLogin(body) {
|
|
584
668
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/webauthn/enroll`, body);
|
|
585
669
|
}
|
|
@@ -588,6 +672,11 @@ async function enrollMFAWebAuthnForLogin(body) {
|
|
|
588
672
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/webauthn/enroll/verify`, body);
|
|
589
673
|
}
|
|
590
674
|
|
|
675
|
+
async function enrollMFAWebAuthnForLoginV2(body) {
|
|
676
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/webauthn/enroll/verify`, body);
|
|
677
|
+
return generateLoginResponseV3(data);
|
|
678
|
+
}
|
|
679
|
+
|
|
591
680
|
async function preVerifyMFAWebAuthnForLogin(deviceId, body) {
|
|
592
681
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/webauthn/${deviceId}`, body);
|
|
593
682
|
}
|
|
@@ -734,13 +823,26 @@ async function signUpUser(body) {
|
|
|
734
823
|
userId,
|
|
735
824
|
tenantId
|
|
736
825
|
} = await (0, _fetch.Post)(`${_constants.urls.identity.users.v1}/signUp`, body);
|
|
737
|
-
const
|
|
738
|
-
return {
|
|
826
|
+
const response = {
|
|
739
827
|
shouldActivate,
|
|
740
|
-
user: loginResponse,
|
|
741
828
|
userId,
|
|
742
829
|
tenantId
|
|
743
830
|
};
|
|
831
|
+
|
|
832
|
+
if (!shouldActivate && authResponse) {
|
|
833
|
+
const {
|
|
834
|
+
user,
|
|
835
|
+
tenants,
|
|
836
|
+
activeTenant
|
|
837
|
+
} = await generateLoginResponseV3(authResponse);
|
|
838
|
+
return (0, _extends2.default)({}, response, {
|
|
839
|
+
user,
|
|
840
|
+
tenants,
|
|
841
|
+
activeTenant
|
|
842
|
+
});
|
|
843
|
+
}
|
|
844
|
+
|
|
845
|
+
return response;
|
|
744
846
|
}
|
|
745
847
|
|
|
746
848
|
async function getCurrentUserSessions() {
|
|
@@ -849,11 +951,20 @@ async function passwordlessPreLogin(_ref) {
|
|
|
849
951
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/passwordless/${type.toLocaleLowerCase()}/prelogin`, body);
|
|
850
952
|
}
|
|
851
953
|
|
|
852
|
-
async function
|
|
954
|
+
async function passwordlessPostLoginV2(_ref2) {
|
|
853
955
|
let {
|
|
854
956
|
type
|
|
855
957
|
} = _ref2,
|
|
856
958
|
body = (0, _objectWithoutPropertiesLoose2.default)(_ref2, _excluded2);
|
|
959
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/passwordless/${type.toLocaleLowerCase()}/postlogin`, body);
|
|
960
|
+
return generateLoginResponseV3(data);
|
|
961
|
+
}
|
|
962
|
+
|
|
963
|
+
async function passwordlessPostLogin(_ref3) {
|
|
964
|
+
let {
|
|
965
|
+
type
|
|
966
|
+
} = _ref3,
|
|
967
|
+
body = (0, _objectWithoutPropertiesLoose2.default)(_ref3, _excluded3);
|
|
857
968
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/passwordless/${type.toLocaleLowerCase()}/postlogin`, body);
|
|
858
969
|
}
|
|
859
970
|
|
|
@@ -941,6 +1052,16 @@ async function oidcPostLoginV2(body) {
|
|
|
941
1052
|
return generateLoginResponse(data);
|
|
942
1053
|
}
|
|
943
1054
|
|
|
1055
|
+
async function exchangeOAuthTokensV2(body) {
|
|
1056
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.oauth.v1}/token`, body);
|
|
1057
|
+
return generateLoginResponseFromOAuthResponseV2(data);
|
|
1058
|
+
}
|
|
1059
|
+
|
|
1060
|
+
async function silentOAuthRefreshTokenV2() {
|
|
1061
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.oauth.v1}/authorize/silent`);
|
|
1062
|
+
return generateLoginResponseFromOAuthResponseV2(data);
|
|
1063
|
+
}
|
|
1064
|
+
|
|
944
1065
|
async function exchangeOAuthTokens(body) {
|
|
945
1066
|
const data = await (0, _fetch.Post)(`${_constants.urls.oauth.v1}/token`, body);
|
|
946
1067
|
return generateLoginResponseFromOAuthResponse(data);
|
|
@@ -979,6 +1100,11 @@ async function webAuthnPostLogin(body) {
|
|
|
979
1100
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/webauthn/postlogin`, body);
|
|
980
1101
|
}
|
|
981
1102
|
|
|
1103
|
+
async function webAuthnPostLoginV2(body) {
|
|
1104
|
+
const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/webauthn/postlogin`, body);
|
|
1105
|
+
return generateLoginResponseV3(data);
|
|
1106
|
+
}
|
|
1107
|
+
|
|
982
1108
|
async function webAuthnCreateNewDeviceSession() {
|
|
983
1109
|
return (0, _fetch.Post)(_constants.urls.identity.webAuthnDevices.v1);
|
|
984
1110
|
}
|
package/node/index.js
CHANGED