@frontegg/rest-api 3.0.37 → 3.0.38
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/auth/index.d.ts +43 -2
- package/auth/index.js +18 -0
- package/auth/interfaces.d.ts +26 -10
- package/auth/interfaces.js +1 -9
- package/index.js +1 -1
- package/node/auth/index.js +36 -0
- package/node/auth/interfaces.js +0 -8
- package/node/index.js +1 -1
- package/package.json +1 -1
package/auth/index.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
export * from './secutiry-poilicy';
|
|
2
2
|
export * from './enums';
|
|
3
3
|
import { ISamlRolesGroup } from '../teams/interfaces';
|
|
4
|
-
import { IAcceptInvitation, IActivateAccount, IAllowedToRememberMfaDevice, ICreateSamlGroup, IDeleteApiToken, IDisableMfa, IEnrollMfaResponse, IForgotPassword, IGetActivateAccountStrategy, IGetActivateAccountStrategyResponse, IGetUserById, IGetUserPasswordConfig, ILogin, ILoginResponse, ILoginViaSocialLogin, ILoginViaSocialLoginResponse, ILoginWithMfa, IOidcPostLogin, IOidcConfiguration, IPostLogin, IPreLogin, IRecoverMFAToken, IResendActivationEmail, IResetPassword, ISamlConfiguration, ISamlVendorConfigResponse, ISignUpResponse, ISignUpUser, ISocialLoginProviderConfiguration, ITenantApiTokensData, IUpdateSamlConfiguration, IUpdateSamlGroup, IUpdateSamlRoles, IUpdateSamlVendorMetadata, IUpdateTenantApiTokensData, IUpdateUserApiTokensData, IUserApiTokensData, IUserIdResponse, IVendorConfig, IVerifyMfa, IVerifyMfaResponse, TestConfig, ISSOPublicConfiguration, IPreLoginWithIdpTypeResponse, IPasswordlessPreLogin, IPasswordlessPostLogin, ICreateSSODomain, IVerifyInviteToken, ISSODomain, ISSOConfigurationDefaultRoles, ISSOConfiguration, IUpdateSSOConfiguration, IOidcPostLoginV2, IExchangeOAuthTokens, IOAuthTokenResponse, ISocialLoginProviderConfigurationV2, ILoginResponseV2, IResetPhoneNumber, IVerifyResetPhoneNumber, IChangePhoneNumber, IVerifyResetPhoneNumberResponse, IResetPhoneNumberResponse, IWebAuthnPreLogin, IWebAuthnPostLogin, IVerifyNewWebAuthnDevice, IWebAuthnPreLoginResponse, ICreateNewDeviceSessionResponse, IAuthStrategiesConfig, ISessionResponse, IChangePhoneNumberWithVerification, IChangePhoneNumberWithVerificationResponse, IVerifyChangePhoneNumber, ISessionConfigurations, IResendInvitationEmail, IPreEnrollMFA, IEnrollMFAAuthenticatorApp, IPreEnrollMFASMS, IEnrollMFASMS, IEnrollMFAWebAuthn, IPreEnrollMFAAuthenticatorAppResponse, IPreEnrollMFAWebAuthnResponse, IVerifyMFAAuthenticatorApp, IPreVerifyMFA, IPreVerifyMFASMSResponse, IVerifyMFASMS, IPreVerifyMFAWebAuthnResponse, IVerifyMFAWebAuthn } from './interfaces';
|
|
4
|
+
import { IAcceptInvitation, IActivateAccount, IAllowedToRememberMfaDevice, ICreateSamlGroup, IDeleteApiToken, IDisableMfa, IEnrollMfaResponse, IForgotPassword, IGetActivateAccountStrategy, IGetActivateAccountStrategyResponse, IGetUserById, IGetUserPasswordConfig, ILogin, ILoginResponse, ILoginViaSocialLogin, ILoginViaSocialLoginResponse, ILoginWithMfa, IOidcPostLogin, IOidcConfiguration, IPostLogin, IPreLogin, IRecoverMFAToken, IResendActivationEmail, IResetPassword, ISamlConfiguration, ISamlVendorConfigResponse, ISignUpResponse, ISignUpUser, ISocialLoginProviderConfiguration, ITenantApiTokensData, IUpdateSamlConfiguration, IUpdateSamlGroup, IUpdateSamlRoles, IUpdateSamlVendorMetadata, IUpdateTenantApiTokensData, IUpdateUserApiTokensData, IUserApiTokensData, IUserIdResponse, IVendorConfig, IVerifyMfa, IVerifyMfaResponse, TestConfig, ISSOPublicConfiguration, IPreLoginWithIdpTypeResponse, IPasswordlessPreLogin, IPasswordlessPostLogin, ICreateSSODomain, IVerifyInviteToken, ISSODomain, ISSOConfigurationDefaultRoles, ISSOConfiguration, IUpdateSSOConfiguration, IOidcPostLoginV2, IExchangeOAuthTokens, IOAuthTokenResponse, ISocialLoginProviderConfigurationV2, ILoginResponseV2, IResetPhoneNumber, IVerifyResetPhoneNumber, IChangePhoneNumber, IVerifyResetPhoneNumberResponse, IResetPhoneNumberResponse, IWebAuthnPreLogin, IWebAuthnPostLogin, IVerifyNewWebAuthnDevice, IWebAuthnPreLoginResponse, ICreateNewDeviceSessionResponse, IAuthStrategiesConfig, ISessionResponse, IChangePhoneNumberWithVerification, IChangePhoneNumberWithVerificationResponse, IVerifyChangePhoneNumber, ISessionConfigurations, IResendInvitationEmail, IPreEnrollMFA, IEnrollMFAAuthenticatorApp, IPreEnrollMFASMS, IEnrollMFASMS, IEnrollMFAWebAuthn, IPreEnrollMFAAuthenticatorAppResponse, IPreEnrollMFAWebAuthnResponse, IVerifyMFAAuthenticatorApp, IPreVerifyMFA, IPreVerifyMFASMSResponse, IVerifyMFASMS, IPreVerifyMFAWebAuthnResponse, IVerifyMFAWebAuthn, IPreEnrollMFASMSResponse, IPreDisableMFASMSResponse, IDisableMFASMS, IDisableMFAWebAuthn, IPreDisableMFAWebAuthnResponse, UserMFADevicesResponse } from './interfaces';
|
|
5
5
|
/*****************************************
|
|
6
6
|
* Authentication
|
|
7
7
|
*****************************************/
|
|
@@ -145,6 +145,47 @@ export declare function verifyMfa(body: IVerifyMfa): Promise<IVerifyMfaResponse>
|
|
|
145
145
|
* * ``authorized user``
|
|
146
146
|
*/
|
|
147
147
|
export declare function disableMfa(body: IDisableMfa): Promise<void>;
|
|
148
|
+
/**
|
|
149
|
+
* disable MFA Authenticator App.
|
|
150
|
+
*
|
|
151
|
+
* @throws exception if the generated token is incorrect.
|
|
152
|
+
* * ``authorized user``
|
|
153
|
+
*/
|
|
154
|
+
export declare function disableMFAAuthenticatorApp(deviceId: string, body: IDisableMfa): Promise<void>;
|
|
155
|
+
/**
|
|
156
|
+
* pre disable MFA SMS, should be called if user has just one mfa device
|
|
157
|
+
*
|
|
158
|
+
* @throws exception if pre disable is not required for disable
|
|
159
|
+
* * ``authorized user``
|
|
160
|
+
*/
|
|
161
|
+
export declare function preDisableMFASMS(deviceId: string): Promise<IPreDisableMFASMSResponse>;
|
|
162
|
+
/**
|
|
163
|
+
* after pre disable MFA SMS, disable MFA SMS should be called. can also be called without pre disable if
|
|
164
|
+
* user has more than one mfa device
|
|
165
|
+
*
|
|
166
|
+
* @throws exception if pre disable is not required for disable
|
|
167
|
+
* * ``authorized user``
|
|
168
|
+
*/
|
|
169
|
+
export declare function disableMFASMS(deviceId: string, body: IDisableMFASMS): Promise<void>;
|
|
170
|
+
/**
|
|
171
|
+
* pre disable MFA WebAuthn, should be called if user has just one mfa device
|
|
172
|
+
*
|
|
173
|
+
* @throws exception if pre disable is not required for disable
|
|
174
|
+
* * ``authorized user``
|
|
175
|
+
*/
|
|
176
|
+
export declare function preDisableMFAWebAuthn(deviceId: string): Promise<IPreDisableMFAWebAuthnResponse>;
|
|
177
|
+
/**
|
|
178
|
+
* after pre disable MFA WebAuthn, disable MFA WebAuthn should be called. can also be called without pre disable if
|
|
179
|
+
* user has more than one mfa device
|
|
180
|
+
*
|
|
181
|
+
* @throws exception if pre disable is not required for disable
|
|
182
|
+
* * ``authorized user``
|
|
183
|
+
*/
|
|
184
|
+
export declare function disableMFAWebAuthn(deviceId: string, body: IDisableMFAWebAuthn): Promise<void>;
|
|
185
|
+
/**
|
|
186
|
+
* returns user mfa devices list splitted into 3 arrays. webauthn, phones and authenticators.
|
|
187
|
+
*/
|
|
188
|
+
export declare function getMFADevices(): Promise<UserMFADevicesResponse>;
|
|
148
189
|
/**
|
|
149
190
|
* pre enroll Multi-Factor Auth Code to use in 3rd party apps like Google Authenticator.
|
|
150
191
|
* the server returns qrCode as png image in base64 format
|
|
@@ -165,7 +206,7 @@ export declare function verifyMFAAuthenticatorAppForLogin(deviceId: string, body
|
|
|
165
206
|
* the server returns otcToken that should be sent to the enroll function with the code that was sent to
|
|
166
207
|
* the request phone number
|
|
167
208
|
*/
|
|
168
|
-
export declare function preEnrollMFASMSForLogin(body: IPreEnrollMFASMS): Promise<
|
|
209
|
+
export declare function preEnrollMFASMSForLogin(body: IPreEnrollMFASMS): Promise<IPreEnrollMFASMSResponse>;
|
|
169
210
|
/**
|
|
170
211
|
* after pre enroll with SMS, enroll SMS function should be called
|
|
171
212
|
* with the otcToken and the code that has been sent to the phone number that was requested
|
package/auth/index.js
CHANGED
|
@@ -134,6 +134,24 @@ export async function verifyMfa(body) {
|
|
|
134
134
|
export async function disableMfa(body) {
|
|
135
135
|
return Post(`${urls.identity.users.v1}/mfa/disable`, body);
|
|
136
136
|
}
|
|
137
|
+
export async function disableMFAAuthenticatorApp(deviceId, body) {
|
|
138
|
+
return Post(`${urls.identity.users.v1}/mfa/authenticator/${deviceId}/disable/verify`, body);
|
|
139
|
+
}
|
|
140
|
+
export async function preDisableMFASMS(deviceId) {
|
|
141
|
+
return Post(`${urls.identity.users.v1}/mfa/sms/${deviceId}/disable`);
|
|
142
|
+
}
|
|
143
|
+
export async function disableMFASMS(deviceId, body) {
|
|
144
|
+
return Post(`${urls.identity.users.v1}/mfa/sms/${deviceId}/disable/verify`, body);
|
|
145
|
+
}
|
|
146
|
+
export async function preDisableMFAWebAuthn(deviceId) {
|
|
147
|
+
return Post(`${urls.identity.users.v1}/mfa/webauthn/${deviceId}/disable`);
|
|
148
|
+
}
|
|
149
|
+
export async function disableMFAWebAuthn(deviceId, body) {
|
|
150
|
+
return Post(`${urls.identity.users.v1}/mfa/webauthn/${deviceId}/disable/verify`, body);
|
|
151
|
+
}
|
|
152
|
+
export async function getMFADevices() {
|
|
153
|
+
return Get(`${urls.identity.users.v1}/mfa/devices`);
|
|
154
|
+
}
|
|
137
155
|
export async function preEnrollMFAAuthenticatorAppForLogin(body) {
|
|
138
156
|
return Post(`${urls.identity.auth.v1}/user/mfa/authenticator/enroll`, body);
|
|
139
157
|
}
|
package/auth/interfaces.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import { ITenantsResponse, IUserProfile } from
|
|
1
|
+
import { ITenantsResponse, IUserProfile } from "..";
|
|
2
2
|
import { AuthStrategyEnum, SocialLoginProviders } from "./enums";
|
|
3
|
-
import { ISamlRolesGroup } from
|
|
4
|
-
export * from
|
|
3
|
+
import { ISamlRolesGroup } from "../teams/interfaces";
|
|
4
|
+
export * from "./secutiry-poilicy/interfaces";
|
|
5
5
|
export declare type IPreLogin = {
|
|
6
6
|
email: string;
|
|
7
7
|
};
|
|
@@ -11,7 +11,7 @@ export declare type IPostLogin = {
|
|
|
11
11
|
};
|
|
12
12
|
export declare type IPreLoginWithIdpTypeResponse = {
|
|
13
13
|
address: string;
|
|
14
|
-
idpType:
|
|
14
|
+
idpType: "saml" | "oidc";
|
|
15
15
|
};
|
|
16
16
|
export declare type IOidcPostLogin = {
|
|
17
17
|
code: string;
|
|
@@ -42,7 +42,7 @@ export declare type ILoginResponse = IUserProfile & {
|
|
|
42
42
|
redirectLocation?: string;
|
|
43
43
|
userEmail?: string;
|
|
44
44
|
mfaStrategies?: MFAStrategyEnum[];
|
|
45
|
-
mfaDevices?: UserMFADevicesResponse
|
|
45
|
+
mfaDevices?: UserMFADevicesResponse;
|
|
46
46
|
};
|
|
47
47
|
export declare type ILoginResponseV2 = {
|
|
48
48
|
user: ILoginResponse;
|
|
@@ -93,7 +93,7 @@ export declare type IVerifyMfaResponse = {
|
|
|
93
93
|
recoveryCode: string;
|
|
94
94
|
};
|
|
95
95
|
export declare type IDisableMfa = {
|
|
96
|
-
token
|
|
96
|
+
token?: string;
|
|
97
97
|
};
|
|
98
98
|
export declare type ISamlConfiguration = {
|
|
99
99
|
enabled: boolean;
|
|
@@ -119,7 +119,7 @@ export declare type IOidcConfiguration = {
|
|
|
119
119
|
export declare type ISSOPublicConfiguration = {
|
|
120
120
|
isActive: boolean;
|
|
121
121
|
};
|
|
122
|
-
export declare type IUpdateSamlConfiguration = Omit<ISamlConfiguration,
|
|
122
|
+
export declare type IUpdateSamlConfiguration = Omit<ISamlConfiguration, "validated" | "generatedVerification" | "createdAt" | "updatedAt">;
|
|
123
123
|
export declare type ISamlVendorConfigResponse = {
|
|
124
124
|
acsUrl: string;
|
|
125
125
|
spEntityId: string;
|
|
@@ -127,7 +127,7 @@ export declare type ISamlVendorConfigResponse = {
|
|
|
127
127
|
export declare type ISamlVendorMetadata = {
|
|
128
128
|
id: string;
|
|
129
129
|
vendorId: string;
|
|
130
|
-
entityName:
|
|
130
|
+
entityName: "saml";
|
|
131
131
|
configuration: ISamlVendorConfigResponse;
|
|
132
132
|
};
|
|
133
133
|
export declare type IUpdateSamlVendorMetadata = {
|
|
@@ -345,7 +345,7 @@ export interface IOAuthTokenResponse {
|
|
|
345
345
|
id_token: string;
|
|
346
346
|
refresh_token: string;
|
|
347
347
|
}
|
|
348
|
-
export declare type IUpdateSSOConfiguration = Partial<Omit<ISSOConfiguration,
|
|
348
|
+
export declare type IUpdateSSOConfiguration = Partial<Omit<ISSOConfiguration, "id" | "createdAt" | "updatedAt" | "domains">>;
|
|
349
349
|
export interface IResetPhoneNumber {
|
|
350
350
|
email: string;
|
|
351
351
|
}
|
|
@@ -420,7 +420,7 @@ export interface ICreateNewDeviceSessionResponse {
|
|
|
420
420
|
};
|
|
421
421
|
challenge: string;
|
|
422
422
|
pubKeyCredParams: Array<{
|
|
423
|
-
type:
|
|
423
|
+
type: "public-key";
|
|
424
424
|
alg: number;
|
|
425
425
|
}>;
|
|
426
426
|
excludeCredentials?: AllowCredentials[];
|
|
@@ -533,3 +533,19 @@ export interface UserMFADevicesResponse {
|
|
|
533
533
|
phones: UserMFAPhoneDevice[];
|
|
534
534
|
authenticators: UserMFAAuthenticatorApp[];
|
|
535
535
|
}
|
|
536
|
+
export interface IPreDisableMFASMSResponse {
|
|
537
|
+
otcToken: string;
|
|
538
|
+
phoneNumber: string;
|
|
539
|
+
}
|
|
540
|
+
export interface IDisableMFASMS {
|
|
541
|
+
otcToken?: string;
|
|
542
|
+
code?: string;
|
|
543
|
+
}
|
|
544
|
+
export interface IPreDisableMFAWebAuthnResponse {
|
|
545
|
+
webauthnToken: string;
|
|
546
|
+
options: IWebAuthnPreLoginResponse;
|
|
547
|
+
}
|
|
548
|
+
export interface IDisableMFAWebAuthn {
|
|
549
|
+
webauthnToken?: string;
|
|
550
|
+
options?: Omit<IWebAuthnPostLogin, "recaptchaToken" | "invitationToken">;
|
|
551
|
+
}
|
package/auth/interfaces.js
CHANGED
package/index.js
CHANGED
package/node/auth/index.js
CHANGED
|
@@ -30,6 +30,12 @@ var _exportNames = {
|
|
|
30
30
|
enrollMfa: true,
|
|
31
31
|
verifyMfa: true,
|
|
32
32
|
disableMfa: true,
|
|
33
|
+
disableMFAAuthenticatorApp: true,
|
|
34
|
+
preDisableMFASMS: true,
|
|
35
|
+
disableMFASMS: true,
|
|
36
|
+
preDisableMFAWebAuthn: true,
|
|
37
|
+
disableMFAWebAuthn: true,
|
|
38
|
+
getMFADevices: true,
|
|
33
39
|
preEnrollMFAAuthenticatorAppForLogin: true,
|
|
34
40
|
enrollMFAAuthenticatorAppForLogin: true,
|
|
35
41
|
verifyMFAAuthenticatorAppForLogin: true,
|
|
@@ -126,6 +132,9 @@ exports.deleteSamlGroup = deleteSamlGroup;
|
|
|
126
132
|
exports.deleteSessionForUser = deleteSessionForUser;
|
|
127
133
|
exports.deleteTenantApiToken = deleteTenantApiToken;
|
|
128
134
|
exports.deleteUserApiToken = deleteUserApiToken;
|
|
135
|
+
exports.disableMFAAuthenticatorApp = disableMFAAuthenticatorApp;
|
|
136
|
+
exports.disableMFASMS = disableMFASMS;
|
|
137
|
+
exports.disableMFAWebAuthn = disableMFAWebAuthn;
|
|
129
138
|
exports.disableMfa = disableMfa;
|
|
130
139
|
exports.enrollMFAAuthenticatorAppForLogin = enrollMFAAuthenticatorAppForLogin;
|
|
131
140
|
exports.enrollMFASMSForLogin = enrollMFASMSForLogin;
|
|
@@ -139,6 +148,7 @@ exports.generateLoginResponseV2 = generateLoginResponseV2;
|
|
|
139
148
|
exports.getActivateAccountStrategy = getActivateAccountStrategy;
|
|
140
149
|
exports.getCurrentUserSession = getCurrentUserSession;
|
|
141
150
|
exports.getCurrentUserSessions = getCurrentUserSessions;
|
|
151
|
+
exports.getMFADevices = getMFADevices;
|
|
142
152
|
exports.getOidcConfiguration = getOidcConfiguration;
|
|
143
153
|
exports.getSSOConfigurations = getSSOConfigurations;
|
|
144
154
|
exports.getSSODefaultRoles = getSSODefaultRoles;
|
|
@@ -166,6 +176,8 @@ exports.oidcPostLoginV2 = oidcPostLoginV2;
|
|
|
166
176
|
exports.passwordlessPostLogin = passwordlessPostLogin;
|
|
167
177
|
exports.passwordlessPreLogin = passwordlessPreLogin;
|
|
168
178
|
exports.postLogin = postLogin;
|
|
179
|
+
exports.preDisableMFASMS = preDisableMFASMS;
|
|
180
|
+
exports.preDisableMFAWebAuthn = preDisableMFAWebAuthn;
|
|
169
181
|
exports.preEnrollMFAAuthenticatorAppForLogin = preEnrollMFAAuthenticatorAppForLogin;
|
|
170
182
|
exports.preEnrollMFASMSForLogin = preEnrollMFASMSForLogin;
|
|
171
183
|
exports.preEnrollMFAWebAuthnForLogin = preEnrollMFAWebAuthnForLogin;
|
|
@@ -405,6 +417,30 @@ async function disableMfa(body) {
|
|
|
405
417
|
return (0, _fetch.Post)(`${_constants.urls.identity.users.v1}/mfa/disable`, body);
|
|
406
418
|
}
|
|
407
419
|
|
|
420
|
+
async function disableMFAAuthenticatorApp(deviceId, body) {
|
|
421
|
+
return (0, _fetch.Post)(`${_constants.urls.identity.users.v1}/mfa/authenticator/${deviceId}/disable/verify`, body);
|
|
422
|
+
}
|
|
423
|
+
|
|
424
|
+
async function preDisableMFASMS(deviceId) {
|
|
425
|
+
return (0, _fetch.Post)(`${_constants.urls.identity.users.v1}/mfa/sms/${deviceId}/disable`);
|
|
426
|
+
}
|
|
427
|
+
|
|
428
|
+
async function disableMFASMS(deviceId, body) {
|
|
429
|
+
return (0, _fetch.Post)(`${_constants.urls.identity.users.v1}/mfa/sms/${deviceId}/disable/verify`, body);
|
|
430
|
+
}
|
|
431
|
+
|
|
432
|
+
async function preDisableMFAWebAuthn(deviceId) {
|
|
433
|
+
return (0, _fetch.Post)(`${_constants.urls.identity.users.v1}/mfa/webauthn/${deviceId}/disable`);
|
|
434
|
+
}
|
|
435
|
+
|
|
436
|
+
async function disableMFAWebAuthn(deviceId, body) {
|
|
437
|
+
return (0, _fetch.Post)(`${_constants.urls.identity.users.v1}/mfa/webauthn/${deviceId}/disable/verify`, body);
|
|
438
|
+
}
|
|
439
|
+
|
|
440
|
+
async function getMFADevices() {
|
|
441
|
+
return (0, _fetch.Get)(`${_constants.urls.identity.users.v1}/mfa/devices`);
|
|
442
|
+
}
|
|
443
|
+
|
|
408
444
|
async function preEnrollMFAAuthenticatorAppForLogin(body) {
|
|
409
445
|
return (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/mfa/authenticator/enroll`, body);
|
|
410
446
|
}
|
package/node/auth/interfaces.js
CHANGED
package/node/index.js
CHANGED