@frontegg/rest-api 3.1.13 → 3.1.15

package/auth/index.d.ts

@@ -2,7 +2,7 @@ export * from "./secutiry-poilicy";
 export * from "./enums";
 import { ISamlRolesGroup } from "../teams/interfaces";
 import { IAcceptInvitation, IActivateAccount, IAllowedToRememberMfaDevice, ICreateSamlGroup, IDeleteApiToken, IDisableMfa, IEnrollMfaResponse, IForgotPassword, IGetActivateAccountStrategy, IGetActivateAccountStrategyResponse, IGetUserById, IGetUserPasswordConfig, ILogin, ILoginResponse, ILoginViaSocialLogin, ILoginViaSocialLoginResponse, ILoginWithMfa, IOidcPostLogin, IOidcConfiguration, IPostLogin, IPreLogin, IRecoverMFAToken, IResendActivationEmail, IResetPassword, ISamlConfiguration, ISamlVendorConfigResponse, ISignUpResponse, ISignUpUser, ISocialLoginProviderConfiguration, ITenantApiTokensData, IUpdateSamlConfiguration, IUpdateSamlGroup, IUpdateSamlRoles, IUpdateSamlVendorMetadata, IUpdateTenantApiTokensData, IUpdateUserApiTokensData, IUserApiTokensData, IUserIdResponse, IVendorConfig, IVerifyMfa, IVerifyMfaResponse, TestConfig, ISSOPublicConfiguration, IPreLoginWithIdpTypeResponse, IPasswordlessPreLogin, IPasswordlessPostLogin, ICreateSSODomain, IVerifyInviteToken, ISSODomain, ISSOConfigurationDefaultRoles, ISSOConfiguration, IUpdateSSOConfiguration, IOidcPostLoginV2, IExchangeOAuthTokens, IOAuthTokenResponse, ISocialLoginProviderConfigurationV2, ILoginResponseV2, IResetPhoneNumber, IVerifyResetPhoneNumber, IChangePhoneNumber, IVerifyResetPhoneNumberResponse, IResetPhoneNumberResponse, IWebAuthnPreLogin, IWebAuthnPostLogin, IVerifyNewWebAuthnDevice, IWebAuthnPreLoginResponse, ICreateNewDeviceSessionResponse, IAuthStrategiesConfig, ISessionResponse, IChangePhoneNumberWithVerification, IChangePhoneNumberWithVerificationResponse, IVerifyChangePhoneNumber, ISessionConfigurations, IResendInvitationEmail, IPreEnrollMFA, IEnrollMFAAuthenticatorApp, IPreEnrollMFASMS, IEnrollMFASMS, IEnrollMFAWebAuthn, IPreEnrollMFAAuthenticatorAppResponse, IPreEnrollMFAWebAuthnResponse, IVerifyMFAAuthenticatorApp, IPreVerifyMFA, IPreVerifyMFASMSResponse, IVerifyMFASMS, IPreVerifyMFAWebAuthnResponse, IVerifyMFAWebAuthn, IPreEnrollMFASMSResponse, IPreDisableMFASMSResponse, IDisableMFASMS, IDisableMFAWebAuthn, IPreDisableMFAWebAuthnResponse, UserMFADevicesResponse, WithoutMFAToken, IMFAStrategiesResponse, IOAuthLogout, IGetUserAccessTokens, IGetTenantAccessTokens, IDeleteAccessToken, ICreateTenantAccessTokenData, ICreateUserAccessTokenData, IWebAuthnDevices, ICustomSocialLoginProviderConfigurationV1, ILoginResponseV3, IPreVerifyMFAEmailCodeResponse, IVerifyMFAEmailCode, ICreateOrUpdateSSOConfigurationByMetadataUrl } from './interfaces';
-import { IUserProfile } from "../users/interfaces";
+import { IGetUserAuthorizationResponse, IUserProfile } from "../users/interfaces";
 /*****************************************
  * Authentication
  *****************************************/
@@ -748,6 +748,15 @@ export declare function getPublicAuthStrategiesConfigForAuthenticatedUser(): Pro
  */
 export declare function getMFAStrategiesConfig(): Promise<IMFAStrategiesResponse>;
 /**
- * @returns me response with entitlements inside user.entitlements
+ * Get user permissions and roles
+ */
+export declare function getUserAuthorization(): Promise<IGetUserAuthorizationResponse>;
+/**
+ * Get user profile
+ */
+export declare function getMeV2(): Promise<IUserProfile>;
+/**
+ * @returns me and authorization response with entitlements inside user.entitlements
+ * Me request will be executed, and me authorization and entitlements will be executed according to FF and configuration.
  */
 export declare function getMeAndEntitlements(): Promise<IUserProfile>;

package/auth/index.js

@@ -10,10 +10,12 @@ import { urls } from "../constants";
 import { ContextHolder } from "../ContextHolder";
 import { Delete, Get, Patch, Post, Put } from "../fetch";
 import { jwtDecode } from "../jwt";
+import { LOAD_AUTHORIZATION_FF } from './interfaces';
 import { getCurrentUserTenantsV3 } from '../users';
 import { loadEntitlements } from '../entitlements';
 import { ADMIN_PORTAL_ENTITLEMENTS_FF } from '../entitlements/interfaces';
 import { FeatureFlags } from "../feature-flags";
+import { executeConditionalPromise } from "./utils";
 export async function generateLoginResponse(loginResponse) {
   if (!loginResponse.accessToken) {
     return loginResponse;
@@ -57,6 +59,11 @@ function shouldLoadEntitlements() {
   return isEntitlementsFFOn;
 }
 
+function shouldLoadMeAuthorization() {
+  const [shouldLoadAuthorization] = FeatureFlags.getFeatureFlags([LOAD_AUTHORIZATION_FF], ContextHolder.getAppName() || '');
+  return shouldLoadAuthorization;
+}
+
 export async function generateLoginResponseV3(loginResponse) {
   const {
     accessToken
@@ -687,15 +694,26 @@ export async function getPublicAuthStrategiesConfigForAuthenticatedUser() {
 export async function getMFAStrategiesConfig() {
   return Get(`${urls.identity.configurations.v1}/mfa/strategies`);
 }
+export async function getUserAuthorization() {
+  return Get(`${urls.identity.users.authorization.v1}`);
+}
+export async function getMeV2() {
+  return Get(`${urls.identity.users.v2}/me`);
+}
 export async function getMeAndEntitlements() {
-  const mePromise = Get(`${urls.identity.users.v2}/me`);
-
-  if (shouldLoadEntitlements()) {
-    const [me, entitlements] = await Promise.all([mePromise, loadEntitlements()]);
-    return _extends({}, me, {
-      entitlements
-    });
-  }
-
-  return await mePromise;
+  const actions = [{
+    action: getMeV2,
+    shouldLoad: true
+  }, {
+    action: loadEntitlements,
+    shouldLoad: shouldLoadEntitlements()
+  }, {
+    action: getUserAuthorization,
+    shouldLoad: shouldLoadMeAuthorization()
+  }];
+  const promises = actions.map(action => executeConditionalPromise(action));
+  const [me, entitlements, authorization] = await Promise.all(promises);
+  return _extends({}, me, authorization != null ? authorization : {}, {
+    entitlements
+  });
 }

package/auth/interfaces.d.ts

@@ -657,3 +657,4 @@ export interface IMFAStrategyResponse {
 export interface IMFAStrategiesResponse {
     strategies: IMFAStrategyResponse[];
 }
+export declare const LOAD_AUTHORIZATION_FF = "admin_portal_should_load_authorization";

package/auth/interfaces.js

@@ -24,4 +24,6 @@ export let MFAStrategyEnum;
   MFAStrategyEnum["WebAuthnCrossPlatform"] = "WebAuthnCrossPlatform";
   MFAStrategyEnum["SMS"] = "SMS";
   MFAStrategyEnum["EmailCode"] = "EmailCode";
-})(MFAStrategyEnum || (MFAStrategyEnum = {}));
+})(MFAStrategyEnum || (MFAStrategyEnum = {}));
+
+export const LOAD_AUTHORIZATION_FF = 'admin_portal_should_load_authorization';

package/auth/utils.d.ts

@@ -0,0 +1,5 @@
+export interface ConditionalAction<T = any> {
+    action: () => Promise<T>;
+    shouldLoad: boolean;
+}
+export declare function executeConditionalPromise({ shouldLoad, action }: ConditionalAction): Promise<any>;

package/auth/utils.js

@@ -0,0 +1,8 @@
+;
+export async function executeConditionalPromise({
+  shouldLoad,
+  action
+}) {
+  if (!shouldLoad) return;
+  return await action();
+}

package/constants.d.ts

@@ -48,6 +48,9 @@ export declare const urls: {
                     v1: string;
                 };
             };
+            authorization: {
+                v1: string;
+            };
         };
         configurations: {
             v1: string;

package/constants.js

@@ -47,6 +47,9 @@ export const urls = {
         resetBreachedPasswords: {
           v1: 'identity/resources/users/v1/passwords/breached/reset/bulk'
         }
+      },
+      authorization: {
+        v1: '/identity/resources/users/v1/me/authorization'
       }
     },
     configurations: {

package/index.js

@@ -1,4 +1,4 @@
-/** @license Frontegg v3.1.13
+/** @license Frontegg v3.1.15
  *
  * This source code is licensed under the MIT license found in the
  * LICENSE file in the root directory of this source tree.

package/node/auth/index.js

@@ -151,6 +151,8 @@ var _exportNames = {
   getVendorPublicAuthStrategiesConfig: true,
   getPublicAuthStrategiesConfigForAuthenticatedUser: true,
   getMFAStrategiesConfig: true,
+  getUserAuthorization: true,
+  getMeV2: true,
   getMeAndEntitlements: true
 };
 exports.OAuthLogout = OAuthLogout;
@@ -209,6 +211,7 @@ exports.getCustomSocialLoginProvidersV1 = getCustomSocialLoginProvidersV1;
 exports.getMFADevices = getMFADevices;
 exports.getMFAStrategiesConfig = getMFAStrategiesConfig;
 exports.getMeAndEntitlements = getMeAndEntitlements;
+exports.getMeV2 = getMeV2;
 exports.getOidcConfiguration = getOidcConfiguration;
 exports.getPublicAuthStrategiesConfigForAuthenticatedUser = getPublicAuthStrategiesConfigForAuthenticatedUser;
 exports.getSSOConfigurations = getSSOConfigurations;
@@ -227,6 +230,7 @@ exports.getTenantAccessTokensData = getTenantAccessTokensData;
 exports.getTenantApiTokensData = getTenantApiTokensData;
 exports.getUserAccessTokensData = getUserAccessTokensData;
 exports.getUserApiTokensData = getUserApiTokensData;
+exports.getUserAuthorization = getUserAuthorization;
 exports.getUserById = getUserById;
 exports.getVendorConfig = getVendorConfig;
 exports.getVendorPublicAuthStrategiesConfig = getVendorPublicAuthStrategiesConfig;
@@ -342,14 +346,18 @@ var _fetch = require("../fetch");
 
 var _jwt = require("../jwt");
 
+var _interfaces = require("./interfaces");
+
 var _users = require("../users");
 
 var _entitlements = require("../entitlements");
 
-var _interfaces = require("../entitlements/interfaces");
+var _interfaces2 = require("../entitlements/interfaces");
 
 var _featureFlags = require("../feature-flags");
 
+var _utils = require("./utils");
+
 const _excluded = ["type"],
       _excluded2 = ["type"],
       _excluded3 = ["type"];
@@ -396,11 +404,17 @@ function shouldLoadEntitlements() {
     return false;
   }
 
-  const [isEntitlementsFFOn] = _featureFlags.FeatureFlags.getFeatureFlags([_interfaces.ADMIN_PORTAL_ENTITLEMENTS_FF], _ContextHolder.ContextHolder.getAppName() || '');
+  const [isEntitlementsFFOn] = _featureFlags.FeatureFlags.getFeatureFlags([_interfaces2.ADMIN_PORTAL_ENTITLEMENTS_FF], _ContextHolder.ContextHolder.getAppName() || '');
 
   return isEntitlementsFFOn;
 }
 
+function shouldLoadMeAuthorization() {
+  const [shouldLoadAuthorization] = _featureFlags.FeatureFlags.getFeatureFlags([_interfaces.LOAD_AUTHORIZATION_FF], _ContextHolder.ContextHolder.getAppName() || '');
+
+  return shouldLoadAuthorization;
+}
+
 async function generateLoginResponseV3(loginResponse) {
   const {
     accessToken
@@ -1174,15 +1188,28 @@ async function getMFAStrategiesConfig() {
   return (0, _fetch.Get)(`${_constants.urls.identity.configurations.v1}/mfa/strategies`);
 }
 
-async function getMeAndEntitlements() {
-  const mePromise = (0, _fetch.Get)(`${_constants.urls.identity.users.v2}/me`);
+async function getUserAuthorization() {
+  return (0, _fetch.Get)(`${_constants.urls.identity.users.authorization.v1}`);
+}
 
-  if (shouldLoadEntitlements()) {
-    const [me, entitlements] = await Promise.all([mePromise, (0, _entitlements.loadEntitlements)()]);
-    return (0, _extends2.default)({}, me, {
-      entitlements
-    });
-  }
+async function getMeV2() {
+  return (0, _fetch.Get)(`${_constants.urls.identity.users.v2}/me`);
+}
 
-  return await mePromise;
+async function getMeAndEntitlements() {
+  const actions = [{
+    action: getMeV2,
+    shouldLoad: true
+  }, {
+    action: _entitlements.loadEntitlements,
+    shouldLoad: shouldLoadEntitlements()
+  }, {
+    action: getUserAuthorization,
+    shouldLoad: shouldLoadMeAuthorization()
+  }];
+  const promises = actions.map(action => (0, _utils.executeConditionalPromise)(action));
+  const [me, entitlements, authorization] = await Promise.all(promises);
+  return (0, _extends2.default)({}, me, authorization != null ? authorization : {}, {
+    entitlements
+  });
 }

package/node/auth/interfaces.js

@@ -6,9 +6,10 @@ Object.defineProperty(exports, "__esModule", {
 var _exportNames = {
   SecondaryAuthStrategy: true,
   WebAuthnDeviceType: true,
-  MFAStrategyEnum: true
+  MFAStrategyEnum: true,
+  LOAD_AUTHORIZATION_FF: true
 };
-exports.WebAuthnDeviceType = exports.SecondaryAuthStrategy = exports.MFAStrategyEnum = void 0;
+exports.WebAuthnDeviceType = exports.SecondaryAuthStrategy = exports.MFAStrategyEnum = exports.LOAD_AUTHORIZATION_FF = void 0;
 
 var _interfaces = require("./secutiry-poilicy/interfaces");
 
@@ -51,4 +52,7 @@ exports.MFAStrategyEnum = MFAStrategyEnum;
   MFAStrategyEnum["WebAuthnCrossPlatform"] = "WebAuthnCrossPlatform";
   MFAStrategyEnum["SMS"] = "SMS";
   MFAStrategyEnum["EmailCode"] = "EmailCode";
-})(MFAStrategyEnum || (exports.MFAStrategyEnum = MFAStrategyEnum = {}));
+})(MFAStrategyEnum || (exports.MFAStrategyEnum = MFAStrategyEnum = {}));
+
+const LOAD_AUTHORIZATION_FF = 'admin_portal_should_load_authorization';
+exports.LOAD_AUTHORIZATION_FF = LOAD_AUTHORIZATION_FF;

package/node/auth/utils.js

@@ -0,0 +1,15 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.executeConditionalPromise = executeConditionalPromise;
+;
+
+async function executeConditionalPromise({
+  shouldLoad,
+  action
+}) {
+  if (!shouldLoad) return;
+  return await action();
+}

package/node/constants.js

@@ -53,6 +53,9 @@ const urls = {
         resetBreachedPasswords: {
           v1: 'identity/resources/users/v1/passwords/breached/reset/bulk'
         }
+      },
+      authorization: {
+        v1: '/identity/resources/users/v1/me/authorization'
       }
     },
     configurations: {

package/node/index.js

@@ -1,4 +1,4 @@
-/** @license Frontegg v3.1.13
+/** @license Frontegg v3.1.15
  *
  * This source code is licensed under the MIT license found in the
  * LICENSE file in the root directory of this source tree.

package/node/security-center/interfaces.js

@@ -50,6 +50,7 @@ exports.InsightCode = InsightCode;
   InsightCode["NO_DOMAIN_RESTRICTIONS"] = "NO_DOMAIN_RESTRICTIONS";
   InsightCode["DOMAIN_ALLOWLIST"] = "DOMAIN_ALLOWLIST";
   InsightCode["DOMAIN_DENYLIST"] = "DOMAIN_DENYLIST";
+  InsightCode["FULL_PASSWORD_SETTINGS"] = "FULL_PASSWORD_SETTINGS";
 })(InsightCode || (exports.InsightCode = InsightCode = {}));
 
 let RecommendationActionKey;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@frontegg/rest-api",
-  "version": "3.1.13",
+  "version": "3.1.15",
   "main": "./node/index.js",
   "license": "MIT",
   "dependencies": {

package/security-center/interfaces.d.ts

@@ -73,7 +73,8 @@ export declare enum InsightCode {
     IP_DENYLIST = "IP_DENYLIST",
     NO_DOMAIN_RESTRICTIONS = "NO_DOMAIN_RESTRICTIONS",
     DOMAIN_ALLOWLIST = "DOMAIN_ALLOWLIST",
-    DOMAIN_DENYLIST = "DOMAIN_DENYLIST"
+    DOMAIN_DENYLIST = "DOMAIN_DENYLIST",
+    FULL_PASSWORD_SETTINGS = "FULL_PASSWORD_SETTINGS"
 }
 export interface RecommendationAction {
     key: RecommendationActionKey;

package/security-center/interfaces.js

@@ -42,6 +42,7 @@ export let InsightCode;
   InsightCode["NO_DOMAIN_RESTRICTIONS"] = "NO_DOMAIN_RESTRICTIONS";
   InsightCode["DOMAIN_ALLOWLIST"] = "DOMAIN_ALLOWLIST";
   InsightCode["DOMAIN_DENYLIST"] = "DOMAIN_DENYLIST";
+  InsightCode["FULL_PASSWORD_SETTINGS"] = "FULL_PASSWORD_SETTINGS";
 })(InsightCode || (InsightCode = {}));
 
 export let RecommendationActionKey;

package/users/interfaces.d.ts

@@ -87,6 +87,10 @@ export interface IGetUsersV2Response extends IBaseGetUserResponse {
     permissions: ITeamUserPermission[];
     groups?: Pick<IGroupResponse, 'id' | 'roles'>[];
 }
+export interface IGetUserAuthorizationResponse {
+    permissions: ITeamUserPermission[];
+    roles: IRole[];
+}
 export declare type IUsersV3Data = IBaseGetUserResponse;
 export declare enum GetUsersFilterPreset {
     MFA_UNENROLLED = "mfa-unenrolled",