@frontegg/rest-api 6.0.1-alpha.4 → 7.28.0-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/BaseApiClient.d.ts +16 -0
- package/BaseApiClient.js +30 -0
- package/ContextHolder/index.d.ts +160 -0
- package/ContextHolder/index.js +278 -0
- package/ContextHolder/package.json +6 -0
- package/FetchClient.d.ts +42 -0
- package/FetchClient.js +260 -0
- package/account-settings/index.d.ts +21 -7
- package/account-settings/index.js +25 -6
- package/account-settings/interfaces.d.ts +9 -2
- package/applications/index.d.ts +51 -0
- package/applications/index.js +55 -0
- package/applications/interfaces.d.ts +49 -0
- package/applications/interfaces.js +5 -0
- package/applications/package.json +6 -0
- package/audits/index.d.ts +27 -15
- package/audits/index.js +29 -16
- package/audits/interfaces.d.ts +3 -2
- package/auth/constants.d.ts +5 -0
- package/auth/constants.js +5 -0
- package/auth/enums.d.ts +8 -1
- package/auth/enums.js +9 -4
- package/auth/index.d.ts +833 -428
- package/auth/index.js +768 -385
- package/auth/interfaces.d.ts +341 -39
- package/auth/interfaces.js +19 -9
- package/auth/secutiry-poilicy/index.d.ts +60 -41
- package/auth/secutiry-poilicy/index.js +99 -45
- package/auth/secutiry-poilicy/interfaces.d.ts +62 -2
- package/auth/secutiry-poilicy/interfaces.js +5 -1
- package/auth/utils.d.ts +10 -0
- package/auth/utils.js +35 -0
- package/connectivity/index.d.ts +126 -27
- package/connectivity/index.js +120 -114
- package/constants.d.ts +115 -0
- package/constants.js +122 -5
- package/directory/index.d.ts +32 -0
- package/directory/index.js +30 -0
- package/directory/interfaces.d.ts +30 -0
- package/directory/interfaces.js +7 -0
- package/directory/package.json +6 -0
- package/entitlements/index.d.ts +15 -0
- package/entitlements/index.js +20 -0
- package/entitlements/interfaces.d.ts +13 -0
- package/entitlements/interfaces.js +11 -0
- package/entitlements/package.json +6 -0
- package/error.js +0 -2
- package/feature-flags/index.d.ts +18 -0
- package/feature-flags/index.js +44 -0
- package/feature-flags/interfaces.d.ts +5 -0
- package/feature-flags/interfaces.js +1 -0
- package/feature-flags/package.json +6 -0
- package/groups/enums.d.ts +9 -0
- package/groups/enums.js +11 -0
- package/groups/index.d.ts +73 -0
- package/groups/index.js +62 -0
- package/groups/interfaces.d.ts +64 -0
- package/groups/interfaces.js +1 -0
- package/groups/package.json +6 -0
- package/impersonate/index.d.ts +17 -0
- package/impersonate/index.js +23 -0
- package/impersonate/interfaces.d.ts +12 -0
- package/impersonate/interfaces.js +1 -0
- package/impersonate/package.json +6 -0
- package/index.d.ts +148 -53
- package/index.js +103 -31
- package/interfaces.d.ts +82 -1
- package/interfaces.js +28 -1
- package/jwt.js +19 -20
- package/metadata/index.d.ts +68 -5
- package/metadata/index.js +53 -23
- package/metadata/interfaces.d.ts +10 -2
- package/node/BaseApiClient.js +37 -0
- package/node/ContextHolder/index.js +286 -0
- package/node/FetchClient.js +268 -0
- package/node/account-settings/index.js +26 -11
- package/node/applications/index.js +62 -0
- package/node/applications/interfaces.js +12 -0
- package/node/audits/index.js +32 -27
- package/node/auth/constants.js +13 -0
- package/node/auth/enums.js +11 -5
- package/node/auth/index.js +807 -644
- package/node/auth/interfaces.js +27 -13
- package/node/auth/secutiry-poilicy/index.js +100 -66
- package/node/auth/secutiry-poilicy/interfaces.js +8 -1
- package/node/auth/utils.js +44 -0
- package/node/connectivity/index.js +123 -197
- package/node/constants.js +124 -6
- package/node/directory/index.js +37 -0
- package/node/directory/interfaces.js +14 -0
- package/node/entitlements/index.js +27 -0
- package/node/entitlements/interfaces.js +18 -0
- package/node/error.js +0 -4
- package/node/feature-flags/index.js +54 -0
- package/node/feature-flags/interfaces.js +5 -0
- package/node/groups/enums.js +19 -0
- package/node/groups/index.js +70 -0
- package/node/groups/interfaces.js +5 -0
- package/node/impersonate/index.js +29 -0
- package/node/impersonate/interfaces.js +5 -0
- package/node/index.js +324 -94
- package/node/interfaces.js +34 -1
- package/node/jwt.js +19 -25
- package/node/metadata/index.js +57 -38
- package/node/notifications/index.js +34 -31
- package/node/reports/index.js +79 -83
- package/node/roles/index.js +55 -60
- package/node/roles/interfaces.js +9 -1
- package/node/routers.js +52 -6
- package/node/security-center/index.js +26 -0
- package/node/security-center/interfaces.js +74 -0
- package/node/sub-tenants/index.js +82 -29
- package/node/sub-tenants/interfaces.js +9 -1
- package/node/subscriptions/enums.js +13 -9
- package/node/subscriptions/index.js +64 -109
- package/node/subscriptions/interfaces.js +0 -2
- package/node/subscriptions/invoices.js +20 -21
- package/node/subscriptions/managedSubscriptions.js +28 -33
- package/node/subscriptions/paymentMethods.js +23 -27
- package/node/subscriptions/paymentProviders.js +11 -8
- package/node/subscriptions/plans.js +13 -12
- package/node/subscriptions/providers/stripe/index.js +22 -27
- package/node/subscriptions/subscriptions.js +28 -33
- package/node/subscriptions/summaries.js +11 -8
- package/node/subscriptions/tenantConfiguration.js +13 -12
- package/node/subscriptions/vendorPublicConfigurations.js +17 -0
- package/node/teams/index.js +108 -121
- package/node/teams/interfaces.js +8 -1
- package/node/tenants/index.js +63 -21
- package/node/tenants/interfaces.js +18 -1
- package/node/user-phone-numbers/index.js +38 -0
- package/node/user-phone-numbers/interfaces.js +5 -0
- package/node/users/index.js +64 -0
- package/node/users/interfaces.js +27 -0
- package/node/velo/index.js +75 -0
- package/node/velo/interfaces.js +5 -0
- package/node/vendor/index.js +16 -8
- package/notifications/index.d.ts +22 -16
- package/notifications/index.js +33 -22
- package/package.json +4 -2
- package/reports/index.d.ts +50 -44
- package/reports/index.js +77 -68
- package/reports/interfaces.d.ts +2 -2
- package/roles/index.d.ts +45 -34
- package/roles/index.js +52 -41
- package/roles/interfaces.d.ts +25 -9
- package/roles/interfaces.js +6 -1
- package/routers.d.ts +6 -1
- package/routers.js +45 -2
- package/security-center/index.d.ts +15 -0
- package/security-center/index.js +19 -0
- package/security-center/interfaces.d.ts +115 -0
- package/security-center/interfaces.js +63 -0
- package/security-center/package.json +6 -0
- package/sub-tenants/index.d.ts +57 -8
- package/sub-tenants/index.js +84 -19
- package/sub-tenants/interfaces.d.ts +68 -10
- package/sub-tenants/interfaces.js +6 -1
- package/subscriptions/enums.d.ts +7 -0
- package/subscriptions/enums.js +10 -8
- package/subscriptions/index.d.ts +55 -9
- package/subscriptions/index.js +56 -9
- package/subscriptions/interfaces.d.ts +7 -3
- package/subscriptions/interfaces.js +1 -1
- package/subscriptions/invoices.d.ts +16 -13
- package/subscriptions/invoices.js +19 -14
- package/subscriptions/managedSubscriptions.d.ts +18 -15
- package/subscriptions/managedSubscriptions.js +27 -22
- package/subscriptions/paymentMethods.d.ts +16 -13
- package/subscriptions/paymentMethods.js +22 -18
- package/subscriptions/paymentProviders.d.ts +8 -5
- package/subscriptions/paymentProviders.js +9 -4
- package/subscriptions/plans.d.ts +11 -8
- package/subscriptions/plans.js +11 -6
- package/subscriptions/providers/stripe/index.d.ts +24 -21
- package/subscriptions/providers/stripe/index.js +21 -16
- package/subscriptions/subscriptions.d.ts +24 -21
- package/subscriptions/subscriptions.js +27 -22
- package/subscriptions/summaries.d.ts +7 -4
- package/subscriptions/summaries.js +8 -3
- package/subscriptions/tenantConfiguration.d.ts +6 -3
- package/subscriptions/tenantConfiguration.js +12 -7
- package/subscriptions/vendorPublicConfigurations.d.ts +5 -0
- package/subscriptions/vendorPublicConfigurations.js +10 -0
- package/teams/index.d.ts +38 -115
- package/teams/index.js +105 -79
- package/teams/interfaces.d.ts +47 -42
- package/teams/interfaces.js +5 -1
- package/tenants/index.d.ts +25 -26
- package/tenants/index.js +61 -12
- package/tenants/interfaces.d.ts +85 -0
- package/tenants/interfaces.js +14 -1
- package/user-phone-numbers/index.d.ts +32 -0
- package/user-phone-numbers/index.js +31 -0
- package/user-phone-numbers/interfaces.d.ts +32 -0
- package/user-phone-numbers/interfaces.js +1 -0
- package/user-phone-numbers/package.json +6 -0
- package/users/index.d.ts +24 -0
- package/users/index.js +55 -0
- package/users/interfaces.d.ts +144 -0
- package/users/interfaces.js +18 -0
- package/users/package.json +6 -0
- package/velo/index.d.ts +46 -0
- package/velo/index.js +68 -0
- package/velo/interfaces.d.ts +108 -0
- package/velo/interfaces.js +1 -0
- package/velo/package.json +6 -0
- package/vendor/index.d.ts +12 -6
- package/vendor/index.js +15 -4
- package/ContextHolder.d.ts +0 -29
- package/ContextHolder.js +0 -80
- package/fetch.d.ts +0 -19
- package/fetch.js +0 -203
- package/node/ContextHolder.js +0 -90
- package/node/fetch.js +0 -234
- package/node/subscriptions/providers/index.js +0 -18
- package/subscriptions/providers/index.d.ts +0 -1
- package/subscriptions/providers/index.js +0 -1
package/auth/interfaces.d.ts
CHANGED
|
@@ -1,94 +1,123 @@
|
|
|
1
|
+
import { UserEntitlementsContext as UserEntitlementsResponseV2 } from '@frontegg/entitlements-javascript-commons';
|
|
1
2
|
import { ITenantsResponse, IUserProfile } from '..';
|
|
2
|
-
import { AuthStrategyEnum, SocialLoginProviders } from
|
|
3
|
+
import { AuthStrategyEnum, MachineToMachineAuthStrategy, SocialLoginProviders } from './enums';
|
|
3
4
|
import { ISamlRolesGroup } from '../teams/interfaces';
|
|
4
5
|
export * from './secutiry-poilicy/interfaces';
|
|
5
|
-
export
|
|
6
|
+
export type IPreLogin = {
|
|
6
7
|
email: string;
|
|
8
|
+
tenantId?: string;
|
|
7
9
|
};
|
|
8
|
-
export
|
|
10
|
+
export type IPostLogin = {
|
|
9
11
|
RelayState: string;
|
|
10
12
|
SAMLResponse: string;
|
|
11
13
|
};
|
|
12
|
-
export
|
|
14
|
+
export type IPreLoginWithIdpTypeResponse = {
|
|
13
15
|
address: string;
|
|
14
16
|
idpType: 'saml' | 'oidc';
|
|
15
17
|
};
|
|
16
|
-
export
|
|
18
|
+
export type IOidcPostLogin = {
|
|
17
19
|
code: string;
|
|
18
20
|
state: string;
|
|
19
21
|
redirectUri?: string;
|
|
20
22
|
};
|
|
21
|
-
export
|
|
23
|
+
export type IOidcPostLoginV2 = {
|
|
22
24
|
code: string;
|
|
23
25
|
RelayState: string;
|
|
24
26
|
redirectUri?: string;
|
|
25
27
|
};
|
|
26
|
-
export
|
|
28
|
+
export type ILogin = {
|
|
27
29
|
email: string;
|
|
28
30
|
password: string;
|
|
29
31
|
recaptchaToken?: string;
|
|
30
32
|
invitationToken?: string;
|
|
31
33
|
};
|
|
32
|
-
export
|
|
34
|
+
export type ILoginResponse = IUserProfile & {
|
|
33
35
|
mfaRequired: boolean;
|
|
34
36
|
accessToken: string;
|
|
35
37
|
refreshToken: string;
|
|
38
|
+
/**
|
|
39
|
+
* @deprecated use exp instead
|
|
40
|
+
*/
|
|
36
41
|
expires: string;
|
|
42
|
+
exp: number;
|
|
37
43
|
expiresIn: number;
|
|
38
44
|
mfaToken?: string;
|
|
39
45
|
qrCode?: string;
|
|
40
46
|
recoveryCode?: string;
|
|
41
47
|
emailVerified?: boolean;
|
|
42
48
|
redirectLocation?: string;
|
|
49
|
+
userEmail?: string;
|
|
50
|
+
mfaStrategies?: MFAStrategyEnum[];
|
|
51
|
+
mfaDevices?: UserMFADevicesResponse;
|
|
52
|
+
isBreachedPassword?: boolean;
|
|
53
|
+
entitlements?: UserEntitlementsResponseV2;
|
|
54
|
+
amr?: string[];
|
|
55
|
+
acr?: string;
|
|
56
|
+
auth_time?: number;
|
|
43
57
|
};
|
|
44
|
-
export
|
|
58
|
+
export type ILoginResponseV2 = {
|
|
45
59
|
user: ILoginResponse;
|
|
46
60
|
tenants?: ITenantsResponse[];
|
|
47
61
|
};
|
|
48
|
-
export
|
|
62
|
+
export type ILoginResponseV3 = {
|
|
63
|
+
user: ILoginResponse;
|
|
64
|
+
tenants?: ITenantsResponse[];
|
|
65
|
+
activeTenant?: ITenantsResponse;
|
|
66
|
+
};
|
|
67
|
+
export type ILoginWithMfa = {
|
|
49
68
|
mfaToken: string;
|
|
50
69
|
value: string;
|
|
51
70
|
rememberDevice?: boolean;
|
|
52
71
|
invitationToken?: string;
|
|
53
72
|
};
|
|
54
|
-
export
|
|
73
|
+
export type IActivateAccount = {
|
|
55
74
|
userId: string;
|
|
56
75
|
token: string;
|
|
57
76
|
password?: string;
|
|
58
77
|
recaptchaToken?: string;
|
|
78
|
+
lastTermsCheck?: string;
|
|
59
79
|
};
|
|
60
|
-
export
|
|
80
|
+
export type IActivateAccountWithOTC = {
|
|
81
|
+
code: string;
|
|
82
|
+
} & IActivateAccount;
|
|
83
|
+
export type IAcceptInvitation = {
|
|
61
84
|
userId: string;
|
|
62
85
|
token: string;
|
|
63
86
|
};
|
|
64
|
-
export
|
|
87
|
+
export type IAcceptInvitationWithOTC = IAcceptInvitation & {
|
|
88
|
+
code: string;
|
|
89
|
+
};
|
|
90
|
+
export type IResendActivationEmail = {
|
|
91
|
+
email: string;
|
|
92
|
+
};
|
|
93
|
+
export type IResendInvitationEmail = {
|
|
65
94
|
email: string;
|
|
66
95
|
};
|
|
67
|
-
export
|
|
96
|
+
export type IForgotPassword = {
|
|
68
97
|
email: string;
|
|
69
98
|
};
|
|
70
|
-
export
|
|
99
|
+
export type IResetPassword = {
|
|
71
100
|
token: string;
|
|
72
101
|
userId: string;
|
|
73
102
|
password: string;
|
|
74
103
|
};
|
|
75
|
-
export
|
|
104
|
+
export type IRecoverMFAToken = {
|
|
76
105
|
email: string;
|
|
77
106
|
recoveryCode: string;
|
|
78
107
|
};
|
|
79
|
-
export
|
|
108
|
+
export type IEnrollMfaResponse = {
|
|
80
109
|
qrCode: string;
|
|
81
110
|
};
|
|
82
|
-
export
|
|
111
|
+
export type IVerifyMfa = {
|
|
83
112
|
token: string;
|
|
84
113
|
};
|
|
85
|
-
export
|
|
114
|
+
export type IVerifyMfaResponse = {
|
|
86
115
|
recoveryCode: string;
|
|
87
116
|
};
|
|
88
|
-
export
|
|
89
|
-
token
|
|
117
|
+
export type IDisableMfa = {
|
|
118
|
+
token?: string;
|
|
90
119
|
};
|
|
91
|
-
export
|
|
120
|
+
export type ISamlConfiguration = {
|
|
92
121
|
enabled: boolean;
|
|
93
122
|
domain?: string;
|
|
94
123
|
validated?: boolean;
|
|
@@ -105,27 +134,31 @@ export declare type ISamlConfiguration = {
|
|
|
105
134
|
oidcSecret?: string;
|
|
106
135
|
type?: string;
|
|
107
136
|
};
|
|
108
|
-
export
|
|
137
|
+
export type IOidcConfiguration = {
|
|
109
138
|
active: boolean;
|
|
110
139
|
redirectUri?: string;
|
|
111
140
|
};
|
|
112
|
-
export
|
|
141
|
+
export type ISSOPublicConfiguration = {
|
|
113
142
|
isActive: boolean;
|
|
114
143
|
};
|
|
115
|
-
export
|
|
116
|
-
export
|
|
144
|
+
export type IUpdateSamlConfiguration = Omit<ISamlConfiguration, 'validated' | 'generatedVerification' | 'createdAt' | 'updatedAt'>;
|
|
145
|
+
export type ISamlVendorConfigResponse = {
|
|
117
146
|
acsUrl: string;
|
|
118
147
|
spEntityId: string;
|
|
119
148
|
};
|
|
120
|
-
export
|
|
149
|
+
export type ISamlVendorMetadata = {
|
|
121
150
|
id: string;
|
|
122
151
|
vendorId: string;
|
|
123
152
|
entityName: 'saml';
|
|
124
153
|
configuration: ISamlVendorConfigResponse;
|
|
125
154
|
};
|
|
126
|
-
export
|
|
155
|
+
export type IUpdateSamlVendorMetadata = {
|
|
127
156
|
metadata: string;
|
|
128
157
|
};
|
|
158
|
+
export interface ICreateOrUpdateSSOConfigurationByMetadataUrl {
|
|
159
|
+
url: string;
|
|
160
|
+
configMetadata?: Record<string, string>;
|
|
161
|
+
}
|
|
129
162
|
export interface ISocialLoginProviderConfiguration {
|
|
130
163
|
type: SocialLoginProviders;
|
|
131
164
|
clientId: string;
|
|
@@ -136,16 +169,36 @@ export interface ISocialLoginProviderConfigurationV2 {
|
|
|
136
169
|
type: SocialLoginProviders;
|
|
137
170
|
clientId?: string | null;
|
|
138
171
|
redirectUrl: string;
|
|
172
|
+
backendRedirectUrl?: string;
|
|
139
173
|
active: boolean;
|
|
140
174
|
authorizationUrl?: string | null;
|
|
175
|
+
options?: Record<string, unknown>;
|
|
141
176
|
customised: boolean;
|
|
177
|
+
additionalScopes?: string[];
|
|
178
|
+
}
|
|
179
|
+
export interface ICustomSocialLoginProviderConfigurationV1 {
|
|
180
|
+
providers: {
|
|
181
|
+
id: string;
|
|
182
|
+
type: string;
|
|
183
|
+
clientId: string;
|
|
184
|
+
redirectUrl: string;
|
|
185
|
+
redirectUrlPattern: string;
|
|
186
|
+
authorizationUrl: string;
|
|
187
|
+
userInfoUrl: string;
|
|
188
|
+
scopes: string;
|
|
189
|
+
ssoLogoUrl: string | null;
|
|
190
|
+
displayName: string;
|
|
191
|
+
active: boolean;
|
|
192
|
+
}[];
|
|
142
193
|
}
|
|
143
194
|
export interface ILoginViaSocialLogin {
|
|
144
|
-
code
|
|
195
|
+
code?: string;
|
|
196
|
+
idToken?: string;
|
|
145
197
|
redirectUri?: string;
|
|
146
198
|
provider: SocialLoginProviders;
|
|
147
199
|
afterAuthRedirectUrl?: string;
|
|
148
200
|
codeVerifier?: string;
|
|
201
|
+
codeVerifierPkce?: string;
|
|
149
202
|
metadata?: string;
|
|
150
203
|
invitationToken?: string;
|
|
151
204
|
state?: string;
|
|
@@ -158,6 +211,7 @@ export interface ILoginViaSocialLoginResponse {
|
|
|
158
211
|
name: string;
|
|
159
212
|
accessToken: string;
|
|
160
213
|
mfaRequired: boolean;
|
|
214
|
+
userEmail?: string;
|
|
161
215
|
}
|
|
162
216
|
export interface ISetSocialLoginError {
|
|
163
217
|
error: string;
|
|
@@ -168,6 +222,7 @@ export interface IVendorConfig {
|
|
|
168
222
|
apiTokensEnabled: boolean;
|
|
169
223
|
forcePermissions: boolean;
|
|
170
224
|
authStrategy: AuthStrategyEnum;
|
|
225
|
+
machineToMachineAuthStrategy: MachineToMachineAuthStrategy;
|
|
171
226
|
}
|
|
172
227
|
export interface ISignUpUser {
|
|
173
228
|
email: string;
|
|
@@ -185,6 +240,14 @@ export interface ISignUpResponse {
|
|
|
185
240
|
user?: ILoginResponse;
|
|
186
241
|
userId?: string;
|
|
187
242
|
tenantId?: string;
|
|
243
|
+
tenants?: ITenantsResponse[];
|
|
244
|
+
activeTenant?: ITenantsResponse;
|
|
245
|
+
}
|
|
246
|
+
export interface ISignUpApiResponse {
|
|
247
|
+
shouldActivate: boolean;
|
|
248
|
+
userId?: string;
|
|
249
|
+
tenantId?: string;
|
|
250
|
+
authResponse: ILoginResponse;
|
|
188
251
|
}
|
|
189
252
|
export interface ISessionResponse {
|
|
190
253
|
id: string;
|
|
@@ -193,12 +256,31 @@ export interface ISessionResponse {
|
|
|
193
256
|
userAgent?: string;
|
|
194
257
|
createdAt?: Date;
|
|
195
258
|
current?: boolean;
|
|
259
|
+
impersonated?: boolean;
|
|
260
|
+
}
|
|
261
|
+
export interface ISessionIdleTimeoutConfiguration {
|
|
262
|
+
isActive: boolean;
|
|
263
|
+
timeout: number;
|
|
264
|
+
}
|
|
265
|
+
export interface ISessionTimeoutConfiguration {
|
|
266
|
+
isActive: boolean;
|
|
267
|
+
timeout: number;
|
|
268
|
+
}
|
|
269
|
+
export interface ISessionConcurrentConfiguration {
|
|
270
|
+
isActive: boolean;
|
|
271
|
+
maxSessions: number;
|
|
272
|
+
}
|
|
273
|
+
export interface ISessionConfigurations {
|
|
274
|
+
sessionTimeoutConfiguration?: ISessionTimeoutConfiguration;
|
|
275
|
+
sessionIdleTimeoutConfiguration?: ISessionIdleTimeoutConfiguration;
|
|
276
|
+
sessionConcurrentConfiguration?: ISessionConcurrentConfiguration;
|
|
196
277
|
}
|
|
197
278
|
export interface IUserApiTokensData {
|
|
198
279
|
clientId?: string;
|
|
199
280
|
description: string;
|
|
200
281
|
metadata?: any;
|
|
201
282
|
secret?: string;
|
|
283
|
+
expires?: Date;
|
|
202
284
|
}
|
|
203
285
|
export interface ITenantApiTokensData {
|
|
204
286
|
clientId?: string;
|
|
@@ -208,17 +290,53 @@ export interface ITenantApiTokensData {
|
|
|
208
290
|
metadata?: any;
|
|
209
291
|
secret?: string;
|
|
210
292
|
roleIds?: string[];
|
|
293
|
+
expires?: Date;
|
|
211
294
|
}
|
|
212
295
|
export interface IUpdateUserApiTokensData {
|
|
213
296
|
description: string;
|
|
297
|
+
expiresInMinutes: number | null;
|
|
214
298
|
}
|
|
215
299
|
export interface IUpdateTenantApiTokensData {
|
|
216
300
|
description: string;
|
|
217
301
|
roleIds: string[];
|
|
302
|
+
expiresInMinutes: number | null;
|
|
218
303
|
}
|
|
219
304
|
export interface IDeleteApiToken {
|
|
220
305
|
tokenId: string;
|
|
221
306
|
}
|
|
307
|
+
export interface IAccessTokensData {
|
|
308
|
+
id: string;
|
|
309
|
+
description?: string;
|
|
310
|
+
createdAt: Date;
|
|
311
|
+
secret?: string;
|
|
312
|
+
expires?: Date;
|
|
313
|
+
}
|
|
314
|
+
export interface IUserAccessTokenData extends IAccessTokensData {
|
|
315
|
+
}
|
|
316
|
+
export interface ITenantAccessTokenData extends IAccessTokensData {
|
|
317
|
+
roleIds: string[];
|
|
318
|
+
}
|
|
319
|
+
export interface IGetUserAccessTokens {
|
|
320
|
+
accessTokens: IUserAccessTokenData[];
|
|
321
|
+
}
|
|
322
|
+
export interface IGetTenantAccessTokens {
|
|
323
|
+
accessTokens: ITenantAccessTokenData[];
|
|
324
|
+
}
|
|
325
|
+
export interface IGetUserAccessTokensData {
|
|
326
|
+
accessTokens: IUserAccessTokenData[];
|
|
327
|
+
}
|
|
328
|
+
export interface ICreateAccessTokensData {
|
|
329
|
+
description: string;
|
|
330
|
+
expiresInMinutes: number | null;
|
|
331
|
+
}
|
|
332
|
+
export interface ICreateUserAccessTokenData extends ICreateAccessTokensData {
|
|
333
|
+
}
|
|
334
|
+
export interface ICreateTenantAccessTokenData extends ICreateAccessTokensData {
|
|
335
|
+
roleIds: string[];
|
|
336
|
+
}
|
|
337
|
+
export interface IDeleteAccessToken {
|
|
338
|
+
id: string;
|
|
339
|
+
}
|
|
222
340
|
export interface IUpdateSamlRoles {
|
|
223
341
|
roleIds: string[];
|
|
224
342
|
}
|
|
@@ -231,7 +349,7 @@ export interface ICreateSamlGroup {
|
|
|
231
349
|
group: string;
|
|
232
350
|
roleIds?: string[];
|
|
233
351
|
}
|
|
234
|
-
export
|
|
352
|
+
export type IGetUserById = {
|
|
235
353
|
userId: string;
|
|
236
354
|
};
|
|
237
355
|
export interface IUserIdResponse {
|
|
@@ -258,12 +376,21 @@ export interface IAllowedToRememberMfaDevice {
|
|
|
258
376
|
isAllowedToRemember: boolean;
|
|
259
377
|
mfaDeviceExpiration: number;
|
|
260
378
|
}
|
|
261
|
-
export interface
|
|
262
|
-
email: string;
|
|
379
|
+
export interface IBasePasswordlessPreLogin {
|
|
263
380
|
recaptchaToken?: string;
|
|
264
381
|
type: AuthStrategyEnum;
|
|
265
382
|
invitationToken?: string;
|
|
266
383
|
}
|
|
384
|
+
export interface IEmailPasswordlessPreLogin extends IBasePasswordlessPreLogin {
|
|
385
|
+
email: string;
|
|
386
|
+
}
|
|
387
|
+
export interface IUserIDPasswordlessPreLogin extends IBasePasswordlessPreLogin {
|
|
388
|
+
userId: string;
|
|
389
|
+
}
|
|
390
|
+
export interface IPhoneNumberPasswordlessPreLogin extends IBasePasswordlessPreLogin {
|
|
391
|
+
phoneNumber: string;
|
|
392
|
+
}
|
|
393
|
+
export type IPasswordlessPreLogin = IEmailPasswordlessPreLogin | IUserIDPasswordlessPreLogin | IPhoneNumberPasswordlessPreLogin;
|
|
267
394
|
export interface IPasswordlessPostLogin {
|
|
268
395
|
token: string;
|
|
269
396
|
recaptchaToken?: string;
|
|
@@ -280,6 +407,7 @@ export interface ISSODomain {
|
|
|
280
407
|
id: string;
|
|
281
408
|
domain: string;
|
|
282
409
|
validated: boolean;
|
|
410
|
+
txtRecord: string;
|
|
283
411
|
}
|
|
284
412
|
export interface ISSOConfigurationDefaultRoles {
|
|
285
413
|
roleIds: string[];
|
|
@@ -301,11 +429,13 @@ export interface ISSOConfiguration {
|
|
|
301
429
|
domains: ISSODomain[];
|
|
302
430
|
roleIds: string[];
|
|
303
431
|
groups: ISamlRolesGroup[];
|
|
432
|
+
skipEmailDomainValidation: boolean;
|
|
304
433
|
}
|
|
305
434
|
export interface IExchangeOAuthTokens {
|
|
306
|
-
code
|
|
307
|
-
|
|
308
|
-
|
|
435
|
+
code?: string;
|
|
436
|
+
code_verifier?: string;
|
|
437
|
+
redirect_uri?: string;
|
|
438
|
+
refresh_token?: string;
|
|
309
439
|
}
|
|
310
440
|
export interface IOAuthTokenResponse {
|
|
311
441
|
access_token: string;
|
|
@@ -313,13 +443,28 @@ export interface IOAuthTokenResponse {
|
|
|
313
443
|
id_token: string;
|
|
314
444
|
refresh_token: string;
|
|
315
445
|
}
|
|
316
|
-
export
|
|
446
|
+
export interface IOAuthLogout {
|
|
447
|
+
id_token_hint?: string;
|
|
448
|
+
post_logout_redirect_uri?: string;
|
|
449
|
+
state?: string;
|
|
450
|
+
}
|
|
451
|
+
export type IUpdateSSOConfiguration = Partial<Omit<ISSOConfiguration, 'id' | 'createdAt' | 'updatedAt' | 'domains'>>;
|
|
317
452
|
export interface IResetPhoneNumber {
|
|
318
453
|
email: string;
|
|
319
454
|
}
|
|
320
455
|
export interface IResetPhoneNumberResponse {
|
|
321
456
|
resetPhoneNumberToken: string;
|
|
322
457
|
}
|
|
458
|
+
export interface IChangePhoneNumberWithVerification {
|
|
459
|
+
phoneNumber: string;
|
|
460
|
+
}
|
|
461
|
+
export interface IChangePhoneNumberWithVerificationResponse {
|
|
462
|
+
changePhoneId: string;
|
|
463
|
+
}
|
|
464
|
+
export interface IVerifyChangePhoneNumber {
|
|
465
|
+
changePhoneId: string;
|
|
466
|
+
code: string;
|
|
467
|
+
}
|
|
323
468
|
export interface IVerifyResetPhoneNumber {
|
|
324
469
|
resetPhoneNumberToken: string;
|
|
325
470
|
code: string;
|
|
@@ -337,10 +482,16 @@ interface WebAuthnLoginResponse {
|
|
|
337
482
|
signature: string;
|
|
338
483
|
userHandle?: string;
|
|
339
484
|
}
|
|
340
|
-
export interface
|
|
341
|
-
email: string;
|
|
485
|
+
export interface IBaseWebAuthnPreLogin {
|
|
342
486
|
recaptchaToken?: string;
|
|
343
487
|
}
|
|
488
|
+
export interface IEmailWebAuthnPreLogin extends IBaseWebAuthnPreLogin {
|
|
489
|
+
email: string;
|
|
490
|
+
}
|
|
491
|
+
export interface IUserIDWebAuthnPreLogin extends IBaseWebAuthnPreLogin {
|
|
492
|
+
userId?: string;
|
|
493
|
+
}
|
|
494
|
+
export type IWebAuthnPreLogin = IEmailWebAuthnPreLogin | IUserIDWebAuthnPreLogin;
|
|
344
495
|
interface AllowCredentials {
|
|
345
496
|
type: string;
|
|
346
497
|
id: string;
|
|
@@ -359,6 +510,14 @@ export interface IWebAuthnPostLogin {
|
|
|
359
510
|
invitationToken?: string;
|
|
360
511
|
response: WebAuthnLoginResponse;
|
|
361
512
|
}
|
|
513
|
+
export interface GenerateStepUpRequest {
|
|
514
|
+
maxAge?: number;
|
|
515
|
+
}
|
|
516
|
+
export interface GenerateStepUpResponse {
|
|
517
|
+
mfaToken: string;
|
|
518
|
+
mfaEnrolled: boolean;
|
|
519
|
+
mfaDevices: UserMFADevicesResponse;
|
|
520
|
+
}
|
|
362
521
|
export interface ICreateNewDeviceSessionResponse {
|
|
363
522
|
rp: {
|
|
364
523
|
name: string;
|
|
@@ -386,16 +545,159 @@ interface IWebAuthnRegisterResponse {
|
|
|
386
545
|
export interface IVerifyNewWebAuthnDevice {
|
|
387
546
|
id: string;
|
|
388
547
|
response: IWebAuthnRegisterResponse;
|
|
548
|
+
deviceType?: WebAuthnDeviceType;
|
|
389
549
|
}
|
|
390
550
|
export declare enum SecondaryAuthStrategy {
|
|
391
551
|
WebAuthnPlatform = "WebAuthnPlatform",
|
|
392
552
|
WebAuthnCrossPlatform = "WebAuthnCrossPlatform",
|
|
393
|
-
SmsCode = "SmsCode"
|
|
553
|
+
SmsCode = "SmsCode",
|
|
554
|
+
SmsCodeV2 = "SmsCodeV2",
|
|
555
|
+
Passkeys = "Passkeys"
|
|
394
556
|
}
|
|
395
557
|
export interface IAuthStrategyConfig {
|
|
396
558
|
strategy: SecondaryAuthStrategy;
|
|
397
559
|
isActive: boolean;
|
|
398
560
|
}
|
|
561
|
+
export interface MainAuthStrategy {
|
|
562
|
+
strategy: AuthStrategyEnum;
|
|
563
|
+
}
|
|
399
564
|
export interface IAuthStrategiesConfig {
|
|
400
565
|
secondaryAuthStrategies: IAuthStrategyConfig[];
|
|
566
|
+
mainAuthStrategies: MainAuthStrategy[];
|
|
567
|
+
}
|
|
568
|
+
export interface IPreEnrollMFA {
|
|
569
|
+
mfaToken: string;
|
|
570
|
+
}
|
|
571
|
+
export interface IEnrollMFA {
|
|
572
|
+
mfaToken: string;
|
|
573
|
+
rememberDevice?: boolean;
|
|
574
|
+
}
|
|
575
|
+
export interface IPreEnrollMFAAuthenticatorAppResponse {
|
|
576
|
+
qrCode: string;
|
|
577
|
+
}
|
|
578
|
+
export interface IEnrollMFAAuthenticatorApp extends IEnrollMFA {
|
|
579
|
+
token: string;
|
|
580
|
+
}
|
|
581
|
+
export interface IPreEnrollMFASMS extends IPreEnrollMFA {
|
|
582
|
+
phoneNumber: string;
|
|
583
|
+
}
|
|
584
|
+
export interface IPreEnrollMFASMSResponse {
|
|
585
|
+
otcToken: string;
|
|
586
|
+
phoneNumber: string;
|
|
587
|
+
}
|
|
588
|
+
export interface IEnrollMFASMS extends IEnrollMFA {
|
|
589
|
+
otcToken: string;
|
|
590
|
+
code: string;
|
|
591
|
+
}
|
|
592
|
+
export declare enum WebAuthnDeviceType {
|
|
593
|
+
Platform = "Platform",
|
|
594
|
+
CrossPlatform = "CrossPlatform"
|
|
595
|
+
}
|
|
596
|
+
export interface IWebAuthnDevice {
|
|
597
|
+
id: string;
|
|
598
|
+
deviceType: WebAuthnDeviceType;
|
|
599
|
+
createdAt: Date;
|
|
600
|
+
}
|
|
601
|
+
export interface IWebAuthnDevices {
|
|
602
|
+
devices: IWebAuthnDevice[];
|
|
603
|
+
}
|
|
604
|
+
export interface IEnrollMFAWebAuthn extends IEnrollMFA {
|
|
605
|
+
deviceType: WebAuthnDeviceType;
|
|
606
|
+
webauthnToken: string;
|
|
607
|
+
options: IVerifyNewWebAuthnDevice;
|
|
608
|
+
}
|
|
609
|
+
export interface IPreEnrollMFAWebAuthnResponse {
|
|
610
|
+
webauthnToken: string;
|
|
611
|
+
options: ICreateNewDeviceSessionResponse;
|
|
612
|
+
}
|
|
613
|
+
export interface IPreVerifyMFA {
|
|
614
|
+
mfaToken: string;
|
|
615
|
+
}
|
|
616
|
+
export interface IVerifyMFA {
|
|
617
|
+
mfaToken: string;
|
|
618
|
+
rememberDevice?: boolean;
|
|
619
|
+
}
|
|
620
|
+
export interface IPreVerifyCode {
|
|
621
|
+
otcToken: string;
|
|
622
|
+
}
|
|
623
|
+
export interface IVerifyCode extends IVerifyMFA {
|
|
624
|
+
otcToken: string;
|
|
625
|
+
code: string;
|
|
626
|
+
}
|
|
627
|
+
export interface IVerifyMFAAuthenticatorApp extends IVerifyMFA {
|
|
628
|
+
value: string;
|
|
629
|
+
}
|
|
630
|
+
export interface IPreVerifyMFASMSResponse extends IPreVerifyCode {
|
|
631
|
+
phoneNumber: string;
|
|
632
|
+
}
|
|
633
|
+
export interface IVerifyMFASMS extends IVerifyCode {
|
|
634
|
+
}
|
|
635
|
+
export interface IPreVerifyMFAEmailCodeResponse {
|
|
636
|
+
otcToken: string;
|
|
637
|
+
}
|
|
638
|
+
export interface IVerifyMFAEmailCode extends IVerifyCode {
|
|
639
|
+
}
|
|
640
|
+
export interface IPreVerifyMFAWebAuthnResponse {
|
|
641
|
+
webauthnToken: string;
|
|
642
|
+
options: IWebAuthnPreLoginResponse;
|
|
643
|
+
}
|
|
644
|
+
export interface IVerifyMFAWebAuthn extends IVerifyMFA {
|
|
645
|
+
webauthnToken: string;
|
|
646
|
+
options: Omit<IWebAuthnPostLogin, 'recaptchaToken' | 'invitationToken'>;
|
|
647
|
+
}
|
|
648
|
+
export declare enum MFAStrategyEnum {
|
|
649
|
+
AuthenticatorApp = "AuthenticatorApp",
|
|
650
|
+
WebAuthnPlatform = "WebAuthnPlatform",
|
|
651
|
+
WebAuthnCrossPlatform = "WebAuthnCrossPlatform",
|
|
652
|
+
SMS = "SMS",
|
|
653
|
+
EmailCode = "EmailCode"
|
|
654
|
+
}
|
|
655
|
+
export interface UserMFAWebAuthnDevice {
|
|
656
|
+
id: string;
|
|
657
|
+
deviceType: WebAuthnDeviceType;
|
|
658
|
+
name: string;
|
|
659
|
+
}
|
|
660
|
+
export interface UserMFAEmail {
|
|
661
|
+
email: string;
|
|
662
|
+
}
|
|
663
|
+
export interface UserMFAPhoneDevice {
|
|
664
|
+
id: string;
|
|
665
|
+
phoneNumber: string;
|
|
666
|
+
}
|
|
667
|
+
export interface UserMFAAuthenticatorApp {
|
|
668
|
+
id: string;
|
|
669
|
+
}
|
|
670
|
+
export interface UserMFADevicesResponse {
|
|
671
|
+
webauthn: UserMFAWebAuthnDevice[];
|
|
672
|
+
phones: UserMFAPhoneDevice[];
|
|
673
|
+
authenticators: UserMFAAuthenticatorApp[];
|
|
674
|
+
emails: UserMFAEmail[];
|
|
675
|
+
}
|
|
676
|
+
export interface IPreDisableMFASMSResponse {
|
|
677
|
+
otcToken: string;
|
|
678
|
+
phoneNumber: string;
|
|
679
|
+
}
|
|
680
|
+
export interface IDisableMFASMS {
|
|
681
|
+
otcToken?: string;
|
|
682
|
+
code?: string;
|
|
683
|
+
}
|
|
684
|
+
export interface IPreDisableMFAWebAuthnResponse {
|
|
685
|
+
webauthnToken: string;
|
|
686
|
+
options: IWebAuthnPreLoginResponse;
|
|
687
|
+
}
|
|
688
|
+
export interface IDisableMFAWebAuthn {
|
|
689
|
+
webauthnToken?: string;
|
|
690
|
+
options?: Omit<IWebAuthnPostLogin, 'recaptchaToken' | 'invitationToken'>;
|
|
691
|
+
}
|
|
692
|
+
export interface IPreEnrollMFAAuthenticatorApp {
|
|
693
|
+
qrCode: string;
|
|
694
|
+
}
|
|
695
|
+
export type WithoutMFAToken<T> = Omit<T | 'mfaToken', 'rememberDevice'>;
|
|
696
|
+
export interface IMFAStrategyResponse {
|
|
697
|
+
strategy: MFAStrategyEnum;
|
|
698
|
+
isActive: boolean;
|
|
699
|
+
}
|
|
700
|
+
export interface IMFAStrategiesResponse {
|
|
701
|
+
strategies: IMFAStrategyResponse[];
|
|
401
702
|
}
|
|
703
|
+
export declare const LOAD_AUTHORIZATION_FF = "admin_portal_should_load_authorization";
|
package/auth/interfaces.js
CHANGED
|
@@ -1,15 +1,25 @@
|
|
|
1
1
|
export * from './secutiry-poilicy/interfaces';
|
|
2
|
-
|
|
3
|
-
;
|
|
4
|
-
;
|
|
5
|
-
;
|
|
6
|
-
;
|
|
7
|
-
;
|
|
8
|
-
;
|
|
2
|
+
// SmsCode is for speedy login, SmsCodeV2 is for login with SMS
|
|
9
3
|
export let SecondaryAuthStrategy;
|
|
10
|
-
|
|
11
4
|
(function (SecondaryAuthStrategy) {
|
|
12
5
|
SecondaryAuthStrategy["WebAuthnPlatform"] = "WebAuthnPlatform";
|
|
13
6
|
SecondaryAuthStrategy["WebAuthnCrossPlatform"] = "WebAuthnCrossPlatform";
|
|
14
7
|
SecondaryAuthStrategy["SmsCode"] = "SmsCode";
|
|
15
|
-
|
|
8
|
+
SecondaryAuthStrategy["SmsCodeV2"] = "SmsCodeV2";
|
|
9
|
+
SecondaryAuthStrategy["Passkeys"] = "Passkeys";
|
|
10
|
+
})(SecondaryAuthStrategy || (SecondaryAuthStrategy = {}));
|
|
11
|
+
// WebAuthn
|
|
12
|
+
export let WebAuthnDeviceType;
|
|
13
|
+
(function (WebAuthnDeviceType) {
|
|
14
|
+
WebAuthnDeviceType["Platform"] = "Platform";
|
|
15
|
+
WebAuthnDeviceType["CrossPlatform"] = "CrossPlatform";
|
|
16
|
+
})(WebAuthnDeviceType || (WebAuthnDeviceType = {}));
|
|
17
|
+
export let MFAStrategyEnum;
|
|
18
|
+
(function (MFAStrategyEnum) {
|
|
19
|
+
MFAStrategyEnum["AuthenticatorApp"] = "AuthenticatorApp";
|
|
20
|
+
MFAStrategyEnum["WebAuthnPlatform"] = "WebAuthnPlatform";
|
|
21
|
+
MFAStrategyEnum["WebAuthnCrossPlatform"] = "WebAuthnCrossPlatform";
|
|
22
|
+
MFAStrategyEnum["SMS"] = "SMS";
|
|
23
|
+
MFAStrategyEnum["EmailCode"] = "EmailCode";
|
|
24
|
+
})(MFAStrategyEnum || (MFAStrategyEnum = {}));
|
|
25
|
+
export const LOAD_AUTHORIZATION_FF = 'admin_portal_should_load_authorization';
|