npm - @fusionauth/typescript-client - Versions diffs - 1.39.0 → 1.41.0 - Mend

@fusionauth/typescript-client 1.39.0 → 1.41.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/build/src/FusionAuthClient.d.ts +536 -1
package/build/src/FusionAuthClient.js +276 -0
package/build/src/FusionAuthClient.js.map +1 -1
package/dist/fusionauth-typescript-client.js +277 -1
package/dist/fusionauth-typescript-client.min.js +1 -1
package/dist/fusionauth-typescript-client.min.js.map +1 -1
package/package.json +1 -1

package/build/src/FusionAuthClient.js CHANGED Viewed

@@ -187,6 +187,26 @@ class FusionAuthClient {
             .withMethod("GET")
             .go();
     }
+    /**
+     * Make a Client Credentials grant request to obtain an access token.
+     *
+     * @param {string} client_id The client identifier. The client Id is the Id of the FusionAuth Entity in which you are attempting to authenticate.
+     * @param {string} client_secret The client secret used to authenticate this request.
+     * @param {string} scope (Optional) This parameter is used to indicate which target entity you are requesting access. To request access to an entity, use the format target-entity:&lt;target-entity-id&gt;:&lt;roles&gt;. Roles are an optional comma separated list.
+     * @returns {Promise<ClientResponse<AccessToken>>}
+     */
+    clientCredentialsGrant(client_id, client_secret, scope) {
+        let body = new url_1.URLSearchParams();
+        body.append('client_id', client_id);
+        body.append('client_secret', client_secret);
+        body.append('grant_type', 'client_credentials');
+        body.append('scope', scope);
+        return this.startAnonymous()
+            .withUri('/oauth2/token')
+            .withFormData(body)
+            .withMethod("POST")
+            .go();
+    }
     /**
      * Adds a comment to the user's account.
      *
@@ -200,6 +220,45 @@ class FusionAuthClient {
             .withMethod("POST")
             .go();
     }
+    /**
+     * Complete a WebAuthn authentication ceremony by validating the signature against the previously generated challenge without logging the user in
+     *
+     * @param {WebAuthnLoginRequest} request An object containing data necessary for completing the authentication ceremony
+     * @returns {Promise<ClientResponse<WebAuthnAssertResponse>>}
+     */
+    completeWebAuthnAssertion(request) {
+        return this.startAnonymous()
+            .withUri('/api/webauthn/assert')
+            .withJSONBody(request)
+            .withMethod("POST")
+            .go();
+    }
+    /**
+     * Complete a WebAuthn authentication ceremony by validating the signature against the previously generated challenge and then login the user in
+     *
+     * @param {WebAuthnLoginRequest} request An object containing data necessary for completing the authentication ceremony
+     * @returns {Promise<ClientResponse<LoginResponse>>}
+     */
+    completeWebAuthnLogin(request) {
+        return this.startAnonymous()
+            .withUri('/api/webauthn/login')
+            .withJSONBody(request)
+            .withMethod("POST")
+            .go();
+    }
+    /**
+     * Complete a WebAuthn registration ceremony by validating the client request and saving the new credential
+     *
+     * @param {WebAuthnRegisterCompleteRequest} request An object containing data necessary for completing the registration ceremony
+     * @returns {Promise<ClientResponse<WebAuthnRegisterCompleteResponse>>}
+     */
+    completeWebAuthnRegistration(request) {
+        return this.start()
+            .withUri('/api/webauthn/register/complete')
+            .withJSONBody(request)
+            .withMethod("POST")
+            .go();
+    }
     /**
      * Creates an API key. You can optionally specify a unique Id for the key, if not provided one will be generated.
      * an API key can only be created with equal or lesser authority. An API key cannot create another API key unless it is granted
@@ -1192,6 +1251,19 @@ class FusionAuthClient {
             .withMethod("DELETE")
             .go();
     }
+    /**
+     * Deletes the WebAuthn credential for the given Id.
+     *
+     * @param {UUID} id The Id of the WebAuthn credential to delete.
+     * @returns {Promise<ClientResponse<void>>}
+     */
+    deleteWebAuthnCredential(id) {
+        return this.start()
+            .withUri('/api/webauthn')
+            .withUriSegment(id)
+            .withMethod("DELETE")
+            .go();
+    }
     /**
      * Deletes the webhook for the given Id.
      *
@@ -1537,6 +1609,19 @@ class FusionAuthClient {
             .withMethod("POST")
             .go();
     }
+    /**
+     * Import a WebAuthn credential
+     *
+     * @param {WebAuthnCredentialImportRequest} request An object containing data necessary for importing the credential
+     * @returns {Promise<ClientResponse<void>>}
+     */
+    importWebAuthnCredential(request) {
+        return this.start()
+            .withUri('/api/webauthn/import')
+            .withJSONBody(request)
+            .withMethod("POST")
+            .go();
+    }
     /**
      * Inspect an access token issued by FusionAuth.
      *
@@ -3468,6 +3553,32 @@ class FusionAuthClient {
             .withMethod("GET")
             .go();
     }
+    /**
+     * Retrieves the WebAuthn credential for the given Id.
+     *
+     * @param {UUID} id The Id of the WebAuthn credential.
+     * @returns {Promise<ClientResponse<WebAuthnCredentialResponse>>}
+     */
+    retrieveWebAuthnCredential(id) {
+        return this.start()
+            .withUri('/api/webauthn')
+            .withUriSegment(id)
+            .withMethod("GET")
+            .go();
+    }
+    /**
+     * Retrieves all WebAuthn credentials for the given user.
+     *
+     * @param {UUID} userId The user's ID.
+     * @returns {Promise<ClientResponse<WebAuthnCredentialResponse>>}
+     */
+    retrieveWebAuthnCredentialsForUser(userId) {
+        return this.start()
+            .withUri('/api/webauthn')
+            .withParameter('userId', userId)
+            .withMethod("GET")
+            .go();
+    }
     /**
      * Retrieves the webhook for the given Id. If you pass in null for the id, this will return all the webhooks.
      *
@@ -3961,6 +4072,32 @@ class FusionAuthClient {
             .withMethod("POST")
             .go();
     }
+    /**
+     * Start a WebAuthn authentication ceremony by generating a new challenge for the user
+     *
+     * @param {WebAuthnStartRequest} request An object containing data necessary for starting the authentication ceremony
+     * @returns {Promise<ClientResponse<WebAuthnStartResponse>>}
+     */
+    startWebAuthnLogin(request) {
+        return this.start()
+            .withUri('/api/webauthn/start')
+            .withJSONBody(request)
+            .withMethod("POST")
+            .go();
+    }
+    /**
+     * Start a WebAuthn registration ceremony by generating a new challenge for the user
+     *
+     * @param {WebAuthnRegisterStartRequest} request An object containing data necessary for starting the registration ceremony
+     * @returns {Promise<ClientResponse<WebAuthnRegisterStartResponse>>}
+     */
+    startWebAuthnRegistration(request) {
+        return this.start()
+            .withUri('/api/webauthn/register/start')
+            .withJSONBody(request)
+            .withMethod("POST")
+            .go();
+    }
     /**
      * Complete login using a 2FA challenge
      *
@@ -4617,6 +4754,31 @@ var ApplicationMultiFactorTrustPolicy;
     ApplicationMultiFactorTrustPolicy["This"] = "This";
     ApplicationMultiFactorTrustPolicy["None"] = "None";
 })(ApplicationMultiFactorTrustPolicy = exports.ApplicationMultiFactorTrustPolicy || (exports.ApplicationMultiFactorTrustPolicy = {}));
+/**
+ * Used to communicate whether and how authenticator attestation should be delivered to the Relying Party
+ *
+ * @author Spencer Witt
+ */
+var AttestationConveyancePreference;
+(function (AttestationConveyancePreference) {
+    AttestationConveyancePreference["none"] = "none";
+    AttestationConveyancePreference["indirect"] = "indirect";
+    AttestationConveyancePreference["direct"] = "direct";
+    AttestationConveyancePreference["enterprise"] = "enterprise";
+})(AttestationConveyancePreference = exports.AttestationConveyancePreference || (exports.AttestationConveyancePreference = {}));
+/**
+ * Used to indicate what type of attestation was included in the authenticator response for a given WebAuthn credential at the time it was created
+ *
+ * @author Spencer Witt
+ */
+var AttestationType;
+(function (AttestationType) {
+    AttestationType["basic"] = "basic";
+    AttestationType["self"] = "self";
+    AttestationType["attestationCa"] = "attestationCa";
+    AttestationType["anonymizationCa"] = "anonymizationCa";
+    AttestationType["none"] = "none";
+})(AttestationType = exports.AttestationType || (exports.AttestationType = {}));
 /**
  * @author Brett Pontarelli
  */
@@ -4624,6 +4786,27 @@ var AuthenticationThreats;
 (function (AuthenticationThreats) {
     AuthenticationThreats["ImpossibleTravel"] = "ImpossibleTravel";
 })(AuthenticationThreats = exports.AuthenticationThreats || (exports.AuthenticationThreats = {}));
+/**
+ * Describes the <a href="https://www.w3.org/TR/webauthn-2/#authenticator-attachment-modality">authenticator attachment modality</a>.
+ *
+ * @author Spencer Witt
+ */
+var AuthenticatorAttachment;
+(function (AuthenticatorAttachment) {
+    AuthenticatorAttachment["platform"] = "platform";
+    AuthenticatorAttachment["crossPlatform"] = "crossPlatform";
+})(AuthenticatorAttachment = exports.AuthenticatorAttachment || (exports.AuthenticatorAttachment = {}));
+/**
+ * Describes the authenticator attachment modality preference for a WebAuthn workflow. See {@link AuthenticatorAttachment}
+ *
+ * @author Spencer Witt
+ */
+var AuthenticatorAttachmentPreference;
+(function (AuthenticatorAttachmentPreference) {
+    AuthenticatorAttachmentPreference["any"] = "any";
+    AuthenticatorAttachmentPreference["platform"] = "platform";
+    AuthenticatorAttachmentPreference["crossPlatform"] = "crossPlatform";
+})(AuthenticatorAttachmentPreference = exports.AuthenticatorAttachmentPreference || (exports.AuthenticatorAttachmentPreference = {}));
 var BreachAction;
 (function (BreachAction) {
     BreachAction["Off"] = "Off";
@@ -4727,6 +4910,54 @@ var ContentStatus;
     ContentStatus["PENDING"] = "PENDING";
     ContentStatus["REJECTED"] = "REJECTED";
 })(ContentStatus = exports.ContentStatus || (exports.ContentStatus = {}));
+/**
+ * A number identifying a cryptographic algorithm. Values should be registered with the <a
+ * href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">IANA COSE Algorithms registry</a>
+ *
+ * @author Spencer Witt
+ */
+var CoseAlgorithmIdentifier;
+(function (CoseAlgorithmIdentifier) {
+    CoseAlgorithmIdentifier["ES256"] = "SHA256withECDSA";
+    CoseAlgorithmIdentifier["ES384"] = "SHA384withECDSA";
+    CoseAlgorithmIdentifier["ES512"] = "SHA512withECDSA";
+    CoseAlgorithmIdentifier["RS256"] = "SHA256withRSA";
+    CoseAlgorithmIdentifier["RS384"] = "SHA384withRSA";
+    CoseAlgorithmIdentifier["RS512"] = "SHA512withRSA";
+    CoseAlgorithmIdentifier["PS256"] = "SHA-256";
+    CoseAlgorithmIdentifier["PS384"] = "SHA-384";
+    CoseAlgorithmIdentifier["PS512"] = "SHA-512";
+})(CoseAlgorithmIdentifier = exports.CoseAlgorithmIdentifier || (exports.CoseAlgorithmIdentifier = {}));
+/**
+ * COSE Elliptic Curve identifier to determine which elliptic curve to use with a given key
+ *
+ * @author Spencer Witt
+ */
+var CoseEllipticCurve;
+(function (CoseEllipticCurve) {
+    CoseEllipticCurve["Reserved"] = "Reserved";
+    CoseEllipticCurve["P256"] = "P256";
+    CoseEllipticCurve["P384"] = "P384";
+    CoseEllipticCurve["P521"] = "P521";
+    CoseEllipticCurve["X25519"] = "X25519";
+    CoseEllipticCurve["X448"] = "X448";
+    CoseEllipticCurve["Ed25519"] = "Ed25519";
+    CoseEllipticCurve["Ed448"] = "Ed448";
+    CoseEllipticCurve["Secp256k1"] = "Secp256k1";
+})(CoseEllipticCurve = exports.CoseEllipticCurve || (exports.CoseEllipticCurve = {}));
+/**
+ * COSE key type
+ *
+ * @author Spencer Witt
+ */
+var CoseKeyType;
+(function (CoseKeyType) {
+    CoseKeyType["Reserved"] = "0";
+    CoseKeyType["OKP"] = "1";
+    CoseKeyType["EC2"] = "2";
+    CoseKeyType["RSA"] = "3";
+    CoseKeyType["Symmetric"] = "4";
+})(CoseKeyType = exports.CoseKeyType || (exports.CoseKeyType = {}));
 var DeviceType;
 (function (DeviceType) {
     DeviceType["BROWSER"] = "BROWSER";
@@ -5168,6 +5399,15 @@ var ProofKeyForCodeExchangePolicy;
     ProofKeyForCodeExchangePolicy["NotRequired"] = "NotRequired";
     ProofKeyForCodeExchangePolicy["NotRequiredWhenUsingClientAuthentication"] = "NotRequiredWhenUsingClientAuthentication";
 })(ProofKeyForCodeExchangePolicy = exports.ProofKeyForCodeExchangePolicy || (exports.ProofKeyForCodeExchangePolicy = {}));
+/**
+ * Defines valid credential types. This is an extension point in the WebAuthn spec. The only defined value at this time is "public-key"
+ *
+ * @author Spencer Witt
+ */
+var PublicKeyCredentialType;
+(function (PublicKeyCredentialType) {
+    PublicKeyCredentialType["publicKey"] = "public-key";
+})(PublicKeyCredentialType = exports.PublicKeyCredentialType || (exports.PublicKeyCredentialType = {}));
 /**
  * @author Daniel DeGroff
  */
@@ -5212,6 +5452,18 @@ var RegistrationType;
     RegistrationType["basic"] = "basic";
     RegistrationType["advanced"] = "advanced";
 })(RegistrationType = exports.RegistrationType || (exports.RegistrationType = {}));
+/**
+ * Describes the Relying Party's requirements for <a href="https://www.w3.org/TR/webauthn-2/#client-side-discoverable-credential">client-side
+ * discoverable credentials</a> (formerly known as "resident keys")
+ *
+ * @author Spencer Witt
+ */
+var ResidentKeyRequirement;
+(function (ResidentKeyRequirement) {
+    ResidentKeyRequirement["discouraged"] = "discouraged";
+    ResidentKeyRequirement["preferred"] = "preferred";
+    ResidentKeyRequirement["required"] = "required";
+})(ResidentKeyRequirement = exports.ResidentKeyRequirement || (exports.ResidentKeyRequirement = {}));
 var SAMLLogoutBehavior;
 (function (SAMLLogoutBehavior) {
     SAMLLogoutBehavior["AllParticipants"] = "AllParticipants";
@@ -5305,6 +5557,18 @@ var UserState;
     UserState["AuthenticatedNotVerified"] = "AuthenticatedNotVerified";
     UserState["AuthenticatedRegistrationNotVerified"] = "AuthenticatedRegistrationNotVerified";
 })(UserState = exports.UserState || (exports.UserState = {}));
+/**
+ * Used to express whether the Relying Party requires <a href="https://www.w3.org/TR/webauthn-2/#user-verification">user verification</a> for the
+ * current operation.
+ *
+ * @author Spencer Witt
+ */
+var UserVerificationRequirement;
+(function (UserVerificationRequirement) {
+    UserVerificationRequirement["required"] = "required";
+    UserVerificationRequirement["preferred"] = "preferred";
+    UserVerificationRequirement["discouraged"] = "discouraged";
+})(UserVerificationRequirement = exports.UserVerificationRequirement || (exports.UserVerificationRequirement = {}));
 /**
  * @author Daniel DeGroff
  */
@@ -5313,6 +5577,18 @@ var VerificationStrategy;
     VerificationStrategy["ClickableLink"] = "ClickableLink";
     VerificationStrategy["FormField"] = "FormField";
 })(VerificationStrategy = exports.VerificationStrategy || (exports.VerificationStrategy = {}));
+/**
+ * Identifies the WebAuthn workflow. This will affect the parameters used for credential creation
+ * and request based on the Tenant configuration.
+ *
+ * @author Spencer Witt
+ */
+var WebAuthnWorkflow;
+(function (WebAuthnWorkflow) {
+    WebAuthnWorkflow["bootstrap"] = "bootstrap";
+    WebAuthnWorkflow["general"] = "general";
+    WebAuthnWorkflow["reauthentication"] = "reauthentication";
+})(WebAuthnWorkflow = exports.WebAuthnWorkflow || (exports.WebAuthnWorkflow = {}));
 var XMLSignatureLocation;
 (function (XMLSignatureLocation) {
     XMLSignatureLocation["Assertion"] = "Assertion";