@fusionauth/typescript-client 1.61.0 → 1.63.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/src/FusionAuthClient.d.ts +443 -13
- package/build/src/FusionAuthClient.js +531 -16
- package/build/src/FusionAuthClient.js.map +1 -1
- package/dist/fusionauth-typescript-client.js +532 -17
- package/dist/fusionauth-typescript-client.min.js +1 -1
- package/dist/fusionauth-typescript-client.min.js.map +1 -1
- package/package.json +1 -1
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
/*
|
|
3
|
-
* Copyright (c) 2019-
|
|
3
|
+
* Copyright (c) 2019-2026, FusionAuth, All Rights Reserved
|
|
4
4
|
*
|
|
5
5
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
6
|
* you may not use this file except in compliance with the License.
|
|
@@ -15,7 +15,7 @@
|
|
|
15
15
|
* language governing permissions and limitations under the License.
|
|
16
16
|
*/
|
|
17
17
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
18
|
-
exports.WebhookEventResult = exports.WebhookAttemptResult = exports.WebAuthnWorkflow = exports.VerificationStrategy = exports.UserVerificationRequirement = exports.UserState = exports.UserActionPhase = exports.UnverifiedBehavior = exports.UnknownScopePolicy = exports.TransactionType = exports.TokenType = exports.ThemeType = exports.UniqueUsernameStrategy = exports.SystemTrustedProxyConfigurationPolicy = exports.SteamAPIMode = exports.Sort = exports.SendSetPasswordIdentityType = exports.SecureGeneratorType = exports.SAMLv2DestinationAssertionPolicy = exports.ResidentKeyRequirement = exports.RefreshTokenUsagePolicy = exports.RefreshTokenExpirationPolicy = exports.ReactorFeatureStatus = exports.PublicKeyCredentialType = exports.ProofKeyForCodeExchangePolicy = exports.PasswordlessStrategy = exports.BreachMatchMode = exports.BreachAction = exports.ObjectState = exports.Oauth2AuthorizedURLValidationPolicy = exports.OAuthScopeHandlingPolicy = exports.OAuthScopeConsentMode = exports.OAuthErrorType = exports.OAuthErrorReason = exports.OAuthApplicationRelationship = exports.MultiFactorLoginPolicy = exports.MessengerType = exports.MessageType = exports.LogoutBehavior = exports.LambdaType = exports.LambdaEngineType = exports.LDAPSecurityMethod = exports.KeyUse = exports.KeyType = exports.KeyAlgorithm = exports.IdentityVerifiedReason = exports.IdentityProviderType = exports.ClientAuthenticationMethod = exports.IdentityProviderLoginMethod = exports.IdentityProviderLinkingStrategy = exports.IPAccessControlEntryAction = exports.HTTPMethod = exports.GrantType = exports.FormType = exports.FormFieldAdminPolicy = exports.FormDataType = exports.FormControl = exports.FamilyRole = exports.ExpiryUnit = exports.EventType = exports.EventLogType = exports.EmailSecurityType = exports.DeviceType = exports.CoseKeyType = exports.CoseEllipticCurve = exports.CoseAlgorithmIdentifier = exports.ContentStatus = exports.ConsentStatus = exports.ConnectorType = exports.ClientAuthenticationPolicy = exports.ChangePasswordReason = exports.CaptchaMethod = exports.CanonicalizationMethod = exports.BreachedPasswordStatus = exports.TOTPAlgorithm = exports.AuthenticatorAttachmentPreference = exports.AuthenticatorAttachment = exports.AuthenticationThreats = exports.AttestationType = exports.AttestationConveyancePreference = exports.ApplicationMultiFactorTrustPolicy = exports.XMLSignatureLocation = exports.SAMLLogoutBehavior = exports.RegistrationType = exports.LoginIdType = exports.Algorithm = exports.FusionAuthClient = void 0;
|
|
18
|
+
exports.WebhookEventResult = exports.WebhookAttemptResult = exports.WebAuthnWorkflow = exports.VerificationStrategy = exports.UserVerificationRequirement = exports.UserState = exports.UserActionPhase = exports.UnverifiedBehavior = exports.UnknownScopePolicy = exports.TransactionType = exports.TokenType = exports.ThemeType = exports.UniqueUsernameStrategy = exports.SystemTrustedProxyConfigurationPolicy = exports.SteamAPIMode = exports.Sort = exports.SendSetPasswordIdentityType = exports.SecureGeneratorType = exports.SAMLv2DestinationAssertionPolicy = exports.ResidentKeyRequirement = exports.RefreshTokenUsagePolicy = exports.RefreshTokenExpirationPolicy = exports.ReactorFeatureStatus = exports.PublicKeyCredentialType = exports.ProofKeyForCodeExchangePolicy = exports.PasswordlessStrategy = exports.BreachMatchMode = exports.BreachAction = exports.ObjectState = exports.Oauth2AuthorizedURLValidationPolicy = exports.OAuthScopeHandlingPolicy = exports.OAuthScopeConsentMode = exports.OAuthErrorType = exports.OAuthErrorReason = exports.OAuthApplicationRelationship = exports.MultiFactorLoginPolicy = exports.MultiFactorAction = exports.MessengerType = exports.MessageType = exports.LogoutBehavior = exports.LambdaType = exports.LambdaEngineType = exports.LDAPSecurityMethod = exports.KeyUse = exports.KeyType = exports.KeyAlgorithm = exports.IdentityVerifiedReason = exports.IdentityProviderType = exports.ClientAuthenticationMethod = exports.IdentityProviderLoginMethod = exports.IdentityProviderLinkingStrategy = exports.IPAccessControlEntryAction = exports.HTTPMethod = exports.GrantType = exports.FormType = exports.FormStepType = exports.FormFieldAdminPolicy = exports.FormDataType = exports.FormControl = exports.FamilyRole = exports.ExpiryUnit = exports.ExistingUserStrategy = exports.EventType = exports.EventLogType = exports.EmailSecurityType = exports.DeviceType = exports.CoseKeyType = exports.CoseEllipticCurve = exports.CoseAlgorithmIdentifier = exports.ContentStatus = exports.ConsentStatus = exports.ConnectorType = exports.ClientAuthenticationPolicy = exports.ChangePasswordReason = exports.CaptchaMethod = exports.CanonicalizationMethod = exports.BreachedPasswordStatus = exports.TOTPAlgorithm = exports.AuthenticatorAttachmentPreference = exports.AuthenticatorAttachment = exports.AuthenticationThreats = exports.AttestationType = exports.AttestationConveyancePreference = exports.ApplicationMultiFactorTrustPolicy = exports.XMLSignatureLocation = exports.SAMLLogoutBehavior = exports.RegistrationType = exports.LoginIdType = exports.Algorithm = exports.FusionAuthClient = void 0;
|
|
19
19
|
const DefaultRESTClientBuilder_1 = require("./DefaultRESTClientBuilder");
|
|
20
20
|
const url_1 = require("url");
|
|
21
21
|
class FusionAuthClient {
|
|
@@ -109,6 +109,35 @@ class FusionAuthClient {
|
|
|
109
109
|
.withMethod("POST")
|
|
110
110
|
.go();
|
|
111
111
|
}
|
|
112
|
+
/**
|
|
113
|
+
* Approve a device grant.
|
|
114
|
+
*
|
|
115
|
+
* @param {DeviceApprovalRequest} request The request object containing the device approval information and optional tenantId.
|
|
116
|
+
* @returns {Promise<ClientResponse<DeviceApprovalResponse>>}
|
|
117
|
+
*/
|
|
118
|
+
approveDeviceWithRequest(request) {
|
|
119
|
+
let body = new url_1.URLSearchParams();
|
|
120
|
+
if (request.client_id !== null && request.client_id !== undefined) {
|
|
121
|
+
body.append('client_id', request.client_id);
|
|
122
|
+
}
|
|
123
|
+
if (request.client_secret !== null && request.client_secret !== undefined) {
|
|
124
|
+
body.append('client_secret', request.client_secret);
|
|
125
|
+
}
|
|
126
|
+
if (request.tenantId !== null && request.tenantId !== undefined) {
|
|
127
|
+
body.append('tenantId', request.tenantId.toString());
|
|
128
|
+
}
|
|
129
|
+
if (request.token !== null && request.token !== undefined) {
|
|
130
|
+
body.append('token', request.token);
|
|
131
|
+
}
|
|
132
|
+
if (request.user_code !== null && request.user_code !== undefined) {
|
|
133
|
+
body.append('user_code', request.user_code);
|
|
134
|
+
}
|
|
135
|
+
return this.start()
|
|
136
|
+
.withUri('/oauth2/device/approve')
|
|
137
|
+
.withFormData(body)
|
|
138
|
+
.withMethod("POST")
|
|
139
|
+
.go();
|
|
140
|
+
}
|
|
112
141
|
/**
|
|
113
142
|
* Cancels the user action.
|
|
114
143
|
*
|
|
@@ -213,6 +242,25 @@ class FusionAuthClient {
|
|
|
213
242
|
.withMethod("GET")
|
|
214
243
|
.go();
|
|
215
244
|
}
|
|
245
|
+
/**
|
|
246
|
+
* Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
|
|
247
|
+
* When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
|
|
248
|
+
* your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication.
|
|
249
|
+
*
|
|
250
|
+
* An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
|
|
251
|
+
*
|
|
252
|
+
* @param {string} changePasswordId The change password Id used to find the user. This value is generated by FusionAuth once the change password workflow has been initiated.
|
|
253
|
+
* @param {string} ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
|
|
254
|
+
* @returns {Promise<ClientResponse<void>>}
|
|
255
|
+
*/
|
|
256
|
+
checkChangePasswordUsingIdAndIPAddress(changePasswordId, ipAddress) {
|
|
257
|
+
return this.startAnonymous()
|
|
258
|
+
.withUri('/api/user/change-password')
|
|
259
|
+
.withUriSegment(changePasswordId)
|
|
260
|
+
.withParameter('ipAddress', ipAddress)
|
|
261
|
+
.withMethod("GET")
|
|
262
|
+
.go();
|
|
263
|
+
}
|
|
216
264
|
/**
|
|
217
265
|
* Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
|
|
218
266
|
* When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
|
|
@@ -230,6 +278,25 @@ class FusionAuthClient {
|
|
|
230
278
|
.withMethod("GET")
|
|
231
279
|
.go();
|
|
232
280
|
}
|
|
281
|
+
/**
|
|
282
|
+
* Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
|
|
283
|
+
* When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
|
|
284
|
+
* your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication.
|
|
285
|
+
*
|
|
286
|
+
* An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
|
|
287
|
+
*
|
|
288
|
+
* @param {string} encodedJWT The encoded JWT (access token).
|
|
289
|
+
* @param {string} ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
|
|
290
|
+
* @returns {Promise<ClientResponse<void>>}
|
|
291
|
+
*/
|
|
292
|
+
checkChangePasswordUsingJWTAndIPAddress(encodedJWT, ipAddress) {
|
|
293
|
+
return this.startAnonymous()
|
|
294
|
+
.withUri('/api/user/change-password')
|
|
295
|
+
.withAuthorization('Bearer ' + encodedJWT)
|
|
296
|
+
.withParameter('ipAddress', ipAddress)
|
|
297
|
+
.withMethod("GET")
|
|
298
|
+
.go();
|
|
299
|
+
}
|
|
233
300
|
/**
|
|
234
301
|
* Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
|
|
235
302
|
* When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
|
|
@@ -247,6 +314,25 @@ class FusionAuthClient {
|
|
|
247
314
|
.withMethod("GET")
|
|
248
315
|
.go();
|
|
249
316
|
}
|
|
317
|
+
/**
|
|
318
|
+
* Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
|
|
319
|
+
* When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
|
|
320
|
+
* your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication.
|
|
321
|
+
*
|
|
322
|
+
* An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
|
|
323
|
+
*
|
|
324
|
+
* @param {string} loginId The loginId (email or username) of the User that you intend to change the password for.
|
|
325
|
+
* @param {string} ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
|
|
326
|
+
* @returns {Promise<ClientResponse<void>>}
|
|
327
|
+
*/
|
|
328
|
+
checkChangePasswordUsingLoginIdAndIPAddress(loginId, ipAddress) {
|
|
329
|
+
return this.start()
|
|
330
|
+
.withUri('/api/user/change-password')
|
|
331
|
+
.withParameter('loginId', loginId)
|
|
332
|
+
.withParameter('ipAddress', ipAddress)
|
|
333
|
+
.withMethod("GET")
|
|
334
|
+
.go();
|
|
335
|
+
}
|
|
250
336
|
/**
|
|
251
337
|
* Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
|
|
252
338
|
* When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
|
|
@@ -266,6 +352,27 @@ class FusionAuthClient {
|
|
|
266
352
|
.withMethod("GET")
|
|
267
353
|
.go();
|
|
268
354
|
}
|
|
355
|
+
/**
|
|
356
|
+
* Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
|
|
357
|
+
* When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
|
|
358
|
+
* your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication.
|
|
359
|
+
*
|
|
360
|
+
* An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
|
|
361
|
+
*
|
|
362
|
+
* @param {string} loginId The loginId of the User that you intend to change the password for.
|
|
363
|
+
* @param {Array<String>} loginIdTypes The identity types that FusionAuth will compare the loginId to.
|
|
364
|
+
* @param {string} ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
|
|
365
|
+
* @returns {Promise<ClientResponse<void>>}
|
|
366
|
+
*/
|
|
367
|
+
checkChangePasswordUsingLoginIdAndLoginIdTypesAndIPAddress(loginId, loginIdTypes, ipAddress) {
|
|
368
|
+
return this.start()
|
|
369
|
+
.withUri('/api/user/change-password')
|
|
370
|
+
.withParameter('loginId', loginId)
|
|
371
|
+
.withParameter('loginIdTypes', loginIdTypes)
|
|
372
|
+
.withParameter('ipAddress', ipAddress)
|
|
373
|
+
.withMethod("GET")
|
|
374
|
+
.go();
|
|
375
|
+
}
|
|
269
376
|
/**
|
|
270
377
|
* Make a Client Credentials grant request to obtain an access token.
|
|
271
378
|
*
|
|
@@ -288,6 +395,35 @@ class FusionAuthClient {
|
|
|
288
395
|
.withMethod("POST")
|
|
289
396
|
.go();
|
|
290
397
|
}
|
|
398
|
+
/**
|
|
399
|
+
* Make a Client Credentials grant request to obtain an access token.
|
|
400
|
+
*
|
|
401
|
+
* @param {ClientCredentialsGrantRequest} request The client credentials grant request containing client authentication, scope and optional tenantId.
|
|
402
|
+
* @returns {Promise<ClientResponse<AccessToken>>}
|
|
403
|
+
*/
|
|
404
|
+
clientCredentialsGrantWithRequest(request) {
|
|
405
|
+
let body = new url_1.URLSearchParams();
|
|
406
|
+
if (request.client_id !== null && request.client_id !== undefined) {
|
|
407
|
+
body.append('client_id', request.client_id);
|
|
408
|
+
}
|
|
409
|
+
if (request.client_secret !== null && request.client_secret !== undefined) {
|
|
410
|
+
body.append('client_secret', request.client_secret);
|
|
411
|
+
}
|
|
412
|
+
if (request.grant_type !== null && request.grant_type !== undefined) {
|
|
413
|
+
body.append('grant_type', request.grant_type);
|
|
414
|
+
}
|
|
415
|
+
if (request.scope !== null && request.scope !== undefined) {
|
|
416
|
+
body.append('scope', request.scope);
|
|
417
|
+
}
|
|
418
|
+
if (request.tenantId !== null && request.tenantId !== undefined) {
|
|
419
|
+
body.append('tenantId', request.tenantId);
|
|
420
|
+
}
|
|
421
|
+
return this.startAnonymous()
|
|
422
|
+
.withUri('/oauth2/token')
|
|
423
|
+
.withFormData(body)
|
|
424
|
+
.withMethod("POST")
|
|
425
|
+
.go();
|
|
426
|
+
}
|
|
291
427
|
/**
|
|
292
428
|
* Adds a comment to the user's account.
|
|
293
429
|
*
|
|
@@ -1394,6 +1530,19 @@ class FusionAuthClient {
|
|
|
1394
1530
|
.withMethod("DELETE")
|
|
1395
1531
|
.go();
|
|
1396
1532
|
}
|
|
1533
|
+
/**
|
|
1534
|
+
* Deletes all of the WebAuthn credentials for the given User Id.
|
|
1535
|
+
*
|
|
1536
|
+
* @param {UUID} userId The unique Id of the User to delete WebAuthn passkeys for.
|
|
1537
|
+
* @returns {Promise<ClientResponse<void>>}
|
|
1538
|
+
*/
|
|
1539
|
+
deleteWebAuthnCredentialsForUser(userId) {
|
|
1540
|
+
return this.start()
|
|
1541
|
+
.withUri('/api/webauthn')
|
|
1542
|
+
.withParameter('userId', userId)
|
|
1543
|
+
.withMethod("DELETE")
|
|
1544
|
+
.go();
|
|
1545
|
+
}
|
|
1397
1546
|
/**
|
|
1398
1547
|
* Deletes the webhook for the given Id.
|
|
1399
1548
|
*
|
|
@@ -1407,6 +1556,51 @@ class FusionAuthClient {
|
|
|
1407
1556
|
.withMethod("DELETE")
|
|
1408
1557
|
.go();
|
|
1409
1558
|
}
|
|
1559
|
+
/**
|
|
1560
|
+
* Start the Device Authorization flow using form-encoded parameters
|
|
1561
|
+
*
|
|
1562
|
+
* @param {string} client_id The unique client identifier. The client Id is the Id of the FusionAuth Application in which you are attempting to authenticate.
|
|
1563
|
+
* @param {string} client_secret (Optional) The client secret. This value may optionally be provided in the request body instead of the Authorization header.
|
|
1564
|
+
* @param {string} scope (Optional) A space-delimited string of the requested scopes. Defaults to all scopes configured in the Application's OAuth configuration.
|
|
1565
|
+
* @returns {Promise<ClientResponse<DeviceResponse>>}
|
|
1566
|
+
*/
|
|
1567
|
+
deviceAuthorize(client_id, client_secret, scope) {
|
|
1568
|
+
let body = new url_1.URLSearchParams();
|
|
1569
|
+
body.append('client_id', client_id);
|
|
1570
|
+
body.append('client_secret', client_secret);
|
|
1571
|
+
body.append('scope', scope);
|
|
1572
|
+
return this.startAnonymous()
|
|
1573
|
+
.withUri('/oauth2/device_authorize')
|
|
1574
|
+
.withFormData(body)
|
|
1575
|
+
.withMethod("POST")
|
|
1576
|
+
.go();
|
|
1577
|
+
}
|
|
1578
|
+
/**
|
|
1579
|
+
* Start the Device Authorization flow using a request body
|
|
1580
|
+
*
|
|
1581
|
+
* @param {DeviceAuthorizationRequest} request The device authorization request containing client authentication, scope, and optional device metadata.
|
|
1582
|
+
* @returns {Promise<ClientResponse<DeviceResponse>>}
|
|
1583
|
+
*/
|
|
1584
|
+
deviceAuthorizeWithRequest(request) {
|
|
1585
|
+
let body = new url_1.URLSearchParams();
|
|
1586
|
+
if (request.client_id !== null && request.client_id !== undefined) {
|
|
1587
|
+
body.append('client_id', request.client_id);
|
|
1588
|
+
}
|
|
1589
|
+
if (request.client_secret !== null && request.client_secret !== undefined) {
|
|
1590
|
+
body.append('client_secret', request.client_secret);
|
|
1591
|
+
}
|
|
1592
|
+
if (request.scope !== null && request.scope !== undefined) {
|
|
1593
|
+
body.append('scope', request.scope);
|
|
1594
|
+
}
|
|
1595
|
+
if (request.tenantId !== null && request.tenantId !== undefined) {
|
|
1596
|
+
body.append('tenantId', request.tenantId.toString());
|
|
1597
|
+
}
|
|
1598
|
+
return this.startAnonymous()
|
|
1599
|
+
.withUri('/oauth2/device_authorize')
|
|
1600
|
+
.withFormData(body)
|
|
1601
|
+
.withMethod("POST")
|
|
1602
|
+
.go();
|
|
1603
|
+
}
|
|
1410
1604
|
/**
|
|
1411
1605
|
* Disable two-factor authentication for a user.
|
|
1412
1606
|
*
|
|
@@ -1504,6 +1698,75 @@ class FusionAuthClient {
|
|
|
1504
1698
|
.withMethod("POST")
|
|
1505
1699
|
.go();
|
|
1506
1700
|
}
|
|
1701
|
+
/**
|
|
1702
|
+
* Exchanges an OAuth authorization code and code_verifier for an access token.
|
|
1703
|
+
* Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint and a code_verifier for an access token.
|
|
1704
|
+
*
|
|
1705
|
+
* @param {OAuthCodePKCEAccessTokenRequest} request The PKCE OAuth code access token exchange request.
|
|
1706
|
+
* @returns {Promise<ClientResponse<AccessToken>>}
|
|
1707
|
+
*/
|
|
1708
|
+
exchangeOAuthCodeForAccessTokenUsingPKCEWithRequest(request) {
|
|
1709
|
+
let body = new url_1.URLSearchParams();
|
|
1710
|
+
if (request.client_id !== null && request.client_id !== undefined) {
|
|
1711
|
+
body.append('client_id', request.client_id);
|
|
1712
|
+
}
|
|
1713
|
+
if (request.client_secret !== null && request.client_secret !== undefined) {
|
|
1714
|
+
body.append('client_secret', request.client_secret);
|
|
1715
|
+
}
|
|
1716
|
+
if (request.code !== null && request.code !== undefined) {
|
|
1717
|
+
body.append('code', request.code);
|
|
1718
|
+
}
|
|
1719
|
+
if (request.code_verifier !== null && request.code_verifier !== undefined) {
|
|
1720
|
+
body.append('code_verifier', request.code_verifier);
|
|
1721
|
+
}
|
|
1722
|
+
if (request.grant_type !== null && request.grant_type !== undefined) {
|
|
1723
|
+
body.append('grant_type', request.grant_type);
|
|
1724
|
+
}
|
|
1725
|
+
if (request.redirect_uri !== null && request.redirect_uri !== undefined) {
|
|
1726
|
+
body.append('redirect_uri', request.redirect_uri);
|
|
1727
|
+
}
|
|
1728
|
+
if (request.tenantId !== null && request.tenantId !== undefined) {
|
|
1729
|
+
body.append('tenantId', request.tenantId.toString());
|
|
1730
|
+
}
|
|
1731
|
+
return this.startAnonymous()
|
|
1732
|
+
.withUri('/oauth2/token')
|
|
1733
|
+
.withFormData(body)
|
|
1734
|
+
.withMethod("POST")
|
|
1735
|
+
.go();
|
|
1736
|
+
}
|
|
1737
|
+
/**
|
|
1738
|
+
* Exchanges an OAuth authorization code for an access token.
|
|
1739
|
+
* Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint for an access token.
|
|
1740
|
+
*
|
|
1741
|
+
* @param {OAuthCodeAccessTokenRequest} request The OAuth code access token exchange request.
|
|
1742
|
+
* @returns {Promise<ClientResponse<AccessToken>>}
|
|
1743
|
+
*/
|
|
1744
|
+
exchangeOAuthCodeForAccessTokenWithRequest(request) {
|
|
1745
|
+
let body = new url_1.URLSearchParams();
|
|
1746
|
+
if (request.client_id !== null && request.client_id !== undefined) {
|
|
1747
|
+
body.append('client_id', request.client_id);
|
|
1748
|
+
}
|
|
1749
|
+
if (request.client_secret !== null && request.client_secret !== undefined) {
|
|
1750
|
+
body.append('client_secret', request.client_secret);
|
|
1751
|
+
}
|
|
1752
|
+
if (request.code !== null && request.code !== undefined) {
|
|
1753
|
+
body.append('code', request.code);
|
|
1754
|
+
}
|
|
1755
|
+
if (request.grant_type !== null && request.grant_type !== undefined) {
|
|
1756
|
+
body.append('grant_type', request.grant_type);
|
|
1757
|
+
}
|
|
1758
|
+
if (request.redirect_uri !== null && request.redirect_uri !== undefined) {
|
|
1759
|
+
body.append('redirect_uri', request.redirect_uri);
|
|
1760
|
+
}
|
|
1761
|
+
if (request.tenantId !== null && request.tenantId !== undefined) {
|
|
1762
|
+
body.append('tenantId', request.tenantId);
|
|
1763
|
+
}
|
|
1764
|
+
return this.startAnonymous()
|
|
1765
|
+
.withUri('/oauth2/token')
|
|
1766
|
+
.withFormData(body)
|
|
1767
|
+
.withMethod("POST")
|
|
1768
|
+
.go();
|
|
1769
|
+
}
|
|
1507
1770
|
/**
|
|
1508
1771
|
* Exchange a Refresh Token for an Access Token.
|
|
1509
1772
|
* If you will be using the Refresh Token Grant, you will make a request to the Token endpoint to exchange the user’s refresh token for an access token.
|
|
@@ -1530,6 +1793,42 @@ class FusionAuthClient {
|
|
|
1530
1793
|
.withMethod("POST")
|
|
1531
1794
|
.go();
|
|
1532
1795
|
}
|
|
1796
|
+
/**
|
|
1797
|
+
* Exchange a Refresh Token for an Access Token.
|
|
1798
|
+
* If you will be using the Refresh Token Grant, you will make a request to the Token endpoint to exchange the user’s refresh token for an access token.
|
|
1799
|
+
*
|
|
1800
|
+
* @param {RefreshTokenAccessTokenRequest} request The refresh token access token exchange request.
|
|
1801
|
+
* @returns {Promise<ClientResponse<AccessToken>>}
|
|
1802
|
+
*/
|
|
1803
|
+
exchangeRefreshTokenForAccessTokenWithRequest(request) {
|
|
1804
|
+
let body = new url_1.URLSearchParams();
|
|
1805
|
+
if (request.client_id !== null && request.client_id !== undefined) {
|
|
1806
|
+
body.append('client_id', request.client_id);
|
|
1807
|
+
}
|
|
1808
|
+
if (request.client_secret !== null && request.client_secret !== undefined) {
|
|
1809
|
+
body.append('client_secret', request.client_secret);
|
|
1810
|
+
}
|
|
1811
|
+
if (request.grant_type !== null && request.grant_type !== undefined) {
|
|
1812
|
+
body.append('grant_type', request.grant_type);
|
|
1813
|
+
}
|
|
1814
|
+
if (request.refresh_token !== null && request.refresh_token !== undefined) {
|
|
1815
|
+
body.append('refresh_token', request.refresh_token);
|
|
1816
|
+
}
|
|
1817
|
+
if (request.scope !== null && request.scope !== undefined) {
|
|
1818
|
+
body.append('scope', request.scope);
|
|
1819
|
+
}
|
|
1820
|
+
if (request.tenantId !== null && request.tenantId !== undefined) {
|
|
1821
|
+
body.append('tenantId', request.tenantId.toString());
|
|
1822
|
+
}
|
|
1823
|
+
if (request.user_code !== null && request.user_code !== undefined) {
|
|
1824
|
+
body.append('user_code', request.user_code);
|
|
1825
|
+
}
|
|
1826
|
+
return this.startAnonymous()
|
|
1827
|
+
.withUri('/oauth2/token')
|
|
1828
|
+
.withFormData(body)
|
|
1829
|
+
.withMethod("POST")
|
|
1830
|
+
.go();
|
|
1831
|
+
}
|
|
1533
1832
|
/**
|
|
1534
1833
|
* Exchange a refresh token for a new JWT.
|
|
1535
1834
|
*
|
|
@@ -1571,6 +1870,45 @@ class FusionAuthClient {
|
|
|
1571
1870
|
.withMethod("POST")
|
|
1572
1871
|
.go();
|
|
1573
1872
|
}
|
|
1873
|
+
/**
|
|
1874
|
+
* Exchange User Credentials for a Token.
|
|
1875
|
+
* If you will be using the Resource Owner Password Credential Grant, you will make a request to the Token endpoint to exchange the user’s email and password for an access token.
|
|
1876
|
+
*
|
|
1877
|
+
* @param {UserCredentialsAccessTokenRequest} request The user credentials access token exchange request.
|
|
1878
|
+
* @returns {Promise<ClientResponse<AccessToken>>}
|
|
1879
|
+
*/
|
|
1880
|
+
exchangeUserCredentialsForAccessTokenWithRequest(request) {
|
|
1881
|
+
let body = new url_1.URLSearchParams();
|
|
1882
|
+
if (request.client_id !== null && request.client_id !== undefined) {
|
|
1883
|
+
body.append('client_id', request.client_id);
|
|
1884
|
+
}
|
|
1885
|
+
if (request.client_secret !== null && request.client_secret !== undefined) {
|
|
1886
|
+
body.append('client_secret', request.client_secret);
|
|
1887
|
+
}
|
|
1888
|
+
if (request.grant_type !== null && request.grant_type !== undefined) {
|
|
1889
|
+
body.append('grant_type', request.grant_type);
|
|
1890
|
+
}
|
|
1891
|
+
if (request.password !== null && request.password !== undefined) {
|
|
1892
|
+
body.append('password', request.password);
|
|
1893
|
+
}
|
|
1894
|
+
if (request.scope !== null && request.scope !== undefined) {
|
|
1895
|
+
body.append('scope', request.scope);
|
|
1896
|
+
}
|
|
1897
|
+
if (request.tenantId !== null && request.tenantId !== undefined) {
|
|
1898
|
+
body.append('tenantId', request.tenantId);
|
|
1899
|
+
}
|
|
1900
|
+
if (request.user_code !== null && request.user_code !== undefined) {
|
|
1901
|
+
body.append('user_code', request.user_code);
|
|
1902
|
+
}
|
|
1903
|
+
if (request.username !== null && request.username !== undefined) {
|
|
1904
|
+
body.append('username', request.username);
|
|
1905
|
+
}
|
|
1906
|
+
return this.startAnonymous()
|
|
1907
|
+
.withUri('/oauth2/token')
|
|
1908
|
+
.withFormData(body)
|
|
1909
|
+
.withMethod("POST")
|
|
1910
|
+
.go();
|
|
1911
|
+
}
|
|
1574
1912
|
/**
|
|
1575
1913
|
* Begins the forgot password sequence, which kicks off an email to the user so that they can reset their password.
|
|
1576
1914
|
*
|
|
@@ -1773,6 +2111,29 @@ class FusionAuthClient {
|
|
|
1773
2111
|
.withMethod("POST")
|
|
1774
2112
|
.go();
|
|
1775
2113
|
}
|
|
2114
|
+
/**
|
|
2115
|
+
* Inspect an access token issued as the result of the User based grant such as the Authorization Code Grant, Implicit Grant, the User Credentials Grant or the Refresh Grant.
|
|
2116
|
+
*
|
|
2117
|
+
* @param {AccessTokenIntrospectRequest} request The access token introspection request.
|
|
2118
|
+
* @returns {Promise<ClientResponse<IntrospectResponse>>}
|
|
2119
|
+
*/
|
|
2120
|
+
introspectAccessTokenWithRequest(request) {
|
|
2121
|
+
let body = new url_1.URLSearchParams();
|
|
2122
|
+
if (request.client_id !== null && request.client_id !== undefined) {
|
|
2123
|
+
body.append('client_id', request.client_id);
|
|
2124
|
+
}
|
|
2125
|
+
if (request.tenantId !== null && request.tenantId !== undefined) {
|
|
2126
|
+
body.append('tenantId', request.tenantId);
|
|
2127
|
+
}
|
|
2128
|
+
if (request.token !== null && request.token !== undefined) {
|
|
2129
|
+
body.append('token', request.token);
|
|
2130
|
+
}
|
|
2131
|
+
return this.startAnonymous()
|
|
2132
|
+
.withUri('/oauth2/introspect')
|
|
2133
|
+
.withFormData(body)
|
|
2134
|
+
.withMethod("POST")
|
|
2135
|
+
.go();
|
|
2136
|
+
}
|
|
1776
2137
|
/**
|
|
1777
2138
|
* Inspect an access token issued as the result of the Client Credentials Grant.
|
|
1778
2139
|
*
|
|
@@ -1788,6 +2149,26 @@ class FusionAuthClient {
|
|
|
1788
2149
|
.withMethod("POST")
|
|
1789
2150
|
.go();
|
|
1790
2151
|
}
|
|
2152
|
+
/**
|
|
2153
|
+
* Inspect an access token issued as the result of the Client Credentials Grant.
|
|
2154
|
+
*
|
|
2155
|
+
* @param {ClientCredentialsAccessTokenIntrospectRequest} request The client credentials access token.
|
|
2156
|
+
* @returns {Promise<ClientResponse<IntrospectResponse>>}
|
|
2157
|
+
*/
|
|
2158
|
+
introspectClientCredentialsAccessTokenWithRequest(request) {
|
|
2159
|
+
let body = new url_1.URLSearchParams();
|
|
2160
|
+
if (request.tenantId !== null && request.tenantId !== undefined) {
|
|
2161
|
+
body.append('tenantId', request.tenantId);
|
|
2162
|
+
}
|
|
2163
|
+
if (request.token !== null && request.token !== undefined) {
|
|
2164
|
+
body.append('token', request.token);
|
|
2165
|
+
}
|
|
2166
|
+
return this.startAnonymous()
|
|
2167
|
+
.withUri('/oauth2/introspect')
|
|
2168
|
+
.withFormData(body)
|
|
2169
|
+
.withMethod("POST")
|
|
2170
|
+
.go();
|
|
2171
|
+
}
|
|
1791
2172
|
/**
|
|
1792
2173
|
* Issue a new access token (JWT) for the requested Application after ensuring the provided JWT is valid. A valid
|
|
1793
2174
|
* access token is properly signed and not expired.
|
|
@@ -1898,7 +2279,7 @@ class FusionAuthClient {
|
|
|
1898
2279
|
.go();
|
|
1899
2280
|
}
|
|
1900
2281
|
/**
|
|
1901
|
-
* Retrieves
|
|
2282
|
+
* Retrieves any global identity providers for the given domain. A 200 response code indicates the domain is managed
|
|
1902
2283
|
* by a registered identity provider. A 404 indicates the domain is not managed.
|
|
1903
2284
|
*
|
|
1904
2285
|
* @param {string} domain The domain or email address to lookup.
|
|
@@ -1911,6 +2292,23 @@ class FusionAuthClient {
|
|
|
1911
2292
|
.withMethod("GET")
|
|
1912
2293
|
.go();
|
|
1913
2294
|
}
|
|
2295
|
+
/**
|
|
2296
|
+
* Retrieves the identity provider for the given domain and tenantId. A 200 response code indicates the domain is managed
|
|
2297
|
+
* by a registered identity provider. A 404 indicates the domain is not managed.
|
|
2298
|
+
*
|
|
2299
|
+
* @param {string} domain The domain or email address to lookup.
|
|
2300
|
+
* @param {UUID} tenantId If provided, the API searches for an identity provider scoped to the corresponding tenant that manages the requested domain.
|
|
2301
|
+
* If no result is found, the API then searches for global identity providers.
|
|
2302
|
+
* @returns {Promise<ClientResponse<LookupResponse>>}
|
|
2303
|
+
*/
|
|
2304
|
+
lookupIdentityProviderByTenantId(domain, tenantId) {
|
|
2305
|
+
return this.start()
|
|
2306
|
+
.withUri('/api/identity-provider/lookup')
|
|
2307
|
+
.withParameter('domain', domain)
|
|
2308
|
+
.withParameter('tenantId', tenantId)
|
|
2309
|
+
.withMethod("GET")
|
|
2310
|
+
.go();
|
|
2311
|
+
}
|
|
1914
2312
|
/**
|
|
1915
2313
|
* Modifies a temporal user action by changing the expiration of the action and optionally adding a comment to the
|
|
1916
2314
|
* action.
|
|
@@ -3549,6 +3947,19 @@ class FusionAuthClient {
|
|
|
3549
3947
|
.withMethod("GET")
|
|
3550
3948
|
.go();
|
|
3551
3949
|
}
|
|
3950
|
+
/**
|
|
3951
|
+
* Retrieves the totals report. This allows excluding applicationTotals from the report. An empty list will include the applicationTotals.
|
|
3952
|
+
*
|
|
3953
|
+
* @param {Array<String>} excludes List of fields to exclude in the response. Currently only allows applicationTotals.
|
|
3954
|
+
* @returns {Promise<ClientResponse<TotalsReportResponse>>}
|
|
3955
|
+
*/
|
|
3956
|
+
retrieveTotalReportWithExcludes(excludes) {
|
|
3957
|
+
return this.start()
|
|
3958
|
+
.withUri('/api/report/totals')
|
|
3959
|
+
.withParameter('excludes', excludes)
|
|
3960
|
+
.withMethod("GET")
|
|
3961
|
+
.go();
|
|
3962
|
+
}
|
|
3552
3963
|
/**
|
|
3553
3964
|
* Retrieve two-factor recovery codes for a user.
|
|
3554
3965
|
*
|
|
@@ -3582,6 +3993,23 @@ class FusionAuthClient {
|
|
|
3582
3993
|
.withMethod("GET")
|
|
3583
3994
|
.go();
|
|
3584
3995
|
}
|
|
3996
|
+
/**
|
|
3997
|
+
* Retrieve a user's two-factor status.
|
|
3998
|
+
*
|
|
3999
|
+
* This can be used to see if a user will need to complete a two-factor challenge to complete a login,
|
|
4000
|
+
* and optionally identify the state of the two-factor trust across various applications. This operation
|
|
4001
|
+
* provides more payload options than retrieveTwoFactorStatus.
|
|
4002
|
+
*
|
|
4003
|
+
* @param {TwoFactorStatusRequest} request The request object that contains all the information used to check the status.
|
|
4004
|
+
* @returns {Promise<ClientResponse<TwoFactorStatusResponse>>}
|
|
4005
|
+
*/
|
|
4006
|
+
retrieveTwoFactorStatusWithRequest(request) {
|
|
4007
|
+
return this.start()
|
|
4008
|
+
.withUri('/api/two-factor/status')
|
|
4009
|
+
.withJSONBody(request)
|
|
4010
|
+
.withMethod("POST")
|
|
4011
|
+
.go();
|
|
4012
|
+
}
|
|
3585
4013
|
/**
|
|
3586
4014
|
* Retrieves the user for the given Id.
|
|
3587
4015
|
*
|
|
@@ -3767,6 +4195,58 @@ class FusionAuthClient {
|
|
|
3767
4195
|
.withMethod("GET")
|
|
3768
4196
|
.go();
|
|
3769
4197
|
}
|
|
4198
|
+
/**
|
|
4199
|
+
* Retrieve a user_code that is part of an in-progress Device Authorization Grant.
|
|
4200
|
+
*
|
|
4201
|
+
* This API is useful if you want to build your own login workflow to complete a device grant.
|
|
4202
|
+
*
|
|
4203
|
+
* This request will require an API key.
|
|
4204
|
+
*
|
|
4205
|
+
* @param {RetrieveUserCodeUsingAPIKeyRequest} request The user code retrieval request including optional tenantId.
|
|
4206
|
+
* @returns {Promise<ClientResponse<void>>}
|
|
4207
|
+
*/
|
|
4208
|
+
retrieveUserCodeUsingAPIKeyWithRequest(request) {
|
|
4209
|
+
let body = new url_1.URLSearchParams();
|
|
4210
|
+
if (request.tenantId !== null && request.tenantId !== undefined) {
|
|
4211
|
+
body.append('tenantId', request.tenantId.toString());
|
|
4212
|
+
}
|
|
4213
|
+
if (request.user_code !== null && request.user_code !== undefined) {
|
|
4214
|
+
body.append('user_code', request.user_code);
|
|
4215
|
+
}
|
|
4216
|
+
return this.startAnonymous()
|
|
4217
|
+
.withUri('/oauth2/device/user-code')
|
|
4218
|
+
.withFormData(body)
|
|
4219
|
+
.withMethod("POST")
|
|
4220
|
+
.go();
|
|
4221
|
+
}
|
|
4222
|
+
/**
|
|
4223
|
+
* Retrieve a user_code that is part of an in-progress Device Authorization Grant.
|
|
4224
|
+
*
|
|
4225
|
+
* This API is useful if you want to build your own login workflow to complete a device grant.
|
|
4226
|
+
*
|
|
4227
|
+
* @param {RetrieveUserCodeRequest} request The user code retrieval request.
|
|
4228
|
+
* @returns {Promise<ClientResponse<void>>}
|
|
4229
|
+
*/
|
|
4230
|
+
retrieveUserCodeWithRequest(request) {
|
|
4231
|
+
let body = new url_1.URLSearchParams();
|
|
4232
|
+
if (request.client_id !== null && request.client_id !== undefined) {
|
|
4233
|
+
body.append('client_id', request.client_id);
|
|
4234
|
+
}
|
|
4235
|
+
if (request.client_secret !== null && request.client_secret !== undefined) {
|
|
4236
|
+
body.append('client_secret', request.client_secret);
|
|
4237
|
+
}
|
|
4238
|
+
if (request.tenantId !== null && request.tenantId !== undefined) {
|
|
4239
|
+
body.append('tenantId', request.tenantId.toString());
|
|
4240
|
+
}
|
|
4241
|
+
if (request.user_code !== null && request.user_code !== undefined) {
|
|
4242
|
+
body.append('user_code', request.user_code);
|
|
4243
|
+
}
|
|
4244
|
+
return this.startAnonymous()
|
|
4245
|
+
.withUri('/oauth2/device/user-code')
|
|
4246
|
+
.withFormData(body)
|
|
4247
|
+
.withMethod("POST")
|
|
4248
|
+
.go();
|
|
4249
|
+
}
|
|
3770
4250
|
/**
|
|
3771
4251
|
* Retrieves all the comments for the user with the given Id.
|
|
3772
4252
|
*
|
|
@@ -3930,19 +4410,6 @@ class FusionAuthClient {
|
|
|
3930
4410
|
.withMethod("GET")
|
|
3931
4411
|
.go();
|
|
3932
4412
|
}
|
|
3933
|
-
/**
|
|
3934
|
-
* Retrieves the user for the given Id. This method does not use an API key, instead it uses a JSON Web Token (JWT) for authentication.
|
|
3935
|
-
*
|
|
3936
|
-
* @param {string} encodedJWT The encoded JWT (access token).
|
|
3937
|
-
* @returns {Promise<ClientResponse<UserResponse>>}
|
|
3938
|
-
*/
|
|
3939
|
-
retrieveUserUsingJWT(encodedJWT) {
|
|
3940
|
-
return this.startAnonymous()
|
|
3941
|
-
.withUri('/api/user')
|
|
3942
|
-
.withAuthorization('Bearer ' + encodedJWT)
|
|
3943
|
-
.withMethod("GET")
|
|
3944
|
-
.go();
|
|
3945
|
-
}
|
|
3946
4413
|
/**
|
|
3947
4414
|
* Retrieves the FusionAuth version string.
|
|
3948
4415
|
*
|
|
@@ -5208,6 +5675,22 @@ class FusionAuthClient {
|
|
|
5208
5675
|
.withMethod("GET")
|
|
5209
5676
|
.go();
|
|
5210
5677
|
}
|
|
5678
|
+
/**
|
|
5679
|
+
* Validates the end-user provided user_code from the user-interaction of the Device Authorization Grant.
|
|
5680
|
+
* If you build your own activation form you should validate the user provided code prior to beginning the Authorization grant.
|
|
5681
|
+
*
|
|
5682
|
+
* @param {ValidateDeviceRequest} request The device validation request.
|
|
5683
|
+
* @returns {Promise<ClientResponse<void>>}
|
|
5684
|
+
*/
|
|
5685
|
+
validateDeviceWithRequest(request) {
|
|
5686
|
+
return this.startAnonymous()
|
|
5687
|
+
.withUri('/oauth2/device/validate')
|
|
5688
|
+
.withParameter('client_id', request.client_id)
|
|
5689
|
+
.withParameter('tenantId', request.tenantId != null ? request.tenantId.toString() : null)
|
|
5690
|
+
.withParameter('user_code', request.user_code)
|
|
5691
|
+
.withMethod("GET")
|
|
5692
|
+
.go();
|
|
5693
|
+
}
|
|
5211
5694
|
/**
|
|
5212
5695
|
* Validates the provided JWT (encoded JWT string) to ensure the token is valid. A valid access token is properly
|
|
5213
5696
|
* signed and not expired.
|
|
@@ -5702,6 +6185,14 @@ var EventType;
|
|
|
5702
6185
|
EventType["UserIdentityVerified"] = "user.identity.verified";
|
|
5703
6186
|
EventType["UserIdentityUpdate"] = "user.identity.update";
|
|
5704
6187
|
})(EventType = exports.EventType || (exports.EventType = {}));
|
|
6188
|
+
/**
|
|
6189
|
+
* Represent the various states/expectations of a user in the context of starting verification
|
|
6190
|
+
*/
|
|
6191
|
+
var ExistingUserStrategy;
|
|
6192
|
+
(function (ExistingUserStrategy) {
|
|
6193
|
+
ExistingUserStrategy["mustExist"] = "mustExist";
|
|
6194
|
+
ExistingUserStrategy["mustNotExist"] = "mustNotExist";
|
|
6195
|
+
})(ExistingUserStrategy = exports.ExistingUserStrategy || (exports.ExistingUserStrategy = {}));
|
|
5705
6196
|
/**
|
|
5706
6197
|
* @author Brian Pontarelli
|
|
5707
6198
|
*/
|
|
@@ -5754,6 +6245,15 @@ var FormFieldAdminPolicy;
|
|
|
5754
6245
|
FormFieldAdminPolicy["Edit"] = "Edit";
|
|
5755
6246
|
FormFieldAdminPolicy["View"] = "View";
|
|
5756
6247
|
})(FormFieldAdminPolicy = exports.FormFieldAdminPolicy || (exports.FormFieldAdminPolicy = {}));
|
|
6248
|
+
/**
|
|
6249
|
+
* Denotes the type of form step. This is used to configure different behavior on form steps in the registration flow.
|
|
6250
|
+
*/
|
|
6251
|
+
var FormStepType;
|
|
6252
|
+
(function (FormStepType) {
|
|
6253
|
+
FormStepType["collectData"] = "collectData";
|
|
6254
|
+
FormStepType["verifyEmail"] = "verifyEmail";
|
|
6255
|
+
FormStepType["verifyPhoneNumber"] = "verifyPhoneNumber";
|
|
6256
|
+
})(FormStepType = exports.FormStepType || (exports.FormStepType = {}));
|
|
5757
6257
|
/**
|
|
5758
6258
|
* @author Daniel DeGroff
|
|
5759
6259
|
*/
|
|
@@ -5885,12 +6385,14 @@ var KeyAlgorithm;
|
|
|
5885
6385
|
KeyAlgorithm["RS256"] = "RS256";
|
|
5886
6386
|
KeyAlgorithm["RS384"] = "RS384";
|
|
5887
6387
|
KeyAlgorithm["RS512"] = "RS512";
|
|
6388
|
+
KeyAlgorithm["Ed25519"] = "Ed25519";
|
|
5888
6389
|
})(KeyAlgorithm = exports.KeyAlgorithm || (exports.KeyAlgorithm = {}));
|
|
5889
6390
|
var KeyType;
|
|
5890
6391
|
(function (KeyType) {
|
|
5891
6392
|
KeyType["EC"] = "EC";
|
|
5892
6393
|
KeyType["RSA"] = "RSA";
|
|
5893
6394
|
KeyType["HMAC"] = "HMAC";
|
|
6395
|
+
KeyType["OKP"] = "OKP";
|
|
5894
6396
|
})(KeyType = exports.KeyType || (exports.KeyType = {}));
|
|
5895
6397
|
/**
|
|
5896
6398
|
* The use type of a key.
|
|
@@ -5950,6 +6452,7 @@ var LambdaType;
|
|
|
5950
6452
|
LambdaType["SelfServiceRegistrationValidation"] = "SelfServiceRegistrationValidation";
|
|
5951
6453
|
LambdaType["UserInfoPopulate"] = "UserInfoPopulate";
|
|
5952
6454
|
LambdaType["LoginValidation"] = "LoginValidation";
|
|
6455
|
+
LambdaType["MFARequirement"] = "MFARequirement";
|
|
5953
6456
|
})(LambdaType = exports.LambdaType || (exports.LambdaType = {}));
|
|
5954
6457
|
/**
|
|
5955
6458
|
* @author Matthew Altman
|
|
@@ -5975,6 +6478,15 @@ var MessengerType;
|
|
|
5975
6478
|
MessengerType["Kafka"] = "Kafka";
|
|
5976
6479
|
MessengerType["Twilio"] = "Twilio";
|
|
5977
6480
|
})(MessengerType = exports.MessengerType || (exports.MessengerType = {}));
|
|
6481
|
+
/**
|
|
6482
|
+
* Communicate various actions/contexts in which multi-factor authentication can be used.
|
|
6483
|
+
*/
|
|
6484
|
+
var MultiFactorAction;
|
|
6485
|
+
(function (MultiFactorAction) {
|
|
6486
|
+
MultiFactorAction["changePassword"] = "changePassword";
|
|
6487
|
+
MultiFactorAction["login"] = "login";
|
|
6488
|
+
MultiFactorAction["stepUp"] = "stepUp";
|
|
6489
|
+
})(MultiFactorAction = exports.MultiFactorAction || (exports.MultiFactorAction = {}));
|
|
5978
6490
|
/**
|
|
5979
6491
|
* @author Daniel DeGroff
|
|
5980
6492
|
*/
|
|
@@ -6095,6 +6607,7 @@ var OAuthErrorType;
|
|
|
6095
6607
|
OAuthErrorType["authorization_pending"] = "authorization_pending";
|
|
6096
6608
|
OAuthErrorType["expired_token"] = "expired_token";
|
|
6097
6609
|
OAuthErrorType["unsupported_token_type"] = "unsupported_token_type";
|
|
6610
|
+
OAuthErrorType["invalid_dpop_proof"] = "invalid_dpop_proof";
|
|
6098
6611
|
})(OAuthErrorType = exports.OAuthErrorType || (exports.OAuthErrorType = {}));
|
|
6099
6612
|
/**
|
|
6100
6613
|
* Controls the policy for requesting user permission to grant access to requested scopes during an OAuth workflow
|
|
@@ -6287,6 +6800,7 @@ var ThemeType;
|
|
|
6287
6800
|
* <a href="https://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-05">
|
|
6288
6801
|
* Draft RFC on OAuth 2.0 Message Authentication Code (MAC) Tokens</a>
|
|
6289
6802
|
* </li>
|
|
6803
|
+
* <li>DPoP Token type as defined by <a href="https://datatracker.ietf.org/doc/html/rfc9449">RFC 9449</a></li>
|
|
6290
6804
|
* </ul>
|
|
6291
6805
|
*
|
|
6292
6806
|
* @author Daniel DeGroff
|
|
@@ -6295,6 +6809,7 @@ var TokenType;
|
|
|
6295
6809
|
(function (TokenType) {
|
|
6296
6810
|
TokenType["Bearer"] = "Bearer";
|
|
6297
6811
|
TokenType["MAC"] = "MAC";
|
|
6812
|
+
TokenType["DPoP"] = "DPoP";
|
|
6298
6813
|
})(TokenType = exports.TokenType || (exports.TokenType = {}));
|
|
6299
6814
|
/**
|
|
6300
6815
|
* The transaction types for Webhooks and other event systems within FusionAuth.
|