npm - @globus/sdk - Versions diffs - 5.2.0 → 5.4.0 - Mend

@globus/sdk 5.2.0 → 5.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (41) hide show

package/dist/cjs/index.js CHANGED Viewed

@@ -71,7 +71,7 @@ function toString(info2) {
 }
 // src/core/info/version.ts
-var VERSION = "5.2.0";
+var VERSION = "5.4.0";
 // src/core/info/index.ts
 var VERSION2 = VERSION;
@@ -140,7 +140,8 @@ __export(auth_exports, {
   isGlobusAuthTokenResponse: () => isGlobusAuthTokenResponse,
   isRefreshToken: () => isRefreshToken,
   isToken: () => isToken,
-  oauth2: () => oauth2_exports
+  oauth2: () => oauth2_exports,
+  utils: () => utils_exports
 });
 // src/services/auth/config.ts
@@ -593,7 +594,7 @@ var getAll = function(identity_id, options = {}, sdkOptions) {
     {
       service: ID7,
       scope: SCOPES6.VIEW_IDENTITIES,
-      path: `/identities/${identity_id}/consents`
+      path: `/v2/api/identities/${identity_id}/consents`
     },
     options,
     sdkOptions
@@ -606,7 +607,7 @@ var get = function(identity_id, options = {}, sdkOptions) {
     {
       service: ID7,
       scope: SCOPES6.VIEW_IDENTITIES,
-      path: `/identities/${identity_id}`
+      path: `/v2/api/identities/${identity_id}`
     },
     options,
     sdkOptions
@@ -617,7 +618,7 @@ var getAll2 = function(options = {}, sdkOptions) {
     {
       service: ID7,
       scope: SCOPES6.VIEW_IDENTITIES,
-      path: `/identities`
+      path: `/v2/api/identities`
     },
     options,
     sdkOptions
@@ -755,6 +756,89 @@ var userinfo = function(options, sdkOptions) {
   );
 };
+// src/services/auth/utils.ts
+var utils_exports = {};
+__export(utils_exports, {
+  hasConsentForScope: () => hasConsentForScope,
+  splitScopeString: () => splitScopeString,
+  toScopeTree: () => toScopeTree
+});
+function splitScopeString(scope) {
+  const scopes = [];
+  let currentScope = "";
+  let openBrackets = 0;
+  scope.split("").forEach((char, i) => {
+    currentScope += char;
+    if (char === "[") {
+      openBrackets += 1;
+    }
+    if (char === "]") {
+      openBrackets -= 1;
+    }
+    if (char === " " && openBrackets === 0 || i === scope.length - 1 && currentScope) {
+      scopes.push(currentScope.trim());
+      currentScope = "";
+    }
+  });
+  return scopes;
+}
+function parseScope(s) {
+  let parsedScope = s;
+  const revocable = parsedScope.startsWith("*");
+  if (revocable) {
+    parsedScope = parsedScope.replace(/^\*\s*/, "");
+  }
+  let children = [];
+  const firstBracket = parsedScope.indexOf("[");
+  if (firstBracket === -1) {
+    return {
+      scope: parsedScope,
+      atomically_revocable: revocable,
+      children: []
+    };
+  }
+  const topLevelScope = parsedScope.slice(0, firstBracket);
+  const dependentScope = parsedScope.slice(firstBracket + 1, -1);
+  children = splitScopeString(dependentScope).map(parseScope);
+  return {
+    scope: topLevelScope,
+    atomically_revocable: revocable,
+    children
+  };
+}
+function toScopeTree(scope) {
+  return splitScopeString(scope).map(parseScope);
+}
+function hasConsentForScope(consents, scope) {
+  const tree = toScopeTree(scope);
+  function hasConsentEntry(leaf, path) {
+    const entry = consents.find(
+      (c) => c.scope_name === leaf.scope && /**
+       * If a `path` is provided, we need to make sure the entry is at the proper depth.
+       */
+      (path ? c.dependency_path.join(",") === [...path, c.id].join(",") : (
+        /**
+         * If there is no `path`, then the entry must be a "top-level" scope.
+         */
+        c.dependency_path.length === 1
+      ))
+    );
+    if (!entry) return false;
+    if (!leaf.children.length) return entry.status === "approved";
+    return leaf.children.every(
+      (s) => hasConsentEntry(
+        s,
+        /**
+         * If there is a `path`, make sure to pass it down to account for deeply nested scopes, otherwise
+         * the `entry` can be considered to "root".
+         */
+        path ? [...path, entry.id] : [entry.id]
+      )
+    );
+  }
+  return tree.every((l) => hasConsentEntry(l));
+}
 // src/services/auth/index.ts
 var CONFIG = config_exports7;
 function getAuthorizationEndpoint() {
@@ -864,7 +948,7 @@ var RedirectTransport = class _RedirectTransport {
    * Parse the current URL for the authorization code (`?code=...`) and exchange it for an access token when available.
    * - When the URL is processed and exchanged for an access token, the page is redirected to the current URL without the `?code=...&state=...` parameters.
    */
-  async getToken(options = { shouldReplace: true }) {
+  async getToken(options = { shouldReplace: true, includeConsentedScopes: false }) {
     const url2 = new URL(window.location.href);
     const params = new URLSearchParams(url2.search);
     if (params.get("error")) {
@@ -896,6 +980,9 @@ var RedirectTransport = class _RedirectTransport {
       grant_type: "authorization_code"
     };
     const response = await (await oauth2_exports.token.exchange({
+      query: options.includeConsentedScopes ? {
+        include_consented_scopes: true
+      } : void 0,
       payload
     })).json();
     if (options.shouldReplace) {
@@ -997,6 +1084,9 @@ var TokenManager = class {
       });
     }
   }
+  remove(token2) {
+    this.#manager.storage.removeItem(`${this.#manager.storageKeyPrefix}${token2.resource_server}`);
+  }
   /**
    * Determines whether or not a stored token is expired.
    * @param token The token to check.
@@ -1235,8 +1325,6 @@ var AuthorizationManager = class {
       scopes: scopesToRequest,
       ...overrides,
       params: {
-        // @todo @todo Decide if we want to include the `include_consented_scopes` parameter by default.
-        // include_consented_scopes: 'true',
         ...overrides?.params
       }
     });
@@ -1268,7 +1356,8 @@ var AuthorizationManager = class {
   async handleCodeRedirect(options = { shouldReplace: true, additionalParams: {} }) {
     log("debug", "AuthorizationManager.handleCodeRedirect");
     const response = await this.#buildTransport({ params: options?.additionalParams }).getToken({
-      shouldReplace: options?.shouldReplace
+      shouldReplace: options?.shouldReplace,
+      includeConsentedScopes: options?.includeConsentedScopes
     });
     if (isGlobusAuthTokenResponse(response)) {
       log(
@@ -1400,7 +1489,7 @@ __export(transfer_exports, {
   fileOperations: () => file_operations_exports,
   task: () => task_exports,
   taskSubmission: () => task_submission_exports,
-  utils: () => utils_exports
+  utils: () => utils_exports2
 });
 // src/services/transfer/service/endpoint-search.ts
@@ -2170,8 +2259,8 @@ var getPauseInfo2 = function(task_id, options, sdkOptions) {
 };
 // src/services/transfer/utils.ts
-var utils_exports = {};
-__export(utils_exports, {
+var utils_exports2 = {};
+__export(utils_exports2, {
   getDomainFromEndpoint: () => getDomainFromEndpoint,
   isDirectory: () => isDirectory,
   isFileDocument: () => isFileDocument,
@@ -2618,7 +2707,7 @@ __export(globus_connect_server_exports, {
   roles: () => roles_exports,
   storageGateways: () => storage_gateways_exports,
   userCredentials: () => user_credentials_exports,
-  utils: () => utils_exports2,
+  utils: () => utils_exports3,
   versioning: () => versioning_exports
 });
@@ -3182,8 +3271,8 @@ var info = function(configuration, options, sdkOptions) {
 };
 // src/services/globus-connect-server/utils.ts
-var utils_exports2 = {};
-__export(utils_exports2, {
+var utils_exports3 = {};
+__export(utils_exports3, {
   getEndpointIdFromURL: () => getEndpointIdFromURL,
   getGCSDomainFromURL: () => getGCSDomainFromURL
 });