npm - @idp.global/sdk - Versions diffs - 1.2.0 - Mend

@idp.global/sdk 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (46) hide show

package/changelog.md +25 -0
package/dist_ts/00_commitinfo_data.d.ts +8 -0
package/dist_ts/00_commitinfo_data.js +9 -0
package/dist_ts/index.d.ts +1 -0
package/dist_ts/index.js +2 -0
package/dist_ts_browser/classes.idpclient.d.ts +85 -0
package/dist_ts_browser/classes.idpclient.js +278 -0
package/dist_ts_browser/classes.idprequests.d.ts +59 -0
package/dist_ts_browser/classes.idprequests.js +167 -0
package/dist_ts_browser/index.d.ts +2 -0
package/dist_ts_browser/index.js +3 -0
package/dist_ts_browser/plugins.d.ts +13 -0
package/dist_ts_browser/plugins.js +14 -0
package/dist_ts_server/classes.account-auth-service.d.ts +12 -0
package/dist_ts_server/classes.account-auth-service.js +55 -0
package/dist_ts_server/classes.account-doc.d.ts +21 -0
package/dist_ts_server/classes.account-doc.js +166 -0
package/dist_ts_server/classes.account-store.d.ts +19 -0
package/dist_ts_server/classes.account-store.js +84 -0
package/dist_ts_server/classes.idp-global-server-client.d.ts +23 -0
package/dist_ts_server/classes.idp-global-server-client.js +57 -0
package/dist_ts_server/classes.password-hasher.d.ts +5 -0
package/dist_ts_server/classes.password-hasher.js +36 -0
package/dist_ts_server/index.d.ts +6 -0
package/dist_ts_server/index.js +7 -0
package/dist_ts_server/interfaces.d.ts +37 -0
package/dist_ts_server/interfaces.js +2 -0
package/dist_ts_server/plugins.d.ts +10 -0
package/dist_ts_server/plugins.js +11 -0
package/license +21 -0
package/package.json +70 -0
package/readme.md +10 -0
package/ts/00_commitinfo_data.ts +8 -0
package/ts/index.ts +1 -0
package/ts_browser/classes.idpclient.ts +318 -0
package/ts_browser/classes.idprequests.ts +218 -0
package/ts_browser/index.ts +2 -0
package/ts_browser/plugins.ts +18 -0
package/ts_server/classes.account-auth-service.ts +61 -0
package/ts_server/classes.account-doc.ts +84 -0
package/ts_server/classes.account-store.ts +94 -0
package/ts_server/classes.idp-global-server-client.ts +74 -0
package/ts_server/classes.password-hasher.ts +39 -0
package/ts_server/index.ts +6 -0
package/ts_server/interfaces.ts +41 -0
package/ts_server/plugins.ts +17 -0

package/dist_ts_server/classes.idp-global-server-client.js ADDED Viewed

@@ -0,0 +1,57 @@
+import * as plugins from './plugins.js';
+export class IdpGlobalServerClient {
+    optionsArg;
+    typedrouter = new plugins.typedrequest.TypedRouter();
+    typedsocket;
+    typedsocketDeferred = plugins.smartpromise.defer();
+    constructor(optionsArg) {
+        this.optionsArg = optionsArg;
+    }
+    async connect() {
+        if (this.typedsocketDeferred.claimed) {
+            return this.typedsocketDeferred.promise;
+        }
+        this.typedsocketDeferred.claim();
+        this.typedsocket = await plugins.typedsocket.TypedSocket.createClient(this.typedrouter, this.getTypedRequestUrl());
+        this.typedsocketDeferred.resolve(this.typedsocket);
+        return this.typedsocketDeferred.promise;
+    }
+    async stop() {
+        await this.typedsocket?.stop();
+        this.typedsocket = undefined;
+    }
+    async loginWithEmailAndPassword(optionsArg) {
+        const socket = await this.connect();
+        const loginRequest = socket.createTypedRequest('loginWithEmailOrUsernameAndPassword');
+        const loginResponse = await loginRequest.fire({
+            username: optionsArg.email,
+            password: optionsArg.password,
+        });
+        if (!loginResponse.refreshToken || loginResponse.twoFaNeeded) {
+            throw new Error(loginResponse.twoFaNeeded ? 'Two-factor authentication is required' : 'IdP login failed');
+        }
+        const refreshRequest = socket.createTypedRequest('refreshJwt');
+        const refreshResponse = await refreshRequest.fire({ refreshToken: loginResponse.refreshToken });
+        if (!refreshResponse.jwt) {
+            throw new Error('IdP did not return a JWT');
+        }
+        const whoIsRequest = socket.createTypedRequest('whoIs');
+        const whoIsResponse = await whoIsRequest.fire({ jwt: refreshResponse.jwt });
+        return {
+            user: whoIsResponse.user,
+            jwt: refreshResponse.jwt,
+            refreshToken: refreshResponse.refreshToken || loginResponse.refreshToken,
+        };
+    }
+    getTypedRequestUrl() {
+        let baseUrl = this.optionsArg.baseUrl.trim();
+        if (baseUrl.endsWith('/')) {
+            baseUrl = baseUrl.slice(0, -1);
+        }
+        if (!baseUrl.endsWith('/typedrequest')) {
+            baseUrl = `${baseUrl}/typedrequest`;
+        }
+        return baseUrl;
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5pZHAtZ2xvYmFsLXNlcnZlci1jbGllbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90c19zZXJ2ZXIvY2xhc3Nlcy5pZHAtZ2xvYmFsLXNlcnZlci1jbGllbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxjQUFjLENBQUM7QUFZeEMsTUFBTSxPQUFPLHFCQUFxQjtJQUtaO0lBSlosV0FBVyxHQUFRLElBQUksT0FBTyxDQUFDLFlBQVksQ0FBQyxXQUFXLEVBQUUsQ0FBQztJQUMxRCxXQUFXLENBQW1DO0lBQzlDLG1CQUFtQixHQUFHLE9BQU8sQ0FBQyxZQUFZLENBQUMsS0FBSyxFQUFtQyxDQUFDO0lBRTVGLFlBQW9CLFVBQXlDO1FBQXpDLGVBQVUsR0FBVixVQUFVLENBQStCO0lBQUcsQ0FBQztJQUUxRCxLQUFLLENBQUMsT0FBTztRQUNsQixJQUFJLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUNyQyxPQUFPLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxPQUFPLENBQUM7UUFDMUMsQ0FBQztRQUNELElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxLQUFLLEVBQUUsQ0FBQztRQUNqQyxJQUFJLENBQUMsV0FBVyxHQUFHLE1BQU0sT0FBTyxDQUFDLFdBQVcsQ0FBQyxXQUFXLENBQUMsWUFBWSxDQUNuRSxJQUFJLENBQUMsV0FBVyxFQUNoQixJQUFJLENBQUMsa0JBQWtCLEVBQUUsQ0FDMUIsQ0FBQztRQUNGLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQ25ELE9BQU8sSUFBSSxDQUFDLG1CQUFtQixDQUFDLE9BQU8sQ0FBQztJQUMxQyxDQUFDO0lBRU0sS0FBSyxDQUFDLElBQUk7UUFDZixNQUFNLElBQUksQ0FBQyxXQUFXLEVBQUUsSUFBSSxFQUFFLENBQUM7UUFDL0IsSUFBSSxDQUFDLFdBQVcsR0FBRyxTQUFTLENBQUM7SUFDL0IsQ0FBQztJQUVNLEtBQUssQ0FBQyx5QkFBeUIsQ0FBQyxVQUErQztRQUNwRixNQUFNLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQztRQUNwQyxNQUFNLFlBQVksR0FBRyxNQUFNLENBQUMsa0JBQWtCLENBQXlFLHFDQUFxQyxDQUFDLENBQUM7UUFDOUosTUFBTSxhQUFhLEdBQUcsTUFBTSxZQUFZLENBQUMsSUFBSSxDQUFDO1lBQzVDLFFBQVEsRUFBRSxVQUFVLENBQUMsS0FBSztZQUMxQixRQUFRLEVBQUUsVUFBVSxDQUFDLFFBQVE7U0FDOUIsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxDQUFDLGFBQWEsQ0FBQyxZQUFZLElBQUksYUFBYSxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQzdELE1BQU0sSUFBSSxLQUFLLENBQUMsYUFBYSxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUMsdUNBQXVDLENBQUMsQ0FBQyxDQUFDLGtCQUFrQixDQUFDLENBQUM7UUFDNUcsQ0FBQztRQUVELE1BQU0sY0FBYyxHQUFHLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBZ0QsWUFBWSxDQUFDLENBQUM7UUFDOUcsTUFBTSxlQUFlLEdBQUcsTUFBTSxjQUFjLENBQUMsSUFBSSxDQUFDLEVBQUUsWUFBWSxFQUFFLGFBQWEsQ0FBQyxZQUFZLEVBQUUsQ0FBQyxDQUFDO1FBQ2hHLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDekIsTUFBTSxJQUFJLEtBQUssQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO1FBQzlDLENBQUM7UUFFRCxNQUFNLFlBQVksR0FBRyxNQUFNLENBQUMsa0JBQWtCLENBQTJDLE9BQU8sQ0FBQyxDQUFDO1FBQ2xHLE1BQU0sYUFBYSxHQUFHLE1BQU0sWUFBWSxDQUFDLElBQUksQ0FBQyxFQUFFLEdBQUcsRUFBRSxlQUFlLENBQUMsR0FBRyxFQUFFLENBQUMsQ0FBQztRQUM1RSxPQUFPO1lBQ0wsSUFBSSxFQUFFLGFBQWEsQ0FBQyxJQUFJO1lBQ3hCLEdBQUcsRUFBRSxlQUFlLENBQUMsR0FBRztZQUN4QixZQUFZLEVBQUUsZUFBZSxDQUFDLFlBQVksSUFBSSxhQUFhLENBQUMsWUFBWTtTQUN6RSxDQUFDO0lBQ0osQ0FBQztJQUVPLGtCQUFrQjtRQUN4QixJQUFJLE9BQU8sR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUM3QyxJQUFJLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUMxQixPQUFPLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNqQyxDQUFDO1FBQ0QsSUFBSSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsZUFBZSxDQUFDLEVBQUUsQ0FBQztZQUN2QyxPQUFPLEdBQUcsR0FBRyxPQUFPLGVBQWUsQ0FBQztRQUN0QyxDQUFDO1FBQ0QsT0FBTyxPQUFPLENBQUM7SUFDakIsQ0FBQztDQUNGIn0=

package/dist_ts_server/classes.password-hasher.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export declare class PasswordHasher {
+    static hashPassword(passwordArg: string): Promise<string>;
+    static verifyPassword(passwordArg: string, passwordHashArg?: string): Promise<boolean>;
+    private static scrypt;
+}

package/dist_ts_server/classes.password-hasher.js ADDED Viewed

@@ -0,0 +1,36 @@
+import * as plugins from './plugins.js';
+const HASH_PREFIX = 'scrypt:v1';
+export class PasswordHasher {
+    static async hashPassword(passwordArg) {
+        const salt = plugins.crypto.randomBytes(16).toString('base64url');
+        const key = await this.scrypt(passwordArg, salt);
+        return `${HASH_PREFIX}:${salt}:${key.toString('base64url')}`;
+    }
+    static async verifyPassword(passwordArg, passwordHashArg) {
+        if (!passwordHashArg) {
+            return false;
+        }
+        const [prefix, version, salt, storedKey] = passwordHashArg.split(':');
+        if (`${prefix}:${version}` !== HASH_PREFIX || !salt || !storedKey) {
+            return false;
+        }
+        const candidate = await this.scrypt(passwordArg, salt);
+        const stored = Buffer.from(storedKey, 'base64url');
+        if (candidate.byteLength !== stored.byteLength) {
+            return false;
+        }
+        return plugins.crypto.timingSafeEqual(candidate, stored);
+    }
+    static async scrypt(passwordArg, saltArg) {
+        return new Promise((resolve, reject) => {
+            plugins.crypto.scrypt(passwordArg, saltArg, 64, (error, derivedKey) => {
+                if (error) {
+                    reject(error);
+                    return;
+                }
+                resolve(derivedKey);
+            });
+        });
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5wYXNzd29yZC1oYXNoZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90c19zZXJ2ZXIvY2xhc3Nlcy5wYXNzd29yZC1oYXNoZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxjQUFjLENBQUM7QUFFeEMsTUFBTSxXQUFXLEdBQUcsV0FBVyxDQUFDO0FBRWhDLE1BQU0sT0FBTyxjQUFjO0lBQ2xCLE1BQU0sQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLFdBQW1CO1FBQ2xELE1BQU0sSUFBSSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUNsRSxNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxFQUFFLElBQUksQ0FBQyxDQUFDO1FBQ2pELE9BQU8sR0FBRyxXQUFXLElBQUksSUFBSSxJQUFJLEdBQUcsQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQztJQUMvRCxDQUFDO0lBRU0sTUFBTSxDQUFDLEtBQUssQ0FBQyxjQUFjLENBQUMsV0FBbUIsRUFBRSxlQUF3QjtRQUM5RSxJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7WUFDckIsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO1FBQ0QsTUFBTSxDQUFDLE1BQU0sRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLFNBQVMsQ0FBQyxHQUFHLGVBQWUsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDdEUsSUFBSSxHQUFHLE1BQU0sSUFBSSxPQUFPLEVBQUUsS0FBSyxXQUFXLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUNsRSxPQUFPLEtBQUssQ0FBQztRQUNmLENBQUM7UUFDRCxNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxFQUFFLElBQUksQ0FBQyxDQUFDO1FBQ3ZELE1BQU0sTUFBTSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFFLFdBQVcsQ0FBQyxDQUFDO1FBQ25ELElBQUksU0FBUyxDQUFDLFVBQVUsS0FBSyxNQUFNLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDL0MsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO1FBQ0QsT0FBTyxPQUFPLENBQUMsTUFBTSxDQUFDLGVBQWUsQ0FBQyxTQUFTLEVBQUUsTUFBTSxDQUFDLENBQUM7SUFDM0QsQ0FBQztJQUVPLE1BQU0sQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLFdBQW1CLEVBQUUsT0FBZTtRQUM5RCxPQUFPLElBQUksT0FBTyxDQUFDLENBQUMsT0FBTyxFQUFFLE1BQU0sRUFBRSxFQUFFO1lBQ3JDLE9BQU8sQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLFdBQVcsRUFBRSxPQUFPLEVBQUUsRUFBRSxFQUFFLENBQUMsS0FBSyxFQUFFLFVBQVUsRUFBRSxFQUFFO2dCQUNwRSxJQUFJLEtBQUssRUFBRSxDQUFDO29CQUNWLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQztvQkFDZCxPQUFPO2dCQUNULENBQUM7Z0JBQ0QsT0FBTyxDQUFDLFVBQW9CLENBQUMsQ0FBQztZQUNoQyxDQUFDLENBQUMsQ0FBQztRQUNMLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGIn0=

package/dist_ts_server/index.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export * from './interfaces.js';
+export * from './classes.account-auth-service.js';
+export * from './classes.account-doc.js';
+export * from './classes.account-store.js';
+export * from './classes.idp-global-server-client.js';
+export * from './classes.password-hasher.js';

package/dist_ts_server/index.js ADDED Viewed

@@ -0,0 +1,7 @@
+export * from './interfaces.js';
+export * from './classes.account-auth-service.js';
+export * from './classes.account-doc.js';
+export * from './classes.account-store.js';
+export * from './classes.idp-global-server-client.js';
+export * from './classes.password-hasher.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90c19zZXJ2ZXIvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsY0FBYyxpQkFBaUIsQ0FBQztBQUNoQyxjQUFjLG1DQUFtQyxDQUFDO0FBQ2xELGNBQWMsMEJBQTBCLENBQUM7QUFDekMsY0FBYyw0QkFBNEIsQ0FBQztBQUMzQyxjQUFjLHVDQUF1QyxDQUFDO0FBQ3RELGNBQWMsOEJBQThCLENBQUMifQ==

package/dist_ts_server/interfaces.d.ts ADDED Viewed

@@ -0,0 +1,37 @@
+export type TIdpAccountAuthSource = 'local' | 'idp.global';
+export type TIdpAccountRole = 'admin' | 'user';
+export type TIdpAccountStatus = 'active' | 'disabled';
+export interface IIdpSdkAccount {
+    id: string;
+    email: string;
+    emailNormalized: string;
+    name: string;
+    role: TIdpAccountRole;
+    status: TIdpAccountStatus;
+    authSources: TIdpAccountAuthSource[];
+    passwordHash?: string;
+    idpSubject?: string;
+    createdAt: number;
+    updatedAt: number;
+    lastLoginAt?: number;
+}
+export interface ICreateIdpSdkAccountOptions {
+    email: string;
+    name: string;
+    role: TIdpAccountRole;
+    status?: TIdpAccountStatus;
+    authSources: TIdpAccountAuthSource[];
+    password?: string;
+    idpSubject?: string;
+}
+export interface IAuthenticateAccountOptions {
+    email: string;
+    password: string;
+    authSource?: TIdpAccountAuthSource | 'auto';
+}
+export interface IAuthenticatedAccountResult {
+    account: IIdpSdkAccount;
+    authSource: TIdpAccountAuthSource;
+    idpJwt?: string;
+    idpRefreshToken?: string;
+}

package/dist_ts_server/interfaces.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZXJmYWNlcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3RzX3NlcnZlci9pbnRlcmZhY2VzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiIifQ==

package/dist_ts_server/plugins.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import * as crypto from 'crypto';
+export { crypto };
+import * as idpInterfaces from '@idp.global/interfaces';
+export { idpInterfaces };
+import * as typedrequest from '@api.global/typedrequest';
+import * as typedsocket from '@api.global/typedsocket';
+export { typedrequest, typedsocket };
+import * as smartdata from '@push.rocks/smartdata';
+import * as smartpromise from '@push.rocks/smartpromise';
+export { smartdata, smartpromise };

package/dist_ts_server/plugins.js ADDED Viewed

@@ -0,0 +1,11 @@
+import * as crypto from 'crypto';
+export { crypto };
+import * as idpInterfaces from '@idp.global/interfaces';
+export { idpInterfaces };
+import * as typedrequest from '@api.global/typedrequest';
+import * as typedsocket from '@api.global/typedsocket';
+export { typedrequest, typedsocket };
+import * as smartdata from '@push.rocks/smartdata';
+import * as smartpromise from '@push.rocks/smartpromise';
+export { smartdata, smartpromise };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGx1Z2lucy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3RzX3NlcnZlci9wbHVnaW5zLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxNQUFNLE1BQU0sUUFBUSxDQUFDO0FBRWpDLE9BQU8sRUFBRSxNQUFNLEVBQUUsQ0FBQztBQUVsQixPQUFPLEtBQUssYUFBYSxNQUFNLHdCQUF3QixDQUFDO0FBRXhELE9BQU8sRUFBRSxhQUFhLEVBQUUsQ0FBQztBQUV6QixPQUFPLEtBQUssWUFBWSxNQUFNLDBCQUEwQixDQUFDO0FBQ3pELE9BQU8sS0FBSyxXQUFXLE1BQU0seUJBQXlCLENBQUM7QUFFdkQsT0FBTyxFQUFFLFlBQVksRUFBRSxXQUFXLEVBQUUsQ0FBQztBQUVyQyxPQUFPLEtBQUssU0FBUyxNQUFNLHVCQUF1QixDQUFDO0FBQ25ELE9BQU8sS0FBSyxZQUFZLE1BQU0sMEJBQTBCLENBQUM7QUFFekQsT0FBTyxFQUFFLFNBQVMsRUFBRSxZQUFZLEVBQUUsQ0FBQyJ9

package/license ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) Task Venture Capital GmbH
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/package.json ADDED Viewed

@@ -0,0 +1,70 @@
+{
+  "name": "@idp.global/sdk",
+  "version": "1.2.0",
+  "private": false,
+  "description": "Reusable browser and server SDK for idp.global authentication.",
+  "type": "module",
+  "exports": {
+    ".": "./dist_ts/index.js",
+    "./browser": "./dist_ts_browser/index.js",
+    "./server": "./dist_ts_server/index.js"
+  },
+  "main": "dist_ts/index.js",
+  "typings": "dist_ts/index.d.ts",
+  "author": "Task Venture Capital GmbH",
+  "license": "MIT",
+  "dependencies": {
+    "@api.global/typedrequest": "^3.3.0",
+    "@api.global/typedsocket": "^4.1.2",
+    "@idp.global/interfaces": "file:../interfaces",
+    "@push.rocks/smartdata": "^7.1.7",
+    "@push.rocks/smartjson": "^6.0.1",
+    "@push.rocks/smartpromise": "^4.2.4",
+    "@push.rocks/smartrx": "^3.0.10",
+    "@push.rocks/smarttime": "^4.2.3",
+    "@push.rocks/smarturl": "^3.1.0",
+    "@push.rocks/webjwt": "^1.0.10",
+    "@push.rocks/webstore": "^2.0.22"
+  },
+  "devDependencies": {
+    "@git.zone/tsbuild": "^4.4.0",
+    "@git.zone/tsdoc": "^2.0.3",
+    "@git.zone/tsrun": "^2.0.3",
+    "@git.zone/tstest": "^3.6.3",
+    "@push.rocks/smartdb": "^2.10.0",
+    "@types/node": "^25.6.0"
+  },
+  "files": [
+    "ts/**/*",
+    "ts_browser/**/*",
+    "ts_server/**/*",
+    "dist/**/*",
+    "dist_*/**/*",
+    "readme.md",
+    "changelog.md",
+    "license"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+ssh://git@code.foss.global:29419/idp.global/sdk.git"
+  },
+  "bugs": {
+    "url": "https://code.foss.global/idp.global/sdk/issues"
+  },
+  "homepage": "https://code.foss.global/idp.global/sdk#readme",
+  "keywords": [
+    "idp.global",
+    "sdk",
+    "authentication",
+    "oidc",
+    "smartdata"
+  ],
+  "browserslist": [
+    "last 1 Chrome versions"
+  ],
+  "scripts": {
+    "test": "pnpm run build && tstest test/ --verbose --logfile --timeout 60",
+    "build": "tsbuild tsfolders --web --allowimplicitany",
+    "buildDocs": "tsdoc"
+  }
+}

package/readme.md ADDED Viewed

@@ -0,0 +1,10 @@
+# @idp.global/sdk
+Reusable SDK for idp.global browser clients and server-side account authentication.
+Use explicit runtime exports:
+- `@idp.global/sdk/browser`
+- `@idp.global/sdk/server`
+The server account store never creates accounts automatically. Consumers must explicitly create persisted accounts.

package/ts/00_commitinfo_data.ts ADDED Viewed

@@ -0,0 +1,8 @@
+/**
+ * autocreated commitinfo by @push.rocks/commitinfo
+ */
+export const commitinfo = {
+  name: '@idp.global/sdk',
+  version: '1.2.0',
+  description: 'Reusable browser and server SDK for idp.global authentication.'
+}

package/ts/index.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/ts_browser/classes.idpclient.ts ADDED Viewed

@@ -0,0 +1,318 @@
+import { IdpRequests } from './classes.idprequests.js';
+import * as plugins from './plugins.js';
+export class IdpClient {
+  private helpers = {
+    async extractDataFromJwtString(jwtString: string): Promise<plugins.idpInterfaces.data.IJwt> {
+      return plugins.webjwt.getDataFromJwtString(jwtString);
+    },
+  };
+  public appData: plugins.idpInterfaces.data.IAppLegacy;
+  public rolesReplaySubject = new plugins.smartrx.rxjs.ReplaySubject(1);
+  public organizationsReplaySubject = new plugins.smartrx.rxjs.ReplaySubject(1);
+  public parsedReceptionUrl: plugins.smarturl.Smarturl;
+  constructor(receptionBaseUrlArg: string, appDataArg?: plugins.idpInterfaces.data.IAppLegacy) {
+    if (receptionBaseUrlArg.endsWith('/')) {
+      receptionBaseUrlArg = receptionBaseUrlArg.slice(0, -1);
+    }
+    if (!receptionBaseUrlArg.endsWith('/typedrequest')) {
+      receptionBaseUrlArg = `${receptionBaseUrlArg}/typedrequest`;
+    }
+    this.parsedReceptionUrl = plugins.smarturl.Smarturl.createFromUrl(receptionBaseUrlArg);
+    if (!appDataArg) {
+      appDataArg = {
+        id: '',
+        appUrl: typeof window !== 'undefined' ? `https://${window.location.host}/` : '',
+        description: '',
+        logoUrl: '',
+        name: '',
+      };
+    }
+    this.appData = appDataArg;
+  }
+  public requests = new IdpRequests(this);
+  public checkWetherOnReceptionDomain() {
+    return plugins.smarturl.Smarturl.createFromUrl(window.location.href).hostname ===
+      this.parsedReceptionUrl.hostname;
+  }
+  public async getAppDataOnSsoDomain() {
+    if (!window.location.href.startsWith('https://sso.workspace.global/')) {
+      console.error('You are trying to access SSO appData on a non sso domain.');
+      return null;
+    }
+    const appDataString = plugins.smarturl.Smarturl.createFromUrl(window.location.href).searchParams
+      .appdata;
+    if (!appDataString) {
+      console.error('no appdata query arg detected');
+      return null;
+    }
+    return plugins.smartjson.parseBase64(appDataString);
+  }
+  public async setJwt(jwtStringArg: string) {
+    await this.storeJwt(jwtStringArg);
+  }
+  public async setRefreshToken(refreshTokenArg: string) {
+    await this.storeRefreshToken(refreshTokenArg);
+  }
+  public typedsocket!: plugins.typedsocket.TypedSocket;
+  public typedrouter: any = new plugins.typedrequest.TypedRouter();
+  public statusObservable = new plugins.smartrx.rxjs.Subject<plugins.idpInterfaces.data.TLoginStatus>();
+  public ssoStore = new plugins.webstore.WebStore({
+    storeName: 'idpglobalStore',
+    dbName: 'main',
+  });
+  public async storeJwt(jwtString: string) {
+    await this.ssoStore.set('idpJwt', jwtString);
+  }
+  public async storeRefreshToken(refreshToken: string) {
+    await this.ssoStore.set('idpRefreshToken', refreshToken);
+  }
+  public async getJwt(): Promise<string> {
+    return await this.ssoStore.get('idpJwt');
+  }
+  public async getRefreshToken(): Promise<string> {
+    return await this.ssoStore.get('idpRefreshToken');
+  }
+  public async getJwtData(): Promise<plugins.idpInterfaces.data.IJwt> {
+    return this.helpers.extractDataFromJwtString(await this.getJwt());
+  }
+  public async deleteJwt() {
+    await this.ssoStore.delete('idpJwt');
+  }
+  public async deleteRefreshToken() {
+    await this.ssoStore.delete('idpRefreshToken');
+  }
+  public async clearAuthState() {
+    await Promise.all([this.deleteJwt(), this.deleteRefreshToken()]);
+  }
+  public async performJwtHousekeeping() {
+    let jwt = await this.getJwt();
+    if (!jwt) {
+      return null;
+    }
+    const extractedJwt = await this.helpers.extractDataFromJwtString(jwt);
+    if (extractedJwt.data.refreshFrom < Date.now() && Date.now() < extractedJwt.data.validUntil) {
+      jwt = await this.refreshJwt();
+    } else if (Date.now() > extractedJwt.data.validUntil) {
+      await this.deleteJwt();
+      jwt = await this.refreshJwt();
+    }
+    return jwt;
+  }
+  public async refreshJwt(refreshTokenArg?: string): Promise<string | null> {
+    const refreshToken = refreshTokenArg || (await this.getRefreshToken());
+    if (!refreshToken) {
+      return null;
+    }
+    await this.typedsocketDeferred.promise;
+    const refreshJwtReq = this.typedsocket.createTypedRequest<plugins.idpInterfaces.request.IReq_RefreshJwt>('refreshJwt');
+    const response = await refreshJwtReq
+      .fire({ refreshToken })
+      .catch(async () => {
+        await this.clearAuthState();
+        return null;
+      });
+    if (!response?.jwt) {
+      await this.clearAuthState();
+      this.statusObservable.next(response?.status || 'loggedOut');
+      return null;
+    }
+    if (response.refreshToken) {
+      await this.storeRefreshToken(response.refreshToken);
+    }
+    await this.storeJwt(response.jwt);
+    this.statusObservable.next(response.status);
+    return response.jwt;
+  }
+  public async getTransferToken(appDataArg?: plugins.idpInterfaces.data.IAppLegacy): Promise<string | null> {
+    await this.performJwtHousekeeping();
+    const refreshToken = await this.getRefreshToken();
+    if (!refreshToken) {
+      return null;
+    }
+    await this.typedsocketDeferred.promise;
+    const getTransferToken = this.typedsocket.createTypedRequest<plugins.idpInterfaces.request.IReq_ExchangeRefreshTokenAndTransferToken>('exchangeRefreshTokenAndTransferToken');
+    const response = await getTransferToken.fire({
+      refreshToken,
+      appData: appDataArg || this.appData,
+    });
+    return response.transferToken;
+  }
+  public async getTransferTokenAndSwitchToLocation(newLocationArg: string): Promise<void> {
+    const transferToken = await this.getTransferToken();
+    if (!transferToken) {
+      alert('failed to get transfer token!');
+    }
+    const urlInstance = plugins.smarturl.Smarturl.createFromUrl(newLocationArg, {
+      searchParams: { transfertoken: transferToken },
+    });
+    window.location.href = urlInstance.toString();
+  }
+  public async processTransferToken(): Promise<boolean> {
+    const href = window.location.href;
+    const url = plugins.smarturl.Smarturl.createFromUrl(href);
+    const transferToken = url.searchParams['transfertoken'];
+    if (transferToken) {
+      await this.typedsocketDeferred.promise;
+      const getTransferToken = this.typedsocket.createTypedRequest<plugins.idpInterfaces.request.IReq_ExchangeRefreshTokenAndTransferToken>('exchangeRefreshTokenAndTransferToken');
+      const response = await getTransferToken.fire({
+        transferToken,
+        appData: this.appData,
+      });
+      if (response.refreshToken) {
+        await this.refreshJwt(response.refreshToken);
+      } else {
+        globalThis.alert?.('transfer token invalid');
+        return false;
+      }
+      return true;
+    }
+    return false;
+  }
+  public async checkJwtPresent() {
+    const jwt = await this.performJwtHousekeeping();
+    return !!jwt;
+  }
+  public async determineLoginStatus(requireLoginArg: boolean = false): Promise<boolean> {
+    const jwtPresent = await this.checkJwtPresent();
+    if (jwtPresent) {
+      const jwt = await this.performJwtHousekeeping();
+      return !!jwt;
+    }
+    const refreshToken = await this.getRefreshToken();
+    if (refreshToken) {
+      const jwt = await this.refreshJwt(refreshToken);
+      if (jwt) {
+        return true;
+      }
+    }
+    const transferTokenResult = await this.processTransferToken();
+    if (transferTokenResult) {
+      return true;
+    }
+    if (requireLoginArg) {
+      const urlInstance = plugins.smarturl.Smarturl.createFromUrl(
+        this.parsedReceptionUrl.clone().set('path', '/login').toString(),
+        {
+          searchParams: {
+            appdata: plugins.smartjson.stringifyBase64(this.appData),
+          },
+        },
+      );
+      if (!globalThis.location.href.startsWith(this.parsedReceptionUrl.toString())) {
+        globalThis.location.href = urlInstance.toString();
+      }
+    }
+    return false;
+  }
+  public async logout() {
+    const idpLogoutUrl = this.parsedReceptionUrl.clone().set('path', '/logout');
+    const refreshToken = await this.getRefreshToken();
+    if (!globalThis.location.href.startsWith(idpLogoutUrl.origin)) {
+      await this.clearAuthState();
+      globalThis.location.href = idpLogoutUrl.toString();
+      return;
+    }
+    if (!refreshToken) {
+      await this.clearAuthState();
+      window.location.href = this.parsedReceptionUrl.origin;
+      return;
+    }
+    await this.enableTypedSocket();
+    const logoutTr = this.typedsocket.createTypedRequest<plugins.idpInterfaces.request.ILogoutRequest>('logout');
+    await logoutTr.fire({ refreshToken });
+    await this.clearAuthState();
+    const appData = await this.getAppDataOnSsoDomain();
+    if (appData) {
+      window.location.href = appData.appUrl;
+    } else if (window.location.href.startsWith(idpLogoutUrl.origin)) {
+      window.location.href = this.parsedReceptionUrl.origin;
+    }
+  }
+  public typedsocketDeferred = plugins.smartpromise.defer<plugins.typedsocket.TypedSocket>();
+  public async enableTypedSocket() {
+    if (this.typedsocketDeferred.claimed) {
+      return this.typedsocketDeferred.promise;
+    }
+    this.typedsocketDeferred.claim();
+    this.typedsocket = await plugins.typedsocket.TypedSocket.createClient(
+      this.typedrouter,
+      this.parsedReceptionUrl.toString(),
+    );
+    this.typedsocketDeferred.resolve(this.typedsocket);
+    return this.typedsocketDeferred.promise;
+  }
+  public async stop() {
+    await this.typedsocket?.stop();
+  }
+  public async createOrganization(orgNameArg: string, orgSlugArg: string, modeArg: 'checkAvailability' | 'manifest') {
+    await this.typedsocketDeferred.promise;
+    const validateOrg = this.typedsocket.createTypedRequest<plugins.idpInterfaces.request.IReq_CreateOrganization>('createOrganization');
+    return validateOrg.fire({
+      jwt: await this.getJwt(),
+      action: modeArg,
+      organizationName: orgNameArg,
+      organizationSlug: orgSlugArg,
+      userId: (await this.getJwtData()).id,
+    });
+  }
+  public async getRolesAndOrganizations() {
+    await this.typedsocketDeferred.promise;
+    const rolesAndOrganizationsForUserId = this.typedsocket.createTypedRequest<plugins.idpInterfaces.request.IReq_GetRolesAndOrganizationsForUserId>('getRolesAndOrganizationsForUserId');
+    return rolesAndOrganizationsForUserId.fire({
+      jwt: await this.getJwt(),
+      userId: (await this.getJwtData()).id,
+    });
+  }
+  public async updatePaddleCheckoutId(orgIdArg: string, checkoutIdArg: string) {
+    await this.typedsocketDeferred.promise;
+    const updateBillingPlan = this.typedsocket.createTypedRequest<plugins.idpInterfaces.request.IReq_UpdatePaymentMethod>('updatePaymentMethod');
+    return updateBillingPlan.fire({
+      jwtString: await this.getJwt(),
+      orgId: orgIdArg,
+      paddle: { checkoutId: checkoutIdArg },
+    });
+  }
+  public async whoIs() {
+    await this.typedsocketDeferred.promise;
+    const whoIs = this.typedsocket.createTypedRequest<plugins.idpInterfaces.request.IReq_WhoIs>('whoIs');
+    return whoIs.fire({ jwt: await this.getJwt() });
+  }
+}