@intelicity/gates-sdk 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/index.d.ts +1 -1
  2. package/dist/index.d.ts.map +1 -1
  3. package/dist/services/admin-service.d.ts +28 -0
  4. package/dist/services/admin-service.d.ts.map +1 -1
  5. package/dist/services/admin-service.js +50 -9
  6. package/dist/services/auth-service.d.ts +3 -3
  7. package/dist/services/auth-service.d.ts.map +1 -1
  8. package/dist/services/auth-service.js +16 -17
  9. package/package.json +1 -1
package/dist/index.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  export type { GatesUser, GatesRole } from "./models/user.js";
2
2
  export { AuthService, type VerifyOptions } from "./services/auth-service.js";
3
- export { GatesAdminService, type GatesAdminConfig, type CreateUserParams, type CreateUserResponse, type UpdateUserParams, } from "./services/admin-service.js";
3
+ export { GatesAdminService, type GatesAdminConfig, type CreateUserParams, type CreateUserResponse, type UpdateUserParams, type GetAllUsersParams, type GetAllUsersResponse, type UserDetails, } from "./services/admin-service.js";
4
4
  export { extractToken, authenticate, authorize, handleAuth, type AuthHandlerConfig, } from "./auth/middleware.js";
5
5
  export { GatesError, AuthenticationError, TokenExpiredError, InvalidTokenError, MissingAuthorizationError, UnauthorizedGroupError, ApiError, ApiRequestError, MissingParameterError, InvalidParameterError, } from "./errors/error.js";
6
6
  //# sourceMappingURL=index.d.ts.map
package/dist/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,YAAY,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAG7D,OAAO,EAAE,WAAW,EAAE,KAAK,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAE7E,OAAO,EACL,iBAAiB,EACjB,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,EACrB,KAAK,kBAAkB,EACvB,KAAK,gBAAgB,GACtB,MAAM,6BAA6B,CAAC;AAGrC,OAAO,EACL,YAAY,EACZ,YAAY,EACZ,SAAS,EACT,UAAU,EACV,KAAK,iBAAiB,GACvB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EACL,UAAU,EACV,mBAAmB,EACnB,iBAAiB,EACjB,iBAAiB,EACjB,yBAAyB,EACzB,sBAAsB,EACtB,QAAQ,EACR,eAAe,EACf,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,mBAAmB,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,YAAY,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAG7D,OAAO,EAAE,WAAW,EAAE,KAAK,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAE7E,OAAO,EACL,iBAAiB,EACjB,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,EACrB,KAAK,kBAAkB,EACvB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,mBAAmB,EACxB,KAAK,WAAW,GACjB,MAAM,6BAA6B,CAAC;AAGrC,OAAO,EACL,YAAY,EACZ,YAAY,EACZ,SAAS,EACT,UAAU,EACV,KAAK,iBAAiB,GACvB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EACL,UAAU,EACV,mBAAmB,EACnB,iBAAiB,EACjB,iBAAiB,EACjB,yBAAyB,EACzB,sBAAsB,EACtB,QAAQ,EACR,eAAe,EACf,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,mBAAmB,CAAC"}
package/dist/services/admin-service.d.ts CHANGED
@@ -16,11 +16,39 @@ export type UpdateUserParams = {
16
16
  clients_to_add?: string[];
17
17
  clients_to_remove?: string[];
18
18
  };
19
+ export type GetAllUsersParams = {
20
+ client: string;
21
+ paginationToken?: string;
22
+ pageSize?: number;
23
+ nameFilter?: string;
24
+ emailFilter?: string;
25
+ roleFilter?: string;
26
+ enabledFilter?: boolean;
27
+ };
28
+ export type UserDetails = {
29
+ user_id: string;
30
+ name: string;
31
+ email: string;
32
+ role: string;
33
+ clients: string[];
34
+ enabled: boolean;
35
+ user_status: string;
36
+ password_expires_at?: number;
37
+ updated_at?: number;
38
+ created_at?: number;
39
+ };
40
+ export type GetAllUsersResponse = {
41
+ users: UserDetails[];
42
+ next_pagination_token: string | null;
43
+ has_more: boolean;
44
+ total_count: number;
45
+ };
19
46
  export declare class GatesAdminService {
20
47
  private readonly baseUrl;
21
48
  constructor(config: GatesAdminConfig);
22
49
  createUser(idToken: string, params: CreateUserParams): Promise<CreateUserResponse>;
23
50
  updateUser(idToken: string, params: UpdateUserParams): Promise<void>;
51
+ getAllUsers(idToken: string, params: GetAllUsersParams): Promise<GetAllUsersResponse>;
24
52
  private request;
25
53
  }
26
54
  //# sourceMappingURL=admin-service.d.ts.map
package/dist/services/admin-service.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"admin-service.d.ts","sourceRoot":"","sources":["../../src/services/admin-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAO9C,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,SAAS,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC9B,CAAC;AASF,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,MAAM,EAAE,gBAAgB;IAO9B,UAAU,CACd,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAAC,kBAAkB,CAAC;IAgDxB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;YAgB5D,OAAO;CAmCtB"}
1
+ {"version":3,"file":"admin-service.d.ts","sourceRoot":"","sources":["../../src/services/admin-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAO9C,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,SAAS,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC9B,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,KAAK,EAAE,WAAW,EAAE,CAAC;IACrB,qBAAqB,EAAE,MAAM,GAAG,IAAI,CAAC;IACrC,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AASF,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,MAAM,EAAE,gBAAgB;IAO9B,UAAU,CACd,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAAC,kBAAkB,CAAC;IAgDxB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IAgBpE,WAAW,CACf,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,iBAAiB,GACxB,OAAO,CAAC,mBAAmB,CAAC;YAoCjB,OAAO;CAgDtB"}
package/dist/services/admin-service.js CHANGED
@@ -60,17 +60,58 @@ export class GatesAdminService {
60
60
  clients_to_remove: params.clients_to_remove,
61
61
  });
62
62
  }
63
- async request(method, path, idToken, body) {
63
+ async getAllUsers(idToken, params) {
64
+ if (!idToken) {
65
+ throw new MissingParameterError("idToken");
66
+ }
67
+ if (!params.client || params.client.trim().length === 0) {
68
+ throw new MissingParameterError("client");
69
+ }
70
+ const query = {
71
+ group_filter: params.client,
72
+ };
73
+ if (params.paginationToken !== undefined) {
74
+ query.pagination_token = params.paginationToken;
75
+ }
76
+ if (params.pageSize !== undefined) {
77
+ query.page_size = String(params.pageSize);
78
+ }
79
+ if (params.nameFilter !== undefined) {
80
+ query.name_filter = params.nameFilter;
81
+ }
82
+ if (params.emailFilter !== undefined) {
83
+ query.email_filter = params.emailFilter;
84
+ }
85
+ if (params.roleFilter !== undefined) {
86
+ query.role_filter = params.roleFilter;
87
+ }
88
+ if (params.enabledFilter !== undefined) {
89
+ query.enabled_filter = String(params.enabledFilter);
90
+ }
91
+ const response = await this.request("GET", "/get-all-users", idToken, query);
92
+ return (await response.json());
93
+ }
94
+ async request(method, path, idToken, params) {
95
+ let url = `${this.baseUrl}${path}`;
96
+ const init = {
97
+ method,
98
+ headers: {
99
+ "Content-Type": "application/json",
100
+ Authorization: `Bearer ${idToken}`,
101
+ },
102
+ };
103
+ if (method === "GET") {
104
+ if (params) {
105
+ const searchParams = new URLSearchParams(params);
106
+ url += `?${searchParams.toString()}`;
107
+ }
108
+ }
109
+ else {
110
+ init.body = JSON.stringify(params);
111
+ }
64
112
  let response;
65
113
  try {
66
- response = await fetch(`${this.baseUrl}${path}`, {
67
- method,
68
- headers: {
69
- "Content-Type": "application/json",
70
- Authorization: `Bearer ${idToken}`,
71
- },
72
- body: JSON.stringify(body),
73
- });
114
+ response = await fetch(url, init);
74
115
  }
75
116
  catch (error) {
76
117
  const message = error instanceof Error ? error.message : "Unknown network error";
package/dist/services/auth-service.d.ts CHANGED
@@ -2,13 +2,13 @@ import { GatesUser } from "../models/user.js";
2
2
  export type VerifyOptions = {
3
3
  region: string;
4
4
  userPoolId: string;
5
- clientId: string;
5
+ clientId?: string | string[];
6
6
  };
7
7
  export declare class AuthService {
8
8
  private readonly region;
9
9
  private readonly userPoolId;
10
- private readonly clientId;
11
- constructor(region: string, userPoolId: string, clientId: string);
10
+ private readonly clientIds;
11
+ constructor(region: string, userPoolId: string, clientId?: string | string[]);
12
12
  private get issuer();
13
13
  verifyToken(token: string): Promise<GatesUser>;
14
14
  }
package/dist/services/auth-service.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth-service.d.ts","sourceRoot":"","sources":["../../src/services/auth-service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAQ9C,MAAM,MAAM,aAAa,GAAG;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;gBAEtB,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM;IAiChE,OAAO,KAAK,MAAM,GAEjB;IAEK,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;CAqFrD"}
1
+ {"version":3,"file":"auth-service.d.ts","sourceRoot":"","sources":["../../src/services/auth-service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAQ9C,MAAM,MAAM,aAAa,GAAG;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC9B,CAAC;AAEF,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAW;gBAEzB,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE;IA2B5E,OAAO,KAAK,MAAM,GAEjB;IAEK,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;CAuFrD"}
package/dist/services/auth-service.js CHANGED
@@ -4,7 +4,7 @@ import { InvalidParameterError, MissingParameterError, TokenExpiredError, Invali
4
4
  export class AuthService {
5
5
  region;
6
6
  userPoolId;
7
- clientId;
7
+ clientIds;
8
8
  constructor(region, userPoolId, clientId) {
9
9
  if (!region || typeof region !== "string" || region.trim().length === 0) {
10
10
  throw new MissingParameterError("region");
@@ -14,17 +14,14 @@ export class AuthService {
14
14
  userPoolId.trim().length === 0) {
15
15
  throw new MissingParameterError("userPoolId");
16
16
  }
17
- if (!clientId ||
18
- typeof clientId !== "string" ||
19
- clientId.trim().length === 0) {
20
- throw new MissingParameterError("clientId");
21
- }
22
17
  if (!/^[a-zA-Z0-9_-]+$/.test(userPoolId)) {
23
18
  throw new InvalidParameterError("userPoolId", "must follow AWS format (alphanumeric, hyphens, and underscores only)");
24
19
  }
25
20
  this.region = region;
26
21
  this.userPoolId = userPoolId;
27
- this.clientId = clientId;
22
+ this.clientIds = clientId
23
+ ? Array.isArray(clientId) ? clientId : [clientId]
24
+ : [];
28
25
  }
29
26
  get issuer() {
30
27
  return `https://cognito-idp.${this.region}.amazonaws.com/${this.userPoolId}`;
@@ -42,17 +39,19 @@ export class AuthService {
42
39
  if (tokenUse !== "access" && tokenUse !== "id") {
43
40
  throw new InvalidTokenError(`Unsupported token_use: expected "access" or "id", got "${tokenUse}"`);
44
41
  }
45
- if (tokenUse === "access") {
46
- const clientId = payload.client_id;
47
- if (clientId !== this.clientId) {
48
- throw new InvalidTokenError("Token client_id does not match the expected clientId");
42
+ if (this.clientIds.length > 0) {
43
+ if (tokenUse === "access") {
44
+ const clientId = payload.client_id;
45
+ if (!clientId || !this.clientIds.includes(clientId)) {
46
+ throw new InvalidTokenError("Token client_id does not match any expected clientId");
47
+ }
49
48
  }
50
- }
51
- else {
52
- const aud = payload.aud;
53
- const audValue = Array.isArray(aud) ? aud[0] : aud;
54
- if (audValue !== this.clientId) {
55
- throw new InvalidTokenError("Token audience does not match the expected clientId");
49
+ else {
50
+ const aud = payload.aud;
51
+ const audValue = Array.isArray(aud) ? aud[0] : aud;
52
+ if (!audValue || !this.clientIds.includes(audValue)) {
53
+ throw new InvalidTokenError("Token audience does not match any expected clientId");
54
+ }
56
55
  }
57
56
  }
58
57
  const groups = payload["cognito:groups"] ?? [];
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@intelicity/gates-sdk",
3
- "version": "0.2.0",
3
+ "version": "0.2.1",
4
4
  "description": "Simple SDK for authenticating users with AWS Cognito JWT tokens",
5
5
  "type": "module",
6
6
  "exports": "./dist/index.js",