@masterteam/gateway-auth 0.0.16 → 0.0.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/fesm2022/masterteam-gateway-auth.mjs +553 -67
  2. package/fesm2022/masterteam-gateway-auth.mjs.map +1 -1
  3. package/package.json +2 -2
  4. package/types/masterteam-gateway-auth.d.ts +113 -3
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@masterteam/gateway-auth",
3
- "version": "0.0.16",
3
+ "version": "0.0.18",
4
4
  "publishConfig": {
5
5
  "directory": "../../../dist/masterteam/gateway-auth",
6
6
  "linkDirectory": true,
@@ -15,7 +15,7 @@
15
15
  "@ngxs/store": "^20.1.0",
16
16
  "rxjs": "^7.8.2",
17
17
  "@masterteam/brand-display": "^0.0.11",
18
- "@masterteam/components": "^0.0.167",
18
+ "@masterteam/components": "^0.0.169",
19
19
  "@masterteam/icons": "^0.0.15"
20
20
  },
21
21
  "repository": {
package/types/masterteam-gateway-auth.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { HttpContextToken, HttpInterceptorFn, HttpRequest } from '@angular/common/http';
1
+ import { HttpClient, HttpContextToken, HttpInterceptorFn, HttpRequest } from '@angular/common/http';
2
2
  import * as _angular_core from '@angular/core';
3
3
  import { InjectionToken, OnInit } from '@angular/core';
4
4
  import { StateContext } from '@ngxs/store';
@@ -80,6 +80,7 @@ interface GatewayLoginResponse {
80
80
  interface GatewayLoginRequest {
81
81
  userName: string;
82
82
  password: string;
83
+ applicationCode?: string;
83
84
  isEncrypted?: boolean;
84
85
  deviceToken?: string;
85
86
  recaptchaToken?: string;
@@ -133,6 +134,7 @@ interface GatewayExternalTokenExchangeRequest {
133
134
  subjectToken: string;
134
135
  subjectTokenType: 'urn:ietf:params:oauth:token-type:access_token';
135
136
  deviceToken?: string;
137
+ applicationCode?: string;
136
138
  }
137
139
  interface GatewayNafathStartRequest {
138
140
  nationalId: string;
@@ -183,6 +185,32 @@ interface GatewayMappedUser {
183
185
  tempSessionId?: string;
184
186
  id?: string;
185
187
  }
188
+ interface GatewayApplicationListItem {
189
+ applicationCode: string;
190
+ applicationName?: string;
191
+ launchUrl?: string;
192
+ }
193
+ interface GatewayApplicationsData {
194
+ applications: GatewayApplicationListItem[];
195
+ }
196
+ interface GatewayApplicationLaunchData {
197
+ applicationCode: string;
198
+ applicationName?: string;
199
+ launchUrl?: string;
200
+ tokens: GatewayAuthTokens;
201
+ }
202
+ interface GatewayApplicationContextData {
203
+ applicationCode: string;
204
+ }
205
+ interface GatewayAppSession {
206
+ applicationCode: string;
207
+ applicationName?: string;
208
+ launchUrl?: string;
209
+ accessToken: string;
210
+ refreshToken: string;
211
+ accessTokenExpiresAt: string | null;
212
+ refreshTokenExpiresAt: string | null;
213
+ }
186
214
 
187
215
  declare const GATEWAY_AUTH_DEVICE_TOKEN = "web-app";
188
216
  declare const GATEWAY_AUTH_DEVICE_TOKEN_STORAGE_KEY = "masterteam.gateway-auth.device-token";
@@ -195,9 +223,12 @@ declare const GATEWAY_AUTH_ENDPOINTS: {
195
223
  readonly resendMfa: "auth/2fa/resend";
196
224
  readonly refresh: "auth/refresh";
197
225
  readonly logout: "auth/logout";
226
+ readonly meApplications: "auth/me/applications";
227
+ readonly applicationContext: "public/application-context";
198
228
  readonly ssoProviders: "auth/sso/providers";
199
229
  readonly ssoExchange: "auth/sso/exchange";
200
230
  readonly ssoTokenExchange: "auth/sso/token-exchange";
231
+ readonly applicationLaunch: (applicationCode: string) => string;
201
232
  readonly nafathStart: (providerKey: string) => string;
202
233
  readonly nafathStatus: (providerKey: string) => string;
203
234
  readonly ssoStart: (providerKey: string) => string;
@@ -206,6 +237,10 @@ declare function isExpired(expireAt?: string | null, skewMs?: number): boolean;
206
237
  declare function resolveApiDateValue(value?: GatewayApiDateValue | null): string | null;
207
238
  declare function mapGatewayTokens(tokens: GatewayAuthTokens | GatewayRefreshData): GatewayMappedTokens;
208
239
  declare function resolveAccessTokenRefreshSkewMs(skewMs?: number | null): number;
240
+ declare function resolveApplicationCodeOption(applicationCode?: string | (() => string | null | undefined) | null): string | null;
241
+ declare function buildApplicationContextUrl(applicationApiBaseUrl: string | null | undefined): string | null;
242
+ declare function clearApplicationContextCache(applicationApiBaseUrl?: string | null): void;
243
+ declare function fetchApplicationContextCode(http: HttpClient, applicationApiBaseUrl: string | null | undefined): Promise<string | null>;
209
244
  declare function resolveGatewayDeviceToken(deviceToken?: GatewayDeviceTokenOption | null): string;
210
245
  declare function withGatewayAuthNgswBypass(url: string): string;
211
246
  declare function readPersistedGatewayAuthTokens(): GatewayAuthTokens | null;
@@ -256,6 +291,8 @@ type AuthRefreshData = GatewayRefreshData;
256
291
  type TwoFactorChallenge = GatewayTwoFactorChallenge;
257
292
  type SsoProvider = GatewaySsoProvider;
258
293
  type Response<T> = GatewayResponse<T>;
294
+ type ApplicationListItem = GatewayApplicationListItem;
295
+ type AppSession = GatewayAppSession;
259
296
  type AuthRateLimitScope = 'login' | 'verifyMfa' | 'resendMfa' | 'ssoExchange';
260
297
  interface AuthRateLimit {
261
298
  retryUntilMs: number | null;
@@ -278,6 +315,10 @@ interface AuthStateModel {
278
315
  pendingMfa: TwoFactorChallenge | null;
279
316
  ssoProviders: SsoProvider[];
280
317
  rateLimit: AuthRateLimit | null;
318
+ applications: ApplicationListItem[];
319
+ applicationsLoading: boolean;
320
+ appSessions: Record<string, AppSession>;
321
+ appLaunchLoading: Record<string, boolean>;
281
322
  }
282
323
  declare const AUTH_STATE_DEFAULTS: AuthStateModel;
283
324
  declare function sanitizePersistedAuthState(obj: Partial<AuthStateModel> | null): {
@@ -290,6 +331,10 @@ declare function sanitizePersistedAuthState(obj: Partial<AuthStateModel> | null)
290
331
  pendingMfa: null;
291
332
  ssoProviders: never[];
292
333
  rateLimit: AuthRateLimit | null;
334
+ applications: GatewayApplicationListItem[];
335
+ applicationsLoading: boolean;
336
+ appSessions: Record<string, GatewayAppSession>;
337
+ appLaunchLoading: {};
293
338
  user: User | null;
294
339
  token: string | null;
295
340
  refreshToken: string | null;
@@ -298,6 +343,7 @@ declare function sanitizePersistedAuthState(obj: Partial<AuthStateModel> | null)
298
343
  };
299
344
 
300
345
  type GatewayAuthHookResult = void | null | Observable<unknown> | Promise<unknown>;
346
+ type GatewayApplicationCodeOption = string | (() => string | null | undefined);
301
347
  interface GatewayLoginLanguageOption {
302
348
  key: string;
303
349
  id?: string;
@@ -327,6 +373,9 @@ interface GatewayAuthOptions {
327
373
  defaultAuthenticatedRoute?: string | (() => string | null | undefined);
328
374
  preserveSsoProvidersOnLogout?: boolean;
329
375
  loginPage?: GatewayLoginPageOptions;
376
+ applicationCode?: GatewayApplicationCodeOption;
377
+ autoLaunchApplicationOnLogin?: boolean;
378
+ resolveApplicationCodeForRequest?: (request: HttpRequest<unknown>) => string | null | undefined;
330
379
  afterLogin?: (session: GatewayLoginResponse, ctx: StateContext<AuthStateModel>) => GatewayAuthHookResult;
331
380
  beforeLocalLogout?: (ctx: StateContext<AuthStateModel>) => GatewayAuthHookResult;
332
381
  }
@@ -398,6 +447,40 @@ declare class SetRateLimit {
398
447
  declare class ClearRateLimit {
399
448
  static readonly type = "[Auth] Clear Rate Limit";
400
449
  }
450
+ declare class LoadApplications {
451
+ static readonly type = "[Auth] Load Applications";
452
+ }
453
+ declare class SetApplications {
454
+ applications: ApplicationListItem[];
455
+ static readonly type = "[Auth] Set Applications";
456
+ constructor(applications: ApplicationListItem[]);
457
+ }
458
+ declare class LaunchApplication {
459
+ applicationCode: string;
460
+ returnUrl?: string | undefined;
461
+ navigate: boolean;
462
+ static readonly type = "[Auth] Launch Application";
463
+ constructor(applicationCode: string, returnUrl?: string | undefined, navigate?: boolean);
464
+ }
465
+ declare class SetAppSession {
466
+ session: AppSession;
467
+ static readonly type = "[Auth] Set App Session";
468
+ constructor(session: AppSession);
469
+ }
470
+ declare class UpdateAppTokens {
471
+ applicationCode: string;
472
+ tokens: AuthTokens;
473
+ static readonly type = "[Auth] Update App Tokens";
474
+ constructor(applicationCode: string, tokens: AuthTokens);
475
+ }
476
+ declare class ClearAppSession {
477
+ applicationCode: string;
478
+ static readonly type = "[Auth] Clear App Session";
479
+ constructor(applicationCode: string);
480
+ }
481
+ declare class ClearAllAppSessions {
482
+ static readonly type = "[Auth] Clear All App Sessions";
483
+ }
401
484
 
402
485
  declare class GatewayAuthState {
403
486
  private readonly http;
@@ -421,7 +504,12 @@ declare class GatewayAuthState {
421
504
  static rateLimit(state: AuthStateModel): AuthRateLimit | null;
422
505
  static isAdmin(state: AuthStateModel): boolean;
423
506
  static userDetails(state: AuthStateModel): _masterteam_gateway_auth.GatewayUserDetails | null;
507
+ static applications(state: AuthStateModel): ApplicationListItem[];
508
+ static applicationsLoading(state: AuthStateModel): boolean;
509
+ static appSessions(state: AuthStateModel): Record<string, AppSession>;
510
+ static appLaunchLoading(state: AuthStateModel): Record<string, boolean>;
424
511
  login(ctx: StateContext<AuthStateModel>, action: Login): Observable<unknown>;
512
+ private resolveApplicationCode$;
425
513
  verifyMfa(ctx: StateContext<AuthStateModel>, action: VerifyMfa): Observable<unknown>;
426
514
  resendMfa(ctx: StateContext<AuthStateModel>): Observable<GatewayResponse<GatewayTwoFactorChallenge> | null>;
427
515
  loadSsoProviders(ctx: StateContext<AuthStateModel>): Observable<GatewayResponse<GatewaySsoProvidersData> | null>;
@@ -436,9 +524,18 @@ declare class GatewayAuthState {
436
524
  clearPendingMfa(ctx: StateContext<AuthStateModel>): void;
437
525
  setRateLimit(ctx: StateContext<AuthStateModel>, action: SetRateLimit): void;
438
526
  clearRateLimit(ctx: StateContext<AuthStateModel>): void;
527
+ loadApplications(ctx: StateContext<AuthStateModel>): Observable<GatewayResponse<GatewayApplicationsData> | null>;
528
+ setApplications(ctx: StateContext<AuthStateModel>, action: SetApplications): void;
529
+ launchApplication(ctx: StateContext<AuthStateModel>, action: LaunchApplication): Observable<GatewayResponse<GatewayApplicationLaunchData> | null>;
530
+ setAppSession(ctx: StateContext<AuthStateModel>, action: SetAppSession): void;
531
+ updateAppTokens(ctx: StateContext<AuthStateModel>, action: UpdateAppTokens): void;
532
+ clearAppSession(ctx: StateContext<AuthStateModel>, action: ClearAppSession): void;
533
+ clearAllAppSessions(ctx: StateContext<AuthStateModel>): void;
534
+ private removeLoadingFlag;
439
535
  private isRateLimitActive;
440
536
  private handleRateLimit;
441
537
  private handleLoginResponse;
538
+ private maybeAutoLaunchApplication;
442
539
  private get deviceToken();
443
540
  private gatewayUrl;
444
541
  private gatewayAuthMutationUrl;
@@ -468,6 +565,10 @@ declare class GatewayAuthFacade {
468
565
  readonly rateLimit: _angular_core.Signal<_masterteam_gateway_auth.AuthRateLimit | null>;
469
566
  readonly isAdmin: _angular_core.Signal<boolean>;
470
567
  readonly userDetails: _angular_core.Signal<_masterteam_gateway_auth.GatewayUserDetails | null>;
568
+ readonly applications: _angular_core.Signal<_masterteam_gateway_auth.GatewayApplicationListItem[]>;
569
+ readonly applicationsLoading: _angular_core.Signal<boolean>;
570
+ readonly appSessions: _angular_core.Signal<Record<string, _masterteam_gateway_auth.GatewayAppSession>>;
571
+ readonly appLaunchLoading: _angular_core.Signal<Record<string, boolean>>;
471
572
  readonly hasError: _angular_core.Signal<boolean>;
472
573
  readonly isReady: _angular_core.Signal<boolean>;
473
574
  readonly userDisplayName: _angular_core.Signal<string>;
@@ -484,6 +585,15 @@ declare class GatewayAuthFacade {
484
585
  logout(remote?: boolean): void;
485
586
  updateUserData(user: User): void;
486
587
  updateTokens(tokens: AuthTokens): void;
588
+ loadApplications(): void;
589
+ setApplications(applications: ApplicationListItem[]): void;
590
+ launchApplication(applicationCode: string, returnUrl?: string, navigate?: boolean): void;
591
+ setAppSession(session: AppSession): void;
592
+ updateAppTokens(applicationCode: string, tokens: AuthTokens): void;
593
+ clearAppSession(applicationCode: string): void;
594
+ clearAllAppSessions(): void;
595
+ getAppSession(applicationCode: string): AppSession | null;
596
+ getAppToken(applicationCode: string): string | null;
487
597
  clearError(): void;
488
598
  clearPendingMfa(): void;
489
599
  clearRateLimit(): void;
@@ -606,5 +716,5 @@ declare class GatewaySsoButtons implements OnInit {
606
716
  static ɵcmp: _angular_core.ɵɵComponentDeclaration<GatewaySsoButtons, "mt-gateway-sso-buttons", never, { "dividerLabel": { "alias": "dividerLabel"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
607
717
  }
608
718
 
609
- export { AUTH_STATE_DEFAULTS, ClearError, ClearPendingMfa, ClearRateLimit, ExchangeSsoCode, GATEWAY_AUTH_ACCESS_TOKEN_REFRESH_SKEW_MS, GATEWAY_AUTH_DEVICE_TOKEN, GATEWAY_AUTH_DEVICE_TOKEN_STORAGE_KEY, GATEWAY_AUTH_ENDPOINTS, GATEWAY_AUTH_NGSW_BYPASS_PARAM, GATEWAY_AUTH_OPTIONS, GATEWAY_AUTH_RETRY_CONTEXT, GATEWAY_RATE_LIMIT_ERROR_CODE, GATEWAY_RATE_LIMIT_STATUS, GatewayAuthFacade, GatewayAuthState, GatewayLoginPage, GatewayMfa, GatewaySsoButtons, GatewaySsoCallback, GatewaySsoSession, LoadSsoProviders, Login, LoginFailure, LoginSuccess, Logout, ResendMfa, SetRateLimit, StartSso, UpdateTokens, UpdateUserData, VerifyMfa, buildGatewayUrl, buildSsoStartUrl, createSecureClientState, extractGatewayRateLimitInfo, gatewayAuthInterceptor, getGatewayErrorMessage, hasGatewayTokens, isExpired, isGatewayAuthRequestUrl, mapGatewayTokens, mapGatewayUser, normalizeGatewayBase, readPersistedGatewayAuthTokens, resolveAccessTokenRefreshSkewMs, resolveApiDateValue, resolveGatewayAuthPath, resolveGatewayDeviceToken, sanitizePersistedAuthState, withGatewayAuthNgswBypass };
610
- export type { ApiDateValue, AuthLoginData, AuthRateLimit, AuthRateLimitScope, AuthRefreshData, AuthStateModel, AuthTokens, BuildSsoStartUrlOptions, GatewayApiDateValue, GatewayAuthHookResult, GatewayAuthOptions, GatewayAuthTokens, GatewayDeviceTokenOption, GatewayExternalTokenExchangeRequest, GatewayLoginLanguageOption, GatewayLoginPageOptions, GatewayLoginRequest, GatewayLoginResponse, GatewayLogoutRequest, GatewayMappedTokens, GatewayMappedUser, GatewayNafathStartData, GatewayNafathStartRequest, GatewayNafathStatusData, GatewayNafathStatusRequest, GatewayPlatform, GatewayRateLimitInfo, GatewayRefreshData, GatewayRefreshRequest, GatewayResendMfaRequest, GatewayResponse, GatewaySsoExchangeRequest, GatewaySsoFlow, GatewaySsoProtocol, GatewaySsoProvider, GatewaySsoProvidersData, GatewayTwoFactorChallenge, GatewayUserDetails, GatewayVerifyMfaRequest, LoginRequest, Response, SsoProvider, TwoFactorChallenge, User, UserDetails };
719
+ export { AUTH_STATE_DEFAULTS, ClearAllAppSessions, ClearAppSession, ClearError, ClearPendingMfa, ClearRateLimit, ExchangeSsoCode, GATEWAY_AUTH_ACCESS_TOKEN_REFRESH_SKEW_MS, GATEWAY_AUTH_DEVICE_TOKEN, GATEWAY_AUTH_DEVICE_TOKEN_STORAGE_KEY, GATEWAY_AUTH_ENDPOINTS, GATEWAY_AUTH_NGSW_BYPASS_PARAM, GATEWAY_AUTH_OPTIONS, GATEWAY_AUTH_RETRY_CONTEXT, GATEWAY_RATE_LIMIT_ERROR_CODE, GATEWAY_RATE_LIMIT_STATUS, GatewayAuthFacade, GatewayAuthState, GatewayLoginPage, GatewayMfa, GatewaySsoButtons, GatewaySsoCallback, GatewaySsoSession, LaunchApplication, LoadApplications, LoadSsoProviders, Login, LoginFailure, LoginSuccess, Logout, ResendMfa, SetAppSession, SetApplications, SetRateLimit, StartSso, UpdateAppTokens, UpdateTokens, UpdateUserData, VerifyMfa, buildApplicationContextUrl, buildGatewayUrl, buildSsoStartUrl, clearApplicationContextCache, createSecureClientState, extractGatewayRateLimitInfo, fetchApplicationContextCode, gatewayAuthInterceptor, getGatewayErrorMessage, hasGatewayTokens, isExpired, isGatewayAuthRequestUrl, mapGatewayTokens, mapGatewayUser, normalizeGatewayBase, readPersistedGatewayAuthTokens, resolveAccessTokenRefreshSkewMs, resolveApiDateValue, resolveApplicationCodeOption, resolveGatewayAuthPath, resolveGatewayDeviceToken, sanitizePersistedAuthState, withGatewayAuthNgswBypass };
720
+ export type { ApiDateValue, AppSession, ApplicationListItem, AuthLoginData, AuthRateLimit, AuthRateLimitScope, AuthRefreshData, AuthStateModel, AuthTokens, BuildSsoStartUrlOptions, GatewayApiDateValue, GatewayAppSession, GatewayApplicationCodeOption, GatewayApplicationContextData, GatewayApplicationLaunchData, GatewayApplicationListItem, GatewayApplicationsData, GatewayAuthHookResult, GatewayAuthOptions, GatewayAuthTokens, GatewayDeviceTokenOption, GatewayExternalTokenExchangeRequest, GatewayLoginLanguageOption, GatewayLoginPageOptions, GatewayLoginRequest, GatewayLoginResponse, GatewayLogoutRequest, GatewayMappedTokens, GatewayMappedUser, GatewayNafathStartData, GatewayNafathStartRequest, GatewayNafathStatusData, GatewayNafathStatusRequest, GatewayPlatform, GatewayRateLimitInfo, GatewayRefreshData, GatewayRefreshRequest, GatewayResendMfaRequest, GatewayResponse, GatewaySsoExchangeRequest, GatewaySsoFlow, GatewaySsoProtocol, GatewaySsoProvider, GatewaySsoProvidersData, GatewayTwoFactorChallenge, GatewayUserDetails, GatewayVerifyMfaRequest, LoginRequest, Response, SsoProvider, TwoFactorChallenge, User, UserDetails };