@mindline/sync 1.0.64 → 1.0.66
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.vs/ProjectSettings.json +3 -0
- package/.vs/slnx.sqlite +0 -0
- package/.vs/sync/FileContentIndex/c5cc7307-821c-4c04-b21c-9adf61581a14.vsidx +0 -0
- package/.vs/sync/v17/.wsuo +0 -0
- package/.vs/sync/v17/DocumentLayout.json +69 -3
- package/hybridspa.ts +16 -16
- package/index.d.ts +11 -10
- package/index.ts +112 -89
- package/package.json +1 -1
- package/.vs/sync/FileContentIndex/bf734a6e-3454-4e37-9b38-affd137408a9.vsidx +0 -0
package/.vs/slnx.sqlite
CHANGED
|
Binary file
|
package/.vs/sync/v17/.wsuo
CHANGED
|
Binary file
|
|
@@ -1,15 +1,28 @@
|
|
|
1
1
|
{
|
|
2
2
|
"Version": 1,
|
|
3
3
|
"WorkspaceRootPath": "C:\\Users\\ArvindSuthar\\source\\repos\\front\\sync\\",
|
|
4
|
-
"Documents": [
|
|
4
|
+
"Documents": [
|
|
5
|
+
{
|
|
6
|
+
"AbsoluteMoniker": "D:0:0:{A2FE74E1-B743-11D0-AE1A-00A0C90FFFC3}|\u003CMiscFiles\u003E|C:\\Users\\ArvindSuthar\\source\\repos\\front\\sync\\index.ts||{0F2454B1-A556-402D-A7D0-1FDE7F99DEE0}",
|
|
7
|
+
"RelativeMoniker": "D:0:0:{A2FE74E1-B743-11D0-AE1A-00A0C90FFFC3}|\u003CMiscFiles\u003E|solutionrelative:index.ts||{0F2454B1-A556-402D-A7D0-1FDE7F99DEE0}"
|
|
8
|
+
},
|
|
9
|
+
{
|
|
10
|
+
"AbsoluteMoniker": "D:0:0:{A2FE74E1-B743-11D0-AE1A-00A0C90FFFC3}|\u003CMiscFiles\u003E|C:\\Users\\ArvindSuthar\\source\\repos\\front\\sync\\hybridspa.ts||{0F2454B1-A556-402D-A7D0-1FDE7F99DEE0}",
|
|
11
|
+
"RelativeMoniker": "D:0:0:{A2FE74E1-B743-11D0-AE1A-00A0C90FFFC3}|\u003CMiscFiles\u003E|solutionrelative:hybridspa.ts||{0F2454B1-A556-402D-A7D0-1FDE7F99DEE0}"
|
|
12
|
+
},
|
|
13
|
+
{
|
|
14
|
+
"AbsoluteMoniker": "D:0:0:{A2FE74E1-B743-11D0-AE1A-00A0C90FFFC3}|\u003CMiscFiles\u003E|C:\\Users\\ArvindSuthar\\source\\repos\\front\\sync\\index.d.ts||{0F2454B1-A556-402D-A7D0-1FDE7F99DEE0}",
|
|
15
|
+
"RelativeMoniker": "D:0:0:{A2FE74E1-B743-11D0-AE1A-00A0C90FFFC3}|\u003CMiscFiles\u003E|solutionrelative:index.d.ts||{0F2454B1-A556-402D-A7D0-1FDE7F99DEE0}"
|
|
16
|
+
}
|
|
17
|
+
],
|
|
5
18
|
"DocumentGroupContainers": [
|
|
6
19
|
{
|
|
7
20
|
"Orientation": 0,
|
|
8
21
|
"VerticalTabListWidth": 256,
|
|
9
22
|
"DocumentGroups": [
|
|
10
23
|
{
|
|
11
|
-
"DockedWidth":
|
|
12
|
-
"SelectedChildIndex":
|
|
24
|
+
"DockedWidth": 179,
|
|
25
|
+
"SelectedChildIndex": 10,
|
|
13
26
|
"Children": [
|
|
14
27
|
{
|
|
15
28
|
"$type": "Bookmark",
|
|
@@ -43,6 +56,59 @@
|
|
|
43
56
|
"$type": "Bookmark",
|
|
44
57
|
"Name": "ST:1:0:{d212f56b-c48a-434c-a121-1c5d80b59b9f}"
|
|
45
58
|
},
|
|
59
|
+
{
|
|
60
|
+
"$type": "Document",
|
|
61
|
+
"DocumentIndex": 2,
|
|
62
|
+
"Title": "index.d.ts",
|
|
63
|
+
"DocumentMoniker": "C:\\Users\\ArvindSuthar\\source\\repos\\front\\sync\\index.d.ts",
|
|
64
|
+
"RelativeDocumentMoniker": "index.d.ts",
|
|
65
|
+
"ToolTip": "C:\\Users\\ArvindSuthar\\source\\repos\\front\\sync\\index.d.ts",
|
|
66
|
+
"RelativeToolTip": "index.d.ts",
|
|
67
|
+
"ViewState": "AQIAAP0AAAAAAAAAAAAhwA4BAABQAAAA",
|
|
68
|
+
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.003213|",
|
|
69
|
+
"WhenOpened": "2023-11-25T03:36:49.251Z"
|
|
70
|
+
},
|
|
71
|
+
{
|
|
72
|
+
"$type": "Document",
|
|
73
|
+
"DocumentIndex": 1,
|
|
74
|
+
"Title": "hybridspa.ts",
|
|
75
|
+
"DocumentMoniker": "C:\\Users\\ArvindSuthar\\source\\repos\\front\\sync\\hybridspa.ts",
|
|
76
|
+
"RelativeDocumentMoniker": "hybridspa.ts",
|
|
77
|
+
"ToolTip": "C:\\Users\\ArvindSuthar\\source\\repos\\front\\sync\\hybridspa.ts",
|
|
78
|
+
"RelativeToolTip": "hybridspa.ts",
|
|
79
|
+
"ViewState": "AQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
|
|
80
|
+
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.003213|",
|
|
81
|
+
"WhenOpened": "2023-11-25T02:18:34.862Z"
|
|
82
|
+
},
|
|
83
|
+
{
|
|
84
|
+
"$type": "Document",
|
|
85
|
+
"DocumentIndex": 0,
|
|
86
|
+
"Title": "index.ts",
|
|
87
|
+
"DocumentMoniker": "C:\\Users\\ArvindSuthar\\source\\repos\\front\\sync\\index.ts",
|
|
88
|
+
"RelativeDocumentMoniker": "index.ts",
|
|
89
|
+
"ToolTip": "C:\\Users\\ArvindSuthar\\source\\repos\\front\\sync\\index.ts",
|
|
90
|
+
"RelativeToolTip": "index.ts",
|
|
91
|
+
"ViewState": "AQIAAAAAAAAAAAAAAAAAAFAAAAAEAAAA",
|
|
92
|
+
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.003213|",
|
|
93
|
+
"WhenOpened": "2023-11-25T04:05:46.842Z",
|
|
94
|
+
"EditorCaption": ""
|
|
95
|
+
}
|
|
96
|
+
]
|
|
97
|
+
},
|
|
98
|
+
{
|
|
99
|
+
"DockedWidth": 221,
|
|
100
|
+
"SelectedChildIndex": -1,
|
|
101
|
+
"Children": [
|
|
102
|
+
{
|
|
103
|
+
"$type": "Bookmark",
|
|
104
|
+
"Name": "ST:0:0:{004be353-6879-467c-9d1e-9ac23cdf6d49}"
|
|
105
|
+
}
|
|
106
|
+
]
|
|
107
|
+
},
|
|
108
|
+
{
|
|
109
|
+
"DockedWidth": 294,
|
|
110
|
+
"SelectedChildIndex": -1,
|
|
111
|
+
"Children": [
|
|
46
112
|
{
|
|
47
113
|
"$type": "Bookmark",
|
|
48
114
|
"Name": "ST:0:0:{633c14d1-94e6-4de0-b649-bde18d3de13d}"
|
package/hybridspa.ts
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
import {
|
|
3
3
|
APIResult,
|
|
4
4
|
Config,
|
|
5
|
-
|
|
5
|
+
mindlineConfig,
|
|
6
6
|
Tenant,
|
|
7
7
|
TenantConfigInfo,
|
|
8
8
|
User
|
|
@@ -80,12 +80,12 @@ export async function adminDelete(
|
|
|
80
80
|
// are we performing deletion of a full admin?
|
|
81
81
|
let url: URL | null = null;
|
|
82
82
|
if (user.oid !== user.mail) {
|
|
83
|
-
url = new URL(
|
|
83
|
+
url = new URL(mindlineConfig.adminEndpoint());
|
|
84
84
|
url.searchParams.append("workspaceId", workspaceId);
|
|
85
85
|
}
|
|
86
86
|
// or of an incomplete admin?
|
|
87
87
|
else if (user.mail !== "") {
|
|
88
|
-
url = new URL(
|
|
88
|
+
url = new URL(mindlineConfig.adminIncompleteEndpoint());
|
|
89
89
|
url.searchParams.append("email", user.mail);
|
|
90
90
|
url.searchParams.append("workspaceId", workspaceId);
|
|
91
91
|
}
|
|
@@ -131,7 +131,7 @@ export async function adminsGet(
|
|
|
131
131
|
return result;
|
|
132
132
|
}
|
|
133
133
|
// create endpoint
|
|
134
|
-
let endpoint: string =
|
|
134
|
+
let endpoint: string = mindlineConfig.adminsEndpoint();
|
|
135
135
|
// add parameter to endpoint
|
|
136
136
|
let url: URL = new URL(endpoint);
|
|
137
137
|
url.searchParams.append("workspaceId", workspaceID);
|
|
@@ -191,7 +191,7 @@ export async function adminPost(
|
|
|
191
191
|
return result;
|
|
192
192
|
}
|
|
193
193
|
// create admin endpoint
|
|
194
|
-
let endpoint: string =
|
|
194
|
+
let endpoint: string = mindlineConfig.adminEndpoint();
|
|
195
195
|
// create headers
|
|
196
196
|
const headers = await defineHeaders(instance, authorizedUser);
|
|
197
197
|
// create admin body
|
|
@@ -240,7 +240,7 @@ export async function configDelete(
|
|
|
240
240
|
return result;
|
|
241
241
|
}
|
|
242
242
|
let url: URL | null = null;
|
|
243
|
-
url = new URL(
|
|
243
|
+
url = new URL(mindlineConfig.configEndpoint());
|
|
244
244
|
url.searchParams.append("configurationId", config.id);
|
|
245
245
|
// create headers
|
|
246
246
|
const headers = await defineHeaders(instance, authorizedUser);
|
|
@@ -286,7 +286,7 @@ export async function configPost(
|
|
|
286
286
|
return result;
|
|
287
287
|
}
|
|
288
288
|
// create no parameter config endpoint
|
|
289
|
-
let endpoint: string =
|
|
289
|
+
let endpoint: string = mindlineConfig.configEndpoint();
|
|
290
290
|
// create config headers
|
|
291
291
|
const headers = await defineHeaders(instance, authorizedUser);
|
|
292
292
|
// create config body
|
|
@@ -362,7 +362,7 @@ export async function configPut(
|
|
|
362
362
|
return result;
|
|
363
363
|
}
|
|
364
364
|
// create parametrized config endpoint
|
|
365
|
-
let endpoint: string =
|
|
365
|
+
let endpoint: string = mindlineConfig.configEndpoint();
|
|
366
366
|
let url: URL = new URL(endpoint);
|
|
367
367
|
url.searchParams.append("configurationId", config.id);
|
|
368
368
|
// create config headers
|
|
@@ -437,7 +437,7 @@ export async function configsGet(
|
|
|
437
437
|
return result;
|
|
438
438
|
}
|
|
439
439
|
// create endpoint
|
|
440
|
-
let endpoint: string =
|
|
440
|
+
let endpoint: string = mindlineConfig.configsEndpoint();
|
|
441
441
|
// add parameter to endpoint
|
|
442
442
|
let url: URL = new URL(endpoint);
|
|
443
443
|
url.searchParams.append("workspaceId", workspaceID);
|
|
@@ -498,7 +498,7 @@ export async function initPost(
|
|
|
498
498
|
return result;
|
|
499
499
|
}
|
|
500
500
|
// create init endpoint
|
|
501
|
-
let endpoint: string =
|
|
501
|
+
let endpoint: string = mindlineConfig.initEndpoint();
|
|
502
502
|
// create init headers
|
|
503
503
|
const headers = await defineHeaders(instance, authorizedUser);
|
|
504
504
|
// create init body
|
|
@@ -556,7 +556,7 @@ export async function tenantDelete(
|
|
|
556
556
|
return result;
|
|
557
557
|
}
|
|
558
558
|
// create parametrized tenant endpoint
|
|
559
|
-
let url: URL = new URL(
|
|
559
|
+
let url: URL = new URL(mindlineConfig.tenantEndpoint());
|
|
560
560
|
url.searchParams.append("tenantId", tenant.tid);
|
|
561
561
|
url.searchParams.append("workspaceId", workspaceId);
|
|
562
562
|
// create headers
|
|
@@ -603,7 +603,7 @@ export async function tenantsGet(
|
|
|
603
603
|
return result;
|
|
604
604
|
}
|
|
605
605
|
// create endpoint
|
|
606
|
-
let endpoint: string =
|
|
606
|
+
let endpoint: string = mindlineConfig.tenantsEndpoint();
|
|
607
607
|
// add parameter to endpoint
|
|
608
608
|
let url: URL = new URL(endpoint);
|
|
609
609
|
url.searchParams.append("workspaceId", workspaceID);
|
|
@@ -664,7 +664,7 @@ export async function tenantPost(
|
|
|
664
664
|
return result;
|
|
665
665
|
}
|
|
666
666
|
// create parametrized tenant endpoint
|
|
667
|
-
let endpoint: string =
|
|
667
|
+
let endpoint: string = mindlineConfig.tenantEndpoint();
|
|
668
668
|
let url: URL = new URL(endpoint);
|
|
669
669
|
url.searchParams.append("workspaceId", workspaceId);
|
|
670
670
|
// create tenant headers
|
|
@@ -719,7 +719,7 @@ export async function tenantPut(
|
|
|
719
719
|
return result;
|
|
720
720
|
}
|
|
721
721
|
// create tenant endpoint
|
|
722
|
-
let endpoint: string =
|
|
722
|
+
let endpoint: string = mindlineConfig.tenantEndpoint();
|
|
723
723
|
// create tenant headers
|
|
724
724
|
const headers = await defineHeaders(instance, authorizedUser);
|
|
725
725
|
// establish read and write service principals ("notassigned" is default")
|
|
@@ -784,7 +784,7 @@ export async function workspacesGet(
|
|
|
784
784
|
return result;
|
|
785
785
|
}
|
|
786
786
|
// create workspaces endpoint
|
|
787
|
-
let endpoint: string =
|
|
787
|
+
let endpoint: string = mindlineConfig.workspaceEndpoint();
|
|
788
788
|
// create workspace endpoint
|
|
789
789
|
let url: URL = new URL(endpoint);
|
|
790
790
|
// create workspace headers
|
|
@@ -843,7 +843,7 @@ export async function readerPost(
|
|
|
843
843
|
return result;
|
|
844
844
|
}
|
|
845
845
|
// create reader endpoint
|
|
846
|
-
let readerEndpoint: string =
|
|
846
|
+
let readerEndpoint: string = mindlineConfig.readerStartSyncEndpoint();
|
|
847
847
|
let url: URL = new URL(readerEndpoint);
|
|
848
848
|
url.searchParams.append("configurationId", config.id);
|
|
849
849
|
// create headers
|
package/index.d.ts
CHANGED
|
@@ -11,7 +11,7 @@ declare module "@mindline/sync" {
|
|
|
11
11
|
array: Array<Object> | null;
|
|
12
12
|
constructor();
|
|
13
13
|
}
|
|
14
|
-
export class
|
|
14
|
+
export class mindlineConfig {
|
|
15
15
|
static environmentTag: string;
|
|
16
16
|
// config API endpoints
|
|
17
17
|
static adminEndpoint(): string;
|
|
@@ -26,14 +26,15 @@ declare module "@mindline/sync" {
|
|
|
26
26
|
static workspaceEndpoint(): string;
|
|
27
27
|
// SignalR endpoint
|
|
28
28
|
static signalREndpoint(): string;
|
|
29
|
+
}
|
|
30
|
+
export class graphConfig {
|
|
29
31
|
// graph API endpoints
|
|
30
|
-
static
|
|
31
|
-
static
|
|
32
|
-
static
|
|
33
|
-
static
|
|
34
|
-
static
|
|
35
|
-
static
|
|
36
|
-
// sovereign cloud tenant info endpoints
|
|
32
|
+
static graphGroupsPredicate: string;
|
|
33
|
+
static graphMailPredicate: string;
|
|
34
|
+
static graphMePredicate: string;
|
|
35
|
+
static graphOauth2PermissionGrantsPredicate: string;
|
|
36
|
+
static graphServicePrincipalsPredicate: string;
|
|
37
|
+
static graphUsersPredicate: string;
|
|
37
38
|
static graphTenantByDomainPredicate: string;
|
|
38
39
|
static graphTenantByIdPredicate: string;
|
|
39
40
|
// authority values are based on the well-known OIDC auth endpoints
|
|
@@ -267,9 +268,9 @@ declare module "@mindline/sync" {
|
|
|
267
268
|
// Azure AD Graph API
|
|
268
269
|
//
|
|
269
270
|
export function groupsGet(instance: IPublicClientApplication, user: User | undefined, groupSearchString: string): Promise<{ groups: Group[], error: string }>;
|
|
270
|
-
export function oauth2PermissionGrantsGet(options: RequestInit, spid: string, oid: string): Promise<{grants: string, error: string}>;
|
|
271
|
+
export function oauth2PermissionGrantsGet(options: RequestInit, user: User, spid: string, oid: string): Promise<{grants: string, error: string}>;
|
|
271
272
|
export function requestAdminConsent(user: User, scope: string): void;
|
|
272
|
-
export function servicePrincipalGet(options: RequestInit, appid: string): Promise<{ spid: string, error: string }>;
|
|
273
|
+
export function servicePrincipalGet(options: RequestInit, user: User, appid: string): Promise<{ spid: string, error: string }>;
|
|
273
274
|
export function signIn(user: User, tasks: TaskArray): boolean;
|
|
274
275
|
export function signInIncrementally(user: User, scope: string): void;
|
|
275
276
|
export function signOut(user: User): boolean;
|
package/index.ts
CHANGED
|
@@ -28,58 +28,59 @@ export class APIResult {
|
|
|
28
28
|
array: Array<Object> | null;
|
|
29
29
|
constructor() { this.result = true; this.status = 200; this.error = ""; this.version = version; this.array = null; }
|
|
30
30
|
}
|
|
31
|
-
export class
|
|
31
|
+
export class mindlineConfig {
|
|
32
32
|
static environmentTag: string = "dev";
|
|
33
33
|
// config API endpoints
|
|
34
34
|
static adminEndpoint(): string {
|
|
35
|
-
return `https://${
|
|
35
|
+
return `https://${mindlineConfig.environmentTag}-configurationapi-westus.azurewebsites.net/api/v1/admin`
|
|
36
36
|
};
|
|
37
37
|
static adminIncompleteEndpoint(): string {
|
|
38
|
-
return `https://${
|
|
38
|
+
return `https://${mindlineConfig.environmentTag}-configurationapi-westus.azurewebsites.net/api/v1/incomplete-admin`;
|
|
39
39
|
};
|
|
40
40
|
static adminsEndpoint(): string {
|
|
41
|
-
return `https://${
|
|
42
|
-
};
|
|
41
|
+
return `https://${mindlineConfig.environmentTag}-configurationapi-westus.azurewebsites.net/api/v1/admins`;
|
|
42
|
+
};
|
|
43
43
|
static configEndpoint(): string {
|
|
44
|
-
return `https://${
|
|
44
|
+
return `https://${mindlineConfig.environmentTag}-configurationapi-westus.azurewebsites.net/api/v1/configuration`;
|
|
45
45
|
};
|
|
46
46
|
static configsEndpoint(): string {
|
|
47
|
-
return `https://${
|
|
47
|
+
return `https://${mindlineConfig.environmentTag}-configurationapi-westus.azurewebsites.net/api/v1/configurations`;
|
|
48
48
|
};
|
|
49
49
|
static initEndpoint(): string {
|
|
50
|
-
return `https://${
|
|
50
|
+
return `https://${mindlineConfig.environmentTag}-configurationapi-westus.azurewebsites.net/api/v1/configuration/init`;
|
|
51
51
|
};
|
|
52
52
|
static readerStartSyncEndpoint(): string {
|
|
53
|
-
return `https://${
|
|
53
|
+
return `https://${mindlineConfig.environmentTag}-configurationapi-westus.azurewebsites.net/api/v1/startSync`;
|
|
54
54
|
};
|
|
55
55
|
static tenantEndpoint(): string {
|
|
56
|
-
return `https://${
|
|
56
|
+
return `https://${mindlineConfig.environmentTag}-configurationapi-westus.azurewebsites.net/api/v1/tenant`;
|
|
57
57
|
};
|
|
58
58
|
static tenantsEndpoint(): string {
|
|
59
|
-
return `https://${
|
|
59
|
+
return `https://${mindlineConfig.environmentTag}-configurationapi-westus.azurewebsites.net/api/v1/tenants`;
|
|
60
60
|
};
|
|
61
61
|
static workspaceEndpoint(): string {
|
|
62
|
-
return `https://${
|
|
62
|
+
return `https://${mindlineConfig.environmentTag}-configurationapi-westus.azurewebsites.net/api/v1/workspaces`;
|
|
63
63
|
};
|
|
64
64
|
// SignalR endpoint
|
|
65
65
|
static signalREndpoint(): string {
|
|
66
|
-
return `https://${
|
|
66
|
+
return `https://${mindlineConfig.environmentTag}-signalrdispatcher-westus.azurewebsites.net/statsHub`;
|
|
67
67
|
};
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
static
|
|
72
|
-
static
|
|
73
|
-
static
|
|
74
|
-
static
|
|
75
|
-
|
|
68
|
+
}
|
|
69
|
+
export class graphConfig {
|
|
70
|
+
// graph API predicates
|
|
71
|
+
static graphGroupsPredicate: string = "v1.0/groups";
|
|
72
|
+
static graphMailPredicate: string = "v1.0/me/messages";
|
|
73
|
+
static graphMePredicate: string = "v1.0/me";
|
|
74
|
+
static graphOauth2PermissionGrantsPredicate: string = "v1.0/oauth2PermissionGrants";
|
|
75
|
+
static graphServicePrincipalsPredicate: string = "v1.0/servicePrincipals";
|
|
76
|
+
static graphUsersPredicate: string = "v1.0/users";
|
|
76
77
|
static graphTenantByDomainPredicate: string = "beta/tenantRelationships/findTenantInformationByDomainName";
|
|
77
78
|
static graphTenantByIdPredicate: string = "beta/tenantRelationships/findTenantInformationByTenantId";
|
|
78
79
|
// authority values are based on the well-known OIDC auth endpoints
|
|
79
80
|
static authorityWW: string = "https://login.microsoftonline.com/";
|
|
80
|
-
static authorityWWRegex: RegExp = /^(https:\/\/login\.microsoftonline\.
|
|
81
|
+
static authorityWWRegex: RegExp = /^(https:\/\/login\.microsoftonline\.com\/)([\dA-Fa-f]{8}-[\dA-Fa-f]{4}-[\dA-Fa-f]{4}-[\dA-Fa-f]{4}-[\dA-Fa-f]{12})\/oauth2\/authorize$/;
|
|
81
82
|
static authorityUS: string = "https://login.microsoftonline.us/";
|
|
82
|
-
static authorityUSRegex: RegExp = /^(https:\/\/login\.microsoftonline\.
|
|
83
|
+
static authorityUSRegex: RegExp = /^(https:\/\/login\.microsoftonline\.us\/)([\dA-Fa-f]{8}-[\dA-Fa-f]{4}-[\dA-Fa-f]{4}-[\dA-Fa-f]{4}-[\dA-Fa-f]{12})\/oauth2\/authorize$/;
|
|
83
84
|
static authorityCN: string = "https://login.partner.microsoftonline.cn/";
|
|
84
85
|
static authorityCNRegex: RegExp = /^(https:\/\/login\.partner\.microsoftonline\.cn\/)([\dA-Fa-f]{8}-[\dA-Fa-f]{4}-[\dA-Fa-f]{4}-[\dA-Fa-f]{4}-[\dA-Fa-f]{12})\/oauth2\/authorize$/;
|
|
85
86
|
};
|
|
@@ -172,6 +173,14 @@ export class Tenant {
|
|
|
172
173
|
this.graphSP = "";
|
|
173
174
|
}
|
|
174
175
|
}
|
|
176
|
+
function getAppId(authority: string): string {
|
|
177
|
+
switch (authority) {
|
|
178
|
+
case graphConfig.authorityWW: return "63100afe-506e-4bb2-8ff7-d8d5ab373129";
|
|
179
|
+
case graphConfig.authorityUS: return "762d313c-dcfd-4582-8cc5-53cc9844f62e";
|
|
180
|
+
case graphConfig.authorityCN: return "814e0ebd-ada6-42b4-b8ae-e26f3861a0aa";
|
|
181
|
+
default: debugger; return "";
|
|
182
|
+
}
|
|
183
|
+
}
|
|
175
184
|
function getGraphEndpoint(authority: string): string {
|
|
176
185
|
switch (authority) {
|
|
177
186
|
case graphConfig.authorityWW: return "https://graph.microsoft.com/";
|
|
@@ -180,6 +189,14 @@ function getGraphEndpoint(authority: string): string {
|
|
|
180
189
|
default: debugger; return "";
|
|
181
190
|
}
|
|
182
191
|
}
|
|
192
|
+
function getLoginEndpoint(authority: string): string {
|
|
193
|
+
switch (authority) {
|
|
194
|
+
case graphConfig.authorityWW: return "https://login.microsoft.com/";
|
|
195
|
+
case graphConfig.authorityUS: return "https://login.microsoft.us/";
|
|
196
|
+
case graphConfig.authorityCN: return "https://login.partner.microsoftonline.cn/";
|
|
197
|
+
default: debugger; return "";
|
|
198
|
+
}
|
|
199
|
+
}
|
|
183
200
|
export enum TenantConfigType {
|
|
184
201
|
source = 1,
|
|
185
202
|
target = 2,
|
|
@@ -1112,7 +1129,7 @@ export class BatchArray {
|
|
|
1112
1129
|
}
|
|
1113
1130
|
// start SignalR connection based on each batchId
|
|
1114
1131
|
batchIdArray.map((batchPair: Object) => {
|
|
1115
|
-
const endpoint: string =
|
|
1132
|
+
const endpoint: string = mindlineConfig.signalREndpoint();
|
|
1116
1133
|
let endpointUrl: URL = new URL(endpoint);
|
|
1117
1134
|
endpointUrl.searchParams.append("statsId", batchPair.BatchId);
|
|
1118
1135
|
console.log(`Creating SignalR Hub for TID: ${batchPair.SourceId} ${endpointUrl.href}`);
|
|
@@ -1195,9 +1212,7 @@ export class TenantNode {
|
|
|
1195
1212
|
}
|
|
1196
1213
|
}
|
|
1197
1214
|
}
|
|
1198
|
-
//
|
|
1199
|
-
// Azure AD Graph API
|
|
1200
|
-
//
|
|
1215
|
+
// ======================= Azure AD Graph API ===============================
|
|
1201
1216
|
export async function groupsGet(instance: IPublicClientApplication, user: User | undefined, groupSearchString: string): Promise<{ groups: Group[], error: string }> {
|
|
1202
1217
|
// need a logged in user to get graph users
|
|
1203
1218
|
if (user == null || user.spacode == "") {
|
|
@@ -1208,7 +1223,8 @@ export async function groupsGet(instance: IPublicClientApplication, user: User |
|
|
|
1208
1223
|
let options = { method: "GET", headers: headers };
|
|
1209
1224
|
// make /groups endpoint call
|
|
1210
1225
|
try {
|
|
1211
|
-
let groupsEndpoint =
|
|
1226
|
+
let groupsEndpoint: string = getGraphEndpoint(user.authority) + graphConfig.graphGroupsPredicate;
|
|
1227
|
+
groupsEndpoint += `/?$filter=startsWith(displayName, '${groupSearchString}')`;
|
|
1212
1228
|
let response = await fetch(groupsEndpoint, options);
|
|
1213
1229
|
let data = await response.json();
|
|
1214
1230
|
if (typeof data.error !== "undefined") {
|
|
@@ -1221,10 +1237,10 @@ export async function groupsGet(instance: IPublicClientApplication, user: User |
|
|
|
1221
1237
|
return { groups: [], error: `Exception: ${error}` };
|
|
1222
1238
|
}
|
|
1223
1239
|
}
|
|
1224
|
-
export async function oauth2PermissionGrantsGet(options: RequestInit, spid: string, oid: string): Promise<{ grants: string, id: string, error: string }> {
|
|
1240
|
+
export async function oauth2PermissionGrantsGet(options: RequestInit, user: User, spid: string, oid: string): Promise<{ grants: string, id: string, error: string }> {
|
|
1225
1241
|
try {
|
|
1226
1242
|
// make /oauth2PermissionGrants endpoint call
|
|
1227
|
-
let spurl: string = graphConfig.
|
|
1243
|
+
let spurl: string = getGraphEndpoint(user.authority) + graphConfig.graphOauth2PermissionGrantsPredicate;
|
|
1228
1244
|
let url: URL = new URL(spurl);
|
|
1229
1245
|
url.searchParams.append("$filter", `resourceId eq '${spid}' and consentType eq 'Principal' and principalId eq '${oid}'`);
|
|
1230
1246
|
let response = await fetch(url.href, options);
|
|
@@ -1251,7 +1267,8 @@ export async function oauth2PermissionGrantsSet(instance: IPublicClientApplicati
|
|
|
1251
1267
|
}
|
|
1252
1268
|
// make /oauth2PermissionGrants endpoint call
|
|
1253
1269
|
try {
|
|
1254
|
-
let grantsurl: string =
|
|
1270
|
+
let grantsurl: string = getGraphEndpoint(loggedInUser.authority);
|
|
1271
|
+
grantsurl += graphConfig.graphOauth2PermissionGrantsPredicate + `/${id}`;
|
|
1255
1272
|
let scopesBody: string = `{ "scope": "${scopes}" }`;
|
|
1256
1273
|
const headers = await defineHeaders(instance, loggedInUser);
|
|
1257
1274
|
let options: RequestInit = { method: "PATCH", headers: headers, body: scopesBody };
|
|
@@ -1288,19 +1305,21 @@ export function requestAdminConsent(user: User, scope: string): void {
|
|
|
1288
1305
|
// https://learn.microsoft.com/EN-US/azure/active-directory/develop/scopes-oidc#client-credentials-grant-flow-and-default
|
|
1289
1306
|
// https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow#request-the-permissions-from-a-directory-admin
|
|
1290
1307
|
//
|
|
1291
|
-
let adminConsentURL: string =
|
|
1308
|
+
let adminConsentURL: string = getLoginEndpoint(user.authority);
|
|
1292
1309
|
adminConsentURL += user.tid;
|
|
1293
1310
|
adminConsentURL += "/adminconsent";
|
|
1294
1311
|
let url: URL = new URL(adminConsentURL);
|
|
1295
|
-
|
|
1312
|
+
let clientId: string = getAppId(user.authority);
|
|
1313
|
+
url.searchParams.append("client_id", clientId);
|
|
1296
1314
|
url.searchParams.append("redirect_uri", window.location.origin);
|
|
1297
1315
|
url.searchParams.append("domain_hint", user.companyDomain);
|
|
1298
1316
|
window.location.assign(url.href);
|
|
1299
1317
|
}
|
|
1300
|
-
export async function servicePrincipalGet(options: RequestInit, appid: string): Promise<{ spid: string, error: string }> {
|
|
1318
|
+
export async function servicePrincipalGet(options: RequestInit, user: User, appid: string): Promise<{ spid: string, error: string }> {
|
|
1301
1319
|
try {
|
|
1302
1320
|
// make /servicePrincipals endpoint call to get the Service Principal ID
|
|
1303
|
-
let spurl: string =
|
|
1321
|
+
let spurl: string = getGraphEndpoint(user.authority);
|
|
1322
|
+
spurl += graphConfig.graphServicePrincipalsPredicate;
|
|
1304
1323
|
spurl += `(appId='${appid}')`;
|
|
1305
1324
|
let url: URL = new URL(spurl);
|
|
1306
1325
|
url.searchParams.append("$select", "id,appId,displayName");
|
|
@@ -1335,63 +1354,52 @@ export async function signIn(user: User, tasks: TaskArray): Promise<boolean> {
|
|
|
1335
1354
|
return false;
|
|
1336
1355
|
}
|
|
1337
1356
|
}
|
|
1357
|
+
// SignIn by an admin consents the app, Challenge adds incremental permissions dynamically, but requires a consented app - TEST THIS
|
|
1358
|
+
let signinURL: string = window.location.href;
|
|
1338
1359
|
switch (user.authority) {
|
|
1339
1360
|
case graphConfig.authorityWW:
|
|
1340
|
-
|
|
1341
|
-
|
|
1342
|
-
tenantURL += "MicrosoftIdentity/Account/SignIn";
|
|
1343
|
-
let url: URL = new URL(tenantURL);
|
|
1344
|
-
url.searchParams.append("redirectUri", window.location.origin);
|
|
1345
|
-
url.searchParams.append("domainHint", "organizations");
|
|
1346
|
-
if (user.oid !== "1") { // "1" means no mail has been set by admin initially in the app, oid and mail should be same if user has set and not yet signed in
|
|
1347
|
-
url.searchParams.append("loginHint", user.mail);
|
|
1348
|
-
}
|
|
1349
|
-
tasks.setTaskStart("initialization", new Date());
|
|
1350
|
-
tasks.setTaskStart("authenticate user", new Date());
|
|
1351
|
-
window.location.assign(url.href);
|
|
1352
|
-
return true;
|
|
1361
|
+
signinURL += "MicrosoftIdentity/Account/SignIn";
|
|
1362
|
+
break;
|
|
1353
1363
|
case graphConfig.authorityUS:
|
|
1354
|
-
|
|
1355
|
-
|
|
1356
|
-
usURL += "USGov";
|
|
1357
|
-
let urlUS: URL = new URL(usURL);
|
|
1358
|
-
urlUS.searchParams.append("redirectUri", window.location.origin);
|
|
1359
|
-
urlUS.searchParams.append("domainHint", user.companyDomain);
|
|
1360
|
-
if (user.oid !== "1") {
|
|
1361
|
-
urlUS.searchParams.append("loginHint", user.mail);
|
|
1362
|
-
}
|
|
1363
|
-
tasks.setTaskStart("initialization", new Date());
|
|
1364
|
-
tasks.setTaskStart("authenticate user", new Date());
|
|
1365
|
-
window.location.assign(urlUS.href);
|
|
1366
|
-
return true;
|
|
1364
|
+
signinURL += "USGov/SignIn";
|
|
1365
|
+
break;
|
|
1367
1366
|
case graphConfig.authorityCN:
|
|
1368
|
-
|
|
1369
|
-
|
|
1370
|
-
chinaURL += "China";
|
|
1371
|
-
let urlChina: URL = new URL(chinaURL);
|
|
1372
|
-
urlChina.searchParams.append("redirectUri", window.location.origin);
|
|
1373
|
-
urlChina.searchParams.append("domainHint", user.companyDomain);
|
|
1374
|
-
if (user.oid !== "1") {
|
|
1375
|
-
urlChina.searchParams.append("loginHint", user.mail);
|
|
1376
|
-
}
|
|
1377
|
-
tasks.setTaskStart("initialization", new Date());
|
|
1378
|
-
tasks.setTaskStart("authenticate user", new Date());
|
|
1379
|
-
window.location.assign(urlChina.href);
|
|
1380
|
-
return true;
|
|
1367
|
+
signinURL += "China/SignIn";
|
|
1368
|
+
break;
|
|
1381
1369
|
default:
|
|
1382
1370
|
// unknown authority
|
|
1383
|
-
|
|
1371
|
+
return false;
|
|
1372
|
+
}
|
|
1373
|
+
let url: URL = new URL(signinURL);
|
|
1374
|
+
url.searchParams.append("redirectUri", window.location.origin);
|
|
1375
|
+
url.searchParams.append("domainHint", "organizations");
|
|
1376
|
+
if (user.oid !== "1") { // "1" means no mail has been set by admin initially in the app, oid and mail should be same if user has set and not yet signed in
|
|
1377
|
+
url.searchParams.append("loginHint", user.mail);
|
|
1384
1378
|
}
|
|
1385
|
-
|
|
1379
|
+
tasks.setTaskStart("initialization", new Date());
|
|
1380
|
+
tasks.setTaskStart("authenticate user", new Date());
|
|
1381
|
+
window.location.assign(url.href);
|
|
1382
|
+
return true;
|
|
1386
1383
|
}
|
|
1387
1384
|
export function signInIncrementally(user: User, scope: string): void {
|
|
1388
1385
|
if (user.oid == "1") return;
|
|
1389
|
-
//
|
|
1390
|
-
|
|
1391
|
-
|
|
1392
|
-
|
|
1393
|
-
|
|
1394
|
-
|
|
1386
|
+
// for dynamic delegated permissions, we can use the Microsoft Identity Web Account Controller Challenge method
|
|
1387
|
+
let challengeURL: string = window.location.href;
|
|
1388
|
+
switch (user.authority) {
|
|
1389
|
+
case graphConfig.authorityWW:
|
|
1390
|
+
challengeURL += "MicrosoftIdentity/Account/Challenge";
|
|
1391
|
+
break;
|
|
1392
|
+
case graphConfig.authorityUS:
|
|
1393
|
+
challengeURL += "USGov/Challenge";
|
|
1394
|
+
break;
|
|
1395
|
+
case graphConfig.authorityCN:
|
|
1396
|
+
challengeURL += "China/Challenge";
|
|
1397
|
+
break;
|
|
1398
|
+
default:
|
|
1399
|
+
// unknown authority
|
|
1400
|
+
return;
|
|
1401
|
+
}
|
|
1402
|
+
let url: URL = new URL(challengeURL);
|
|
1395
1403
|
url.searchParams.append("redirectUri", window.location.origin);
|
|
1396
1404
|
url.searchParams.append("scope", scope);
|
|
1397
1405
|
url.searchParams.append("domainHint", "organizations");
|
|
@@ -1421,8 +1429,23 @@ export async function signOut(user: User): Promise<boolean>{
|
|
|
1421
1429
|
// OnRedirectToIdentityProviderForSignOut - this is where we set the logout_hint for user we are trying to logout
|
|
1422
1430
|
// OnSignedOutCallbackRedirect - called when the call sucessfully completes
|
|
1423
1431
|
let signoutURL: string = window.location.href;
|
|
1424
|
-
|
|
1425
|
-
|
|
1432
|
+
switch (user.authority) {
|
|
1433
|
+
case graphConfig.authorityWW:
|
|
1434
|
+
signoutURL += "MicrosoftIdentity/Account/SignOut";
|
|
1435
|
+
break;
|
|
1436
|
+
case graphConfig.authorityUS:
|
|
1437
|
+
signoutURL += "USGov/SignOut";
|
|
1438
|
+
break;
|
|
1439
|
+
case graphConfig.authorityCN:
|
|
1440
|
+
signoutURL += "China/SignOut";
|
|
1441
|
+
break;
|
|
1442
|
+
default:
|
|
1443
|
+
// unknown authority
|
|
1444
|
+
return false;
|
|
1445
|
+
}
|
|
1446
|
+
url = new URL(signoutURL);
|
|
1447
|
+
url.searchParams.append("redirectUri", window.location.origin);
|
|
1448
|
+
window.location.assign(url.href);
|
|
1426
1449
|
return true;
|
|
1427
1450
|
}
|
|
1428
1451
|
//tenantRelationshipsGetByDomain - query AAD for associated company name and id
|
|
@@ -1615,7 +1638,7 @@ export async function userDelegatedScopesGet(instance: IPublicClientApplication,
|
|
|
1615
1638
|
try {
|
|
1616
1639
|
// first, cache Graph resource ID (service principal) for this tenant if we don't have it already
|
|
1617
1640
|
if (tenant.graphSP == "") {
|
|
1618
|
-
let { spid, error } = await servicePrincipalGet(options, "00000003-0000-0000-c000-000000000000");
|
|
1641
|
+
let { spid, error } = await servicePrincipalGet(options, loggedInUser, "00000003-0000-0000-c000-000000000000");
|
|
1619
1642
|
if (error != "") {
|
|
1620
1643
|
debugger;
|
|
1621
1644
|
return { scopes: null, id: null, error: `${error}` };
|
|
@@ -1623,7 +1646,7 @@ export async function userDelegatedScopesGet(instance: IPublicClientApplication,
|
|
|
1623
1646
|
tenant.graphSP = spid;
|
|
1624
1647
|
}
|
|
1625
1648
|
// then, retrieve the delegated Graph permissions assigned to this user
|
|
1626
|
-
let { grants, id, error } = await oauth2PermissionGrantsGet(options, tenant.graphSP, loggedInUser.oid);
|
|
1649
|
+
let { grants, id, error } = await oauth2PermissionGrantsGet(options, loggedInUser, tenant.graphSP, loggedInUser.oid);
|
|
1627
1650
|
if (error != "") {
|
|
1628
1651
|
debugger;
|
|
1629
1652
|
return { scopes: null, id: null, error: `${error}` };
|
|
@@ -1673,7 +1696,9 @@ export async function usersGet(instance: IPublicClientApplication, user: User |
|
|
|
1673
1696
|
// create headers
|
|
1674
1697
|
const headers = await defineHeaders(instance, user);
|
|
1675
1698
|
let options = { method: "GET", headers: headers };
|
|
1676
|
-
let
|
|
1699
|
+
let usersEndpoint = getGraphEndpoint(user.authority);
|
|
1700
|
+
usersEndpoint += graphConfig.graphUsersPredicate;
|
|
1701
|
+
let response = await fetch(usersEndpoint, options);
|
|
1677
1702
|
let data = await response.json();
|
|
1678
1703
|
if (typeof data.error !== "undefined") {
|
|
1679
1704
|
return { users: [], error: `${data.error.code}: ${data.error.message}` };
|
|
@@ -1812,9 +1837,7 @@ export async function userAdd(instance: IPublicClientApplication, authorizedUser
|
|
|
1812
1837
|
export async function userRemove(instance: IPublicClientApplication, authorizedUser: User, user: User, workspaceId: string): Promise<APIResult> {
|
|
1813
1838
|
return adminDelete(instance, authorizedUser, user, workspaceId);
|
|
1814
1839
|
}
|
|
1815
|
-
//
|
|
1816
1840
|
// Mindline Config API internal helper functions
|
|
1817
|
-
//
|
|
1818
1841
|
function processReturnedAdmins(workspace: Workspace, ii: InitInfo, returnedAdmins: Array<Object>) {
|
|
1819
1842
|
returnedAdmins.map((item) => {
|
|
1820
1843
|
// are we already tracking this user?
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mindline/sync",
|
|
3
3
|
"type": "module",
|
|
4
|
-
"version": "1.0.
|
|
4
|
+
"version": "1.0.66",
|
|
5
5
|
"types": "index.d.ts",
|
|
6
6
|
"exports": "./index.ts",
|
|
7
7
|
"description": "sync is a node.js package encapsulating javscript classes required for configuring Mindline sync service.",
|
|
Binary file
|