@scalekit-sdk/node 1.0.7 → 1.0.8

package/src/pkg/grpc/scalekit/v1/organizations/organizations_connect.ts

@@ -3,7 +3,7 @@
 /* eslint-disable */
 // @ts-nocheck
 
-import { CreateOrganizationRequest, CreateOrganizationResponse, DeleteOrganizationRequest, DeletePortalLinkByIdRequest, DeletePortalLinkRequest, GeneratePortalLinkRequest, GeneratePortalLinkResponse, GetOrganizationRequest, GetOrganizationResponse, GetPortalLinkRequest, GetPortalLinksResponse, ListOrganizationsRequest, ListOrganizationsResponse, SearchOrganizationsRequest, SearchOrganizationsResponse, UpdateOrganizationRequest, UpdateOrganizationResponse } from "./organizations_pb.js";
+import { CreateOrganizationRequest, CreateOrganizationResponse, DeleteOrganizationRequest, DeletePortalLinkByIdRequest, DeletePortalLinkRequest, GeneratePortalLinkRequest, GeneratePortalLinkResponse, GetOrganizationRequest, GetOrganizationResponse, GetPortalLinkRequest, GetPortalLinksResponse, ListOrganizationsRequest, ListOrganizationsResponse, SearchOrganizationsRequest, SearchOrganizationsResponse, UpdateOrganizationRequest, UpdateOrganizationResponse, UpdateOrganizationSettingsRequest } from "./organizations_pb.js";
 import { Empty, MethodKind } from "@bufbuild/protobuf";
 
 /**
@@ -108,6 +108,15 @@ export const OrganizationService = {
       O: GetPortalLinksResponse,
       kind: MethodKind.Unary,
     },
+    /**
+     * @generated from rpc scalekit.v1.organizations.OrganizationService.UpdateOrganizationSettings
+     */
+    updateOrganizationSettings: {
+      name: "UpdateOrganizationSettings",
+      I: UpdateOrganizationSettingsRequest,
+      O: GetOrganizationResponse,
+      kind: MethodKind.Unary,
+    },
   }
 } as const;
 

package/src/pkg/grpc/scalekit/v1/organizations/organizations_pb.ts

@@ -199,6 +199,13 @@ export class Organization extends Message<Organization> {
    */
   metadata: { [key: string]: string } = {};
 
+  /**
+   * Organization Settings
+   *
+   * @generated from field: scalekit.v1.organizations.OrganizationSettings settings = 8;
+   */
+  settings?: OrganizationSettings;
+
   constructor(data?: PartialMessage<Organization>) {
     super();
     proto3.util.initPartial(data, this);
@@ -214,6 +221,7 @@ export class Organization extends Message<Organization> {
     { no: 5, name: "region_code", kind: "enum", T: proto3.getEnumType(RegionCode) },
     { no: 6, name: "external_id", kind: "scalar", T: 9 /* ScalarType.STRING */, opt: true },
     { no: 7, name: "metadata", kind: "map", K: 9 /* ScalarType.STRING */, V: {kind: "scalar", T: 9 /* ScalarType.STRING */} },
+    { no: 8, name: "settings", kind: "message", T: OrganizationSettings },
   ]);
 
   static fromBinary(bytes: Uint8Array, options?: Partial<BinaryReadOptions>): Organization {
@@ -532,6 +540,11 @@ export class ListOrganizationsResponse extends Message<ListOrganizationsResponse
    */
   organizations: Organization[] = [];
 
+  /**
+   * @generated from field: string prev_page_token = 4;
+   */
+  prevPageToken = "";
+
   constructor(data?: PartialMessage<ListOrganizationsResponse>) {
     super();
     proto3.util.initPartial(data, this);
@@ -543,6 +556,7 @@ export class ListOrganizationsResponse extends Message<ListOrganizationsResponse
     { no: 1, name: "next_page_token", kind: "scalar", T: 9 /* ScalarType.STRING */ },
     { no: 2, name: "total_size", kind: "scalar", T: 13 /* ScalarType.UINT32 */ },
     { no: 3, name: "organizations", kind: "message", T: Organization, repeated: true },
+    { no: 4, name: "prev_page_token", kind: "scalar", T: 9 /* ScalarType.STRING */ },
   ]);
 
   static fromBinary(bytes: Uint8Array, options?: Partial<BinaryReadOptions>): ListOrganizationsResponse {
@@ -630,6 +644,11 @@ export class SearchOrganizationsResponse extends Message<SearchOrganizationsResp
    */
   organizations: Organization[] = [];
 
+  /**
+   * @generated from field: string prev_page_token = 4;
+   */
+  prevPageToken = "";
+
   constructor(data?: PartialMessage<SearchOrganizationsResponse>) {
     super();
     proto3.util.initPartial(data, this);
@@ -641,6 +660,7 @@ export class SearchOrganizationsResponse extends Message<SearchOrganizationsResp
     { no: 1, name: "next_page_token", kind: "scalar", T: 9 /* ScalarType.STRING */ },
     { no: 2, name: "total_size", kind: "scalar", T: 13 /* ScalarType.UINT32 */ },
     { no: 3, name: "organizations", kind: "message", T: Organization, repeated: true },
+    { no: 4, name: "prev_page_token", kind: "scalar", T: 9 /* ScalarType.STRING */ },
   ]);
 
   static fromBinary(bytes: Uint8Array, options?: Partial<BinaryReadOptions>): SearchOrganizationsResponse {
@@ -719,6 +739,16 @@ export class GeneratePortalLinkRequest extends Message<GeneratePortalLinkRequest
    */
   id = "";
 
+  /**
+   * @generated from field: optional bool sso = 2;
+   */
+  sso?: boolean;
+
+  /**
+   * @generated from field: optional bool directory_sync = 3;
+   */
+  directorySync?: boolean;
+
   constructor(data?: PartialMessage<GeneratePortalLinkRequest>) {
     super();
     proto3.util.initPartial(data, this);
@@ -728,6 +758,8 @@ export class GeneratePortalLinkRequest extends Message<GeneratePortalLinkRequest
   static readonly typeName = "scalekit.v1.organizations.GeneratePortalLinkRequest";
   static readonly fields: FieldList = proto3.util.newFieldList(() => [
     { no: 1, name: "id", kind: "scalar", T: 9 /* ScalarType.STRING */ },
+    { no: 2, name: "sso", kind: "scalar", T: 8 /* ScalarType.BOOL */, opt: true },
+    { no: 3, name: "directory_sync", kind: "scalar", T: 8 /* ScalarType.BOOL */, opt: true },
   ]);
 
   static fromBinary(bytes: Uint8Array, options?: Partial<BinaryReadOptions>): GeneratePortalLinkRequest {
@@ -987,3 +1019,126 @@ export class GetPortalLinksResponse extends Message<GetPortalLinksResponse> {
   }
 }
 
+/**
+ * @generated from message scalekit.v1.organizations.UpdateOrganizationSettingsRequest
+ */
+export class UpdateOrganizationSettingsRequest extends Message<UpdateOrganizationSettingsRequest> {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id = "";
+
+  /**
+   * @generated from field: scalekit.v1.organizations.OrganizationSettings settings = 2;
+   */
+  settings?: OrganizationSettings;
+
+  constructor(data?: PartialMessage<UpdateOrganizationSettingsRequest>) {
+    super();
+    proto3.util.initPartial(data, this);
+  }
+
+  static readonly runtime: typeof proto3 = proto3;
+  static readonly typeName = "scalekit.v1.organizations.UpdateOrganizationSettingsRequest";
+  static readonly fields: FieldList = proto3.util.newFieldList(() => [
+    { no: 1, name: "id", kind: "scalar", T: 9 /* ScalarType.STRING */ },
+    { no: 2, name: "settings", kind: "message", T: OrganizationSettings },
+  ]);
+
+  static fromBinary(bytes: Uint8Array, options?: Partial<BinaryReadOptions>): UpdateOrganizationSettingsRequest {
+    return new UpdateOrganizationSettingsRequest().fromBinary(bytes, options);
+  }
+
+  static fromJson(jsonValue: JsonValue, options?: Partial<JsonReadOptions>): UpdateOrganizationSettingsRequest {
+    return new UpdateOrganizationSettingsRequest().fromJson(jsonValue, options);
+  }
+
+  static fromJsonString(jsonString: string, options?: Partial<JsonReadOptions>): UpdateOrganizationSettingsRequest {
+    return new UpdateOrganizationSettingsRequest().fromJsonString(jsonString, options);
+  }
+
+  static equals(a: UpdateOrganizationSettingsRequest | PlainMessage<UpdateOrganizationSettingsRequest> | undefined, b: UpdateOrganizationSettingsRequest | PlainMessage<UpdateOrganizationSettingsRequest> | undefined): boolean {
+    return proto3.util.equals(UpdateOrganizationSettingsRequest, a, b);
+  }
+}
+
+/**
+ * @generated from message scalekit.v1.organizations.OrganizationSettings
+ */
+export class OrganizationSettings extends Message<OrganizationSettings> {
+  /**
+   * @generated from field: repeated scalekit.v1.organizations.OrganizationSettingsFeature features = 1;
+   */
+  features: OrganizationSettingsFeature[] = [];
+
+  constructor(data?: PartialMessage<OrganizationSettings>) {
+    super();
+    proto3.util.initPartial(data, this);
+  }
+
+  static readonly runtime: typeof proto3 = proto3;
+  static readonly typeName = "scalekit.v1.organizations.OrganizationSettings";
+  static readonly fields: FieldList = proto3.util.newFieldList(() => [
+    { no: 1, name: "features", kind: "message", T: OrganizationSettingsFeature, repeated: true },
+  ]);
+
+  static fromBinary(bytes: Uint8Array, options?: Partial<BinaryReadOptions>): OrganizationSettings {
+    return new OrganizationSettings().fromBinary(bytes, options);
+  }
+
+  static fromJson(jsonValue: JsonValue, options?: Partial<JsonReadOptions>): OrganizationSettings {
+    return new OrganizationSettings().fromJson(jsonValue, options);
+  }
+
+  static fromJsonString(jsonString: string, options?: Partial<JsonReadOptions>): OrganizationSettings {
+    return new OrganizationSettings().fromJsonString(jsonString, options);
+  }
+
+  static equals(a: OrganizationSettings | PlainMessage<OrganizationSettings> | undefined, b: OrganizationSettings | PlainMessage<OrganizationSettings> | undefined): boolean {
+    return proto3.util.equals(OrganizationSettings, a, b);
+  }
+}
+
+/**
+ * @generated from message scalekit.v1.organizations.OrganizationSettingsFeature
+ */
+export class OrganizationSettingsFeature extends Message<OrganizationSettingsFeature> {
+  /**
+   * @generated from field: string name = 1;
+   */
+  name = "";
+
+  /**
+   * @generated from field: bool enabled = 2;
+   */
+  enabled = false;
+
+  constructor(data?: PartialMessage<OrganizationSettingsFeature>) {
+    super();
+    proto3.util.initPartial(data, this);
+  }
+
+  static readonly runtime: typeof proto3 = proto3;
+  static readonly typeName = "scalekit.v1.organizations.OrganizationSettingsFeature";
+  static readonly fields: FieldList = proto3.util.newFieldList(() => [
+    { no: 1, name: "name", kind: "scalar", T: 9 /* ScalarType.STRING */ },
+    { no: 2, name: "enabled", kind: "scalar", T: 8 /* ScalarType.BOOL */ },
+  ]);
+
+  static fromBinary(bytes: Uint8Array, options?: Partial<BinaryReadOptions>): OrganizationSettingsFeature {
+    return new OrganizationSettingsFeature().fromBinary(bytes, options);
+  }
+
+  static fromJson(jsonValue: JsonValue, options?: Partial<JsonReadOptions>): OrganizationSettingsFeature {
+    return new OrganizationSettingsFeature().fromJson(jsonValue, options);
+  }
+
+  static fromJsonString(jsonString: string, options?: Partial<JsonReadOptions>): OrganizationSettingsFeature {
+    return new OrganizationSettingsFeature().fromJsonString(jsonString, options);
+  }
+
+  static equals(a: OrganizationSettingsFeature | PlainMessage<OrganizationSettingsFeature> | undefined, b: OrganizationSettingsFeature | PlainMessage<OrganizationSettingsFeature> | undefined): boolean {
+    return proto3.util.equals(OrganizationSettingsFeature, a, b);
+  }
+}
+

package/src/scalekit.ts

@@ -1,15 +1,19 @@
+import crypto from 'crypto';
 import * as jose from 'jose';
 import QueryString from 'qs';
 import GrpcConnect from './connect';
 import ConnectionClient from './connection';
 import { IdTokenClaimToUserMap } from './constants/user';
 import CoreClient from './core';
+import DirectoryClient from './directory';
 import DomainClient from './domain';
 import OrganizationClient from './organization';
-import { AuthorizationUrlOptions, AuthenticationOptions, GrantType, AuthenticationResponse } from './types/scalekit';
 import { IdpInitiatedLoginClaims, IdTokenClaim, User } from './types/auth';
+import { AuthenticationOptions, AuthenticationResponse, AuthorizationUrlOptions, GrantType } from './types/scalekit';
 
 const authorizeEndpoint = "oauth/authorize";
+const WEBHOOK_TOLERANCE_IN_SECONDS = 5 * 60; // 5 minutes
+const WEBHOOK_SIGNATURE_VERSION = "v1";
 
 /**
  * To initiate scalekit
@@ -26,6 +30,7 @@ export default class ScalekitClient {
   readonly organization: OrganizationClient;
   readonly connection: ConnectionClient;
   readonly domain: DomainClient;
+  readonly directory: DirectoryClient;
   constructor(
     envUrl: string,
     clientId: string,
@@ -51,7 +56,11 @@ export default class ScalekitClient {
     this.domain = new DomainClient(
       this.grpcConnect,
       this.coreClient
-    )
+    );
+    this.directory = new DirectoryClient(
+      this.grpcConnect,
+      this.coreClient
+    );
   }
 
   /**
@@ -150,7 +159,7 @@ export default class ScalekitClient {
   * @returns {object} Returns the idp initiated login claims
   */
   async getIdpInitiatedLoginClaims(idpInitiatedLoginToken: string): Promise<IdpInitiatedLoginClaims> {
-    return await this.validateToken<IdpInitiatedLoginClaims>(idpInitiatedLoginToken);
+    return this.validateToken<IdpInitiatedLoginClaims>(idpInitiatedLoginToken);
   }
 
   /**
@@ -168,6 +177,39 @@ export default class ScalekitClient {
     }
   }
 
+  /**
+   * Verifies the payload of the webhook
+   * 
+   * @param {string} secret The secret
+   * @param {Record<string, string>} headers The headers
+   * @param {string} payload The payload
+   * @return {boolean} Returns true if the payload is valid.
+   */
+  verifyWebhookPayload(secret: string, headers: Record<string, string>, payload: string): boolean {
+    const webhookId = headers['webhook-id'];
+    const webhookTimestamp = headers['webhook-timestamp'];
+    const webhookSignature = headers['webhook-signature'];
+    if (!webhookId || !webhookTimestamp || !webhookSignature) {
+      throw new Error("Missing required headers");
+    }
+    const timestamp = this.verifyTimestamp(webhookTimestamp);
+    const data = `${webhookId}.${Math.floor(timestamp.getTime() / 1000)}.${payload}`;
+    const secretBytes = Buffer.from(secret.split("_")[1], 'base64');
+    const computedSignature = this.computeSignature(secretBytes, data);
+    const receivedSignatures = webhookSignature.split(" ");
+    for (const versionedSignature of receivedSignatures) {
+      const [version, signature] = versionedSignature.split(",");
+      if (version !== WEBHOOK_SIGNATURE_VERSION) {
+        continue;
+      }
+      if (crypto.timingSafeEqual(Buffer.from(signature, 'base64'), Buffer.from(computedSignature, 'base64'))) {
+        return true;
+      }
+    }
+
+    throw new Error("Invalid Signature");
+  }
+
   /**
    * Validate token
    * 
@@ -186,6 +228,39 @@ export default class ScalekitClient {
       throw new Error("Invalid token");
     }
   }
+
+  /**
+   * Verify the timestamp
+   * 
+   * @param {string} timestampStr The timestamp string
+   * @return {Date} Returns the timestamp
+   */
+  private verifyTimestamp(timestampStr: string): Date {
+    const now = Math.floor(Date.now() / 1000);
+    const timestamp = parseInt(timestampStr, 10);
+    if (isNaN(timestamp)) {
+      throw new Error("Invalid timestamp");
+    }
+    if (now - timestamp > WEBHOOK_TOLERANCE_IN_SECONDS) {
+      throw new Error("Message timestamp too old");
+    }
+    if (timestamp > now + WEBHOOK_TOLERANCE_IN_SECONDS) {
+      throw new Error("Message timestamp too new");
+    }
+
+    return new Date(timestamp * 1000);
+  }
+
+  /**
+   * Compute the signature
+   * 
+   * @param {Buffer} secretBytes The secret bytes
+   * @param {string} data The data to be signed
+   * @return {string} Returns the signature
+   */
+  private computeSignature(secretBytes: Buffer, data: string): string {
+    return crypto.createHmac('sha256', secretBytes).update(data).digest('base64');
+  }
 }
 
 

package/src/types/organization.ts

@@ -0,0 +1,8 @@
+export type OrganizationSettings = {
+  features: Feature[];
+}
+
+export type Feature = {
+  name: string;
+  enabled: boolean;
+}