@schemavaults/auth-client-sdk 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +14 -0
- package/dist/auth-client.d.ts +128 -0
- package/dist/auth-client.js +1190 -0
- package/dist/auth-client.js.map +1 -0
- package/dist/index.d.ts +6 -0
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -0
- package/dist/lib/acquire-access-token.d.ts +11 -0
- package/dist/lib/acquire-access-token.js +126 -0
- package/dist/lib/acquire-access-token.js.map +1 -0
- package/dist/lib/auth-client-events.d.ts +7 -0
- package/dist/lib/auth-client-events.js +4 -0
- package/dist/lib/auth-client-events.js.map +1 -0
- package/dist/lib/authenticate-url-encoder.d.ts +19 -0
- package/dist/lib/authenticate-url-encoder.js +41 -0
- package/dist/lib/authenticate-url-encoder.js.map +1 -0
- package/dist/lib/authentication-outcome-type.d.ts +3 -0
- package/dist/lib/authentication-outcome-type.js +15 -0
- package/dist/lib/authentication-outcome-type.js.map +1 -0
- package/dist/lib/credentials-schema/credentials-schema.d.ts +28 -0
- package/dist/lib/credentials-schema/credentials-schema.js +14 -0
- package/dist/lib/credentials-schema/credentials-schema.js.map +1 -0
- package/dist/lib/credentials-schema/index.d.ts +1 -0
- package/dist/lib/credentials-schema/index.js +2 -0
- package/dist/lib/credentials-schema/index.js.map +1 -0
- package/dist/lib/debugPrintTokensAsTable.d.ts +2 -0
- package/dist/lib/debugPrintTokensAsTable.js +14 -0
- package/dist/lib/debugPrintTokensAsTable.js.map +1 -0
- package/dist/lib/debugPrintUserDataAsTable.d.ts +2 -0
- package/dist/lib/debugPrintUserDataAsTable.js +12 -0
- package/dist/lib/debugPrintUserDataAsTable.js.map +1 -0
- package/dist/lib/is-private-beta.d.ts +3 -0
- package/dist/lib/is-private-beta.js +24 -0
- package/dist/lib/is-private-beta.js.map +1 -0
- package/dist/lib/isValidRefreshToken.d.ts +2 -0
- package/dist/lib/isValidRefreshToken.js +13 -0
- package/dist/lib/isValidRefreshToken.js.map +1 -0
- package/dist/lib/send-authenticate-request.d.ts +2 -0
- package/dist/lib/send-authenticate-request.js +133 -0
- package/dist/lib/send-authenticate-request.js.map +1 -0
- package/dist/types/IAuthClientConstructorOptions.d.ts +14 -0
- package/dist/types/IAuthClientConstructorOptions.js +2 -0
- package/dist/types/IAuthClientConstructorOptions.js.map +1 -0
- package/dist/types/ISchemaVaultsAuthClient.d.ts +59 -0
- package/dist/types/ISchemaVaultsAuthClient.js +2 -0
- package/dist/types/ISchemaVaultsAuthClient.js.map +1 -0
- package/dist/types/ISchemaVaultsAuthClientAdapter.d.ts +62 -0
- package/dist/types/ISchemaVaultsAuthClientAdapter.js +2 -0
- package/dist/types/ISchemaVaultsAuthClientAdapter.js.map +1 -0
- package/dist/types/ISendAuthenticateRequestOptions.d.ts +13 -0
- package/dist/types/ISendAuthenticateRequestOptions.js +2 -0
- package/dist/types/ISendAuthenticateRequestOptions.js.map +1 -0
- package/dist/types/UserData.d.ts +1 -0
- package/dist/types/UserData.js +2 -0
- package/dist/types/UserData.js.map +1 -0
- package/dist/types/acquire-access-token-options.d.ts +8 -0
- package/dist/types/acquire-access-token-options.js +2 -0
- package/dist/types/acquire-access-token-options.js.map +1 -0
- package/dist/types/credentials.d.ts +3 -0
- package/dist/types/credentials.js +2 -0
- package/dist/types/credentials.js.map +1 -0
- package/dist/types/framework-adapter-interface.d.ts +36 -0
- package/dist/types/framework-adapter-interface.js +2 -0
- package/dist/types/framework-adapter-interface.js.map +1 -0
- package/package.json +42 -0
package/README.md
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
# @schemavaults/auth-client-sdk
|
|
2
|
+
|
|
3
|
+
TypeScript SDK for SchemaVaults Auth platform.
|
|
4
|
+
|
|
5
|
+
## Usage
|
|
6
|
+
|
|
7
|
+
See the downstream package [@schemavaults/auth-react-provider](https://github.com/schemavaults/auth-react-provider) for usage within a Next.js app.
|
|
8
|
+
|
|
9
|
+
See the SchemaVaults CLI for an example of usage within a command line application: [@schemavaults/cli](https://github.com/schemavaults/cli)
|
|
10
|
+
|
|
11
|
+
## Dependencies
|
|
12
|
+
|
|
13
|
+
- [@schemavaults/auth](https://github.com/schemavaults/auth)
|
|
14
|
+
- [@schemavaults/app-definitions](https://github.com/schemavaults/app-definitions)
|
|
@@ -0,0 +1,128 @@
|
|
|
1
|
+
import { type CodeChallengeWithDetails, type UserData, type AccessToken, type RefreshToken } from "@schemavaults/auth-common";
|
|
2
|
+
import type { IAuthClientConstructorOptions } from "./types/IAuthClientConstructorOptions";
|
|
3
|
+
import type { Credentials } from "./types/credentials";
|
|
4
|
+
import type { ISchemaVaultsAuthClient } from "./types/ISchemaVaultsAuthClient";
|
|
5
|
+
import type { AcquireAccessTokenOptions } from "./types/acquire-access-token-options";
|
|
6
|
+
import { type AppId } from "@schemavaults/app-definitions";
|
|
7
|
+
import type { AuthenticationOutcomeType } from "./lib/authentication-outcome-type";
|
|
8
|
+
/**
|
|
9
|
+
* The SchemaVaultsAuthClient is a client SDK for the SchemaVaults Auth Server
|
|
10
|
+
* It is used to authenticate users, store tokens, and manage user data
|
|
11
|
+
* @name SchemaVaultsAuthClient
|
|
12
|
+
* @alias AuthClient
|
|
13
|
+
* @author jalexw
|
|
14
|
+
* @implements ISchemaVaultsAuthClient
|
|
15
|
+
*/
|
|
16
|
+
export declare class SchemaVaultsAuthClient extends EventTarget implements ISchemaVaultsAuthClient {
|
|
17
|
+
private readonly _adapter;
|
|
18
|
+
private readonly environment;
|
|
19
|
+
private readonly _authServerUri;
|
|
20
|
+
private readonly _successful_authentication_redirect_uri;
|
|
21
|
+
private readonly _successful_logout_redirect_uri;
|
|
22
|
+
private readonly _authorize_uri;
|
|
23
|
+
private readonly _app_id;
|
|
24
|
+
private listeners;
|
|
25
|
+
private readonly DEBUG;
|
|
26
|
+
private get debug();
|
|
27
|
+
private readonly _default_audiences;
|
|
28
|
+
constructor(opts: IAuthClientConstructorOptions);
|
|
29
|
+
/**
|
|
30
|
+
* @name handleAuthStateChange()
|
|
31
|
+
* @description Loops over attached listeners and calls each one
|
|
32
|
+
* @see this.listeners
|
|
33
|
+
*/
|
|
34
|
+
private handleAuthStateChange;
|
|
35
|
+
/**
|
|
36
|
+
* @name adapter
|
|
37
|
+
* @description Returns the adapter instance used by the auth client.
|
|
38
|
+
* @type ISchemaVaultsAuthClientAdapter
|
|
39
|
+
*/
|
|
40
|
+
private get adapter();
|
|
41
|
+
get app_id(): AppId;
|
|
42
|
+
private storeCodeVerifier;
|
|
43
|
+
private loadCodeVerifier;
|
|
44
|
+
generateCodeChallenge(challenge_time?: number): Promise<CodeChallengeWithDetails>;
|
|
45
|
+
private authenticateWithRedirect;
|
|
46
|
+
login(): Promise<void>;
|
|
47
|
+
register(): Promise<void>;
|
|
48
|
+
private triggerAuthStateChanged;
|
|
49
|
+
private storeMultipleAccessTokens;
|
|
50
|
+
/**
|
|
51
|
+
* @name isClientForAuthServer
|
|
52
|
+
* @description Determines whether this client is running on the frontend of the authentication server app
|
|
53
|
+
* (only the auth server can acquire access tokens for the auth server apis, as a security feature)
|
|
54
|
+
*/
|
|
55
|
+
private get isClientForAuthServer();
|
|
56
|
+
private get defaultTokenAudiences();
|
|
57
|
+
loadSavedAuthorizationCodeVerifiers(): Promise<Record<number, string>>;
|
|
58
|
+
handleSuccessfulAuthentication(authorization_code: string, challenge_time: number, code_verifier?: string): Promise<void>;
|
|
59
|
+
logout(): Promise<void>;
|
|
60
|
+
hasHttpOnlyRefreshToken(): boolean;
|
|
61
|
+
get auth_server_uri(): string;
|
|
62
|
+
get secure(): boolean;
|
|
63
|
+
/**
|
|
64
|
+
* @name successful_authentication_redirect_uri
|
|
65
|
+
* @description Where to send the user after successful authentication
|
|
66
|
+
* @example "For example, maybe send them to their account dashboard: `/account`."
|
|
67
|
+
*/
|
|
68
|
+
get successful_authentication_redirect_uri(): string;
|
|
69
|
+
get authorize_uri(): string | undefined;
|
|
70
|
+
/**
|
|
71
|
+
* @name storeRefreshToken(refresh_token)
|
|
72
|
+
* @param refresh_token A 'RefreshToken' object to be stored
|
|
73
|
+
* @returns nothing, after storing the refresh token via the adapter
|
|
74
|
+
*/
|
|
75
|
+
private storeRefreshToken;
|
|
76
|
+
/**
|
|
77
|
+
* @name storeAccessToken(access_token)
|
|
78
|
+
* @param token_id The ID of the access token to be stored
|
|
79
|
+
* @param access_token An 'AccessToken' object to be stored
|
|
80
|
+
* @returns nothing, after storing the access token via the adapter
|
|
81
|
+
*/
|
|
82
|
+
private storeAccessToken;
|
|
83
|
+
getAccessTokenFromCache(token_id: string): AccessToken | null;
|
|
84
|
+
getRefreshTokenFromCache(): RefreshToken | null;
|
|
85
|
+
/**
|
|
86
|
+
* @name acquireAccessToken
|
|
87
|
+
* @description Attempt to acquire an access token in order to communicate with a SchemaVaults resource server.
|
|
88
|
+
* This will attempt to load a locally-saved refresh token in order to exchange it for an access token.
|
|
89
|
+
* @see this.exchangeAuthTokens()
|
|
90
|
+
*/
|
|
91
|
+
acquireAccessToken(opts: AcquireAccessTokenOptions): Promise<AccessToken>;
|
|
92
|
+
private storeUserData;
|
|
93
|
+
private getUserData;
|
|
94
|
+
protected getCurrentTimestamp(): number;
|
|
95
|
+
/**
|
|
96
|
+
* @name isAuthenticated
|
|
97
|
+
* @description Getter that returns true/false based on whether a user is currently signed into their account
|
|
98
|
+
*/
|
|
99
|
+
get isAuthenticated(): boolean;
|
|
100
|
+
/**
|
|
101
|
+
* @name sendAuthenticateRequest
|
|
102
|
+
* @description Send credentials to acquire an authorization code
|
|
103
|
+
* @param authentication_type 'login' | 'register' | 'reset-password'
|
|
104
|
+
* @param credentials Username/email/password/invite code
|
|
105
|
+
* @param code_challenge A code challenge for Oauth2 PKCE flow. Allows ensuring that trading authorization code for refresh token is done by the client that initialized the attempt to acquire the authorization code!
|
|
106
|
+
* @returns A 'string' authorization code, that can be exchanged for refresh/access JWTs (in combination with the code verifier-- which was used to generate the code challenge!)
|
|
107
|
+
*/
|
|
108
|
+
sendAuthenticateRequest(authentication_type: AuthenticationOutcomeType, credentials: Credentials, code_challenge: CodeChallengeWithDetails): Promise<string>;
|
|
109
|
+
/**
|
|
110
|
+
* @name currentUser
|
|
111
|
+
* @description If a user is signed in to this auth client and their user data is stored locally, return it. Else, returns null.
|
|
112
|
+
* @returns `UserData` | `null`
|
|
113
|
+
*/
|
|
114
|
+
get currentUser(): UserData | null;
|
|
115
|
+
private assertHttpOnlyRefreshTokenCookieHasAccompanyingMarkerCookie;
|
|
116
|
+
private handleSuccessfulExchangeAuthTokensResponse;
|
|
117
|
+
private exchangeAuthTokens;
|
|
118
|
+
private uuid;
|
|
119
|
+
onAuthStateChanged(listener: () => void, listener_id?: string): string;
|
|
120
|
+
removeAuthStateChangeListener(listener_id: string): void;
|
|
121
|
+
/**
|
|
122
|
+
* @name successful_logout_redirect_uri
|
|
123
|
+
* @description Where to redirect after /auth/logout effect succeeds
|
|
124
|
+
* @example "Perhaps the user should be sent back to the homepage: `/`"
|
|
125
|
+
*/
|
|
126
|
+
get successful_logout_redirect_uri(): string | undefined;
|
|
127
|
+
supports(feature_name: string): boolean;
|
|
128
|
+
}
|