@schibsted/account-sdk-browser 6.0.0-alpha.2 → 6.0.0-alpha.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +39 -39
- package/dist/account-sdk.d.ts +4 -0
- package/dist/account.d.ts +29 -0
- package/dist/get-account-sdk.d.ts +3 -0
- package/dist/global-registry.d.ts +1 -1
- package/dist/globals.d.ts +2 -0
- package/dist/has-access-response.d.ts +2 -0
- package/dist/identity.d.ts +37 -237
- package/dist/index.d.ts +8 -3
- package/dist/index.js +859 -4
- package/dist/index.js.map +1 -0
- package/dist/monetization.d.ts +7 -43
- package/dist/resolve-browser-window.d.ts +1 -0
- package/dist/{RESTClient.d.ts → rest-client.d.ts} +22 -11
- package/dist/rest-clients.d.ts +10 -0
- package/dist/session-response.d.ts +30 -0
- package/dist/types/account.d.ts +13 -0
- package/dist/types/common.d.ts +22 -0
- package/dist/types/identity.d.ts +41 -0
- package/dist/types/login.d.ts +120 -0
- package/dist/types/monetization-guards.d.ts +2 -0
- package/dist/types/monetization.d.ts +21 -0
- package/dist/types/session-guards.d.ts +36 -0
- package/dist/types/session.d.ts +124 -0
- package/dist/version.d.ts +1 -1
- package/package.json +1 -9
- package/src/account-sdk.ts +74 -0
- package/src/account.ts +149 -0
- package/src/cache.ts +1 -1
- package/src/get-account-sdk.ts +94 -0
- package/src/global-registry.ts +1 -1
- package/src/globals.ts +2 -0
- package/src/has-access-response.ts +35 -0
- package/src/identity.ts +269 -423
- package/src/index.ts +28 -3
- package/src/monetization.ts +31 -68
- package/src/object.ts +1 -1
- package/src/resolve-browser-window.ts +11 -0
- package/src/{RESTClient.ts → rest-client.ts} +55 -28
- package/src/rest-clients.ts +30 -0
- package/src/session-response.ts +85 -0
- package/src/types/account.ts +27 -0
- package/src/types/common.ts +26 -0
- package/src/types/identity.ts +55 -0
- package/src/types/login.ts +145 -0
- package/src/types/monetization-guards.ts +35 -0
- package/src/types/monetization.ts +24 -0
- package/src/types/session-guards.ts +89 -0
- package/src/types/session.ts +147 -0
- package/src/validate.ts +1 -1
- package/src/version.ts +1 -1
- package/dist/identity-s4nofYmB.js +0 -370
- package/dist/identity-s4nofYmB.js.map +0 -1
- package/dist/identity.js +0 -2
- package/dist/monetization.js +0 -72
- package/dist/monetization.js.map +0 -1
- package/dist/version-spE-k97g.js +0 -289
- package/dist/version-spE-k97g.js.map +0 -1
- /package/dist/{SDKError.d.ts → sdk-error.d.ts} +0 -0
- /package/dist/{spidTalk.d.ts → spid-talk.d.ts} +0 -0
- /package/src/{SDKError.ts → sdk-error.ts} +0 -0
- /package/src/{spidTalk.ts → spid-talk.ts} +0 -0
|
@@ -0,0 +1,145 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Options accepted by {@link Identity#login} and related login URL helpers.
|
|
3
|
+
*/
|
|
4
|
+
export type LoginOptions = {
|
|
5
|
+
/**
|
|
6
|
+
* An opaque value used by the client to maintain state between the request and callback.
|
|
7
|
+
* It's also recommended to prevent CSRF {@link https://tools.ietf.org/html/rfc6749#section-10.12}
|
|
8
|
+
*/
|
|
9
|
+
state: string;
|
|
10
|
+
/**
|
|
11
|
+
* Authentication Context Class Reference Values. If omitted, the user will be asked to
|
|
12
|
+
* authenticate using username+password. For 2FA (Two-Factor Authentication) possible values
|
|
13
|
+
* are `sms`, `otp` (one time password), `password` (will force password confirmation, even if
|
|
14
|
+
* user is already logged in), `eid`. Those values might be mixed as space-separated string.
|
|
15
|
+
* To make sure that user has authenticated with 2FA you need to verify AMR (Authentication
|
|
16
|
+
* Methods References) claim in ID token. Might also be used to ensure additional acr
|
|
17
|
+
* (sms, otp, eid) for already logged in users. Supported value is also 'otp-email' means one
|
|
18
|
+
* time password using email.
|
|
19
|
+
*/
|
|
20
|
+
acrValues?:
|
|
21
|
+
| 'password'
|
|
22
|
+
| 'otp'
|
|
23
|
+
| 'sms'
|
|
24
|
+
| 'eid-dk'
|
|
25
|
+
| 'eid-no'
|
|
26
|
+
| 'eid-se'
|
|
27
|
+
| 'eid-fi'
|
|
28
|
+
| 'eid'
|
|
29
|
+
| 'otp-email'
|
|
30
|
+
| (string & {});
|
|
31
|
+
/**
|
|
32
|
+
* The OAuth scopes for the tokens. This is a list of scopes, separated by space. If the list
|
|
33
|
+
* of scopes contains `openid`, the generated tokens includes the id token which can be useful
|
|
34
|
+
* for getting information about the user. Omitting scope is allowed, while `invalid_scope` is
|
|
35
|
+
* returned when the client asks for a scope you aren't allowed to request.
|
|
36
|
+
* {@link https://tools.ietf.org/html/rfc6749#section-3.3}
|
|
37
|
+
* Defaults to `openid`.
|
|
38
|
+
*/
|
|
39
|
+
scope?: 'openid' | (string & {});
|
|
40
|
+
/**
|
|
41
|
+
* Redirect uri that will receive the code. Must exactly match a redirectUri from your client
|
|
42
|
+
* in self-service
|
|
43
|
+
*/
|
|
44
|
+
redirectUri?: string;
|
|
45
|
+
/** Should we try to open a popup window? Defaults to `false`. */
|
|
46
|
+
preferPopup?: boolean;
|
|
47
|
+
/** user email or UUID hint */
|
|
48
|
+
loginHint?: string;
|
|
49
|
+
/** Pulse tag */
|
|
50
|
+
tag?: string;
|
|
51
|
+
/** Teaser slug. Teaser with given slug will be displayed in place of default teaser */
|
|
52
|
+
teaser?: string;
|
|
53
|
+
/**
|
|
54
|
+
* Specifies the allowable elapsed time in seconds since the last time the End-User was actively
|
|
55
|
+
* authenticated. If last authentication time is more than maxAge seconds in the past,
|
|
56
|
+
* re-authentication will be required. See the OpenID Connect spec section 3.1.2.1 for more
|
|
57
|
+
* information. Prefer a number of seconds; strings remain accepted for legacy callers.
|
|
58
|
+
*/
|
|
59
|
+
maxAge?: number | string;
|
|
60
|
+
/**
|
|
61
|
+
* Optional parameter to overwrite client locale setting.
|
|
62
|
+
* New flows supports nb_NO, fi_FI, sv_SE, en_US
|
|
63
|
+
*/
|
|
64
|
+
locale?: 'nb_NO' | 'fi_FI' | 'sv_SE' | 'en_US';
|
|
65
|
+
/** display username and password on one screen. Defaults to `false`. */
|
|
66
|
+
oneStepLogin?: boolean;
|
|
67
|
+
/**
|
|
68
|
+
* String that specifies whether the Authorization Server prompts the End-User for
|
|
69
|
+
* reauthentication or confirm account screen. Supported values: `select_account` or `login`.
|
|
70
|
+
* Defaults to `select_account`.
|
|
71
|
+
*/
|
|
72
|
+
prompt?: 'select_account' | 'login';
|
|
73
|
+
/** Identifier for cross-domain tracking in Pulse */
|
|
74
|
+
xDomainId?: string;
|
|
75
|
+
/** Environment for cross-domain tracking in Pulse */
|
|
76
|
+
xEnvironmentId?: string;
|
|
77
|
+
/** Campaign identifier for tracking in Pulse */
|
|
78
|
+
originCampaign?: string;
|
|
79
|
+
};
|
|
80
|
+
|
|
81
|
+
/**
|
|
82
|
+
* Identical to {@link LoginOptions} except that `state` may also be a (possibly async) function;
|
|
83
|
+
* all other fields reuse the `LoginOptions` documentation.
|
|
84
|
+
*/
|
|
85
|
+
export type SimplifiedLoginWidgetLoginOptions = Omit<LoginOptions, 'state'> & {
|
|
86
|
+
/**
|
|
87
|
+
* An opaque value used by the client to maintain state between the request and callback.
|
|
88
|
+
* It's also recommended to prevent CSRF {@link https://tools.ietf.org/html/rfc6749#section-10.12}
|
|
89
|
+
*/
|
|
90
|
+
state: string | (() => string | Promise<string>);
|
|
91
|
+
};
|
|
92
|
+
|
|
93
|
+
/**
|
|
94
|
+
* Minimal user information used by the simplified login widget flow.
|
|
95
|
+
*/
|
|
96
|
+
export type SimplifiedLoginData = {
|
|
97
|
+
/** Deprecated: User UUID, to be be used as `loginHint` for {@link Identity#login} */
|
|
98
|
+
identifier: string;
|
|
99
|
+
/** Human-readable user identifier */
|
|
100
|
+
display_text: string;
|
|
101
|
+
/** Client name */
|
|
102
|
+
client_name: string;
|
|
103
|
+
/** Provider id used by the simplified login widget when supplied by the backend. */
|
|
104
|
+
provider_id?: string;
|
|
105
|
+
};
|
|
106
|
+
|
|
107
|
+
/**
|
|
108
|
+
* Configuration options for {@link Identity#showSimplifiedLoginWidget}.
|
|
109
|
+
*/
|
|
110
|
+
export type SimplifiedLoginWidgetOptions = {
|
|
111
|
+
/** expected encoding of simplified login widget. Could be utf-8 (default), iso-8859-1 or iso-8859-15 */
|
|
112
|
+
encoding?: string;
|
|
113
|
+
/**
|
|
114
|
+
* expected locale of simplified login widget. Should be provided in a short format like 'nb',
|
|
115
|
+
* 'sv'. If not set, a value from the env variable is used.
|
|
116
|
+
*/
|
|
117
|
+
locale?: 'nb' | 'sv' | 'fi' | 'da' | 'en';
|
|
118
|
+
};
|
|
119
|
+
|
|
120
|
+
export type SimplifiedLoginWidgetInitialParams = {
|
|
121
|
+
displayText: string;
|
|
122
|
+
env: string;
|
|
123
|
+
clientName: string;
|
|
124
|
+
clientId: string;
|
|
125
|
+
providerId?: string;
|
|
126
|
+
locale?: SimplifiedLoginWidgetOptions['locale'];
|
|
127
|
+
windowWidth: () => number;
|
|
128
|
+
windowOnResize: (handler: () => void) => void;
|
|
129
|
+
};
|
|
130
|
+
|
|
131
|
+
export type SimplifiedLoginWidgetHandler = () => void | Promise<void>;
|
|
132
|
+
|
|
133
|
+
export type OpenSimplifiedLoginWidget = (
|
|
134
|
+
initialParams: SimplifiedLoginWidgetInitialParams,
|
|
135
|
+
loginHandler: SimplifiedLoginWidgetHandler,
|
|
136
|
+
loginNotYouHandler: SimplifiedLoginWidgetHandler,
|
|
137
|
+
initHandler: SimplifiedLoginWidgetHandler,
|
|
138
|
+
cancelLoginHandler: SimplifiedLoginWidgetHandler,
|
|
139
|
+
) => unknown;
|
|
140
|
+
|
|
141
|
+
export const hasOpenSimplifiedLoginWidget = (
|
|
142
|
+
targetWindow: Window,
|
|
143
|
+
): targetWindow is Window & { openSimplifiedLoginWidget: OpenSimplifiedLoginWidget } => {
|
|
144
|
+
return typeof targetWindow.openSimplifiedLoginWidget === 'function';
|
|
145
|
+
};
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
/* Copyright 2026 Schibsted Products & Technology AS. Licensed under the terms of the MIT license.
|
|
2
|
+
* See LICENSE.md in the project root.
|
|
3
|
+
*/
|
|
4
|
+
|
|
5
|
+
import SDKError from '../sdk-error.js';
|
|
6
|
+
import { isObject, isStr } from '../validate.js';
|
|
7
|
+
import type { HasAccessResult } from './monetization.js';
|
|
8
|
+
|
|
9
|
+
export function parseHasAccessResult(value: unknown): HasAccessResult {
|
|
10
|
+
if (!isObject(value)) {
|
|
11
|
+
throw new SDKError('Invalid hasAccess response');
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
const { entitled, ttl, allowedFeatures, userId, uuid, sig } = value;
|
|
15
|
+
|
|
16
|
+
if (
|
|
17
|
+
typeof entitled !== 'boolean' ||
|
|
18
|
+
typeof ttl !== 'number' ||
|
|
19
|
+
!Array.isArray(allowedFeatures) ||
|
|
20
|
+
(typeof userId !== 'number' && typeof userId !== 'string') ||
|
|
21
|
+
!isStr(uuid) ||
|
|
22
|
+
!isStr(sig)
|
|
23
|
+
) {
|
|
24
|
+
throw new SDKError('Invalid hasAccess response');
|
|
25
|
+
}
|
|
26
|
+
|
|
27
|
+
return {
|
|
28
|
+
entitled,
|
|
29
|
+
ttl,
|
|
30
|
+
allowedFeatures: allowedFeatures.filter(isStr),
|
|
31
|
+
userId,
|
|
32
|
+
uuid,
|
|
33
|
+
sig,
|
|
34
|
+
};
|
|
35
|
+
}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import type { AccountBaseConfig } from './common';
|
|
2
|
+
import type { SessionUserId } from './session';
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* Result returned by the Session Service `/hasAccess` endpoint, describing whether the user
|
|
6
|
+
* is entitled to a requested set of products/features.
|
|
7
|
+
* @internal
|
|
8
|
+
*/
|
|
9
|
+
export interface HasAccessResult {
|
|
10
|
+
/** Whether the user is entitled to at least one of the requested products/features. */
|
|
11
|
+
entitled: boolean;
|
|
12
|
+
/** How long this result stays valid, in seconds, before the cache entry expires. */
|
|
13
|
+
ttl: number;
|
|
14
|
+
allowedFeatures: string[];
|
|
15
|
+
userId: SessionUserId;
|
|
16
|
+
uuid: string;
|
|
17
|
+
sig: string;
|
|
18
|
+
}
|
|
19
|
+
|
|
20
|
+
/**
|
|
21
|
+
* Options accepted by the {@link Monetization} constructor.
|
|
22
|
+
*/
|
|
23
|
+
export type MonetizationOptions = Pick<AccountBaseConfig, 'clientId' | 'env' | 'window'> &
|
|
24
|
+
Partial<Pick<AccountBaseConfig, 'redirectUri' | 'sessionDomain'>>;
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
/* Copyright 2026 Schibsted Products & Technology AS. Licensed under the terms of the MIT license.
|
|
2
|
+
* See LICENSE.md in the project root.
|
|
3
|
+
*/
|
|
4
|
+
|
|
5
|
+
import { isObject, isStr } from '../validate.js';
|
|
6
|
+
import type {
|
|
7
|
+
ConnectedSessionResponse,
|
|
8
|
+
ConnectedSessionWithUserIdResponse,
|
|
9
|
+
SessionFailureResponse,
|
|
10
|
+
SessionResponse,
|
|
11
|
+
SessionSuccessResponse,
|
|
12
|
+
UnrecognizedSessionResponse,
|
|
13
|
+
} from './session.js';
|
|
14
|
+
|
|
15
|
+
type SessionObjectResponse =
|
|
16
|
+
| SessionSuccessResponse
|
|
17
|
+
| SessionFailureResponse
|
|
18
|
+
| UnrecognizedSessionResponse;
|
|
19
|
+
|
|
20
|
+
type RedirectSessionPayload = {
|
|
21
|
+
redirectURL: string;
|
|
22
|
+
};
|
|
23
|
+
|
|
24
|
+
export type NormalizedSessionPayload = SessionObjectResponse | RedirectSessionPayload;
|
|
25
|
+
|
|
26
|
+
export function isSessionSuccessResponse(value: unknown): value is SessionSuccessResponse {
|
|
27
|
+
return isObject(value) && typeof value.result === 'boolean';
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
export function isConnectedSessionResponse(value: unknown): value is ConnectedSessionResponse {
|
|
31
|
+
return isSessionSuccessResponse(value) && value.result === true;
|
|
32
|
+
}
|
|
33
|
+
|
|
34
|
+
export function isSessionFailureResponse(value: unknown): value is SessionFailureResponse {
|
|
35
|
+
return isObject(value) && Boolean(value.error);
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
export function isRedirectSessionPayload(value: unknown): value is RedirectSessionPayload {
|
|
39
|
+
return isObject(value) && Object.keys(value).length === 1 && isStr(value.redirectURL);
|
|
40
|
+
}
|
|
41
|
+
|
|
42
|
+
export function isConnectedSessionWithUserIdResponse(
|
|
43
|
+
value: SessionResponse,
|
|
44
|
+
): value is ConnectedSessionWithUserIdResponse {
|
|
45
|
+
return (
|
|
46
|
+
isConnectedSessionResponse(value) &&
|
|
47
|
+
(typeof value.userId === 'number' || typeof value.userId === 'string')
|
|
48
|
+
);
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
/**
|
|
52
|
+
* Converts an unknown Session Service `hasSession` payload into one of the shapes the SDK knows how
|
|
53
|
+
* to handle.
|
|
54
|
+
*
|
|
55
|
+
* This function is intentionally tolerant because `hasSession()` historically resolved unknown
|
|
56
|
+
* object payloads instead of rejecting them. The SDK relies on that behavior for backwards
|
|
57
|
+
* compatibility with clients that check the raw response themselves.
|
|
58
|
+
*
|
|
59
|
+
* The normal cases are:
|
|
60
|
+
* - regular success payloads with a boolean `result`;
|
|
61
|
+
* - failure payloads wrapped as `{ error, response? }`;
|
|
62
|
+
* - Safari/session-refresh redirect payloads shaped as `{ redirectURL }`.
|
|
63
|
+
*
|
|
64
|
+
* Any other object is preserved as an unrecognized response so callers can still receive it.
|
|
65
|
+
* Non-object values are normalized to `{}`, matching the old "empty response" fallback used by
|
|
66
|
+
* `hasSession()` and cached-session reads.
|
|
67
|
+
*
|
|
68
|
+
* This is used both for network responses parsed by `RESTClient` and for values restored from the
|
|
69
|
+
* session cache, so the rest of the Identity flow can switch on typed guards instead of repeatedly
|
|
70
|
+
* re-validating unknown data.
|
|
71
|
+
*
|
|
72
|
+
* @internal
|
|
73
|
+
*/
|
|
74
|
+
export function normalizeSessionResponse(value: unknown): NormalizedSessionPayload {
|
|
75
|
+
if (isRedirectSessionPayload(value)) {
|
|
76
|
+
return value;
|
|
77
|
+
}
|
|
78
|
+
if (isSessionFailureResponse(value)) {
|
|
79
|
+
return value;
|
|
80
|
+
}
|
|
81
|
+
if (isSessionSuccessResponse(value)) {
|
|
82
|
+
return value;
|
|
83
|
+
}
|
|
84
|
+
if (isObject(value)) {
|
|
85
|
+
return value;
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
return {};
|
|
89
|
+
}
|
|
@@ -0,0 +1,147 @@
|
|
|
1
|
+
/* Copyright 2026 Schibsted Products & Technology AS. Licensed under the terms of the MIT license.
|
|
2
|
+
* See LICENSE.md in the project root.
|
|
3
|
+
*/
|
|
4
|
+
|
|
5
|
+
/**
|
|
6
|
+
* User identifier returned by Session Service responses.
|
|
7
|
+
*
|
|
8
|
+
* Session Service historically returned numeric ids, while some integrations and tests use
|
|
9
|
+
* string ids. SDK convenience methods normalize this where they promise a string.
|
|
10
|
+
*/
|
|
11
|
+
export type SessionUserId = number | string;
|
|
12
|
+
|
|
13
|
+
// Session Service object payloads.
|
|
14
|
+
|
|
15
|
+
/**
|
|
16
|
+
* Successful response returned from {@link Identity#hasSession}.
|
|
17
|
+
*
|
|
18
|
+
* `result` means the has-session call itself succeeded. `result: true` means the user is
|
|
19
|
+
* connected to the merchant; `result: false` means a session may exist, but the user is not
|
|
20
|
+
* connected to this client.
|
|
21
|
+
*/
|
|
22
|
+
export type SessionSuccessResponse = {
|
|
23
|
+
/** Response status code. Example: 200. */
|
|
24
|
+
code: number;
|
|
25
|
+
/** Response type. Example: 'OK'. */
|
|
26
|
+
type: string;
|
|
27
|
+
/** Human-readable response description. Example: 'OK'. */
|
|
28
|
+
description: string;
|
|
29
|
+
/**
|
|
30
|
+
* Is the user connected to the merchant? This means the merchant id is in the list of
|
|
31
|
+
* merchants connected to this user.
|
|
32
|
+
*/
|
|
33
|
+
result: boolean;
|
|
34
|
+
/** Connection status string. Deprecated; use `Identity.isConnected()`. Example: 'connected'. */
|
|
35
|
+
userStatus?: string;
|
|
36
|
+
/** Cookie base domain used as the `SP_ID` cookie domain fallback. Example: 'spid.no'. */
|
|
37
|
+
baseDomain?: string;
|
|
38
|
+
/** Legacy session id. Obsolete. Example: '58eca10fdbb9f6df72c3368f'. */
|
|
39
|
+
id?: string;
|
|
40
|
+
/** A numeric user id which is unique per realm (country). Example: 37162 */
|
|
41
|
+
userId?: SessionUserId;
|
|
42
|
+
/** Globally unique user id. Example: 'b3b23aa7-34f2-5d02-a10e-5a3455c6ab2c' */
|
|
43
|
+
uuid?: string;
|
|
44
|
+
/** Session token used for the `SP_ID` cookie. Example: 'eyJjbGllbnRfaWQ...'. */
|
|
45
|
+
sp_id?: string;
|
|
46
|
+
/** Session response TTL in seconds. Example: 300. */
|
|
47
|
+
expiresIn?: number;
|
|
48
|
+
/** Server time as a Unix timestamp in seconds. Example: 1506285759. */
|
|
49
|
+
serverTime?: number;
|
|
50
|
+
/**
|
|
51
|
+
* Example: 'NCdzXaz4ZRb7...' The sig parameter is a concatenation of an HMAC SHA-256
|
|
52
|
+
* signature string, a dot (.) and a base64url encoded JSON object (session).
|
|
53
|
+
* {@link http://techdocs.spid.no/sdks/js/response-signature-and-validation/}
|
|
54
|
+
*/
|
|
55
|
+
sig?: string;
|
|
56
|
+
/** User display name. Example: 'batman'. */
|
|
57
|
+
displayName?: string;
|
|
58
|
+
/** User given name. Example: 'Bruce'. */
|
|
59
|
+
givenName?: string;
|
|
60
|
+
/** User family name. Example: 'Wayne'. */
|
|
61
|
+
familyName?: string;
|
|
62
|
+
/** User gender value. Example: 'male', 'female', 'undisclosed'. */
|
|
63
|
+
gender?: string;
|
|
64
|
+
/** User profile photo URL. Example: 'http://www.srv.com/some/picture.jpg' . */
|
|
65
|
+
photo?: string;
|
|
66
|
+
/** Whether tracking is enabled for this session. Example: true. */
|
|
67
|
+
tracking?: boolean;
|
|
68
|
+
/** Whether the client agreement is accepted. Example: true. */
|
|
69
|
+
clientAgreementAccepted?: boolean;
|
|
70
|
+
/** Whether the default agreement is accepted. Example: true. */
|
|
71
|
+
defaultAgreementAccepted?: boolean;
|
|
72
|
+
/** Pairwise user id for this client. Example: 'b2a23caa...'. */
|
|
73
|
+
pairId?: string;
|
|
74
|
+
/** User SDRN. Example: 'sdrn:spid.no:user:12345'. */
|
|
75
|
+
sdrn?: string;
|
|
76
|
+
};
|
|
77
|
+
|
|
78
|
+
/**
|
|
79
|
+
* Successful has-session response for a user connected to the merchant.
|
|
80
|
+
*/
|
|
81
|
+
export type ConnectedSessionResponse = SessionSuccessResponse & {
|
|
82
|
+
result: true;
|
|
83
|
+
};
|
|
84
|
+
|
|
85
|
+
/**
|
|
86
|
+
* Connected session response that also carries a usable user id.
|
|
87
|
+
*/
|
|
88
|
+
export type ConnectedSessionWithUserIdResponse = ConnectedSessionResponse & {
|
|
89
|
+
userId: SessionUserId;
|
|
90
|
+
};
|
|
91
|
+
|
|
92
|
+
/**
|
|
93
|
+
* Failure payload returned by Session Service.
|
|
94
|
+
*
|
|
95
|
+
* API and network failures usually reject with {@link SDKError}; this shape represents a failure
|
|
96
|
+
* payload when one is returned by Session Service and reaches the has-session flow.
|
|
97
|
+
*/
|
|
98
|
+
export type SessionFailureResponse = {
|
|
99
|
+
/** Failure payload returned by Session Service. Usually an object, but tests also pass strings. */
|
|
100
|
+
error: string | number | boolean | object;
|
|
101
|
+
response?: {
|
|
102
|
+
/** Response status code. Example: 404. */
|
|
103
|
+
code: number;
|
|
104
|
+
/** Response type. Example: 'NOT_FOUND'. */
|
|
105
|
+
type: string;
|
|
106
|
+
/** Human-readable response description. Example: 'No session found'. */
|
|
107
|
+
description: string;
|
|
108
|
+
/** Cookie base domain used as the `SP_ID` cookie domain fallback. Example: 'spid.no'. */
|
|
109
|
+
baseDomain?: string;
|
|
110
|
+
/** Time span in milliseconds. Example: 30 * 60 * 1000 (for 30 minutes) */
|
|
111
|
+
expiresIn?: number;
|
|
112
|
+
result?: boolean;
|
|
113
|
+
/** Server time in seconds since the Unix Epoch. Example: 1506287788 */
|
|
114
|
+
serverTime?: number;
|
|
115
|
+
[key: string]: string | number | boolean | object | null | undefined;
|
|
116
|
+
};
|
|
117
|
+
};
|
|
118
|
+
|
|
119
|
+
/**
|
|
120
|
+
* Object response that does not match one of the SDK-known has-session shapes.
|
|
121
|
+
*
|
|
122
|
+
* This intentionally includes `{}`. Historically `hasSession()` could resolve an empty object or
|
|
123
|
+
* other object payloads that callers inspected themselves, so the SDK preserves those responses.
|
|
124
|
+
*/
|
|
125
|
+
export type UnrecognizedSessionResponse = object;
|
|
126
|
+
|
|
127
|
+
export type RedirectSessionResponse = string;
|
|
128
|
+
|
|
129
|
+
export type SessionObjectResponse =
|
|
130
|
+
| SessionSuccessResponse
|
|
131
|
+
| SessionFailureResponse
|
|
132
|
+
| UnrecognizedSessionResponse;
|
|
133
|
+
|
|
134
|
+
export type RedirectSessionPayload = {
|
|
135
|
+
redirectURL: string;
|
|
136
|
+
};
|
|
137
|
+
|
|
138
|
+
export type NormalizedSessionPayload = SessionObjectResponse | RedirectSessionPayload;
|
|
139
|
+
|
|
140
|
+
/**
|
|
141
|
+
* Public response union returned from {@link Identity#hasSession}.
|
|
142
|
+
*/
|
|
143
|
+
export type SessionResponse =
|
|
144
|
+
| SessionSuccessResponse
|
|
145
|
+
| SessionFailureResponse
|
|
146
|
+
| UnrecognizedSessionResponse
|
|
147
|
+
| RedirectSessionResponse;
|
package/src/validate.ts
CHANGED
package/src/version.ts
CHANGED