@schibsted/account-sdk-browser 6.0.0-alpha.2 → 6.0.0-alpha.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. package/README.md +39 -39
  2. package/dist/account-sdk.d.ts +4 -0
  3. package/dist/account.d.ts +30 -0
  4. package/dist/global-registry.d.ts +1 -1
  5. package/dist/globals.d.ts +2 -0
  6. package/dist/has-access-response.d.ts +2 -0
  7. package/dist/identity.d.ts +37 -237
  8. package/dist/index.d.ts +8 -3
  9. package/dist/index.js +862 -4
  10. package/dist/index.js.map +1 -0
  11. package/dist/monetization.d.ts +7 -43
  12. package/dist/resolve-browser-window.d.ts +1 -0
  13. package/dist/{RESTClient.d.ts → rest-client.d.ts} +22 -11
  14. package/dist/rest-clients.d.ts +10 -0
  15. package/dist/session-response.d.ts +30 -0
  16. package/dist/types/account.d.ts +13 -0
  17. package/dist/types/common.d.ts +22 -0
  18. package/dist/types/identity.d.ts +41 -0
  19. package/dist/types/login.d.ts +120 -0
  20. package/dist/types/monetization-guards.d.ts +2 -0
  21. package/dist/types/monetization.d.ts +21 -0
  22. package/dist/types/session-guards.d.ts +36 -0
  23. package/dist/types/session.d.ts +124 -0
  24. package/dist/version.d.ts +1 -1
  25. package/package.json +1 -9
  26. package/src/account-sdk.ts +74 -0
  27. package/src/account.ts +153 -0
  28. package/src/cache.ts +1 -1
  29. package/src/global-registry.ts +1 -1
  30. package/src/globals.ts +2 -0
  31. package/src/has-access-response.ts +35 -0
  32. package/src/identity.ts +269 -423
  33. package/src/index.ts +28 -3
  34. package/src/monetization.ts +31 -68
  35. package/src/object.ts +1 -1
  36. package/src/resolve-browser-window.ts +11 -0
  37. package/src/{RESTClient.ts → rest-client.ts} +55 -28
  38. package/src/rest-clients.ts +30 -0
  39. package/src/session-response.ts +79 -0
  40. package/src/types/account.ts +27 -0
  41. package/src/types/common.ts +26 -0
  42. package/src/types/identity.ts +55 -0
  43. package/src/types/login.ts +145 -0
  44. package/src/types/monetization-guards.ts +35 -0
  45. package/src/types/monetization.ts +24 -0
  46. package/src/types/session-guards.ts +89 -0
  47. package/src/types/session.ts +147 -0
  48. package/src/validate.ts +1 -1
  49. package/src/version.ts +1 -1
  50. package/dist/identity-s4nofYmB.js +0 -370
  51. package/dist/identity-s4nofYmB.js.map +0 -1
  52. package/dist/identity.js +0 -2
  53. package/dist/monetization.js +0 -72
  54. package/dist/monetization.js.map +0 -1
  55. package/dist/version-spE-k97g.js +0 -289
  56. package/dist/version-spE-k97g.js.map +0 -1
  57. /package/dist/{SDKError.d.ts → sdk-error.d.ts} +0 -0
  58. /package/dist/{spidTalk.d.ts → spid-talk.d.ts} +0 -0
  59. /package/src/{SDKError.ts → sdk-error.ts} +0 -0
  60. /package/src/{spidTalk.ts → spid-talk.ts} +0 -0
package/README.md CHANGED
@@ -24,11 +24,12 @@ For example if your `pre` domain is pre.sdk-example.com, and it uses id.pre.sdk-
24
24
  domain, your local domain should be local.sdk-example.com.
25
25
 
26
26
  1. Do `npm install --save @schibsted/account-sdk-browser`
27
- 2. Use this library as you would any other npm module: `import { Identity, Monetization } from '@schibsted/account-sdk-browser'`.
27
+ 2. Use this library as you would any other npm module: `import { createAccountSdk, getAccountSdk } from '@schibsted/account-sdk-browser'`.
28
28
  3. Build your site as you prefer. This library is published as ES modules and uses modern JavaScript
29
29
  syntax (including async/await and other ES2017 and WHATWG features). We recommend that you do
30
30
  any transpilation yourself for the browser versions you need to cater to. We do not add polyfills.
31
- 4. Initiate the SDK and provide at least `clientId`, `env` and `sessionDomain`.
31
+ 4. Initiate the SDK with `createAccountSdk` and provide `clientId`, `redirectUri` and `sessionDomain`.
32
+ Set `env` if you do not want to use the default `PRE` environment.
32
33
 
33
34
  If this is for a new site and there is no sessionDomain yet, contact
34
35
  [support](mailto:schibstedaccount@schibsted.com) to initiate the process.
@@ -41,8 +42,8 @@ Follow the [migration guide](./MIGRATION.md).
41
42
 
42
43
  1. Ensure that your site has no site specific terms and conditions in the Schibsted account login flow.
43
44
  1. Define rules for when and how often the simplified login prompt should be shown to unique users on your site. How you do this is up to you, but we recommend starting with showing the prompt once per user before potentially increasing this frequency over time.
44
- 1. Set up a function to check if users landing on your domain [is logged in](https://schibsted.github.io/account-sdk-browser/classes/Identity.html#isloggedin) to your site.
45
- 1. If the user is not logged-in to your site, call the [showSimplifiedLoginWidget](https://schibsted.github.io/account-sdk-browser/classes/Identity.html#showsimplifiedloginwidget) function. The `showSimplifiedLoginWidget` accepts the same params as login function (`state` is required, it might be string or async function). If the simplified login prompt is to be loaded, `showSimplifiedLoginWidget` will return `true`.
45
+ 1. Set up a function to check if users landing on your domain [are logged in](https://schibsted.github.io/account-sdk-browser/classes/Account.html#isloggedin) to your site.
46
+ 1. If the user is not logged-in to your site, call the [showSimplifiedLoginWidget](https://schibsted.github.io/account-sdk-browser/classes/Account.html#showsimplifiedloginwidget) function. The `showSimplifiedLoginWidget` accepts the same params as login function (`state` is required, it might be string or async function). If the simplified login prompt is to be loaded, `showSimplifiedLoginWidget` will return `true`.
46
47
  1. Set up a way to store information about which users have been shown the simplified login prompt. How you do this is up to you, but one way is to use localStorage. Use this information to execute on the rules defined in #2.
47
48
 
48
49
  ## Example project
@@ -65,38 +66,35 @@ This allows you to call Schibsted Account APIs on behalf of that user.
65
66
 
66
67
  ## Events
67
68
 
68
- The SDK fires events on the instances when something we deem interesting is happening. For example the
69
- [Identity](https://schibsted.github.io/account-sdk-browser/classes/Identity.html) class
70
- emits some events when the user is logged in or logged out. This SDK uses a familar interface that's
71
- very similar to Node's [EventEmitter](https://nodejs.org/api/events.html). The most important
69
+ The SDK fires events on the Account instance when something we deem interesting is happening. For
70
+ example, the Account instance emits events when the user is logged in or logged out. This SDK uses a
71
+ familiar interface that's very similar to Node's [EventEmitter](https://nodejs.org/api/events.html). The most important
72
72
  methods are `.on(eventName, listener)` (to subscribe to an event) and `.off(eventName, listener)`
73
73
  (to unsubscribe to an event).
74
74
 
75
- The SDK also emits global events on the `window` when a new instance is created.
76
- Events are emitted for:
75
+ The SDK also emits a global event on the `window` when a new Account instance is created.
77
76
 
78
77
  | Class | event name |
79
78
  | ------------ | ----------------------- |
80
- | Identity | `schIdentity:ready` |
81
- | Monetization | `schMonetization:ready` |
79
+ | Account | `schAccount:ready` |
82
80
 
83
81
  ```js
84
- window.addEventListener('schIdentity:ready', e => {
82
+ window.addEventListener('schAccount:ready', e => {
85
83
  // The event contains the initialized instance (e.detail.instance);
86
84
  }
87
85
 
88
86
  ```
89
87
 
90
- ## Identity
88
+ ## Account
91
89
 
92
90
  Let's start with a bit of example code:
93
91
 
94
92
  #### Example
95
93
 
96
94
  ```javascript
97
- import { Identity } from '@schibsted/account-sdk-browser';
95
+ import { createAccountSdk } from '@schibsted/account-sdk-browser';
98
96
 
99
- const identity = new Identity({
97
+ const account = createAccountSdk({
100
98
  clientId: '56e9a5d1eee0000000000000',
101
99
  redirectUri: 'https://awesomenews.site', // ensure it's listed in selfservice
102
100
  env: 'PRE', // Schibsted account env. A url or a special key: 'PRE', 'PRO', 'PRO_NO', 'PRO_FI' or 'PRO_DK'
@@ -105,8 +103,8 @@ const identity = new Identity({
105
103
 
106
104
  async function whenSiteLoaded() {
107
105
  const loginContainer = document.getElementById('login-container');
108
- if (await identity.isLoggedIn()) {
109
- const user = await identity.getUser();
106
+ if (await account.isLoggedIn()) {
107
+ const user = await account.getUser();
110
108
  const span = document.createElement('span');
111
109
  span.textContent = `Hello ${user.givenName}`;
112
110
  loginContainer.appendChild(span);
@@ -116,10 +114,18 @@ async function whenSiteLoaded() {
116
114
  }
117
115
 
118
116
  function userClicksLogIn() {
119
- identity.login({ state: 'some-random-string-1234-foobar-wonky-pig' });
117
+ account.login({ state: 'some-random-string-1234-foobar-wonky-pig' });
120
118
  }
121
119
  ```
122
120
 
121
+ If your code needs the initialized singleton from another module, use `getAccountSdk()`:
122
+
123
+ ```javascript
124
+ import { getAccountSdk } from '@schibsted/account-sdk-browser';
125
+
126
+ const account = await getAccountSdk();
127
+ ```
128
+
123
129
  #### Regarding `state`
124
130
 
125
131
  This parameter is an OpenID Connect parameter (described in [this paragraph in the
@@ -128,7 +134,7 @@ an opaque string. This means you can send anything that can be serialized to a s
128
134
  we have good experience sending something like a JSON value like a base64-url-encoded value — it's
129
135
  just an easy way to avoid browsers or backends messing with special characters.
130
136
 
131
- But as a trivial example, if you call `Identity.login(..)` with params
137
+ But as a trivial example, if you call `account.login(..)` with params
132
138
  `redirectUri=https://site.com&state=article%3D1234` — then at the end of the authentication flow,
133
139
  the user will be sent back to your redirectUri, and the `state` parameter will be forwarded along
134
140
  with the auth `code` parameter.
@@ -138,7 +144,7 @@ attacks. For example this can be accomplished by:
138
144
 
139
145
  1. Your backend generates random token: `1234abcd`, saves it in some tokenCache, and forwards to
140
146
  your browser frontend
141
- 1. Your frontend calls `Identity.login` with `state = base64Urlencode({ token: '1234abcd', article:
147
+ 1. Your frontend calls `account.login` with `state = base64Urlencode({ token: '1234abcd', article:
142
148
  '1234', ... })`
143
149
  1. When auth flow completes, the user is redirected back to your site. Then, your backend sees the
144
150
  query parameters `code` (which it can exchange for OAuth tokens for the user) and `state`
@@ -159,8 +165,8 @@ mentioning that your end users have a few ways to log in:
159
165
  * Multifactor authentication: first client indicates which methods should be preferred, later these
160
166
  will be included (if fulfilled) in `AMR` claim of IDToken
161
167
 
162
- The default is username & password. If you wish to use one of the passwordless login methods, the
163
- `login()` function takes an optional parameter called `acrValues` (Authentication Context Class Reference).
168
+ The default is username & password. If you wish to use one of the passwordless login methods,
169
+ `account.login()` takes an optional parameter called `acrValues` (Authentication Context Class Reference).
164
170
  The `acrValues` parameter with multifactor authentication can take following values:
165
171
 
166
172
  * `eid` - authentication using BankID (for DEV and PRE environments you can choose between country specific solution by specifying `eid-no` or `eid-se` instead)
@@ -187,10 +193,10 @@ Schibsted account relies on browser cookies to determine whether a user is recog
187
193
  The SDK provides functions that can be used to check if the user that's visiting your site is
188
194
  already a Schibsted user or not.
189
195
 
190
- * [Identity#isLoggedIn](https://schibsted.github.io/account-sdk-browser/classes/Identity.html#isloggedin)
196
+ * `account.isLoggedIn()`
191
197
  tells you if the user that is visiting your site is already logged in to Schibsted account or not.
192
198
 
193
- * [Identity#isConnected](https://schibsted.github.io/account-sdk-browser/classes/Identity.html#isconnected)
199
+ * `account.isConnected()`
194
200
  tells you if the user is connected to your client. A user might have `isLoggedIn=true` and at the
195
201
  same time `isConnected=false` if they have logged in to Schibsted account, but not accepted terms
196
202
  and privacy policy for your site.
@@ -202,32 +208,26 @@ will just ask them to accept those terms and redirect them right back to your si
202
208
  #### Logging out
203
209
 
204
210
  If you want to log the user out of Schibsted account, you can call
205
- [Identity#logout](https://schibsted.github.io/account-sdk-browser/classes/Identity.html#logout). This
211
+ `account.logout()`. This
206
212
  will remove the Schibsted account brand session. User will still be logged into Schibsted account.
207
213
 
208
- ## Monetization
214
+ ## Access Checks
209
215
 
210
216
  The preferred method for checking whether a user has access to a product/subscription is
211
- [Monetization#hasAccess](https://schibsted.github.io/account-sdk-browser/classes/Monetization.html#hasaccess).
217
+ `account.hasAccess()`.
212
218
  It requires using Session Service, and supports both Schibsted account productId's and Zuora
213
219
  feature id's.
214
220
 
215
221
  #### Example
216
222
 
217
223
  ```javascript
218
- import { Monetization } from '@schibsted/account-sdk-browser';
219
-
220
- const monetization = new Monetization({
221
- clientId: '56e9a5d1eee0000000000000',
222
- redirectUri: 'https://awesomenews.site', // ensure it's listed in selfservice
223
- sessionDomain: 'https://id.aweseome.site', // client-configured session-service domain
224
- env: 'PRE', // Schibsted account env. A url or a special key: 'PRE', 'PRO' or 'PRO_NO'
225
- });
224
+ import { getAccountSdk } from '@schibsted/account-sdk-browser';
226
225
 
227
226
  try {
228
- // Check if the user has access to a a particular product
229
- const userId = await identity.getUserId();
230
- const data = await monetization.hasAccess([productId], userId);
227
+ // Check if the user has access to a particular product
228
+ const account = await getAccountSdk();
229
+ const userId = await account.getUserId();
230
+ const data = await account.hasAccess([productId], userId);
231
231
  alert(`User has access to ${productId}? ${data.entitled}`);
232
232
  } catch (err) {
233
233
  alert(`Could not query if the user has access to ${productId} because ${err}`);
@@ -0,0 +1,4 @@
1
+ import { Account } from './account.js';
2
+ import { AccountConfig } from './types/account.js';
3
+ export declare function createAccountSdk(config: AccountConfig): Account;
4
+ export declare function getAccountSdk(): Promise<Account>;
@@ -0,0 +1,30 @@
1
+ import { AccountConfig, AccountEventHandler, AccountEventName } from './types/account.js';
2
+ import { LoginOptions, SimplifiedLoginData, SimplifiedLoginWidgetLoginOptions, SimplifiedLoginWidgetOptions } from './types/login.js';
3
+ import { HasAccessResult } from './types/monetization.js';
4
+ import { ConnectedSessionResponse, SessionResponse, SessionUserId } from './types/session.js';
5
+ /**
6
+ * Unified client-side interface for a configured Schibsted Account integration.
7
+ */
8
+ export declare class Account {
9
+ #private;
10
+ constructor(config: AccountConfig);
11
+ hasSession(): Promise<SessionResponse>;
12
+ isLoggedIn(): Promise<boolean>;
13
+ isConnected(): Promise<boolean>;
14
+ getUser(): Promise<ConnectedSessionResponse>;
15
+ getUserId(): Promise<string>;
16
+ getUserSDRN(): Promise<string>;
17
+ getUserContextData(): Promise<SimplifiedLoginData | null>;
18
+ getSpId(): Promise<string | null>;
19
+ login(options: LoginOptions): Window | null;
20
+ logout(redirectUri?: string): void;
21
+ loginUrl(options: LoginOptions): string;
22
+ accountUrl(redirectUri?: string): string;
23
+ showSimplifiedLoginWidget(loginParams: SimplifiedLoginWidgetLoginOptions, options?: SimplifiedLoginWidgetOptions): Promise<boolean>;
24
+ clearCachedUserSession(): void;
25
+ hasAccess(productIds: string[], userId: SessionUserId): Promise<HasAccessResult | null>;
26
+ clearCachedAccessResult(productIds: string[], userId: SessionUserId): void;
27
+ on(event: AccountEventName, callback: AccountEventHandler, ctx?: unknown): this;
28
+ off(event: AccountEventName, callback?: AccountEventHandler): this;
29
+ }
30
+ export default Account;
@@ -1,7 +1,7 @@
1
1
  /**
2
2
  * Names of the SDK instance properties that can be registered on the global {@link Window} object.
3
3
  */
4
- type Property = 'schIdentity' | 'schMonetization';
4
+ type Property = 'schAccount' | 'schIdentity' | 'schMonetization';
5
5
  /**
6
6
  * Registers an SDK instance on the global {@link Window} object's given property and dispatches a ready event.
7
7
  *
package/dist/globals.d.ts CHANGED
@@ -1,7 +1,9 @@
1
+ import { Account } from './account.js';
1
2
  import { Identity } from './identity.js';
2
3
  import { Monetization } from './monetization.js';
3
4
  declare global {
4
5
  interface Window {
6
+ schAccount?: Account;
5
7
  schIdentity?: Identity;
6
8
  schMonetization?: Monetization;
7
9
  SPiD?: {
@@ -0,0 +1,2 @@
1
+ import { HasAccessResult } from './types/monetization.js';
2
+ export declare function parseHasAccessResult(value: unknown): HasAccessResult;
@@ -1,204 +1,44 @@
1
1
  import { TinyEmitter } from 'tiny-emitter';
2
- import { default as RESTClient } from './RESTClient.js';
3
- import { default as SDKError } from './SDKError.js';
4
- /**
5
- * Options accepted by {@link Identity#login} and related login URL helpers.
6
- */
7
- export type LoginOptions = {
8
- /**
9
- * An opaque value used by the client to maintain state between the request and callback.
10
- * It's also recommended to prevent CSRF {@link https://tools.ietf.org/html/rfc6749#section-10.12}
11
- */
12
- state: string;
13
- /**
14
- * Authentication Context Class Reference Values. If omitted, the user will be asked to
15
- * authenticate using username+password. For 2FA (Two-Factor Authentication) possible values
16
- * are `sms`, `otp` (one time password), `password` (will force password confirmation, even if
17
- * user is already logged in), `eid`. Those values might be mixed as space-separated string.
18
- * To make sure that user has authenticated with 2FA you need to verify AMR (Authentication
19
- * Methods References) claim in ID token. Might also be used to ensure additional acr
20
- * (sms, otp, eid) for already logged in users. Supported value is also 'otp-email' means one
21
- * time password using email.
22
- */
23
- acrValues?: string;
24
- /**
25
- * The OAuth scopes for the tokens. This is a list of scopes, separated by space. If the list
26
- * of scopes contains `openid`, the generated tokens includes the id token which can be useful
27
- * for getting information about the user. Omitting scope is allowed, while `invalid_scope` is
28
- * returned when the client asks for a scope you aren't allowed to request.
29
- * {@link https://tools.ietf.org/html/rfc6749#section-3.3}
30
- * Defaults to `openid`.
31
- */
32
- scope?: string;
33
- /**
34
- * Redirect uri that will receive the code. Must exactly match a redirectUri from your client
35
- * in self-service
36
- */
37
- redirectUri?: string;
38
- /** Should we try to open a popup window? Defaults to `false`. */
39
- preferPopup?: boolean;
40
- /** user email or UUID hint */
41
- loginHint?: string;
42
- /** Pulse tag */
43
- tag?: string;
44
- /** Teaser slug. Teaser with given slug will be displayed in place of default teaser */
45
- teaser?: string;
46
- /**
47
- * Specifies the allowable elapsed time in seconds since the last time the End-User was actively
48
- * authenticated. If last authentication time is more than maxAge seconds in the past,
49
- * re-authentication will be required. See the OpenID Connect spec section 3.1.2.1 for more
50
- * information
51
- */
52
- maxAge?: number | string;
53
- /**
54
- * Optional parameter to overwrite client locale setting.
55
- * New flows supports nb_NO, fi_FI, sv_SE, en_US
56
- */
57
- locale?: string;
58
- /** display username and password on one screen. Defaults to `false`. */
59
- oneStepLogin?: boolean;
60
- /**
61
- * String that specifies whether the Authorization Server prompts the End-User for
62
- * reauthentication or confirm account screen. Supported values: `select_account` or `login`.
63
- * Defaults to `select_account`.
64
- */
65
- prompt?: string;
66
- /** Identifier for cross-domain tracking in Pulse */
67
- xDomainId?: string;
68
- /** Environment for cross-domain tracking in Pulse */
69
- xEnvironmentId?: string;
70
- /** Campaign identifier for tracking in Pulse */
71
- originCampaign?: string;
72
- };
73
- /**
74
- * Identical to {@link LoginOptions} except that `state` may also be a (possibly async) function;
75
- * all other fields reuse the `LoginOptions` documentation.
76
- */
77
- export type SimplifiedLoginWidgetLoginOptions = Omit<LoginOptions, 'state'> & {
78
- /**
79
- * An opaque value used by the client to maintain state between the request and callback.
80
- * It's also recommended to prevent CSRF {@link https://tools.ietf.org/html/rfc6749#section-10.12}
81
- */
82
- state: string | (() => string | Promise<string>);
83
- };
84
- /**
85
- * Successful response returned from {@link Identity#hasSession}.
86
- */
87
- export type HasSessionSuccessResponse = {
88
- /**
89
- * Is the user connected to the merchant? (it means that the merchant id is in the list of
90
- * merchants listed of this user in the database)? Example: false
91
- */
92
- result: boolean;
93
- /** Example: 'notConnected' or 'connected'. Deprecated, use `Identity.isConnected()` */
94
- userStatus: string;
95
- /** Example: 'localhost' */
96
- baseDomain: string;
97
- /** Example: '58eca10fdbb9f6df72c3368f'. Obsolete */
98
- id: string;
99
- /** Example: 37162 */
100
- userId: number;
101
- /** Example: 'b3b23aa7-34f2-5d02-a10e-5a3455c6ab2c' */
102
- uuid: string;
103
- /** Example: 'eyJjbGllbnRfaWQ...' */
104
- sp_id: string;
105
- /** Example: 30 * 60 * 1000 (for 30 minutes) */
106
- expiresIn: number;
107
- /** Example: 1506285759 */
108
- serverTime: number;
109
- /**
110
- * Example: 'NCdzXaz4ZRb7...' The sig parameter is a concatenation of an HMAC SHA-256 signature
111
- * string, a dot (.) and a base64url encoded JSON object (session).
112
- * {@link http://techdocs.spid.no/sdks/js/response-signature-and-validation/}
113
- */
114
- sig: string;
115
- /** (Only for connected users) Example: 'batman' */
116
- displayName: string;
117
- /** (Only for connected users) Example: 'Bruce' */
118
- givenName: string;
119
- /** (Only for connected users) Example: 'Wayne' */
120
- familyName: string;
121
- /** (Only for connected users) Example: 'male', 'female', 'undisclosed' */
122
- gender: string;
123
- /** (Only for connected users) Example: 'http://www.srv.com/some/picture.jpg' */
124
- photo: string;
125
- /** (Only for connected users) */
126
- tracking: boolean;
127
- /** (Only for connected users) */
128
- clientAgreementAccepted: boolean;
129
- /** (Only for connected users) */
130
- defaultAgreementAccepted: boolean;
131
- pairId: string;
132
- sdrn: string;
133
- };
134
- /**
135
- * Failure response returned from {@link Identity#hasSession}.
136
- */
137
- export type HasSessionFailureResponse = {
138
- error: {
139
- /** Typically an HTTP response code. Example: 401 */
140
- code: number;
141
- /** Example: "No session found!" */
142
- description: string;
143
- /** Example: "UserException" */
144
- type: string;
145
- };
146
- response: {
147
- /** Example: "localhost" */
148
- baseDomain: string;
149
- /** Time span in milliseconds. Example: 30 * 60 * 1000 (for 30 minutes) */
150
- expiresIn: number;
151
- result: boolean;
152
- /** Server time in seconds since the Unix Epoch. Example: 1506287788 */
153
- serverTime: number;
154
- };
155
- };
156
- /**
157
- * Minimal user information used by the simplified login widget flow.
158
- */
159
- export type SimplifiedLoginData = {
160
- /** Deprecated: User UUID, to be be used as `loginHint` for {@link Identity#login} */
161
- identifier: string;
162
- /** Human-readable user identifier */
163
- display_text: string;
164
- /** Client name */
165
- client_name: string;
166
- };
167
- /**
168
- * Configuration options for {@link Identity#showSimplifiedLoginWidget}.
169
- */
170
- export type SimplifiedLoginWidgetOptions = {
171
- /** expected encoding of simplified login widget. Could be utf-8 (default), iso-8859-1 or iso-8859-15 */
172
- encoding: string;
173
- /**
174
- * expected locale of simplified login widget. Should be provided in a short format like 'nb',
175
- * 'sv'. If not set, a value from the env variable is used.
176
- */
177
- locale?: 'nb' | 'sv' | 'fi' | 'da' | 'en';
178
- };
2
+ import { default as Cache } from './cache.js';
3
+ import { default as RESTClient } from './rest-client.js';
4
+ import { LogFunction } from './types/common.js';
5
+ import { IdentityBeforeRedirectCallback, IdentityOptions, VarnishCookieOptions } from './types/identity.js';
6
+ import { LoginOptions, OpenSimplifiedLoginWidget, SimplifiedLoginData, SimplifiedLoginWidgetLoginOptions, SimplifiedLoginWidgetOptions } from './types/login.js';
7
+ import { ConnectedSessionResponse, SessionObjectResponse, SessionResponse } from './types/session.js';
8
+ export { isConnectedSessionResponse, isSessionSuccessResponse } from './session-response.js';
9
+ export type { ConnectedSessionResponse, SessionFailureResponse, SessionObjectResponse, SessionResponse, SessionSuccessResponse, SessionUserId, } from './types/session.js';
10
+ declare global {
11
+ interface Window {
12
+ openSimplifiedLoginWidget?: OpenSimplifiedLoginWidget;
13
+ }
14
+ }
179
15
  /**
180
16
  * Provides Identity functionalty to a web page
181
17
  */
182
18
  export declare class Identity extends TinyEmitter {
183
19
  _sessionInitiatedSent: boolean;
184
- window: any;
20
+ window: Window;
185
21
  clientId: string;
186
- sessionStorageCache: any;
187
- localStorageCache: any;
22
+ sessionStorageCache: Cache;
23
+ localStorageCache: Cache;
188
24
  redirectUri: string;
189
25
  env: string;
190
- log?: Function;
191
- callbackBeforeRedirect: Function;
26
+ log?: LogFunction;
27
+ callbackBeforeRedirect: IdentityBeforeRedirectCallback;
192
28
  _sessionDomain: string;
193
29
  _enableSessionCaching: boolean;
194
- _session: any;
30
+ /**
31
+ * @internal Starts as `{}` before the first `hasSession()` call, then stores the latest
32
+ * object response from hasSession().
33
+ */
34
+ _session: SessionObjectResponse;
195
35
  _spid: RESTClient;
196
36
  _oauthService: RESTClient;
197
37
  _bffService: RESTClient;
198
38
  _sessionService: RESTClient;
199
39
  _globalSessionService: RESTClient;
200
- _usedSessionServiceGetSessionEndpoint: any;
201
- _hasSessionInProgress?: boolean | Promise<any>;
40
+ _usedSessionServiceGetSessionEndpoint: 'v2/session' | 'session';
41
+ _hasSessionInProgress?: false | Promise<SessionResponse>;
202
42
  popup?: Window | null;
203
43
  setVarnishCookie?: boolean;
204
44
  varnishExpiresIn?: number;
@@ -215,15 +55,7 @@ export declare class Identity extends TinyEmitter {
215
55
  * @param options.callbackBeforeRedirect - callback triggered before session refresh redirect happen
216
56
  * @throws {SDKError} - If any of options are invalid
217
57
  */
218
- constructor({ clientId, redirectUri, sessionDomain, env, log, window, callbackBeforeRedirect, }: {
219
- clientId: string;
220
- sessionDomain: string;
221
- redirectUri: string;
222
- env?: string;
223
- log?: Function;
224
- window?: Window;
225
- callbackBeforeRedirect?: Function;
226
- });
58
+ constructor({ clientId, redirectUri, sessionDomain, env, log, window, callbackBeforeRedirect, }: IdentityOptions);
227
59
  /**
228
60
  * Read tabId from session storage
229
61
  * @private
@@ -234,7 +66,7 @@ export declare class Identity extends TinyEmitter {
234
66
  * @private
235
67
  *
236
68
  */
237
- _isSessionCallBlocked(): boolean | void;
69
+ _isSessionCallBlocked(): boolean;
238
70
  /**
239
71
  * Block calls to get session
240
72
  * @private
@@ -248,42 +80,12 @@ export declare class Identity extends TinyEmitter {
248
80
  */
249
81
  _unblockSessionCall(): void;
250
82
  /**
251
- * Set SPiD server URL
252
- * @private
253
- * @param url - real URL or 'PRE' style key
254
- */
255
- _setSpidServerUrl(url: string): void;
256
- /**
257
- * Set OAuth server URL
258
- * @private
259
- * @param url - real URL or 'PRE' style key
260
- */
261
- _setOauthServerUrl(url: string): void;
262
- /**
263
- * Set BFF server URL
264
- * @private
265
- * @param url - real URL or 'PRE' style key
266
- */
267
- _setBffServerUrl(url: string): void;
268
- /**
269
- * Set site-specific session-service domain
270
- * @private
271
- * @param domain - real URL — (**not** 'PRE' style env key)
272
- */
273
- _setSessionServiceUrl(domain: string): void;
274
- /**
275
- * Set global session-service server URL
276
- * @private
277
- * @param url - real URL or 'PRE' style key
278
- */
279
- _setGlobalSessionServiceUrl(url: string): void;
280
- /**
281
- * Emits the relevant events based on the previous and new reply from hassession
83
+ * Emits the relevant events based on the previous and new reply from hasSession
282
84
  * @private
283
85
  * @param previous
284
86
  * @param current
285
87
  */
286
- _emitSessionEvent(previous: any, current: any): void;
88
+ _emitSessionEvent(previous: object, current: object): void;
287
89
  /**
288
90
  * Close this.popup if it exists and is open
289
91
  * @private
@@ -297,16 +99,13 @@ export declare class Identity extends TinyEmitter {
297
99
  * cookie expires. The default is to use the same time that hasSession responses are cached for
298
100
  * @param options.domain Override cookie domain. E.g. «vg.no» instead of «www.vg.no»
299
101
  */
300
- enableVarnishCookie(options?: {
301
- expiresIn?: number;
302
- domain?: string;
303
- }): void;
102
+ enableVarnishCookie(options: VarnishCookieOptions): void;
304
103
  /**
305
104
  * Set the Varnish cookie if configured
306
105
  * @private
307
106
  * @param sessionData
308
107
  */
309
- _maybeSetVarnishCookie(sessionData: HasSessionSuccessResponse): void;
108
+ _maybeSetVarnishCookie(sessionData: object): void;
310
109
  /**
311
110
  * Clear the Varnish cookie if configured
312
111
  * @private
@@ -337,7 +136,7 @@ export declare class Identity extends TinyEmitter {
337
136
  * @fires Identity#statusChange
338
137
  * @fires Identity#error
339
138
  */
340
- hasSession(): Promise<HasSessionSuccessResponse | HasSessionFailureResponse>;
139
+ hasSession(): Promise<SessionResponse>;
341
140
  /**
342
141
  * @summary Allows the client app to check if the user is logged in to Schibsted account
343
142
  * @remarks This function calls {@link Identity#hasSession} internally and thus has the side
@@ -364,7 +163,7 @@ export declare class Identity extends TinyEmitter {
364
163
  * @throws {SDKError} If the user isn't connected to the merchant
365
164
  * @throws {SDKError} If we couldn't get the user
366
165
  */
367
- getUser(): Promise<HasSessionSuccessResponse>;
166
+ getUser(): Promise<ConnectedSessionResponse>;
368
167
  /**
369
168
  * @summary
370
169
  * In Schibsted account, there are multiple ways of identifying a user; the `userId`,
@@ -489,7 +288,7 @@ export declare class Identity extends TinyEmitter {
489
288
  * @param options.originCampaign
490
289
  * @return - The url
491
290
  */
492
- loginUrl({ state, acrValues, scope, redirectUri, loginHint, tag, teaser, maxAge, locale, oneStepLogin, prompt, xDomainId, xEnvironmentId, originCampaign, }: LoginOptions, ..._args: any[]): string;
291
+ loginUrl({ state, acrValues, scope, redirectUri, loginHint, tag, teaser, maxAge, locale, oneStepLogin, prompt, xDomainId, xEnvironmentId, originCampaign, }: LoginOptions): string;
493
292
  /**
494
293
  * The url for logging the user out
495
294
  * @param redirectUri
@@ -516,8 +315,9 @@ export declare class Identity extends TinyEmitter {
516
315
  * @param options - additional configuration of Simplified Login Widget
517
316
  * @fires Identity#simplifiedLoginOpened
518
317
  * @fires Identity#simplifiedLoginCancelled
519
- * @return - will resolve to true if widget will be display. Otherwise, will throw SDKError
318
+ * @throws {SDKError} - If user context data is missing or the widget script cannot be loaded
319
+ * @return - will resolve to true if widget will be displayed
520
320
  */
521
- showSimplifiedLoginWidget(loginParams: SimplifiedLoginWidgetLoginOptions, options?: SimplifiedLoginWidgetOptions): Promise<boolean | SDKError>;
321
+ showSimplifiedLoginWidget(loginParams: SimplifiedLoginWidgetLoginOptions, options?: SimplifiedLoginWidgetOptions): Promise<boolean>;
522
322
  }
523
323
  export default Identity;
package/dist/index.d.ts CHANGED
@@ -1,3 +1,8 @@
1
- export * from './identity.js';
2
- export * from './monetization.js';
3
- export { default as SDKError } from './SDKError.js';
1
+ export { Account } from './account.js';
2
+ export { createAccountSdk, getAccountSdk } from './account-sdk.js';
3
+ export { default as SDKError } from './sdk-error.js';
4
+ export type { AccountConfig, AccountEventHandler, AccountEventName, AccountSessionEventName, } from './types/account.js';
5
+ export type { AccountEnvironment, LogFunction } from './types/common.js';
6
+ export type { LoginOptions, SimplifiedLoginData, SimplifiedLoginWidgetLoginOptions, SimplifiedLoginWidgetOptions, } from './types/login.js';
7
+ export type { HasAccessResult } from './types/monetization.js';
8
+ export type { ConnectedSessionResponse, ConnectedSessionWithUserIdResponse, RedirectSessionResponse, SessionFailureResponse, SessionResponse, SessionSuccessResponse, SessionUserId, } from './types/session.js';