@tapis/tapis-typescript-systems 0.0.6 → 0.0.7

package/dist/apis/CredentialsApi.js

@@ -5,7 +5,7 @@
  * Tapis Systems API
  * The Tapis Systems API provides for management of Tapis Systems including permissions, credentials and Scheduler Profiles.
  *
- * The version of the OpenAPI document: 1.7.0
+ * The version of the OpenAPI document: 25Q4.2
  * Contact: cicsupport@tacc.utexas.edu
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
@@ -13,30 +13,36 @@
  * Do not edit the class manually.
  */
 var __extends = (this && this.__extends) || (function () {
-    var extendStatics = Object.setPrototypeOf ||
-        ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
-        function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
     return function (d, b) {
+        if (typeof b !== "function" && b !== null)
+            throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
         extendStatics(d, b);
         function __() { this.constructor = d; }
         d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
     };
 })();
 var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
     return new (P || (P = Promise))(function (resolve, reject) {
         function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
         function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
 var __generator = (this && this.__generator) || function (thisArg, body) {
-    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
-    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g = Object.create((typeof Iterator === "function" ? Iterator : Object).prototype);
+    return g.next = verb(0), g["throw"] = verb(1), g["return"] = verb(2), typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
     function verb(n) { return function (v) { return step([n, v]); }; }
     function step(op) {
         if (f) throw new TypeError("Generator is already executing.");
-        while (_) try {
+        while (g && (g = 0, op[0] && (_ = 0)), _) try {
             if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
             if (y = 0, t) op = [op[0] & 2, t.value];
             switch (op[0]) {
@@ -58,8 +64,9 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
     }
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.CredentialsApi = void 0;
 var runtime = require("../runtime");
-var models_1 = require("../models");
+var index_1 = require("../models/index");
 /**
  *
  */
@@ -69,43 +76,47 @@ var CredentialsApi = /** @class */ (function (_super) {
         return _super !== null && _super.apply(this, arguments) || this;
     }
     /**
-     * Check user credentials by connecting to the system host. Not supported for all system types. Currently supported for LINUX and S3 type systems.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user and a search is made for credentials associated with *{userName}*.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the login user to be used when accessing the host. Note that this would typically be the current *effectiveUserId* defined for the system, but that is not a requirement. This allows for registering and checking credentials for a login user prior to updating the system definition.  Operation is allowed if requester is the system owner or a tenant administrator. If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then the operation is allowed if *{userName}* is the Tapis user making the request.  Desired authentication method may be specified using query parameter *authnMethod*. If not specified, then credentials for the system\'s default authentication method are verified.
+     * Check user credentials by connecting to the system host. Not supported for all system types. Currently supported for LINUX and S3 type systems.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user and a search is made for credentials associated with *{userName}*. Note that the Tapis user *{userName}* may have a mapping to a host *loginUser* in which case the *loginUser* will be used when verifying the credentials. Note that what we call the *Tapis user* comes from the username claim in the Tapis JWT.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the login user to be used when accessing the host. Note that this would typically be the current *effectiveUserId* defined for the system, but that is not a requirement. This allows for registering and checking credentials for a login user prior to updating the system definition.  Operation is allowed if requester is the system owner or a tenant administrator. If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then the operation is allowed if *{userName}* is the Tapis user making the request.  Desired authentication method may be specified using query parameter *authnMethod*. If not specified, then credentials for the system\'s default authentication method are verified.
      */
     CredentialsApi.prototype.checkUserCredentialRaw = function (requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function () {
-            var queryParameters, headerParameters, response;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
                     case 0:
-                        if (requestParameters.systemId === null || requestParameters.systemId === undefined) {
-                            throw new runtime.RequiredError('systemId', 'Required parameter requestParameters.systemId was null or undefined when calling checkUserCredential.');
+                        if (requestParameters['systemId'] == null) {
+                            throw new runtime.RequiredError('systemId', 'Required parameter "systemId" was null or undefined when calling checkUserCredential().');
                         }
-                        if (requestParameters.userName === null || requestParameters.userName === undefined) {
-                            throw new runtime.RequiredError('userName', 'Required parameter requestParameters.userName was null or undefined when calling checkUserCredential.');
+                        if (requestParameters['userName'] == null) {
+                            throw new runtime.RequiredError('userName', 'Required parameter "userName" was null or undefined when calling checkUserCredential().');
                         }
                         queryParameters = {};
-                        if (requestParameters.authnMethod !== undefined) {
-                            queryParameters['authnMethod'] = requestParameters.authnMethod;
+                        if (requestParameters['authnMethod'] != null) {
+                            queryParameters['authnMethod'] = requestParameters['authnMethod'];
                         }
                         headerParameters = {};
-                        if (this.configuration && this.configuration.apiKey) {
-                            headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
-                        }
-                        return [4 /*yield*/, this.request({
-                                path: "/v3/systems/credential/{systemId}/user/{userName}/check".replace("{" + "systemId" + "}", encodeURIComponent(String(requestParameters.systemId))).replace("{" + "userName" + "}", encodeURIComponent(String(requestParameters.userName))),
-                                method: 'POST',
-                                headers: headerParameters,
-                                query: queryParameters,
-                            }, initOverrides)];
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
                     case 1:
-                        response = _a.sent();
-                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespBasicFromJSON(jsonValue); })];
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/v3/systems/credential/{systemId}/user/{userName}/check".replace("{".concat("systemId", "}"), encodeURIComponent(String(requestParameters['systemId']))).replace("{".concat("userName", "}"), encodeURIComponent(String(requestParameters['userName']))),
+                            method: 'POST',
+                            headers: headerParameters,
+                            query: queryParameters,
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespBasicFromJSON)(jsonValue); })];
                 }
             });
         });
     };
     /**
-     * Check user credentials by connecting to the system host. Not supported for all system types. Currently supported for LINUX and S3 type systems.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user and a search is made for credentials associated with *{userName}*.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the login user to be used when accessing the host. Note that this would typically be the current *effectiveUserId* defined for the system, but that is not a requirement. This allows for registering and checking credentials for a login user prior to updating the system definition.  Operation is allowed if requester is the system owner or a tenant administrator. If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then the operation is allowed if *{userName}* is the Tapis user making the request.  Desired authentication method may be specified using query parameter *authnMethod*. If not specified, then credentials for the system\'s default authentication method are verified.
+     * Check user credentials by connecting to the system host. Not supported for all system types. Currently supported for LINUX and S3 type systems.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user and a search is made for credentials associated with *{userName}*. Note that the Tapis user *{userName}* may have a mapping to a host *loginUser* in which case the *loginUser* will be used when verifying the credentials. Note that what we call the *Tapis user* comes from the username claim in the Tapis JWT.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the login user to be used when accessing the host. Note that this would typically be the current *effectiveUserId* defined for the system, but that is not a requirement. This allows for registering and checking credentials for a login user prior to updating the system definition.  Operation is allowed if requester is the system owner or a tenant administrator. If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then the operation is allowed if *{userName}* is the Tapis user making the request.  Desired authentication method may be specified using query parameter *authnMethod*. If not specified, then credentials for the system\'s default authentication method are verified.
      */
     CredentialsApi.prototype.checkUserCredential = function (requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function () {
@@ -122,48 +133,55 @@ var CredentialsApi = /** @class */ (function (_super) {
         });
     };
     /**
-     * Create or update credentials in the Security Kernel for given system and target *userName* using a request body. Credentials for multiple authentication methods may be provided. Note that there is support for only one set of credentials per user per system. Updating credentials overwrites previously registered data.  The Systems service does not store the secrets in its database, they are persisted in the Security Kernel.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user and the request body may contain the optional attribute *loginUser* which will be used to map the Tapis user to a username to be used when accessing the system. If the login user is not provided then there is no mapping and the Tapis user is always used when accessing the system.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the login user to be used when accessing the host.  Operation is allowed if requester is the system owner or a tenant administrator. If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then the operation is allowed if *{userName}* is the Tapis user making the request.  By default credentials for LINUX and S3 type systems are verified. Use query parameter *skipCredentialCheck=true* to bypass initial credential validation.
+     * Create or update credentials in the Security Kernel for given system and target *userName* using a request body. Credentials for multiple authentication methods may be provided. Note that there is support for only one set of credentials per user per system. Updating credentials overwrites previously registered data.  The Systems service does not store the secrets in its database, they are persisted in the Security Kernel.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user and the request body may contain the optional attribute *loginUser* which will be used to map the Tapis user to a username to be used when accessing the system. If the login user is not provided then there is no mapping and the Tapis user is always used when accessing the system. Note that what we call the *Tapis user* comes from the username claim in the Tapis JWT.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the login user to be used when accessing the host. Please note that if there is a *loginUser* field in the request body, TAPIS will reject the request because the static effective user is always the login user.  Operation is allowed if requester is the system owner or a tenant administrator. If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then the operation is allowed if *{userName}* is the Tapis user making the request.  Use query parameter *createTmsKeys=true* to have the service call a Trust Manager System (TMS) server to create and store an ssh keypair. Default is *false*. Please note that the following restrictions apply:   - Tapis installation for your site must be configured to support the Trust Manager System (TMS).   - The host for the system must have the sshd configuration set up to use TMS.   - The *effectiveUserId* must be dynamic.   - Mapping of user using *loginUser* is not supported.  By default credentials for LINUX and S3 type systems are verified. Use query parameter *skipCredentialCheck=true* to bypass initial credential validation.
      */
     CredentialsApi.prototype.createUserCredentialRaw = function (requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function () {
-            var queryParameters, headerParameters, response;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
                     case 0:
-                        if (requestParameters.systemId === null || requestParameters.systemId === undefined) {
-                            throw new runtime.RequiredError('systemId', 'Required parameter requestParameters.systemId was null or undefined when calling createUserCredential.');
+                        if (requestParameters['systemId'] == null) {
+                            throw new runtime.RequiredError('systemId', 'Required parameter "systemId" was null or undefined when calling createUserCredential().');
                         }
-                        if (requestParameters.userName === null || requestParameters.userName === undefined) {
-                            throw new runtime.RequiredError('userName', 'Required parameter requestParameters.userName was null or undefined when calling createUserCredential.');
+                        if (requestParameters['userName'] == null) {
+                            throw new runtime.RequiredError('userName', 'Required parameter "userName" was null or undefined when calling createUserCredential().');
                         }
-                        if (requestParameters.reqUpdateCredential === null || requestParameters.reqUpdateCredential === undefined) {
-                            throw new runtime.RequiredError('reqUpdateCredential', 'Required parameter requestParameters.reqUpdateCredential was null or undefined when calling createUserCredential.');
+                        if (requestParameters['reqUpdateCredential'] == null) {
+                            throw new runtime.RequiredError('reqUpdateCredential', 'Required parameter "reqUpdateCredential" was null or undefined when calling createUserCredential().');
                         }
                         queryParameters = {};
-                        if (requestParameters.skipCredentialCheck !== undefined) {
-                            queryParameters['skipCredentialCheck'] = requestParameters.skipCredentialCheck;
+                        if (requestParameters['createTmsKeys'] != null) {
+                            queryParameters['createTmsKeys'] = requestParameters['createTmsKeys'];
+                        }
+                        if (requestParameters['skipCredentialCheck'] != null) {
+                            queryParameters['skipCredentialCheck'] = requestParameters['skipCredentialCheck'];
                         }
                         headerParameters = {};
                         headerParameters['Content-Type'] = 'application/json';
-                        if (this.configuration && this.configuration.apiKey) {
-                            headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
-                        }
-                        return [4 /*yield*/, this.request({
-                                path: "/v3/systems/credential/{systemId}/user/{userName}".replace("{" + "systemId" + "}", encodeURIComponent(String(requestParameters.systemId))).replace("{" + "userName" + "}", encodeURIComponent(String(requestParameters.userName))),
-                                method: 'POST',
-                                headers: headerParameters,
-                                query: queryParameters,
-                                body: models_1.ReqUpdateCredentialToJSON(requestParameters.reqUpdateCredential),
-                            }, initOverrides)];
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
                     case 1:
-                        response = _a.sent();
-                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespBasicFromJSON(jsonValue); })];
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/v3/systems/credential/{systemId}/user/{userName}".replace("{".concat("systemId", "}"), encodeURIComponent(String(requestParameters['systemId']))).replace("{".concat("userName", "}"), encodeURIComponent(String(requestParameters['userName']))),
+                            method: 'POST',
+                            headers: headerParameters,
+                            query: queryParameters,
+                            body: (0, index_1.ReqUpdateCredentialToJSON)(requestParameters['reqUpdateCredential']),
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespBasicFromJSON)(jsonValue); })];
                 }
             });
         });
     };
     /**
-     * Create or update credentials in the Security Kernel for given system and target *userName* using a request body. Credentials for multiple authentication methods may be provided. Note that there is support for only one set of credentials per user per system. Updating credentials overwrites previously registered data.  The Systems service does not store the secrets in its database, they are persisted in the Security Kernel.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user and the request body may contain the optional attribute *loginUser* which will be used to map the Tapis user to a username to be used when accessing the system. If the login user is not provided then there is no mapping and the Tapis user is always used when accessing the system.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the login user to be used when accessing the host.  Operation is allowed if requester is the system owner or a tenant administrator. If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then the operation is allowed if *{userName}* is the Tapis user making the request.  By default credentials for LINUX and S3 type systems are verified. Use query parameter *skipCredentialCheck=true* to bypass initial credential validation.
+     * Create or update credentials in the Security Kernel for given system and target *userName* using a request body. Credentials for multiple authentication methods may be provided. Note that there is support for only one set of credentials per user per system. Updating credentials overwrites previously registered data.  The Systems service does not store the secrets in its database, they are persisted in the Security Kernel.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user and the request body may contain the optional attribute *loginUser* which will be used to map the Tapis user to a username to be used when accessing the system. If the login user is not provided then there is no mapping and the Tapis user is always used when accessing the system. Note that what we call the *Tapis user* comes from the username claim in the Tapis JWT.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the login user to be used when accessing the host. Please note that if there is a *loginUser* field in the request body, TAPIS will reject the request because the static effective user is always the login user.  Operation is allowed if requester is the system owner or a tenant administrator. If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then the operation is allowed if *{userName}* is the Tapis user making the request.  Use query parameter *createTmsKeys=true* to have the service call a Trust Manager System (TMS) server to create and store an ssh keypair. Default is *false*. Please note that the following restrictions apply:   - Tapis installation for your site must be configured to support the Trust Manager System (TMS).   - The host for the system must have the sshd configuration set up to use TMS.   - The *effectiveUserId* must be dynamic.   - Mapping of user using *loginUser* is not supported.  By default credentials for LINUX and S3 type systems are verified. Use query parameter *skipCredentialCheck=true* to bypass initial credential validation.
      */
     CredentialsApi.prototype.createUserCredential = function (requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function () {
@@ -180,47 +198,51 @@ var CredentialsApi = /** @class */ (function (_super) {
         });
     };
     /**
-     * Use a Globus *Native App Authorization Code* and a Tapis session Id to generate a pair of access and refresh tokens. The Systems service will use the Tapis Security Kernel to store the tokens for the given system and user. The session Id is a Tapis Id that is used to track the oauth2 flow that is started when a call to the getGlobusAuthUrl endpoint is made. The authorization code, as per Globus documentation, is valid for 10 minutes. Please note that the Tapis installation for your site must be configured by the site administrator to support systems of type GLOBUS.
+     * Use a Globus *Native App Authorization Code* and a Tapis session Id to generate a pair of access and refresh tokens. System must be of type GLOBUS. The Systems service will use the Tapis Security Kernel to store the tokens for the given system and user.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* must be set to the Tapis user. Note that what we call the *Tapis user* comes from the username claim in the Tapis JWT.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* must be set to the static *effectiveUserId*.  The session Id is a Tapis Id that is used to track the oauth2 flow that is started when a call to the getGlobusAuthUrl endpoint is made. The authorization code, as per Globus documentation, is valid for 10 minutes. Please note that the Tapis installation for your site must be configured by the site administrator to support systems of type GLOBUS.
      * Use a Globus authorization code + Tapis session Id to generate tokens
      */
     CredentialsApi.prototype.generateGlobusTokensRaw = function (requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function () {
-            var queryParameters, headerParameters, response;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
                     case 0:
-                        if (requestParameters.systemId === null || requestParameters.systemId === undefined) {
-                            throw new runtime.RequiredError('systemId', 'Required parameter requestParameters.systemId was null or undefined when calling generateGlobusTokens.');
+                        if (requestParameters['systemId'] == null) {
+                            throw new runtime.RequiredError('systemId', 'Required parameter "systemId" was null or undefined when calling generateGlobusTokens().');
                         }
-                        if (requestParameters.userName === null || requestParameters.userName === undefined) {
-                            throw new runtime.RequiredError('userName', 'Required parameter requestParameters.userName was null or undefined when calling generateGlobusTokens.');
+                        if (requestParameters['userName'] == null) {
+                            throw new runtime.RequiredError('userName', 'Required parameter "userName" was null or undefined when calling generateGlobusTokens().');
                         }
-                        if (requestParameters.authCode === null || requestParameters.authCode === undefined) {
-                            throw new runtime.RequiredError('authCode', 'Required parameter requestParameters.authCode was null or undefined when calling generateGlobusTokens.');
+                        if (requestParameters['authCode'] == null) {
+                            throw new runtime.RequiredError('authCode', 'Required parameter "authCode" was null or undefined when calling generateGlobusTokens().');
                         }
-                        if (requestParameters.sessionId === null || requestParameters.sessionId === undefined) {
-                            throw new runtime.RequiredError('sessionId', 'Required parameter requestParameters.sessionId was null or undefined when calling generateGlobusTokens.');
+                        if (requestParameters['sessionId'] == null) {
+                            throw new runtime.RequiredError('sessionId', 'Required parameter "sessionId" was null or undefined when calling generateGlobusTokens().');
                         }
                         queryParameters = {};
                         headerParameters = {};
-                        if (this.configuration && this.configuration.apiKey) {
-                            headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
-                        }
-                        return [4 /*yield*/, this.request({
-                                path: "/v3/systems/credential/{systemId}/user/{userName}/globus/tokens/{authCode}/{sessionId}".replace("{" + "systemId" + "}", encodeURIComponent(String(requestParameters.systemId))).replace("{" + "userName" + "}", encodeURIComponent(String(requestParameters.userName))).replace("{" + "authCode" + "}", encodeURIComponent(String(requestParameters.authCode))).replace("{" + "sessionId" + "}", encodeURIComponent(String(requestParameters.sessionId))),
-                                method: 'POST',
-                                headers: headerParameters,
-                                query: queryParameters,
-                            }, initOverrides)];
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
                     case 1:
-                        response = _a.sent();
-                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespBasicFromJSON(jsonValue); })];
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/v3/systems/credential/{systemId}/user/{userName}/globus/tokens/{authCode}/{sessionId}".replace("{".concat("systemId", "}"), encodeURIComponent(String(requestParameters['systemId']))).replace("{".concat("userName", "}"), encodeURIComponent(String(requestParameters['userName']))).replace("{".concat("authCode", "}"), encodeURIComponent(String(requestParameters['authCode']))).replace("{".concat("sessionId", "}"), encodeURIComponent(String(requestParameters['sessionId']))),
+                            method: 'POST',
+                            headers: headerParameters,
+                            query: queryParameters,
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespBasicFromJSON)(jsonValue); })];
                 }
             });
         });
     };
     /**
-     * Use a Globus *Native App Authorization Code* and a Tapis session Id to generate a pair of access and refresh tokens. The Systems service will use the Tapis Security Kernel to store the tokens for the given system and user. The session Id is a Tapis Id that is used to track the oauth2 flow that is started when a call to the getGlobusAuthUrl endpoint is made. The authorization code, as per Globus documentation, is valid for 10 minutes. Please note that the Tapis installation for your site must be configured by the site administrator to support systems of type GLOBUS.
+     * Use a Globus *Native App Authorization Code* and a Tapis session Id to generate a pair of access and refresh tokens. System must be of type GLOBUS. The Systems service will use the Tapis Security Kernel to store the tokens for the given system and user.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* must be set to the Tapis user. Note that what we call the *Tapis user* comes from the username claim in the Tapis JWT.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* must be set to the static *effectiveUserId*.  The session Id is a Tapis Id that is used to track the oauth2 flow that is started when a call to the getGlobusAuthUrl endpoint is made. The authorization code, as per Globus documentation, is valid for 10 minutes. Please note that the Tapis installation for your site must be configured by the site administrator to support systems of type GLOBUS.
      * Use a Globus authorization code + Tapis session Id to generate tokens
      */
     CredentialsApi.prototype.generateGlobusTokens = function (requestParameters, initOverrides) {
@@ -238,38 +260,42 @@ var CredentialsApi = /** @class */ (function (_super) {
         });
     };
     /**
-     * Retrieve a Globus URL + Session Id that can be used to generate an oauth2 authorization code associated with the given system. In Globus, the code is referred to as a *Native App Authorization Code*. The host property of the system is used as the Globus Endpoint Id or Globus Collection Id. Once a user has obtained an authorization code, the corresponding Systems endpoint for generating Globus tokens should be called to exchange the code + sessionId for a pair of access and refresh tokens. The session Id is a Tapis Id that is used to track the oauth2 flow that is started when this call is made. The authorization code, as per Globus documentation, is valid for 10 minutes. Please note that the Tapis installation for your site must be configured by the site administrator to support systems of type GLOBUS.
+     * Retrieve a Globus URL + Session Id that can be used to generate an oauth2 authorization code associated with the given system. System must be of type GLOBUS. In Globus, the code is referred to as a *Native App Authorization Code*. The host property of the system is used as the Globus Endpoint Id or Globus Collection Id. Once a user has obtained an authorization code, the corresponding Systems endpoint for generating Globus tokens should be called to exchange the code + sessionId for a pair of access and refresh tokens. The session Id is a Tapis Id that is used to track the oauth2 flow that is started when this call is made. The authorization code, as per Globus documentation, is valid for 10 minutes. Please note that the Tapis installation for your site must be configured by the site administrator to support systems of type GLOBUS.
      * Retrieve a Globus URL that can be used to generate an authorization code for an OAuth2 flow.
      */
     CredentialsApi.prototype.getGlobusAuthUrlRaw = function (requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function () {
-            var queryParameters, headerParameters, response;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
                     case 0:
-                        if (requestParameters.systemId === null || requestParameters.systemId === undefined) {
-                            throw new runtime.RequiredError('systemId', 'Required parameter requestParameters.systemId was null or undefined when calling getGlobusAuthUrl.');
+                        if (requestParameters['systemId'] == null) {
+                            throw new runtime.RequiredError('systemId', 'Required parameter "systemId" was null or undefined when calling getGlobusAuthUrl().');
                         }
                         queryParameters = {};
                         headerParameters = {};
-                        if (this.configuration && this.configuration.apiKey) {
-                            headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
-                        }
-                        return [4 /*yield*/, this.request({
-                                path: "/v3/systems/credential/{systemId}/globus/authUrl".replace("{" + "systemId" + "}", encodeURIComponent(String(requestParameters.systemId))),
-                                method: 'GET',
-                                headers: headerParameters,
-                                query: queryParameters,
-                            }, initOverrides)];
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
                     case 1:
-                        response = _a.sent();
-                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespGlobusAuthUrlFromJSON(jsonValue); })];
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/v3/systems/credential/{systemId}/globus/authUrl".replace("{".concat("systemId", "}"), encodeURIComponent(String(requestParameters['systemId']))),
+                            method: 'GET',
+                            headers: headerParameters,
+                            query: queryParameters,
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespGlobusAuthUrlFromJSON)(jsonValue); })];
                 }
             });
         });
     };
     /**
-     * Retrieve a Globus URL + Session Id that can be used to generate an oauth2 authorization code associated with the given system. In Globus, the code is referred to as a *Native App Authorization Code*. The host property of the system is used as the Globus Endpoint Id or Globus Collection Id. Once a user has obtained an authorization code, the corresponding Systems endpoint for generating Globus tokens should be called to exchange the code + sessionId for a pair of access and refresh tokens. The session Id is a Tapis Id that is used to track the oauth2 flow that is started when this call is made. The authorization code, as per Globus documentation, is valid for 10 minutes. Please note that the Tapis installation for your site must be configured by the site administrator to support systems of type GLOBUS.
+     * Retrieve a Globus URL + Session Id that can be used to generate an oauth2 authorization code associated with the given system. System must be of type GLOBUS. In Globus, the code is referred to as a *Native App Authorization Code*. The host property of the system is used as the Globus Endpoint Id or Globus Collection Id. Once a user has obtained an authorization code, the corresponding Systems endpoint for generating Globus tokens should be called to exchange the code + sessionId for a pair of access and refresh tokens. The session Id is a Tapis Id that is used to track the oauth2 flow that is started when this call is made. The authorization code, as per Globus documentation, is valid for 10 minutes. Please note that the Tapis installation for your site must be configured by the site administrator to support systems of type GLOBUS.
      * Retrieve a Globus URL that can be used to generate an authorization code for an OAuth2 flow.
      */
     CredentialsApi.prototype.getGlobusAuthUrl = function (requestParameters, initOverrides) {
@@ -287,43 +313,47 @@ var CredentialsApi = /** @class */ (function (_super) {
         });
     };
     /**
-     * Restricted. Only certain Tapis services authorized.  Retrieve credentials for given system, target *userName* and authentication method.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user. Note that there may me a mapping of the Tapis user to a host *loginUser*.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the host *loginUser* that is used when accessing the host.  Desired authentication method may be specified using query parameter *authnMethod*. If desired authentication method not specified then credentials for the system\'s default authentication method are returned.  The result includes the attribute *authnMethod* indicating the authentication method associated with the returned credentials.
+     * Restricted. Only certain Tapis services authorized.  Retrieve credentials for given system, target *userName* and authentication method.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user. Note that there may me a mapping of the Tapis user to a host *loginUser* and what we call the *Tapis user* comes from the username claim in the Tapis JWT.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the host *loginUser* that is used when accessing the host.  Desired authentication method may be specified using query parameter *authnMethod*. If desired authentication method not specified then credentials for the system\'s default authentication method are returned.  The result includes the attribute *authnMethod* indicating the authentication method associated with the returned credentials.
      */
     CredentialsApi.prototype.getUserCredentialRaw = function (requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function () {
-            var queryParameters, headerParameters, response;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
                     case 0:
-                        if (requestParameters.systemId === null || requestParameters.systemId === undefined) {
-                            throw new runtime.RequiredError('systemId', 'Required parameter requestParameters.systemId was null or undefined when calling getUserCredential.');
+                        if (requestParameters['systemId'] == null) {
+                            throw new runtime.RequiredError('systemId', 'Required parameter "systemId" was null or undefined when calling getUserCredential().');
                         }
-                        if (requestParameters.userName === null || requestParameters.userName === undefined) {
-                            throw new runtime.RequiredError('userName', 'Required parameter requestParameters.userName was null or undefined when calling getUserCredential.');
+                        if (requestParameters['userName'] == null) {
+                            throw new runtime.RequiredError('userName', 'Required parameter "userName" was null or undefined when calling getUserCredential().');
                         }
                         queryParameters = {};
-                        if (requestParameters.authnMethod !== undefined) {
-                            queryParameters['authnMethod'] = requestParameters.authnMethod;
+                        if (requestParameters['authnMethod'] != null) {
+                            queryParameters['authnMethod'] = requestParameters['authnMethod'];
                         }
                         headerParameters = {};
-                        if (this.configuration && this.configuration.apiKey) {
-                            headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
-                        }
-                        return [4 /*yield*/, this.request({
-                                path: "/v3/systems/credential/{systemId}/user/{userName}".replace("{" + "systemId" + "}", encodeURIComponent(String(requestParameters.systemId))).replace("{" + "userName" + "}", encodeURIComponent(String(requestParameters.userName))),
-                                method: 'GET',
-                                headers: headerParameters,
-                                query: queryParameters,
-                            }, initOverrides)];
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
                     case 1:
-                        response = _a.sent();
-                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespCredentialFromJSON(jsonValue); })];
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/v3/systems/credential/{systemId}/user/{userName}".replace("{".concat("systemId", "}"), encodeURIComponent(String(requestParameters['systemId']))).replace("{".concat("userName", "}"), encodeURIComponent(String(requestParameters['userName']))),
+                            method: 'GET',
+                            headers: headerParameters,
+                            query: queryParameters,
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespCredentialFromJSON)(jsonValue); })];
                 }
             });
         });
     };
     /**
-     * Restricted. Only certain Tapis services authorized.  Retrieve credentials for given system, target *userName* and authentication method.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user. Note that there may me a mapping of the Tapis user to a host *loginUser*.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the host *loginUser* that is used when accessing the host.  Desired authentication method may be specified using query parameter *authnMethod*. If desired authentication method not specified then credentials for the system\'s default authentication method are returned.  The result includes the attribute *authnMethod* indicating the authentication method associated with the returned credentials.
+     * Restricted. Only certain Tapis services authorized.  Retrieve credentials for given system, target *userName* and authentication method.  If the *effectiveUserId* for the system is dynamic (i.e. equal to *${apiUserId}*) then *{userName}* is interpreted as a Tapis user. Note that there may me a mapping of the Tapis user to a host *loginUser* and what we call the *Tapis user* comes from the username claim in the Tapis JWT.  If the *effectiveUserId* for the system is static (i.e. not *${apiUserId}*) then *{userName}* is interpreted as the host *loginUser* that is used when accessing the host.  Desired authentication method may be specified using query parameter *authnMethod*. If desired authentication method not specified then credentials for the system\'s default authentication method are returned.  The result includes the attribute *authnMethod* indicating the authentication method associated with the returned credentials.
      */
     CredentialsApi.prototype.getUserCredential = function (requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function () {
@@ -344,30 +374,34 @@ var CredentialsApi = /** @class */ (function (_super) {
      */
     CredentialsApi.prototype.removeUserCredentialRaw = function (requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function () {
-            var queryParameters, headerParameters, response;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
                     case 0:
-                        if (requestParameters.systemId === null || requestParameters.systemId === undefined) {
-                            throw new runtime.RequiredError('systemId', 'Required parameter requestParameters.systemId was null or undefined when calling removeUserCredential.');
+                        if (requestParameters['systemId'] == null) {
+                            throw new runtime.RequiredError('systemId', 'Required parameter "systemId" was null or undefined when calling removeUserCredential().');
                         }
-                        if (requestParameters.userName === null || requestParameters.userName === undefined) {
-                            throw new runtime.RequiredError('userName', 'Required parameter requestParameters.userName was null or undefined when calling removeUserCredential.');
+                        if (requestParameters['userName'] == null) {
+                            throw new runtime.RequiredError('userName', 'Required parameter "userName" was null or undefined when calling removeUserCredential().');
                         }
                         queryParameters = {};
                         headerParameters = {};
-                        if (this.configuration && this.configuration.apiKey) {
-                            headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
-                        }
-                        return [4 /*yield*/, this.request({
-                                path: "/v3/systems/credential/{systemId}/user/{userName}".replace("{" + "systemId" + "}", encodeURIComponent(String(requestParameters.systemId))).replace("{" + "userName" + "}", encodeURIComponent(String(requestParameters.userName))),
-                                method: 'DELETE',
-                                headers: headerParameters,
-                                query: queryParameters,
-                            }, initOverrides)];
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
                     case 1:
-                        response = _a.sent();
-                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespBasicFromJSON(jsonValue); })];
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/v3/systems/credential/{systemId}/user/{userName}".replace("{".concat("systemId", "}"), encodeURIComponent(String(requestParameters['systemId']))).replace("{".concat("userName", "}"), encodeURIComponent(String(requestParameters['userName']))),
+                            method: 'DELETE',
+                            headers: headerParameters,
+                            query: queryParameters,
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespBasicFromJSON)(jsonValue); })];
                 }
             });
         });

package/dist/apis/GeneralApi.d.ts

@@ -2,7 +2,7 @@
  * Tapis Systems API
  * The Tapis Systems API provides for management of Tapis Systems including permissions, credentials and Scheduler Profiles.
  *
- * The version of the OpenAPI document: 1.7.0
+ * The version of the OpenAPI document: 25Q4.2
  * Contact: cicsupport@tacc.utexas.edu
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
@@ -10,7 +10,7 @@
  * Do not edit the class manually.
  */
 import * as runtime from '../runtime';
-import { RespBasic } from '../models';
+import type { RespBasic } from '../models/index';
 /**
  *
  */
@@ -18,17 +18,17 @@ export declare class GeneralApi extends runtime.BaseAPI {
     /**
      * Health check. Lightweight non-authenticated check that service is alive.
      */
-    healthCheckRaw(initOverrides?: RequestInit): Promise<runtime.ApiResponse<RespBasic>>;
+    healthCheckRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<RespBasic>>;
     /**
      * Health check. Lightweight non-authenticated check that service is alive.
      */
-    healthCheck(initOverrides?: RequestInit): Promise<RespBasic>;
+    healthCheck(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<RespBasic>;
     /**
      * Ready check. Non-authenticated check that service is ready to do work.
      */
-    readyCheckRaw(initOverrides?: RequestInit): Promise<runtime.ApiResponse<RespBasic>>;
+    readyCheckRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<RespBasic>>;
     /**
      * Ready check. Non-authenticated check that service is ready to do work.
      */
-    readyCheck(initOverrides?: RequestInit): Promise<RespBasic>;
+    readyCheck(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<RespBasic>;
 }