@tellescope/sdk 1.247.0 → 1.249.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (126) hide show
  1. package/.env +3 -0
  2. package/lib/cjs/sdk.d.ts +7 -1
  3. package/lib/cjs/sdk.d.ts.map +1 -1
  4. package/lib/cjs/sdk.js +3 -0
  5. package/lib/cjs/sdk.js.map +1 -1
  6. package/lib/cjs/tests/api_tests/chats_analytics.test.d.ts +6 -0
  7. package/lib/cjs/tests/api_tests/chats_analytics.test.d.ts.map +1 -0
  8. package/lib/cjs/tests/api_tests/chats_analytics.test.js +256 -0
  9. package/lib/cjs/tests/api_tests/chats_analytics.test.js.map +1 -0
  10. package/lib/cjs/tests/api_tests/cross_org_api_key.test.d.ts +6 -0
  11. package/lib/cjs/tests/api_tests/cross_org_api_key.test.d.ts.map +1 -0
  12. package/lib/cjs/tests/api_tests/cross_org_api_key.test.js +748 -0
  13. package/lib/cjs/tests/api_tests/cross_org_api_key.test.js.map +1 -0
  14. package/lib/cjs/tests/api_tests/date_string_validation.test.d.ts +6 -0
  15. package/lib/cjs/tests/api_tests/date_string_validation.test.d.ts.map +1 -0
  16. package/lib/cjs/tests/api_tests/date_string_validation.test.js +142 -0
  17. package/lib/cjs/tests/api_tests/date_string_validation.test.js.map +1 -0
  18. package/lib/cjs/tests/api_tests/enduser_session_invalidation.test.d.ts +6 -0
  19. package/lib/cjs/tests/api_tests/enduser_session_invalidation.test.d.ts.map +1 -0
  20. package/lib/cjs/tests/api_tests/enduser_session_invalidation.test.js +667 -0
  21. package/lib/cjs/tests/api_tests/enduser_session_invalidation.test.js.map +1 -0
  22. package/lib/cjs/tests/api_tests/eom_billing_codes.test.d.ts +6 -0
  23. package/lib/cjs/tests/api_tests/eom_billing_codes.test.d.ts.map +1 -0
  24. package/lib/cjs/tests/api_tests/eom_billing_codes.test.js +162 -0
  25. package/lib/cjs/tests/api_tests/eom_billing_codes.test.js.map +1 -0
  26. package/lib/cjs/tests/api_tests/eom_procedure_codes.test.d.ts +6 -0
  27. package/lib/cjs/tests/api_tests/eom_procedure_codes.test.d.ts.map +1 -0
  28. package/lib/cjs/tests/api_tests/eom_procedure_codes.test.js +339 -0
  29. package/lib/cjs/tests/api_tests/eom_procedure_codes.test.js.map +1 -0
  30. package/lib/cjs/tests/api_tests/field_redaction.test.d.ts +13 -0
  31. package/lib/cjs/tests/api_tests/field_redaction.test.d.ts.map +1 -0
  32. package/lib/cjs/tests/api_tests/field_redaction.test.js +818 -0
  33. package/lib/cjs/tests/api_tests/field_redaction.test.js.map +1 -0
  34. package/lib/cjs/tests/api_tests/form_submitted_trigger.test.d.ts +6 -0
  35. package/lib/cjs/tests/api_tests/form_submitted_trigger.test.d.ts.map +1 -0
  36. package/lib/cjs/tests/api_tests/form_submitted_trigger.test.js +429 -0
  37. package/lib/cjs/tests/api_tests/form_submitted_trigger.test.js.map +1 -0
  38. package/lib/cjs/tests/api_tests/integrations_redacted.test.d.ts +6 -0
  39. package/lib/cjs/tests/api_tests/integrations_redacted.test.d.ts.map +1 -0
  40. package/lib/cjs/tests/api_tests/integrations_redacted.test.js +273 -0
  41. package/lib/cjs/tests/api_tests/integrations_redacted.test.js.map +1 -0
  42. package/lib/cjs/tests/api_tests/managed_content_file_access.test.d.ts +13 -0
  43. package/lib/cjs/tests/api_tests/managed_content_file_access.test.d.ts.map +1 -0
  44. package/lib/cjs/tests/api_tests/managed_content_file_access.test.js +385 -0
  45. package/lib/cjs/tests/api_tests/managed_content_file_access.test.js.map +1 -0
  46. package/lib/cjs/tests/api_tests/openloop_webhooks.test.d.ts.map +1 -1
  47. package/lib/cjs/tests/api_tests/openloop_webhooks.test.js +108 -24
  48. package/lib/cjs/tests/api_tests/openloop_webhooks.test.js.map +1 -1
  49. package/lib/cjs/tests/api_tests/organization_settings_duplicates.test.d.ts.map +1 -1
  50. package/lib/cjs/tests/api_tests/organization_settings_duplicates.test.js +25 -2
  51. package/lib/cjs/tests/api_tests/organization_settings_duplicates.test.js.map +1 -1
  52. package/lib/cjs/tests/tests.d.ts.map +1 -1
  53. package/lib/cjs/tests/tests.js +310 -183
  54. package/lib/cjs/tests/tests.js.map +1 -1
  55. package/lib/esm/sdk.d.ts +9 -3
  56. package/lib/esm/sdk.d.ts.map +1 -1
  57. package/lib/esm/sdk.js +3 -0
  58. package/lib/esm/sdk.js.map +1 -1
  59. package/lib/esm/session.d.ts +1 -0
  60. package/lib/esm/session.d.ts.map +1 -1
  61. package/lib/esm/tests/api_tests/chats_analytics.test.d.ts +6 -0
  62. package/lib/esm/tests/api_tests/chats_analytics.test.d.ts.map +1 -0
  63. package/lib/esm/tests/api_tests/chats_analytics.test.js +252 -0
  64. package/lib/esm/tests/api_tests/chats_analytics.test.js.map +1 -0
  65. package/lib/esm/tests/api_tests/cross_org_api_key.test.d.ts +6 -0
  66. package/lib/esm/tests/api_tests/cross_org_api_key.test.d.ts.map +1 -0
  67. package/lib/esm/tests/api_tests/cross_org_api_key.test.js +744 -0
  68. package/lib/esm/tests/api_tests/cross_org_api_key.test.js.map +1 -0
  69. package/lib/esm/tests/api_tests/date_string_validation.test.d.ts +6 -0
  70. package/lib/esm/tests/api_tests/date_string_validation.test.d.ts.map +1 -0
  71. package/lib/esm/tests/api_tests/date_string_validation.test.js +138 -0
  72. package/lib/esm/tests/api_tests/date_string_validation.test.js.map +1 -0
  73. package/lib/esm/tests/api_tests/enduser_session_invalidation.test.d.ts +6 -0
  74. package/lib/esm/tests/api_tests/enduser_session_invalidation.test.d.ts.map +1 -0
  75. package/lib/esm/tests/api_tests/enduser_session_invalidation.test.js +663 -0
  76. package/lib/esm/tests/api_tests/enduser_session_invalidation.test.js.map +1 -0
  77. package/lib/esm/tests/api_tests/eom_billing_codes.test.d.ts +6 -0
  78. package/lib/esm/tests/api_tests/eom_billing_codes.test.d.ts.map +1 -0
  79. package/lib/esm/tests/api_tests/eom_billing_codes.test.js +158 -0
  80. package/lib/esm/tests/api_tests/eom_billing_codes.test.js.map +1 -0
  81. package/lib/esm/tests/api_tests/eom_procedure_codes.test.d.ts +6 -0
  82. package/lib/esm/tests/api_tests/eom_procedure_codes.test.d.ts.map +1 -0
  83. package/lib/esm/tests/api_tests/eom_procedure_codes.test.js +335 -0
  84. package/lib/esm/tests/api_tests/eom_procedure_codes.test.js.map +1 -0
  85. package/lib/esm/tests/api_tests/field_redaction.test.d.ts +13 -0
  86. package/lib/esm/tests/api_tests/field_redaction.test.d.ts.map +1 -0
  87. package/lib/esm/tests/api_tests/field_redaction.test.js +814 -0
  88. package/lib/esm/tests/api_tests/field_redaction.test.js.map +1 -0
  89. package/lib/esm/tests/api_tests/form_submitted_trigger.test.d.ts +6 -0
  90. package/lib/esm/tests/api_tests/form_submitted_trigger.test.d.ts.map +1 -0
  91. package/lib/esm/tests/api_tests/form_submitted_trigger.test.js +425 -0
  92. package/lib/esm/tests/api_tests/form_submitted_trigger.test.js.map +1 -0
  93. package/lib/esm/tests/api_tests/integrations_redacted.test.d.ts +6 -0
  94. package/lib/esm/tests/api_tests/integrations_redacted.test.d.ts.map +1 -0
  95. package/lib/esm/tests/api_tests/integrations_redacted.test.js +269 -0
  96. package/lib/esm/tests/api_tests/integrations_redacted.test.js.map +1 -0
  97. package/lib/esm/tests/api_tests/managed_content_file_access.test.d.ts +13 -0
  98. package/lib/esm/tests/api_tests/managed_content_file_access.test.d.ts.map +1 -0
  99. package/lib/esm/tests/api_tests/managed_content_file_access.test.js +358 -0
  100. package/lib/esm/tests/api_tests/managed_content_file_access.test.js.map +1 -0
  101. package/lib/esm/tests/api_tests/openloop_webhooks.test.d.ts.map +1 -1
  102. package/lib/esm/tests/api_tests/openloop_webhooks.test.js +108 -24
  103. package/lib/esm/tests/api_tests/openloop_webhooks.test.js.map +1 -1
  104. package/lib/esm/tests/api_tests/organization_settings_duplicates.test.d.ts.map +1 -1
  105. package/lib/esm/tests/api_tests/organization_settings_duplicates.test.js +25 -2
  106. package/lib/esm/tests/api_tests/organization_settings_duplicates.test.js.map +1 -1
  107. package/lib/esm/tests/tests.d.ts.map +1 -1
  108. package/lib/esm/tests/tests.js +310 -183
  109. package/lib/esm/tests/tests.js.map +1 -1
  110. package/lib/tsconfig.tsbuildinfo +1 -1
  111. package/package.json +10 -10
  112. package/src/sdk.ts +14 -0
  113. package/src/tests/api_tests/chats_analytics.test.ts +182 -0
  114. package/src/tests/api_tests/cross_org_api_key.test.ts +665 -0
  115. package/src/tests/api_tests/date_string_validation.test.ts +107 -0
  116. package/src/tests/api_tests/enduser_session_invalidation.test.ts +361 -0
  117. package/src/tests/api_tests/eom_procedure_codes.test.ts +296 -0
  118. package/src/tests/api_tests/field_redaction.test.ts +669 -0
  119. package/src/tests/api_tests/form_started_trigger.test.ts +1 -1
  120. package/src/tests/api_tests/form_submitted_trigger.test.ts +281 -0
  121. package/src/tests/api_tests/integrations_redacted.test.ts +245 -0
  122. package/src/tests/api_tests/managed_content_file_access.test.ts +214 -0
  123. package/src/tests/api_tests/openloop_webhooks.test.ts +64 -0
  124. package/src/tests/api_tests/organization_settings_duplicates.test.ts +14 -0
  125. package/src/tests/tests.ts +95 -7
  126. package/test_generated.pdf +0 -0
package/lib/esm/tests/api_tests/enduser_session_invalidation.test.js ADDED
@@ -0,0 +1,663 @@
1
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
2
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
3
+ return new (P || (P = Promise))(function (resolve, reject) {
4
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
5
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
6
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
7
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
8
+ });
9
+ };
10
+ var __generator = (this && this.__generator) || function (thisArg, body) {
11
+ var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
12
+ return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
13
+ function verb(n) { return function (v) { return step([n, v]); }; }
14
+ function step(op) {
15
+ if (f) throw new TypeError("Generator is already executing.");
16
+ while (g && (g = 0, op[0] && (_ = 0)), _) try {
17
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
18
+ if (y = 0, t) op = [op[0] & 2, t.value];
19
+ switch (op[0]) {
20
+ case 0: case 1: t = op; break;
21
+ case 4: _.label++; return { value: op[1], done: false };
22
+ case 5: _.label++; y = op[1]; op = [0]; continue;
23
+ case 7: op = _.ops.pop(); _.trys.pop(); continue;
24
+ default:
25
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
26
+ if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
27
+ if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
28
+ if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
29
+ if (t[2]) _.ops.pop();
30
+ _.trys.pop(); continue;
31
+ }
32
+ op = body.call(thisArg, _);
33
+ } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
34
+ if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
35
+ }
36
+ };
37
+ require('source-map-support').install();
38
+ import { Session, EnduserSession } from "../../sdk";
39
+ import { async_test, handleAnyError, log_header, wait, } from "@tellescope/testing";
40
+ import { setup_tests } from "../setup";
41
+ var host = process.env.API_URL || 'http://localhost:8080';
42
+ var businessId = '60398b1131a295e64f084ff6';
43
+ // Main test function that can be called independently
44
+ export var enduser_session_invalidation_tests = function (_a) {
45
+ var sdk = _a.sdk, sdkNonAdmin = _a.sdkNonAdmin;
46
+ return __awaiter(void 0, void 0, void 0, function () {
47
+ var testEnduser, authToken, enduserSDK_1, error_1, resetOTPSettings;
48
+ return __generator(this, function (_b) {
49
+ switch (_b.label) {
50
+ case 0:
51
+ log_header("Enduser Session Invalidation Tests");
52
+ return [4 /*yield*/, sdk.api.endusers.createOne({ email: "session-invalidation-test-".concat(Date.now(), "@tellescope.com") })];
53
+ case 1:
54
+ testEnduser = _b.sent();
55
+ _b.label = 2;
56
+ case 2:
57
+ _b.trys.push([2, , 10, 14]);
58
+ return [4 /*yield*/, sdk.api.endusers.generate_auth_token({ id: testEnduser.id })];
59
+ case 3:
60
+ authToken = (_b.sent()).authToken;
61
+ enduserSDK_1 = new EnduserSession({ host: host, authToken: authToken, businessId: sdk.userInfo.businessId });
62
+ // Test 1: Enduser authenticated before invalidation
63
+ return [4 /*yield*/, async_test('enduser authenticated before invalidation', function () { return enduserSDK_1.test_authenticated(); }, { expectedResult: 'Authenticated!' })
64
+ // Wait to ensure time separation between token creation and invalidation
65
+ ];
66
+ case 4:
67
+ // Test 1: Enduser authenticated before invalidation
68
+ _b.sent();
69
+ // Wait to ensure time separation between token creation and invalidation
70
+ return [4 /*yield*/, wait(undefined, 2000)
71
+ // Test 2: Setting invalidateSessionsBefore rejects old token (401)
72
+ ];
73
+ case 5:
74
+ // Wait to ensure time separation between token creation and invalidation
75
+ _b.sent();
76
+ // Test 2: Setting invalidateSessionsBefore rejects old token (401)
77
+ return [4 /*yield*/, async_test('setting invalidateSessionsBefore rejects old token', function () { return __awaiter(void 0, void 0, void 0, function () {
78
+ var e_1;
79
+ return __generator(this, function (_a) {
80
+ switch (_a.label) {
81
+ case 0: return [4 /*yield*/, sdk.api.endusers.updateOne(testEnduser.id, { invalidateSessionsBefore: new Date() })
82
+ // Old token should now be rejected
83
+ ];
84
+ case 1:
85
+ _a.sent();
86
+ _a.label = 2;
87
+ case 2:
88
+ _a.trys.push([2, 4, , 5]);
89
+ return [4 /*yield*/, enduserSDK_1.test_authenticated()];
90
+ case 3:
91
+ _a.sent();
92
+ return [2 /*return*/, 'should have thrown'];
93
+ case 4:
94
+ e_1 = _a.sent();
95
+ return [2 /*return*/, 'rejected'];
96
+ case 5: return [2 /*return*/];
97
+ }
98
+ });
99
+ }); }, { expectedResult: 'rejected' })
100
+ // Test 3: New token after invalidation works
101
+ ];
102
+ case 6:
103
+ // Test 2: Setting invalidateSessionsBefore rejects old token (401)
104
+ _b.sent();
105
+ // Test 3: New token after invalidation works
106
+ return [4 /*yield*/, async_test('new token after invalidation works', function () { return __awaiter(void 0, void 0, void 0, function () {
107
+ var newAuthToken, newEnduserSDK;
108
+ return __generator(this, function (_a) {
109
+ switch (_a.label) {
110
+ case 0:
111
+ // Wait to ensure new token iat is after invalidateSessionsBefore
112
+ return [4 /*yield*/, wait(undefined, 2000)];
113
+ case 1:
114
+ // Wait to ensure new token iat is after invalidateSessionsBefore
115
+ _a.sent();
116
+ return [4 /*yield*/, sdk.api.endusers.generate_auth_token({ id: testEnduser.id })];
117
+ case 2:
118
+ newAuthToken = (_a.sent()).authToken;
119
+ newEnduserSDK = new EnduserSession({ host: host, authToken: newAuthToken, businessId: sdk.userInfo.businessId });
120
+ return [4 /*yield*/, newEnduserSDK.test_authenticated()];
121
+ case 3: return [2 /*return*/, _a.sent()];
122
+ }
123
+ });
124
+ }); }, { expectedResult: 'Authenticated!' })
125
+ // Test 4: Cannot set invalidateSessionsBefore backwards (constraint error)
126
+ ];
127
+ case 7:
128
+ // Test 3: New token after invalidation works
129
+ _b.sent();
130
+ // Test 4: Cannot set invalidateSessionsBefore backwards (constraint error)
131
+ return [4 /*yield*/, async_test('cannot set invalidateSessionsBefore backwards', function () { return __awaiter(void 0, void 0, void 0, function () {
132
+ var pastDate;
133
+ return __generator(this, function (_a) {
134
+ switch (_a.label) {
135
+ case 0:
136
+ pastDate = new Date(Date.now() - 24 * 60 * 60 * 1000) // 1 day ago
137
+ ;
138
+ return [4 /*yield*/, sdk.api.endusers.updateOne(testEnduser.id, { invalidateSessionsBefore: pastDate })];
139
+ case 1:
140
+ _a.sent();
141
+ return [2 /*return*/];
142
+ }
143
+ });
144
+ }); }, handleAnyError)
145
+ // Test 5: Deleted enduser token rejected (401)
146
+ ];
147
+ case 8:
148
+ // Test 4: Cannot set invalidateSessionsBefore backwards (constraint error)
149
+ _b.sent();
150
+ // Test 5: Deleted enduser token rejected (401)
151
+ return [4 /*yield*/, async_test('deleted enduser token rejected', function () { return __awaiter(void 0, void 0, void 0, function () {
152
+ var tempEnduser, tempAuthToken, tempEnduserSDK, e_2;
153
+ return __generator(this, function (_a) {
154
+ switch (_a.label) {
155
+ case 0: return [4 /*yield*/, sdk.api.endusers.createOne({ email: "temp-session-test-".concat(Date.now(), "@tellescope.com") })];
156
+ case 1:
157
+ tempEnduser = _a.sent();
158
+ return [4 /*yield*/, sdk.api.endusers.generate_auth_token({ id: tempEnduser.id })];
159
+ case 2:
160
+ tempAuthToken = (_a.sent()).authToken;
161
+ tempEnduserSDK = new EnduserSession({ host: host, authToken: tempAuthToken, businessId: sdk.userInfo.businessId });
162
+ // Verify token works before deletion
163
+ return [4 /*yield*/, tempEnduserSDK.test_authenticated()
164
+ // Delete the enduser
165
+ ];
166
+ case 3:
167
+ // Verify token works before deletion
168
+ _a.sent();
169
+ // Delete the enduser
170
+ return [4 /*yield*/, sdk.api.endusers.deleteOne(tempEnduser.id)
171
+ // Token should now be rejected
172
+ ];
173
+ case 4:
174
+ // Delete the enduser
175
+ _a.sent();
176
+ _a.label = 5;
177
+ case 5:
178
+ _a.trys.push([5, 7, , 8]);
179
+ return [4 /*yield*/, tempEnduserSDK.test_authenticated()];
180
+ case 6:
181
+ _a.sent();
182
+ return [2 /*return*/, 'should have thrown'];
183
+ case 7:
184
+ e_2 = _a.sent();
185
+ return [2 /*return*/, 'rejected'];
186
+ case 8: return [2 /*return*/];
187
+ }
188
+ });
189
+ }); }, { expectedResult: 'rejected' })];
190
+ case 9:
191
+ // Test 5: Deleted enduser token rejected (401)
192
+ _b.sent();
193
+ console.log("✅ All Enduser Session Invalidation tests passed!");
194
+ return [3 /*break*/, 14];
195
+ case 10:
196
+ _b.trys.push([10, 12, , 13]);
197
+ return [4 /*yield*/, sdk.api.endusers.deleteOne(testEnduser.id)];
198
+ case 11:
199
+ _b.sent();
200
+ return [3 /*break*/, 13];
201
+ case 12:
202
+ error_1 = _b.sent();
203
+ console.error('Cleanup error:', error_1);
204
+ return [3 /*break*/, 13];
205
+ case 13: return [7 /*endfinally*/];
206
+ case 14:
207
+ // --- OTP enablement invalidation tests ---
208
+ log_header("OTP Enablement Session Invalidation Tests");
209
+ resetOTPSettings = function (s) { return __awaiter(void 0, void 0, void 0, function () {
210
+ return __generator(this, function (_a) {
211
+ switch (_a.label) {
212
+ case 0: return [4 /*yield*/, s.api.organizations.updateOne(s.userInfo.businessId, {
213
+ portalSettings: { authentication: { requireOTP: false, requireOTPAfterPassword: false } },
214
+ }, { replaceObjectFields: true })];
215
+ case 1:
216
+ _a.sent();
217
+ return [2 /*return*/];
218
+ }
219
+ });
220
+ }); };
221
+ // Ensure OTP is off and db is clean before starting
222
+ return [4 /*yield*/, sdk.reset_db()];
223
+ case 15:
224
+ // Ensure OTP is off and db is clean before starting
225
+ _b.sent();
226
+ return [4 /*yield*/, wait(undefined, 500)];
227
+ case 16:
228
+ _b.sent();
229
+ return [4 /*yield*/, resetOTPSettings(sdk)];
230
+ case 17:
231
+ _b.sent();
232
+ _b.label = 18;
233
+ case 18:
234
+ _b.trys.push([18, , 25, 27]);
235
+ // Test 6: Enabling requireOTP invalidates multiple enduser sessions at once
236
+ return [4 /*yield*/, async_test('enabling requireOTP invalidates multiple enduser sessions', function () { return __awaiter(void 0, void 0, void 0, function () {
237
+ var endusers, tokens, sessions, _i, sessions_1, s, _a, sessions_2, s, e_3, _b, endusers_1, e, newToken, newSession, _c, endusers_2, e;
238
+ return __generator(this, function (_d) {
239
+ switch (_d.label) {
240
+ case 0: return [4 /*yield*/, Promise.all([
241
+ sdk.api.endusers.createOne({ email: "otp-bulk-1-".concat(Date.now(), "@tellescope.com") }),
242
+ sdk.api.endusers.createOne({ email: "otp-bulk-2-".concat(Date.now(), "@tellescope.com") }),
243
+ sdk.api.endusers.createOne({ email: "otp-bulk-3-".concat(Date.now(), "@tellescope.com") }),
244
+ ])];
245
+ case 1:
246
+ endusers = _d.sent();
247
+ _d.label = 2;
248
+ case 2:
249
+ _d.trys.push([2, , 23, 29]);
250
+ return [4 /*yield*/, Promise.all(endusers.map(function (e) { return sdk.api.endusers.generate_auth_token({ id: e.id, overrideOTP: true }); }))];
251
+ case 3:
252
+ tokens = _d.sent();
253
+ sessions = tokens.map(function (t) { return new EnduserSession({ host: host, authToken: t.authToken, businessId: sdk.userInfo.businessId }); });
254
+ _i = 0, sessions_1 = sessions;
255
+ _d.label = 4;
256
+ case 4:
257
+ if (!(_i < sessions_1.length)) return [3 /*break*/, 7];
258
+ s = sessions_1[_i];
259
+ return [4 /*yield*/, s.test_authenticated()];
260
+ case 5:
261
+ _d.sent();
262
+ _d.label = 6;
263
+ case 6:
264
+ _i++;
265
+ return [3 /*break*/, 4];
266
+ case 7: return [4 /*yield*/, wait(undefined, 2000)
267
+ // Enable OTP
268
+ ];
269
+ case 8:
270
+ _d.sent();
271
+ // Enable OTP
272
+ return [4 /*yield*/, sdk.api.organizations.updateOne(sdk.userInfo.businessId, {
273
+ portalSettings: { authentication: { requireOTP: true } },
274
+ })
275
+ // Wait for side effect to process
276
+ ];
277
+ case 9:
278
+ // Enable OTP
279
+ _d.sent();
280
+ // Wait for side effect to process
281
+ return [4 /*yield*/, wait(undefined, 1000)
282
+ // All old tokens should be rejected
283
+ ];
284
+ case 10:
285
+ // Wait for side effect to process
286
+ _d.sent();
287
+ _a = 0, sessions_2 = sessions;
288
+ _d.label = 11;
289
+ case 11:
290
+ if (!(_a < sessions_2.length)) return [3 /*break*/, 16];
291
+ s = sessions_2[_a];
292
+ _d.label = 12;
293
+ case 12:
294
+ _d.trys.push([12, 14, , 15]);
295
+ return [4 /*yield*/, s.test_authenticated()];
296
+ case 13:
297
+ _d.sent();
298
+ return [2 /*return*/, 'should have thrown'];
299
+ case 14:
300
+ e_3 = _d.sent();
301
+ return [3 /*break*/, 15];
302
+ case 15:
303
+ _a++;
304
+ return [3 /*break*/, 11];
305
+ case 16:
306
+ // New tokens should work
307
+ return [4 /*yield*/, wait(undefined, 2000)];
308
+ case 17:
309
+ // New tokens should work
310
+ _d.sent();
311
+ _b = 0, endusers_1 = endusers;
312
+ _d.label = 18;
313
+ case 18:
314
+ if (!(_b < endusers_1.length)) return [3 /*break*/, 22];
315
+ e = endusers_1[_b];
316
+ return [4 /*yield*/, sdk.api.endusers.generate_auth_token({ id: e.id, overrideOTP: true })];
317
+ case 19:
318
+ newToken = (_d.sent()).authToken;
319
+ newSession = new EnduserSession({ host: host, authToken: newToken, businessId: sdk.userInfo.businessId });
320
+ return [4 /*yield*/, newSession.test_authenticated()];
321
+ case 20:
322
+ _d.sent();
323
+ _d.label = 21;
324
+ case 21:
325
+ _b++;
326
+ return [3 /*break*/, 18];
327
+ case 22: return [2 /*return*/, 'passed'];
328
+ case 23: return [4 /*yield*/, resetOTPSettings(sdk)];
329
+ case 24:
330
+ _d.sent();
331
+ _c = 0, endusers_2 = endusers;
332
+ _d.label = 25;
333
+ case 25:
334
+ if (!(_c < endusers_2.length)) return [3 /*break*/, 28];
335
+ e = endusers_2[_c];
336
+ return [4 /*yield*/, sdk.api.endusers.deleteOne(e.id).catch(console.error)];
337
+ case 26:
338
+ _d.sent();
339
+ _d.label = 27;
340
+ case 27:
341
+ _c++;
342
+ return [3 /*break*/, 25];
343
+ case 28: return [7 /*endfinally*/];
344
+ case 29: return [2 /*return*/];
345
+ }
346
+ });
347
+ }); }, { expectedResult: 'passed' })
348
+ // Test 7: Enabling requireOTPAfterPassword invalidates multiple enduser sessions
349
+ ];
350
+ case 19:
351
+ // Test 6: Enabling requireOTP invalidates multiple enduser sessions at once
352
+ _b.sent();
353
+ // Test 7: Enabling requireOTPAfterPassword invalidates multiple enduser sessions
354
+ return [4 /*yield*/, async_test('enabling requireOTPAfterPassword invalidates multiple enduser sessions', function () { return __awaiter(void 0, void 0, void 0, function () {
355
+ var endusers, tokens, sessions, _i, sessions_3, s, _a, sessions_4, s, e_4, _b, endusers_3, e, newToken, newSession, _c, endusers_4, e;
356
+ return __generator(this, function (_d) {
357
+ switch (_d.label) {
358
+ case 0: return [4 /*yield*/, Promise.all([
359
+ sdk.api.endusers.createOne({ email: "otp-mfa-1-".concat(Date.now(), "@tellescope.com") }),
360
+ sdk.api.endusers.createOne({ email: "otp-mfa-2-".concat(Date.now(), "@tellescope.com") }),
361
+ ])];
362
+ case 1:
363
+ endusers = _d.sent();
364
+ _d.label = 2;
365
+ case 2:
366
+ _d.trys.push([2, , 23, 29]);
367
+ return [4 /*yield*/, Promise.all(endusers.map(function (e) { return sdk.api.endusers.generate_auth_token({ id: e.id, overrideOTP: true }); }))];
368
+ case 3:
369
+ tokens = _d.sent();
370
+ sessions = tokens.map(function (t) { return new EnduserSession({ host: host, authToken: t.authToken, businessId: sdk.userInfo.businessId }); });
371
+ _i = 0, sessions_3 = sessions;
372
+ _d.label = 4;
373
+ case 4:
374
+ if (!(_i < sessions_3.length)) return [3 /*break*/, 7];
375
+ s = sessions_3[_i];
376
+ return [4 /*yield*/, s.test_authenticated()];
377
+ case 5:
378
+ _d.sent();
379
+ _d.label = 6;
380
+ case 6:
381
+ _i++;
382
+ return [3 /*break*/, 4];
383
+ case 7: return [4 /*yield*/, wait(undefined, 2000)];
384
+ case 8:
385
+ _d.sent();
386
+ return [4 /*yield*/, sdk.api.organizations.updateOne(sdk.userInfo.businessId, {
387
+ portalSettings: { authentication: { requireOTPAfterPassword: true } },
388
+ })];
389
+ case 9:
390
+ _d.sent();
391
+ return [4 /*yield*/, wait(undefined, 1000)];
392
+ case 10:
393
+ _d.sent();
394
+ _a = 0, sessions_4 = sessions;
395
+ _d.label = 11;
396
+ case 11:
397
+ if (!(_a < sessions_4.length)) return [3 /*break*/, 16];
398
+ s = sessions_4[_a];
399
+ _d.label = 12;
400
+ case 12:
401
+ _d.trys.push([12, 14, , 15]);
402
+ return [4 /*yield*/, s.test_authenticated()];
403
+ case 13:
404
+ _d.sent();
405
+ return [2 /*return*/, 'should have thrown'];
406
+ case 14:
407
+ e_4 = _d.sent();
408
+ return [3 /*break*/, 15];
409
+ case 15:
410
+ _a++;
411
+ return [3 /*break*/, 11];
412
+ case 16:
413
+ // New tokens work
414
+ return [4 /*yield*/, wait(undefined, 2000)];
415
+ case 17:
416
+ // New tokens work
417
+ _d.sent();
418
+ _b = 0, endusers_3 = endusers;
419
+ _d.label = 18;
420
+ case 18:
421
+ if (!(_b < endusers_3.length)) return [3 /*break*/, 22];
422
+ e = endusers_3[_b];
423
+ return [4 /*yield*/, sdk.api.endusers.generate_auth_token({ id: e.id, overrideOTP: true })];
424
+ case 19:
425
+ newToken = (_d.sent()).authToken;
426
+ newSession = new EnduserSession({ host: host, authToken: newToken, businessId: sdk.userInfo.businessId });
427
+ return [4 /*yield*/, newSession.test_authenticated()];
428
+ case 20:
429
+ _d.sent();
430
+ _d.label = 21;
431
+ case 21:
432
+ _b++;
433
+ return [3 /*break*/, 18];
434
+ case 22: return [2 /*return*/, 'passed'];
435
+ case 23: return [4 /*yield*/, resetOTPSettings(sdk)];
436
+ case 24:
437
+ _d.sent();
438
+ _c = 0, endusers_4 = endusers;
439
+ _d.label = 25;
440
+ case 25:
441
+ if (!(_c < endusers_4.length)) return [3 /*break*/, 28];
442
+ e = endusers_4[_c];
443
+ return [4 /*yield*/, sdk.api.endusers.deleteOne(e.id).catch(console.error)];
444
+ case 26:
445
+ _d.sent();
446
+ _d.label = 27;
447
+ case 27:
448
+ _c++;
449
+ return [3 /*break*/, 25];
450
+ case 28: return [7 /*endfinally*/];
451
+ case 29: return [2 /*return*/];
452
+ }
453
+ });
454
+ }); }, { expectedResult: 'passed' })
455
+ // Reset rate limiting state before continuing
456
+ ];
457
+ case 20:
458
+ // Test 7: Enabling requireOTPAfterPassword invalidates multiple enduser sessions
459
+ _b.sent();
460
+ // Reset rate limiting state before continuing
461
+ return [4 /*yield*/, sdk.reset_db()];
462
+ case 21:
463
+ // Reset rate limiting state before continuing
464
+ _b.sent();
465
+ return [4 /*yield*/, wait(undefined, 500)
466
+ // Test 8: Disabling OTP does NOT invalidate sessions
467
+ ];
468
+ case 22:
469
+ _b.sent();
470
+ // Test 8: Disabling OTP does NOT invalidate sessions
471
+ return [4 /*yield*/, async_test('disabling OTP does not invalidate sessions', function () { return __awaiter(void 0, void 0, void 0, function () {
472
+ var enduser, authToken, enduserSession;
473
+ return __generator(this, function (_a) {
474
+ switch (_a.label) {
475
+ case 0:
476
+ // Enable OTP first
477
+ return [4 /*yield*/, sdk.api.organizations.updateOne(sdk.userInfo.businessId, {
478
+ portalSettings: { authentication: { requireOTP: true } },
479
+ })];
480
+ case 1:
481
+ // Enable OTP first
482
+ _a.sent();
483
+ return [4 /*yield*/, wait(undefined, 2000)
484
+ // Create enduser and token AFTER OTP is enabled (so token is valid)
485
+ ];
486
+ case 2:
487
+ _a.sent();
488
+ return [4 /*yield*/, sdk.api.endusers.createOne({ email: "otp-disable-".concat(Date.now(), "@tellescope.com") })];
489
+ case 3:
490
+ enduser = _a.sent();
491
+ _a.label = 4;
492
+ case 4:
493
+ _a.trys.push([4, , 11, 14]);
494
+ return [4 /*yield*/, sdk.api.endusers.generate_auth_token({ id: enduser.id, overrideOTP: true })];
495
+ case 5:
496
+ authToken = (_a.sent()).authToken;
497
+ enduserSession = new EnduserSession({ host: host, authToken: authToken, businessId: sdk.userInfo.businessId });
498
+ return [4 /*yield*/, enduserSession.test_authenticated()];
499
+ case 6:
500
+ _a.sent();
501
+ return [4 /*yield*/, wait(undefined, 2000)
502
+ // Disable OTP
503
+ ];
504
+ case 7:
505
+ _a.sent();
506
+ // Disable OTP
507
+ return [4 /*yield*/, sdk.api.organizations.updateOne(sdk.userInfo.businessId, {
508
+ portalSettings: { authentication: { requireOTP: false } },
509
+ }, { replaceObjectFields: true })];
510
+ case 8:
511
+ // Disable OTP
512
+ _a.sent();
513
+ return [4 /*yield*/, wait(undefined, 1000)
514
+ // Old token should still work (disabling OTP should not invalidate)
515
+ ];
516
+ case 9:
517
+ _a.sent();
518
+ return [4 /*yield*/, enduserSession.test_authenticated()];
519
+ case 10:
520
+ // Old token should still work (disabling OTP should not invalidate)
521
+ return [2 /*return*/, _a.sent()];
522
+ case 11: return [4 /*yield*/, resetOTPSettings(sdk)];
523
+ case 12:
524
+ _a.sent();
525
+ return [4 /*yield*/, sdk.api.endusers.deleteOne(enduser.id).catch(console.error)];
526
+ case 13:
527
+ _a.sent();
528
+ return [7 /*endfinally*/];
529
+ case 14: return [2 /*return*/];
530
+ }
531
+ });
532
+ }); }, { expectedResult: 'Authenticated!' })
533
+ // Test 9: OTP invalidation is scoped to the updated organization only (multi-tenant)
534
+ ];
535
+ case 23:
536
+ // Test 8: Disabling OTP does NOT invalidate sessions
537
+ _b.sent();
538
+ // Test 9: OTP invalidation is scoped to the updated organization only (multi-tenant)
539
+ return [4 /*yield*/, async_test('OTP invalidation is scoped to the updated organization only', function () { return __awaiter(void 0, void 0, void 0, function () {
540
+ var sdkOther, otherEnduser, mainEnduser, otherToken, otherEnduserSession, mainToken, mainEnduserSession, e_5;
541
+ return __generator(this, function (_a) {
542
+ switch (_a.label) {
543
+ case 0:
544
+ sdkOther = new Session({ host: host, apiKey: "ba745e25162bb95a795c5fa1af70df188d93c4d3aac9c48b34a5c8c9dd7b80f7" });
545
+ return [4 /*yield*/, sdkOther.api.endusers.createOne({ email: "otp-other-tenant-".concat(Date.now(), "@tellescope.com") })];
546
+ case 1:
547
+ otherEnduser = _a.sent();
548
+ return [4 /*yield*/, sdk.api.endusers.createOne({ email: "otp-main-tenant-".concat(Date.now(), "@tellescope.com") })];
549
+ case 2:
550
+ mainEnduser = _a.sent();
551
+ _a.label = 3;
552
+ case 3:
553
+ _a.trys.push([3, , 16, 20]);
554
+ return [4 /*yield*/, sdkOther.api.endusers.generate_auth_token({ id: otherEnduser.id, overrideOTP: true })];
555
+ case 4:
556
+ otherToken = (_a.sent()).authToken;
557
+ otherEnduserSession = new EnduserSession({ host: host, authToken: otherToken, businessId: sdkOther.userInfo.businessId });
558
+ return [4 /*yield*/, sdk.api.endusers.generate_auth_token({ id: mainEnduser.id, overrideOTP: true })];
559
+ case 5:
560
+ mainToken = (_a.sent()).authToken;
561
+ mainEnduserSession = new EnduserSession({ host: host, authToken: mainToken, businessId: sdk.userInfo.businessId });
562
+ // Both tokens work
563
+ return [4 /*yield*/, otherEnduserSession.test_authenticated()];
564
+ case 6:
565
+ // Both tokens work
566
+ _a.sent();
567
+ return [4 /*yield*/, mainEnduserSession.test_authenticated()];
568
+ case 7:
569
+ _a.sent();
570
+ return [4 /*yield*/, wait(undefined, 2000)
571
+ // Enable OTP on main tenant only
572
+ ];
573
+ case 8:
574
+ _a.sent();
575
+ // Enable OTP on main tenant only
576
+ return [4 /*yield*/, sdk.api.organizations.updateOne(sdk.userInfo.businessId, {
577
+ portalSettings: { authentication: { requireOTP: true } },
578
+ })];
579
+ case 9:
580
+ // Enable OTP on main tenant only
581
+ _a.sent();
582
+ return [4 /*yield*/, wait(undefined, 1000)
583
+ // Main tenant enduser's old token should be rejected
584
+ ];
585
+ case 10:
586
+ _a.sent();
587
+ _a.label = 11;
588
+ case 11:
589
+ _a.trys.push([11, 13, , 14]);
590
+ return [4 /*yield*/, mainEnduserSession.test_authenticated()];
591
+ case 12:
592
+ _a.sent();
593
+ return [2 /*return*/, 'should have thrown'];
594
+ case 13:
595
+ e_5 = _a.sent();
596
+ return [3 /*break*/, 14];
597
+ case 14:
598
+ // Other tenant enduser's token should still work
599
+ return [4 /*yield*/, otherEnduserSession.test_authenticated()];
600
+ case 15:
601
+ // Other tenant enduser's token should still work
602
+ _a.sent();
603
+ return [2 /*return*/, 'passed'];
604
+ case 16: return [4 /*yield*/, resetOTPSettings(sdk)];
605
+ case 17:
606
+ _a.sent();
607
+ return [4 /*yield*/, sdk.api.endusers.deleteOne(mainEnduser.id).catch(console.error)];
608
+ case 18:
609
+ _a.sent();
610
+ return [4 /*yield*/, sdkOther.api.endusers.deleteOne(otherEnduser.id).catch(console.error)];
611
+ case 19:
612
+ _a.sent();
613
+ return [7 /*endfinally*/];
614
+ case 20: return [2 /*return*/];
615
+ }
616
+ });
617
+ }); }, { expectedResult: 'passed' })];
618
+ case 24:
619
+ // Test 9: OTP invalidation is scoped to the updated organization only (multi-tenant)
620
+ _b.sent();
621
+ console.log("✅ All OTP Enablement Session Invalidation tests passed!");
622
+ return [3 /*break*/, 27];
623
+ case 25:
624
+ // Always reset OTP settings to prevent impacting other tests
625
+ return [4 /*yield*/, resetOTPSettings(sdk).catch(console.error)];
626
+ case 26:
627
+ // Always reset OTP settings to prevent impacting other tests
628
+ _b.sent();
629
+ return [7 /*endfinally*/];
630
+ case 27: return [2 /*return*/];
631
+ }
632
+ });
633
+ });
634
+ };
635
+ // Allow running this test file independently
636
+ if (require.main === module) {
637
+ console.log("\uD83C\uDF10 Using API URL: ".concat(host));
638
+ var sdk_1 = new Session({ host: host });
639
+ var sdkNonAdmin_1 = new Session({ host: host });
640
+ var runTests = function () { return __awaiter(void 0, void 0, void 0, function () {
641
+ return __generator(this, function (_a) {
642
+ switch (_a.label) {
643
+ case 0: return [4 /*yield*/, setup_tests(sdk_1, sdkNonAdmin_1)];
644
+ case 1:
645
+ _a.sent();
646
+ return [4 /*yield*/, enduser_session_invalidation_tests({ sdk: sdk_1, sdkNonAdmin: sdkNonAdmin_1 })];
647
+ case 2:
648
+ _a.sent();
649
+ return [2 /*return*/];
650
+ }
651
+ });
652
+ }); };
653
+ runTests()
654
+ .then(function () {
655
+ console.log("✅ Enduser session invalidation test suite completed successfully");
656
+ process.exit(0);
657
+ })
658
+ .catch(function (error) {
659
+ console.error("❌ Enduser session invalidation test suite failed:", error);
660
+ process.exit(1);
661
+ });
662
+ }
663
+ //# sourceMappingURL=enduser_session_invalidation.test.js.map