@thunderid/javascript 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +201 -0
- package/dist/DefaultCacheStore.d.ts +31 -0
- package/dist/DefaultCacheStore.d.ts.map +1 -0
- package/dist/DefaultCrypto.d.ts +30 -0
- package/dist/DefaultCrypto.d.ts.map +1 -0
- package/dist/HttpClient.d.ts +65 -0
- package/dist/HttpClient.d.ts.map +1 -0
- package/dist/IsomorphicCrypto.d.ts +64 -0
- package/dist/IsomorphicCrypto.d.ts.map +1 -0
- package/dist/StorageManager.d.ts +66 -0
- package/dist/StorageManager.d.ts.map +1 -0
- package/dist/ThunderIDJavaScriptClient.d.ts +66 -0
- package/dist/ThunderIDJavaScriptClient.d.ts.map +1 -0
- package/dist/__legacy__/client.d.ts +485 -0
- package/dist/__legacy__/client.d.ts.map +1 -0
- package/dist/__legacy__/helpers/authentication-helper.d.ts +38 -0
- package/dist/__legacy__/helpers/authentication-helper.d.ts.map +1 -0
- package/dist/__legacy__/helpers/index.d.ts +19 -0
- package/dist/__legacy__/helpers/index.d.ts.map +1 -0
- package/dist/__legacy__/models/client-config.d.ts +106 -0
- package/dist/__legacy__/models/client-config.d.ts.map +1 -0
- package/dist/__legacy__/models/index.d.ts +19 -0
- package/dist/__legacy__/models/index.d.ts.map +1 -0
- package/dist/api/createOrganization.d.ts +130 -0
- package/dist/api/createOrganization.d.ts.map +1 -0
- package/dist/api/executeEmbeddedSignInFlow.d.ts +22 -0
- package/dist/api/executeEmbeddedSignInFlow.d.ts.map +1 -0
- package/dist/api/executeEmbeddedSignUpFlow.d.ts +45 -0
- package/dist/api/executeEmbeddedSignUpFlow.d.ts.map +1 -0
- package/dist/api/getAllOrganizations.d.ts +104 -0
- package/dist/api/getAllOrganizations.d.ts.map +1 -0
- package/dist/api/getBrandingPreference.d.ts +104 -0
- package/dist/api/getBrandingPreference.d.ts.map +1 -0
- package/dist/api/getMeOrganizations.d.ts +120 -0
- package/dist/api/getMeOrganizations.d.ts.map +1 -0
- package/dist/api/getOrganization.d.ts +110 -0
- package/dist/api/getOrganization.d.ts.map +1 -0
- package/dist/api/getSchemas.d.ts +90 -0
- package/dist/api/getSchemas.d.ts.map +1 -0
- package/dist/api/getScim2Me.d.ts +90 -0
- package/dist/api/getScim2Me.d.ts.map +1 -0
- package/dist/api/getUserInfo.d.ts +38 -0
- package/dist/api/getUserInfo.d.ts.map +1 -0
- package/dist/api/initializeEmbeddedSignInFlow.d.ts +52 -0
- package/dist/api/initializeEmbeddedSignInFlow.d.ts.map +1 -0
- package/dist/api/updateMeProfile.d.ts +83 -0
- package/dist/api/updateMeProfile.d.ts.map +1 -0
- package/dist/api/updateOrganization.d.ts +119 -0
- package/dist/api/updateOrganization.d.ts.map +1 -0
- package/dist/api/v2/executeEmbeddedRecoveryFlowV2.d.ts +57 -0
- package/dist/api/v2/executeEmbeddedRecoveryFlowV2.d.ts.map +1 -0
- package/dist/api/v2/executeEmbeddedSignInFlowV2.d.ts +22 -0
- package/dist/api/v2/executeEmbeddedSignInFlowV2.d.ts.map +1 -0
- package/dist/api/v2/executeEmbeddedSignUpFlowV2.d.ts +22 -0
- package/dist/api/v2/executeEmbeddedSignUpFlowV2.d.ts.map +1 -0
- package/dist/api/v2/executeEmbeddedUserOnboardingFlowV2.d.ts +89 -0
- package/dist/api/v2/executeEmbeddedUserOnboardingFlowV2.d.ts.map +1 -0
- package/dist/api/v2/getFlowMetaV2.d.ts +56 -0
- package/dist/api/v2/getFlowMetaV2.d.ts.map +1 -0
- package/dist/api/v2/getOrganizationUnitChildren.d.ts +43 -0
- package/dist/api/v2/getOrganizationUnitChildren.d.ts.map +1 -0
- package/dist/cjs/index.cjs +7693 -0
- package/dist/constants/ApplicationNativeAuthenticationConstants.d.ts +40 -0
- package/dist/constants/ApplicationNativeAuthenticationConstants.d.ts.map +1 -0
- package/dist/constants/OIDCDiscoveryConstants.d.ts +65 -0
- package/dist/constants/OIDCDiscoveryConstants.d.ts.map +1 -0
- package/dist/constants/OIDCRequestConstants.d.ts +43 -0
- package/dist/constants/OIDCRequestConstants.d.ts.map +1 -0
- package/dist/constants/PKCEConstants.d.ts +45 -0
- package/dist/constants/PKCEConstants.d.ts.map +1 -0
- package/dist/constants/ScopeConstants.d.ts +43 -0
- package/dist/constants/ScopeConstants.d.ts.map +1 -0
- package/dist/constants/TokenConstants.d.ts +48 -0
- package/dist/constants/TokenConstants.d.ts.map +1 -0
- package/dist/constants/TokenExchangeConstants.d.ts +44 -0
- package/dist/constants/TokenExchangeConstants.d.ts.map +1 -0
- package/dist/constants/VendorConstants.d.ts +32 -0
- package/dist/constants/VendorConstants.d.ts.map +1 -0
- package/dist/constants/v2/OIDCDiscoveryConstants.d.ts +40 -0
- package/dist/constants/v2/OIDCDiscoveryConstants.d.ts.map +1 -0
- package/dist/edge/index.js +7568 -0
- package/dist/errors/ThunderIDAPIError.d.ts +59 -0
- package/dist/errors/ThunderIDAPIError.d.ts.map +1 -0
- package/dist/errors/ThunderIDError.d.ts +50 -0
- package/dist/errors/ThunderIDError.d.ts.map +1 -0
- package/dist/errors/ThunderIDRuntimeError.d.ts +51 -0
- package/dist/errors/ThunderIDRuntimeError.d.ts.map +1 -0
- package/dist/errors/exception.d.ts +27 -0
- package/dist/errors/exception.d.ts.map +1 -0
- package/dist/i18n/constants/TranslationBundleConstants.d.ts +35 -0
- package/dist/i18n/constants/TranslationBundleConstants.d.ts.map +1 -0
- package/dist/i18n/models/i18n.d.ts +127 -0
- package/dist/i18n/models/i18n.d.ts.map +1 -0
- package/dist/i18n/translations/en-US.d.ts +21 -0
- package/dist/i18n/translations/en-US.d.ts.map +1 -0
- package/dist/i18n/translations/fr-FR.d.ts +21 -0
- package/dist/i18n/translations/fr-FR.d.ts.map +1 -0
- package/dist/i18n/translations/hi-IN.d.ts +21 -0
- package/dist/i18n/translations/hi-IN.d.ts.map +1 -0
- package/dist/i18n/translations/index.d.ts +26 -0
- package/dist/i18n/translations/index.d.ts.map +1 -0
- package/dist/i18n/translations/ja-JP.d.ts +21 -0
- package/dist/i18n/translations/ja-JP.d.ts.map +1 -0
- package/dist/i18n/translations/pt-BR.d.ts +21 -0
- package/dist/i18n/translations/pt-BR.d.ts.map +1 -0
- package/dist/i18n/translations/pt-PT.d.ts +21 -0
- package/dist/i18n/translations/pt-PT.d.ts.map +1 -0
- package/dist/i18n/translations/si-LK.d.ts +21 -0
- package/dist/i18n/translations/si-LK.d.ts.map +1 -0
- package/dist/i18n/translations/ta-IN.d.ts +21 -0
- package/dist/i18n/translations/ta-IN.d.ts.map +1 -0
- package/dist/i18n/translations/te-IN.d.ts +21 -0
- package/dist/i18n/translations/te-IN.d.ts.map +1 -0
- package/dist/i18n/utils/getDefaultI18nBundles.d.ts +28 -0
- package/dist/i18n/utils/getDefaultI18nBundles.d.ts.map +1 -0
- package/dist/i18n/utils/normalizeTranslations.d.ts +42 -0
- package/dist/i18n/utils/normalizeTranslations.d.ts.map +1 -0
- package/dist/index.d.ts +143 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +7568 -0
- package/dist/models/agent.d.ts +45 -0
- package/dist/models/agent.d.ts.map +1 -0
- package/dist/models/auth-code-response.d.ts +35 -0
- package/dist/models/auth-code-response.d.ts.map +1 -0
- package/dist/models/branding-preference.d.ts +249 -0
- package/dist/models/branding-preference.d.ts.map +1 -0
- package/dist/models/client.d.ts +213 -0
- package/dist/models/client.d.ts.map +1 -0
- package/dist/models/config.d.ts +483 -0
- package/dist/models/config.d.ts.map +1 -0
- package/dist/models/crypto.d.ts +101 -0
- package/dist/models/crypto.d.ts.map +1 -0
- package/dist/models/embedded-flow.d.ts +167 -0
- package/dist/models/embedded-flow.d.ts.map +1 -0
- package/dist/models/embedded-signin-flow.d.ts +100 -0
- package/dist/models/embedded-signin-flow.d.ts.map +1 -0
- package/dist/models/field.d.ts +32 -0
- package/dist/models/field.d.ts.map +1 -0
- package/dist/models/flow.d.ts +31 -0
- package/dist/models/flow.d.ts.map +1 -0
- package/dist/models/http.d.ts +46 -0
- package/dist/models/http.d.ts.map +1 -0
- package/dist/models/oauth-request.d.ts +24 -0
- package/dist/models/oauth-request.d.ts.map +1 -0
- package/dist/models/oauth-response.d.ts +19 -0
- package/dist/models/oauth-response.d.ts.map +1 -0
- package/dist/models/oidc-discovery.d.ts +370 -0
- package/dist/models/oidc-discovery.d.ts.map +1 -0
- package/dist/models/oidc-endpoints.d.ts +72 -0
- package/dist/models/oidc-endpoints.d.ts.map +1 -0
- package/dist/models/organization.d.ts +34 -0
- package/dist/models/organization.d.ts.map +1 -0
- package/dist/models/platforms.d.ts +38 -0
- package/dist/models/platforms.d.ts.map +1 -0
- package/dist/models/scim2-schema.d.ts +66 -0
- package/dist/models/scim2-schema.d.ts.map +1 -0
- package/dist/models/session.d.ts +32 -0
- package/dist/models/session.d.ts.map +1 -0
- package/dist/models/store.d.ts +84 -0
- package/dist/models/store.d.ts.map +1 -0
- package/dist/models/token-endpoint-auth.d.ts +30 -0
- package/dist/models/token-endpoint-auth.d.ts.map +1 -0
- package/dist/models/token.d.ts +181 -0
- package/dist/models/token.d.ts.map +1 -0
- package/dist/models/user.d.ts +34 -0
- package/dist/models/user.d.ts.map +1 -0
- package/dist/models/utility-types.d.ts +21 -0
- package/dist/models/utility-types.d.ts.map +1 -0
- package/dist/models/v2/embedded-flow-v2.d.ts +494 -0
- package/dist/models/v2/embedded-flow-v2.d.ts.map +1 -0
- package/dist/models/v2/embedded-recovery-flow-v2.d.ts +143 -0
- package/dist/models/v2/embedded-recovery-flow-v2.d.ts.map +1 -0
- package/dist/models/v2/embedded-signin-flow-v2.d.ts +340 -0
- package/dist/models/v2/embedded-signin-flow-v2.d.ts.map +1 -0
- package/dist/models/v2/embedded-signup-flow-v2.d.ts +272 -0
- package/dist/models/v2/embedded-signup-flow-v2.d.ts.map +1 -0
- package/dist/models/v2/extensions/components.d.ts +89 -0
- package/dist/models/v2/extensions/components.d.ts.map +1 -0
- package/dist/models/v2/flow-meta-v2.d.ts +299 -0
- package/dist/models/v2/flow-meta-v2.d.ts.map +1 -0
- package/dist/models/v2/organization-unit.d.ts +103 -0
- package/dist/models/v2/organization-unit.d.ts.map +1 -0
- package/dist/models/v2/translation.d.ts +35 -0
- package/dist/models/v2/translation.d.ts.map +1 -0
- package/dist/models/v2/vars.d.ts +36 -0
- package/dist/models/v2/vars.d.ts.map +1 -0
- package/dist/theme/createTheme.d.ts +23 -0
- package/dist/theme/createTheme.d.ts.map +1 -0
- package/dist/theme/types.d.ts +381 -0
- package/dist/theme/types.d.ts.map +1 -0
- package/dist/utils/arrayBufferToBase64url.d.ts +49 -0
- package/dist/utils/arrayBufferToBase64url.d.ts.map +1 -0
- package/dist/utils/base64Encode.d.ts +36 -0
- package/dist/utils/base64Encode.d.ts.map +1 -0
- package/dist/utils/base64urlToArrayBuffer.d.ts +56 -0
- package/dist/utils/base64urlToArrayBuffer.d.ts.map +1 -0
- package/dist/utils/bem.d.ts +47 -0
- package/dist/utils/bem.d.ts.map +1 -0
- package/dist/utils/deepMerge.d.ts +45 -0
- package/dist/utils/deepMerge.d.ts.map +1 -0
- package/dist/utils/deriveOrganizationHandleFromBaseUrl.d.ts +48 -0
- package/dist/utils/deriveOrganizationHandleFromBaseUrl.d.ts.map +1 -0
- package/dist/utils/extractPkceStorageKeyFromState.d.ts +33 -0
- package/dist/utils/extractPkceStorageKeyFromState.d.ts.map +1 -0
- package/dist/utils/extractTenantDomainFromIdTokenPayload.d.ts +32 -0
- package/dist/utils/extractTenantDomainFromIdTokenPayload.d.ts.map +1 -0
- package/dist/utils/extractUserClaimsFromIdToken.d.ts +47 -0
- package/dist/utils/extractUserClaimsFromIdToken.d.ts.map +1 -0
- package/dist/utils/flattenUserSchema.d.ts +65 -0
- package/dist/utils/flattenUserSchema.d.ts.map +1 -0
- package/dist/utils/formatDate.d.ts +34 -0
- package/dist/utils/formatDate.d.ts.map +1 -0
- package/dist/utils/generateFlattenedUserProfile.d.ts +54 -0
- package/dist/utils/generateFlattenedUserProfile.d.ts.map +1 -0
- package/dist/utils/generatePkceStorageKey.d.ts +35 -0
- package/dist/utils/generatePkceStorageKey.d.ts.map +1 -0
- package/dist/utils/generateStateParamForRequestCorrelation.d.ts +35 -0
- package/dist/utils/generateStateParamForRequestCorrelation.d.ts.map +1 -0
- package/dist/utils/generateUserProfile.d.ts +56 -0
- package/dist/utils/generateUserProfile.d.ts.map +1 -0
- package/dist/utils/get.d.ts +30 -0
- package/dist/utils/get.d.ts.map +1 -0
- package/dist/utils/getAuthorizeRequestUrlParams.d.ts +61 -0
- package/dist/utils/getAuthorizeRequestUrlParams.d.ts.map +1 -0
- package/dist/utils/getLatestStateParam.d.ts +41 -0
- package/dist/utils/getLatestStateParam.d.ts.map +1 -0
- package/dist/utils/getRedirectBasedSignUpUrl.d.ts +30 -0
- package/dist/utils/getRedirectBasedSignUpUrl.d.ts.map +1 -0
- package/dist/utils/identifyPlatform.d.ts +31 -0
- package/dist/utils/identifyPlatform.d.ts.map +1 -0
- package/dist/utils/isEmpty.d.ts +49 -0
- package/dist/utils/isEmpty.d.ts.map +1 -0
- package/dist/utils/isRecognizedBaseUrlPattern.d.ts +33 -0
- package/dist/utils/isRecognizedBaseUrlPattern.d.ts.map +1 -0
- package/dist/utils/logger.d.ts +143 -0
- package/dist/utils/logger.d.ts.map +1 -0
- package/dist/utils/parseApiErrorMessage.d.ts +29 -0
- package/dist/utils/parseApiErrorMessage.d.ts.map +1 -0
- package/dist/utils/processOpenIDScopes.d.ts +42 -0
- package/dist/utils/processOpenIDScopes.d.ts.map +1 -0
- package/dist/utils/processUsername.d.ts +74 -0
- package/dist/utils/processUsername.d.ts.map +1 -0
- package/dist/utils/removeTrailingSlash.d.ts +32 -0
- package/dist/utils/removeTrailingSlash.d.ts.map +1 -0
- package/dist/utils/resolveFieldName.d.ts +20 -0
- package/dist/utils/resolveFieldName.d.ts.map +1 -0
- package/dist/utils/resolveFieldType.d.ts +21 -0
- package/dist/utils/resolveFieldType.d.ts.map +1 -0
- package/dist/utils/set.d.ts +31 -0
- package/dist/utils/set.d.ts.map +1 -0
- package/dist/utils/transformBrandingPreferenceToTheme.d.ts +49 -0
- package/dist/utils/transformBrandingPreferenceToTheme.d.ts.map +1 -0
- package/dist/utils/v2/containsMetaFlowTemplateLiteral.d.ts +57 -0
- package/dist/utils/v2/containsMetaFlowTemplateLiteral.d.ts.map +1 -0
- package/dist/utils/v2/countryCodeToFlagEmoji.d.ts +26 -0
- package/dist/utils/v2/countryCodeToFlagEmoji.d.ts.map +1 -0
- package/dist/utils/v2/extractEmojiFromUri.d.ts +32 -0
- package/dist/utils/v2/extractEmojiFromUri.d.ts.map +1 -0
- package/dist/utils/v2/isEmojiUri.d.ts +34 -0
- package/dist/utils/v2/isEmojiUri.d.ts.map +1 -0
- package/dist/utils/v2/isMetaFlowTemplateLiteral.d.ts +45 -0
- package/dist/utils/v2/isMetaFlowTemplateLiteral.d.ts.map +1 -0
- package/dist/utils/v2/isTranslationFlowTemplateLiteral.d.ts +45 -0
- package/dist/utils/v2/isTranslationFlowTemplateLiteral.d.ts.map +1 -0
- package/dist/utils/v2/parseFlowTemplateLiteral.d.ts +96 -0
- package/dist/utils/v2/parseFlowTemplateLiteral.d.ts.map +1 -0
- package/dist/utils/v2/resolveFlowTemplateLiterals.d.ts +42 -0
- package/dist/utils/v2/resolveFlowTemplateLiterals.d.ts.map +1 -0
- package/dist/utils/v2/resolveLocaleDisplayName.d.ts +30 -0
- package/dist/utils/v2/resolveLocaleDisplayName.d.ts.map +1 -0
- package/dist/utils/v2/resolveLocaleEmoji.d.ts +31 -0
- package/dist/utils/v2/resolveLocaleEmoji.d.ts.map +1 -0
- package/dist/utils/v2/resolveMeta.d.ts +35 -0
- package/dist/utils/v2/resolveMeta.d.ts.map +1 -0
- package/dist/utils/withVendorCSSClassPrefix.d.ts +33 -0
- package/dist/utils/withVendorCSSClassPrefix.d.ts.map +1 -0
- package/package.json +65 -0
|
@@ -0,0 +1,370 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright (c) 2020, WSO2 LLC. (https://www.wso2.com). All Rights Reserved.
|
|
3
|
+
*
|
|
4
|
+
* WSO2 LLC. licenses this file to you under the Apache License,
|
|
5
|
+
* Version 2.0 (the "License"); you may not use this file except
|
|
6
|
+
* in compliance with the License.
|
|
7
|
+
* You may obtain a copy of the License at
|
|
8
|
+
*
|
|
9
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
*
|
|
11
|
+
* Unless required by applicable law or agreed to in writing,
|
|
12
|
+
* software distributed under the License is distributed on an
|
|
13
|
+
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
14
|
+
* KIND, either express or implied. See the License for the
|
|
15
|
+
* specific language governing permissions and limitations
|
|
16
|
+
* under the License.
|
|
17
|
+
*/
|
|
18
|
+
/**
|
|
19
|
+
* Comprehensive OpenID Connect (OIDC) Provider Metadata.
|
|
20
|
+
* This interface represents the complete set of configuration metadata
|
|
21
|
+
* that an OpenID Provider (OP) may publish at its discovery endpoint.
|
|
22
|
+
*
|
|
23
|
+
* @remarks
|
|
24
|
+
* The metadata is organized into several categories:
|
|
25
|
+
* 1. Core Endpoints - Essential URLs for OIDC operations
|
|
26
|
+
* 2. Capability Indicators - Supported features and algorithms
|
|
27
|
+
* 3. Claims and Scopes - Available user information
|
|
28
|
+
* 4. Security Settings - Authentication and encryption options
|
|
29
|
+
* 5. UI/UX Configuration - Display and localization preferences
|
|
30
|
+
*
|
|
31
|
+
* All fields are optional as per the OIDC Discovery specification,
|
|
32
|
+
* allowing for flexible provider implementations.
|
|
33
|
+
*
|
|
34
|
+
* @see {@link https://openid.net/specs/openid-connect-discovery-1_0.html OpenID Connect Discovery Specification}
|
|
35
|
+
*
|
|
36
|
+
* @example
|
|
37
|
+
* ```typescript
|
|
38
|
+
* const config: OIDCProviderMetadata = {
|
|
39
|
+
* issuer: "https://accounts.example.com",
|
|
40
|
+
* authorization_endpoint: "https://accounts.example.com/auth",
|
|
41
|
+
* token_endpoint: "https://accounts.example.com/token",
|
|
42
|
+
* userinfo_endpoint: "https://accounts.example.com/userinfo",
|
|
43
|
+
* jwks_uri: "https://accounts.example.com/jwks.json"
|
|
44
|
+
* };
|
|
45
|
+
* ```
|
|
46
|
+
*/
|
|
47
|
+
export interface OIDCDiscoveryApiResponse extends OIDCDiscoveryEndpointsApiResponse {
|
|
48
|
+
/**
|
|
49
|
+
* Supported Authentication Context Class References.
|
|
50
|
+
* Indicates the OP's ability to satisfy specific authentication requirements.
|
|
51
|
+
*/
|
|
52
|
+
acr_values_supported?: string[];
|
|
53
|
+
/**
|
|
54
|
+
* Boolean value specifying whether the OP can pass a sid (session ID) Claim in the Logout Token to
|
|
55
|
+
* identify the RP session with the OP.
|
|
56
|
+
*/
|
|
57
|
+
backchannel_logout_session_supported?: boolean;
|
|
58
|
+
/**
|
|
59
|
+
* Boolean value specifying whether the OP supports back-channel logout, with true indicating support.
|
|
60
|
+
* If omitted, the default value is false.
|
|
61
|
+
*/
|
|
62
|
+
backchannel_logout_supported?: boolean;
|
|
63
|
+
/**
|
|
64
|
+
* JSON array containing a list of the Claim Types that the OpenID Provider supports.
|
|
65
|
+
*/
|
|
66
|
+
claim_types_supported?: string[];
|
|
67
|
+
/**
|
|
68
|
+
* Languages and scripts supported for values in Claims being returned, represented as a JSON array
|
|
69
|
+
* of BCP47 [RFC5646] language tag values. Not all languages and scripts are necessarily
|
|
70
|
+
* supported for all Claim values.
|
|
71
|
+
*/
|
|
72
|
+
claims_locales_supported?: string[];
|
|
73
|
+
/**
|
|
74
|
+
* Boolean value specifying whether the OP supports use of the claims parameter,
|
|
75
|
+
* with true indicating support. If omitted, the default value is false.
|
|
76
|
+
*/
|
|
77
|
+
claims_parameter_supported?: boolean;
|
|
78
|
+
/**
|
|
79
|
+
* JSON array containing a list of the Claim Names of the Claims that
|
|
80
|
+
* the OpenID Provider MAY be able to supply values for.
|
|
81
|
+
*/
|
|
82
|
+
claims_supported?: string[];
|
|
83
|
+
/**
|
|
84
|
+
* JSON array containing a list of Proof Key for Code
|
|
85
|
+
* Exchange (PKCE) [RFC7636] code challenge methods supported by this
|
|
86
|
+
* authorization server.
|
|
87
|
+
*/
|
|
88
|
+
code_challenge_methods_supported?: string[];
|
|
89
|
+
/**
|
|
90
|
+
* JSON array containing a list of the display parameter values that the OpenID Provider supports.
|
|
91
|
+
*/
|
|
92
|
+
display_values_supported?: string[];
|
|
93
|
+
/**
|
|
94
|
+
* Supported OAuth 2.0 grant type values.
|
|
95
|
+
*
|
|
96
|
+
* @remarks
|
|
97
|
+
* Common values include:
|
|
98
|
+
* - 'authorization_code' - Standard OAuth 2.0 auth code flow
|
|
99
|
+
* - 'implicit' - Implicit flow
|
|
100
|
+
* - 'refresh_token' - Refresh token grant
|
|
101
|
+
* - 'client_credentials' - Client credentials grant
|
|
102
|
+
*/
|
|
103
|
+
grant_types_supported?: string[];
|
|
104
|
+
/**
|
|
105
|
+
* JSON array containing a list of the JWE encryption algorithms (alg values)
|
|
106
|
+
* supported by the OP for the ID Token to encode the Claims in a JWT [JWT].
|
|
107
|
+
*/
|
|
108
|
+
id_token_encryption_alg_values_supported?: string[];
|
|
109
|
+
/**
|
|
110
|
+
* JSON array containing a list of the JWE encryption algorithms (enc values)
|
|
111
|
+
* supported by the OP for the ID Token to encode the Claims in a JWT [JWT].
|
|
112
|
+
*/
|
|
113
|
+
id_token_encryption_enc_values_supported?: string[];
|
|
114
|
+
/**
|
|
115
|
+
* JSON array containing a list of the JWS signing algorithms (alg values)
|
|
116
|
+
* supported by the OP for the ID Token to encode the Claims in a JWT [JWT].
|
|
117
|
+
*/
|
|
118
|
+
id_token_signing_alg_values_supported?: string[];
|
|
119
|
+
/**
|
|
120
|
+
* JSON array containing a list of client authentication
|
|
121
|
+
* methods supported by this introspection endpoint.
|
|
122
|
+
*/
|
|
123
|
+
introspection_endpoint_auth_methods_supported?: string[];
|
|
124
|
+
/**
|
|
125
|
+
* JSON array containing a list of the JWS signing
|
|
126
|
+
* algorithms ("alg" values) supported by the introspection endpoint
|
|
127
|
+
* for the signature on the JWT [JWT] used to authenticate the client
|
|
128
|
+
* at the introspection endpoint for the "private_key_jwt" and
|
|
129
|
+
* "client_secret_jwt" authentication methods.
|
|
130
|
+
*/
|
|
131
|
+
introspection_endpoint_auth_signing_alg_values_supported?: string[];
|
|
132
|
+
/**
|
|
133
|
+
* URL that the OpenID Provider provides to the person registering the Client
|
|
134
|
+
* to read about the OP's requirements on how the Relying Party can use the data provided by the OP.
|
|
135
|
+
*/
|
|
136
|
+
op_policy_uri?: string;
|
|
137
|
+
/**
|
|
138
|
+
* URL that the OpenID Provider provides to the person registering the Client
|
|
139
|
+
* to read about OpenID Provider's terms of service.
|
|
140
|
+
*/
|
|
141
|
+
op_tos_uri?: string;
|
|
142
|
+
/**
|
|
143
|
+
* JSON array containing a list of the JWE encryption algorithms (alg values)
|
|
144
|
+
* supported by the OP for Request Objects.
|
|
145
|
+
*/
|
|
146
|
+
request_object_encryption_alg_values_supported?: string[];
|
|
147
|
+
/**
|
|
148
|
+
* JSON array containing a list of the JWE encryption algorithms (enc values)
|
|
149
|
+
* supported by the OP for Request Objects.
|
|
150
|
+
*/
|
|
151
|
+
request_object_encryption_enc_values_supported?: string[];
|
|
152
|
+
/**
|
|
153
|
+
* JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for Request Objects
|
|
154
|
+
*/
|
|
155
|
+
request_object_signing_alg_values_supported?: string[];
|
|
156
|
+
/**
|
|
157
|
+
* Boolean value specifying whether the OP supports use of the request parameter,
|
|
158
|
+
* with true indicating support. If omitted, the default value is false.
|
|
159
|
+
*/
|
|
160
|
+
request_parameter_supported?: boolean;
|
|
161
|
+
/**
|
|
162
|
+
* Boolean value specifying whether the OP supports use of the request_uri parameter,
|
|
163
|
+
* with true indicating support. If omitted, the default value is true.
|
|
164
|
+
*/
|
|
165
|
+
request_uri_parameter_supported?: boolean;
|
|
166
|
+
/**
|
|
167
|
+
* Boolean value specifying whether the OP requires any request_uri values used to be
|
|
168
|
+
* pre-registered using the request_uris registration parameter.
|
|
169
|
+
*/
|
|
170
|
+
require_request_uri_registration?: boolean;
|
|
171
|
+
/**
|
|
172
|
+
* Supported OAuth 2.0 response_mode values.
|
|
173
|
+
*
|
|
174
|
+
* @remarks
|
|
175
|
+
* Determines how the authorization response is returned:
|
|
176
|
+
* - 'query' - Parameters in URL query string
|
|
177
|
+
* - 'fragment' - Parameters in URL fragment
|
|
178
|
+
* - 'form_post' - Parameters via POST
|
|
179
|
+
*/
|
|
180
|
+
response_modes_supported?: string[];
|
|
181
|
+
/**
|
|
182
|
+
* Supported OAuth 2.0 response_type values.
|
|
183
|
+
*
|
|
184
|
+
* @remarks
|
|
185
|
+
* Common values include:
|
|
186
|
+
* - 'code' - Authorization Code flow
|
|
187
|
+
* - 'token' - Implicit flow
|
|
188
|
+
* - 'id_token' - OIDC implicit flow
|
|
189
|
+
* - 'code token' - Hybrid flow
|
|
190
|
+
*/
|
|
191
|
+
response_types_supported?: string[];
|
|
192
|
+
/**
|
|
193
|
+
* JSON array containing a list of client authentication
|
|
194
|
+
* methods supported by this revocation endpoint.
|
|
195
|
+
*/
|
|
196
|
+
revocation_endpoint_auth_methods_supported?: string[];
|
|
197
|
+
/**
|
|
198
|
+
* JSON array containing a list of the JWS signing
|
|
199
|
+
* algorithms ("alg" values) supported by the revocation endpoint for
|
|
200
|
+
* the signature on the JWT [JWT] used to authenticate the client at
|
|
201
|
+
* the revocation endpoint for the "private_key_jwt" and
|
|
202
|
+
* "client_secret_jwt" authentication methods.
|
|
203
|
+
*/
|
|
204
|
+
revocation_endpoint_auth_signing_alg_values_supported?: string[];
|
|
205
|
+
/**
|
|
206
|
+
* Supported OAuth 2.0 scope values.
|
|
207
|
+
* Lists the permission scopes this server can handle.
|
|
208
|
+
*
|
|
209
|
+
* @remarks
|
|
210
|
+
* Common values include:
|
|
211
|
+
* - 'openid' - Required for OIDC flows
|
|
212
|
+
* - 'profile' - Basic user information
|
|
213
|
+
* - 'email' - User's email address
|
|
214
|
+
* - 'address' - User's postal address
|
|
215
|
+
* - 'phone' - User's phone number
|
|
216
|
+
*/
|
|
217
|
+
scopes_supported?: string[];
|
|
218
|
+
/**
|
|
219
|
+
* URL of a page containing human-readable information that developers
|
|
220
|
+
* might want or need to know when using the OpenID Provider.
|
|
221
|
+
*/
|
|
222
|
+
service_documentation?: string;
|
|
223
|
+
/**
|
|
224
|
+
* Supported Subject Identifier types.
|
|
225
|
+
* Defines how the OP identifies users across sessions.
|
|
226
|
+
*
|
|
227
|
+
* @remarks
|
|
228
|
+
* Common values:
|
|
229
|
+
* - 'public' - Same sub value for all clients
|
|
230
|
+
* - 'pairwise' - Different sub values for different clients
|
|
231
|
+
*/
|
|
232
|
+
subject_types_supported?: string[];
|
|
233
|
+
/**
|
|
234
|
+
* JSON array containing a list of Client Authentication methods supported by this Token Endpoint.
|
|
235
|
+
*/
|
|
236
|
+
token_endpoint_auth_methods_supported?: string[];
|
|
237
|
+
/**
|
|
238
|
+
* JSON array containing a list of the JWS signing algorithms (alg values) supported by the Token Endpoint
|
|
239
|
+
* for the signature on the JWT [JWT] used to authenticate the Client at the Token Endpoint for the
|
|
240
|
+
* private_key_jwt and client_secret_jwt authentication methods.
|
|
241
|
+
*/
|
|
242
|
+
token_endpoint_auth_signing_alg_values_supported?: string[];
|
|
243
|
+
/**
|
|
244
|
+
* Languages and scripts supported for the user interface,
|
|
245
|
+
* represented as a JSON array of BCP47 [RFC5646] language tag values.
|
|
246
|
+
*/
|
|
247
|
+
ui_locales_supported?: string[];
|
|
248
|
+
/**
|
|
249
|
+
* JSON array containing a list of the JWE [JWE] encryption algorithms (alg values)
|
|
250
|
+
* [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT].
|
|
251
|
+
*/
|
|
252
|
+
userinfo_encryption_alg_values_supported?: string[];
|
|
253
|
+
/**
|
|
254
|
+
* JSON array containing a list of the JWE encryption algorithms (enc values) [JWA]
|
|
255
|
+
* supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]
|
|
256
|
+
*/
|
|
257
|
+
userinfo_encryption_enc_values_supported?: string[];
|
|
258
|
+
/**
|
|
259
|
+
* JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA]
|
|
260
|
+
* supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT].
|
|
261
|
+
*/
|
|
262
|
+
userinfo_signing_alg_values_supported?: string[];
|
|
263
|
+
}
|
|
264
|
+
/**
|
|
265
|
+
* Essential OpenID Connect (OIDC) Provider endpoints configuration.
|
|
266
|
+
* This interface represents the core set of endpoints that an OpenID Provider
|
|
267
|
+
* must expose for basic OIDC functionality.
|
|
268
|
+
*
|
|
269
|
+
* @remarks
|
|
270
|
+
* These endpoints form the foundation of OIDC operations and are organized into categories:
|
|
271
|
+
* 1. Authentication Flow - Authorization and token endpoints
|
|
272
|
+
* 2. User Data - UserInfo and session management
|
|
273
|
+
* 3. Security - Key management and token operations
|
|
274
|
+
* 4. Session Management - Logout and session state
|
|
275
|
+
*
|
|
276
|
+
* While all fields are optional in the interface, an OIDC Provider typically
|
|
277
|
+
* implements most of these endpoints for full OIDC compliance.
|
|
278
|
+
*
|
|
279
|
+
* @see {@link OIDCDiscoveryApiResponse} For the complete provider metadata
|
|
280
|
+
* @see {@link https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata Provider Metadata Specification}
|
|
281
|
+
*
|
|
282
|
+
* @example
|
|
283
|
+
* ```typescript
|
|
284
|
+
* const endpoints: OIDCDiscoveryEndpointsApiResponse = {
|
|
285
|
+
* issuer: "https://identity.example.com",
|
|
286
|
+
* authorization_endpoint: "https://identity.example.com/oauth2/authorize",
|
|
287
|
+
* token_endpoint: "https://identity.example.com/oauth2/token",
|
|
288
|
+
* userinfo_endpoint: "https://identity.example.com/oauth2/userinfo"
|
|
289
|
+
* };
|
|
290
|
+
* ```
|
|
291
|
+
*/
|
|
292
|
+
export interface OIDCDiscoveryEndpointsApiResponse {
|
|
293
|
+
/**
|
|
294
|
+
* OAuth 2.0 Authorization Endpoint URL.
|
|
295
|
+
* Used to initiate the authentication and authorization process.
|
|
296
|
+
*
|
|
297
|
+
* @remarks
|
|
298
|
+
* The client redirects the user to this endpoint to begin the auth flow.
|
|
299
|
+
* Supports various response_type values for different OAuth 2.0 flows.
|
|
300
|
+
*/
|
|
301
|
+
authorization_endpoint?: string;
|
|
302
|
+
/**
|
|
303
|
+
* URL of an OP iframe that supports cross-origin communications for session state information with the RP
|
|
304
|
+
* Client, using the HTML5 postMessage API.
|
|
305
|
+
*/
|
|
306
|
+
check_session_iframe?: string;
|
|
307
|
+
/**
|
|
308
|
+
* URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the
|
|
309
|
+
* OP.
|
|
310
|
+
*/
|
|
311
|
+
end_session_endpoint?: string;
|
|
312
|
+
/**
|
|
313
|
+
* URL of the authorization server's OAuth 2.0
|
|
314
|
+
* introspection endpoint.
|
|
315
|
+
*/
|
|
316
|
+
introspection_endpoint?: string;
|
|
317
|
+
/**
|
|
318
|
+
* HTTPS URL that the OP asserts as its Issuer Identifier.
|
|
319
|
+
* Must not contain query or fragment components.
|
|
320
|
+
*
|
|
321
|
+
* @remarks
|
|
322
|
+
* This is a crucial identifier for the OpenID Provider and should
|
|
323
|
+
* match the iss claim in issued JWT tokens.
|
|
324
|
+
*/
|
|
325
|
+
issuer?: string;
|
|
326
|
+
/**
|
|
327
|
+
* JSON Web Key Set (JWKS) document URL.
|
|
328
|
+
* Contains the cryptographic keys used to secure communications.
|
|
329
|
+
*
|
|
330
|
+
* @remarks
|
|
331
|
+
* Used by clients to:
|
|
332
|
+
* - Validate signatures on JWT tokens
|
|
333
|
+
* - Encrypt requests to the OP
|
|
334
|
+
* - Establish secure communications
|
|
335
|
+
*/
|
|
336
|
+
jwks_uri?: string;
|
|
337
|
+
/**
|
|
338
|
+
* Dynamic Client Registration Endpoint URL.
|
|
339
|
+
* Allows automated registration of OAuth 2.0 clients.
|
|
340
|
+
*
|
|
341
|
+
* @remarks
|
|
342
|
+
* If supported, enables automated client setup and configuration.
|
|
343
|
+
* May require initial authentication or access tokens.
|
|
344
|
+
*/
|
|
345
|
+
registration_endpoint?: string;
|
|
346
|
+
/**
|
|
347
|
+
* URL of the authorization server's OAuth 2.0 revocation
|
|
348
|
+
* endpoint.
|
|
349
|
+
*/
|
|
350
|
+
revocation_endpoint?: string;
|
|
351
|
+
/**
|
|
352
|
+
* OAuth 2.0 Token Endpoint URL.
|
|
353
|
+
* Used to obtain tokens using various grant types.
|
|
354
|
+
*
|
|
355
|
+
* @remarks
|
|
356
|
+
* Clients use this endpoint to exchange authorization codes for tokens
|
|
357
|
+
* and to refresh expired access tokens.
|
|
358
|
+
*/
|
|
359
|
+
token_endpoint?: string;
|
|
360
|
+
/**
|
|
361
|
+
* UserInfo Endpoint URL.
|
|
362
|
+
* Returns claims about the authenticated end-user.
|
|
363
|
+
*
|
|
364
|
+
* @remarks
|
|
365
|
+
* Requires a valid access token with appropriate scope.
|
|
366
|
+
* May return claims in JWT format if signing/encryption is configured.
|
|
367
|
+
*/
|
|
368
|
+
userinfo_endpoint?: string;
|
|
369
|
+
}
|
|
370
|
+
//# sourceMappingURL=oidc-discovery.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oidc-discovery.d.ts","sourceRoot":"","sources":["../../src/models/oidc-discovery.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,WAAW,wBAAyB,SAAQ,iCAAiC;IACjF;;;OAGG;IACH,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAEhC;;;OAGG;IACH,oCAAoC,CAAC,EAAE,OAAO,CAAC;IAE/C;;;OAGG;IACH,4BAA4B,CAAC,EAAE,OAAO,CAAC;IAEvC;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAC;IAEjC;;;;OAIG;IACH,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;IAEpC;;;OAGG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;IAErC;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAE5B;;;;OAIG;IACH,gCAAgC,CAAC,EAAE,MAAM,EAAE,CAAC;IAE5C;;OAEG;IACH,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;IAEpC;;;;;;;;;OASG;IACH,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAC;IAEjC;;;OAGG;IACH,wCAAwC,CAAC,EAAE,MAAM,EAAE,CAAC;IAEpD;;;OAGG;IACH,wCAAwC,CAAC,EAAE,MAAM,EAAE,CAAC;IAEpD;;;OAGG;IACH,qCAAqC,CAAC,EAAE,MAAM,EAAE,CAAC;IAEjD;;;OAGG;IACH,6CAA6C,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzD;;;;;;OAMG;IACH,wDAAwD,CAAC,EAAE,MAAM,EAAE,CAAC;IAEpE;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;;OAGG;IACH,8CAA8C,CAAC,EAAE,MAAM,EAAE,CAAC;IAE1D;;;OAGG;IACH,8CAA8C,CAAC,EAAE,MAAM,EAAE,CAAC;IAE1D;;OAEG;IACH,2CAA2C,CAAC,EAAE,MAAM,EAAE,CAAC;IAEvD;;;OAGG;IACH,2BAA2B,CAAC,EAAE,OAAO,CAAC;IAEtC;;;OAGG;IACH,+BAA+B,CAAC,EAAE,OAAO,CAAC;IAE1C;;;OAGG;IACH,gCAAgC,CAAC,EAAE,OAAO,CAAC;IAE3C;;;;;;;;OAQG;IACH,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;IAEpC;;;;;;;;;OASG;IACH,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;IAEpC;;;OAGG;IACH,0CAA0C,CAAC,EAAE,MAAM,EAAE,CAAC;IAEtD;;;;;;OAMG;IACH,qDAAqD,CAAC,EAAE,MAAM,EAAE,CAAC;IAEjE;;;;;;;;;;;OAWG;IACH,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAE5B;;;OAGG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B;;;;;;;;OAQG;IACH,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAC;IAEnC;;OAEG;IACH,qCAAqC,CAAC,EAAE,MAAM,EAAE,CAAC;IAEjD;;;;OAIG;IACH,gDAAgD,CAAC,EAAE,MAAM,EAAE,CAAC;IAE5D;;;OAGG;IACH,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAEhC;;;OAGG;IACH,wCAAwC,CAAC,EAAE,MAAM,EAAE,CAAC;IAEpD;;;OAGG;IACH,wCAAwC,CAAC,EAAE,MAAM,EAAE,CAAC;IAEpD;;;OAGG;IACH,qCAAqC,CAAC,EAAE,MAAM,EAAE,CAAC;CAClD;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAM,WAAW,iCAAiC;IAChD;;;;;;;OAOG;IACH,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAEhC;;;OAGG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B;;;OAGG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B;;;OAGG;IACH,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAKhC;;;;;;;OAOG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;;;;;;;OASG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAKlB;;;;;;;OAOG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B;;;OAGG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAE7B;;;;;;;OAOG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAKxB;;;;;;;OAOG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B"}
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
|
|
3
|
+
*
|
|
4
|
+
* WSO2 LLC. licenses this file to you under the Apache License,
|
|
5
|
+
* Version 2.0 (the "License"); you may not use this file except
|
|
6
|
+
* in compliance with the License.
|
|
7
|
+
* You may obtain a copy of the License at
|
|
8
|
+
*
|
|
9
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
*
|
|
11
|
+
* Unless required by applicable law or agreed to in writing,
|
|
12
|
+
* software distributed under the License is distributed on an
|
|
13
|
+
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
14
|
+
* KIND, either express or implied. See the License for the
|
|
15
|
+
* specific language governing permissions and limitations
|
|
16
|
+
* under the License.
|
|
17
|
+
*/
|
|
18
|
+
/**
|
|
19
|
+
* @deprecated Use the properties defined in the new `OIDCEndpoints` at the `/models/oidc-endpoints.ts` instead.
|
|
20
|
+
* FIXME: Remove this once the final refactoring is done.
|
|
21
|
+
*/
|
|
22
|
+
export interface LegacyOIDCEndpoints {
|
|
23
|
+
authorizationEndpoint: string;
|
|
24
|
+
checkSessionIframe: string;
|
|
25
|
+
endSessionEndpoint: string;
|
|
26
|
+
introspectionEndpoint?: string;
|
|
27
|
+
jwksUri: string;
|
|
28
|
+
registrationEndpoint?: string;
|
|
29
|
+
revocationEndpoint: string;
|
|
30
|
+
tokenEndpoint: string;
|
|
31
|
+
userinfoEndpoint: string;
|
|
32
|
+
wellKnown?: string;
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* Interface representing OpenID Connect endpoints configuration.
|
|
36
|
+
* FIXME: Remove the temporary extends of legacy OIDC endpoints.
|
|
37
|
+
*/
|
|
38
|
+
export interface OIDCEndpoints extends Partial<LegacyOIDCEndpoints> {
|
|
39
|
+
/**
|
|
40
|
+
* The authorization endpoint URL where the authentication request is sent
|
|
41
|
+
*/
|
|
42
|
+
authorization: string;
|
|
43
|
+
/**
|
|
44
|
+
* The OpenID Provider's discovery endpoint URL
|
|
45
|
+
*/
|
|
46
|
+
discovery: string;
|
|
47
|
+
/**
|
|
48
|
+
* The end session endpoint URL used to terminate the user's session
|
|
49
|
+
*/
|
|
50
|
+
endSession: string;
|
|
51
|
+
/**
|
|
52
|
+
* The introspection endpoint URL used to validate tokens
|
|
53
|
+
*/
|
|
54
|
+
introspection: string;
|
|
55
|
+
/**
|
|
56
|
+
* The issuer identifier URL for the OpenID Provider
|
|
57
|
+
*/
|
|
58
|
+
issuer: string;
|
|
59
|
+
/**
|
|
60
|
+
* The JSON Web Key Set endpoint URL that provides the public keys to verify tokens
|
|
61
|
+
*/
|
|
62
|
+
jwks: string;
|
|
63
|
+
/**
|
|
64
|
+
* The revocation endpoint URL used to revoke access or refresh tokens
|
|
65
|
+
*/
|
|
66
|
+
revocation: string;
|
|
67
|
+
/**
|
|
68
|
+
* The userinfo endpoint URL that returns claims about the authenticated user
|
|
69
|
+
*/
|
|
70
|
+
userinfo: string;
|
|
71
|
+
}
|
|
72
|
+
//# sourceMappingURL=oidc-endpoints.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oidc-endpoints.d.ts","sourceRoot":"","sources":["../../src/models/oidc-endpoints.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH;;;GAGG;AACH,MAAM,WAAW,mBAAmB;IAClC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;;GAGG;AACH,MAAM,WAAW,aAAc,SAAQ,OAAO,CAAC,mBAAmB,CAAC;IACjE;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC;IAEb;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;CAClB"}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
|
|
3
|
+
*
|
|
4
|
+
* WSO2 LLC. licenses this file to you under the Apache License,
|
|
5
|
+
* Version 2.0 (the "License"); you may not use this file except
|
|
6
|
+
* in compliance with the License.
|
|
7
|
+
* You may obtain a copy of the License at
|
|
8
|
+
*
|
|
9
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
*
|
|
11
|
+
* Unless required by applicable law or agreed to in writing,
|
|
12
|
+
* software distributed under the License is distributed on an
|
|
13
|
+
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
14
|
+
* KIND, either express or implied. See the License for the
|
|
15
|
+
* specific language governing permissions and limitations
|
|
16
|
+
* under the License.
|
|
17
|
+
*/
|
|
18
|
+
export interface Organization {
|
|
19
|
+
id: string;
|
|
20
|
+
name: string;
|
|
21
|
+
orgHandle: string;
|
|
22
|
+
ref?: string;
|
|
23
|
+
status?: string;
|
|
24
|
+
}
|
|
25
|
+
/**
|
|
26
|
+
* Interface for paginated organization response.
|
|
27
|
+
*/
|
|
28
|
+
export interface AllOrganizationsApiResponse {
|
|
29
|
+
hasMore?: boolean;
|
|
30
|
+
nextCursor?: string;
|
|
31
|
+
organizations: Organization[];
|
|
32
|
+
totalCount?: number;
|
|
33
|
+
}
|
|
34
|
+
//# sourceMappingURL=organization.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"organization.d.ts","sourceRoot":"","sources":["../../src/models/organization.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC1C,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,YAAY,EAAE,CAAC;IAC9B,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
|
|
3
|
+
*
|
|
4
|
+
* WSO2 LLC. licenses this file to you under the Apache License,
|
|
5
|
+
* Version 2.0 (the "License"); you may not use this file except
|
|
6
|
+
* in compliance with the License.
|
|
7
|
+
* You may obtain a copy of the License at
|
|
8
|
+
*
|
|
9
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
*
|
|
11
|
+
* Unless required by applicable law or agreed to in writing,
|
|
12
|
+
* software distributed under the License is distributed on an
|
|
13
|
+
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
14
|
+
* KIND, either express or implied. See the License for the
|
|
15
|
+
* specific language governing permissions and limitations
|
|
16
|
+
* under the License.
|
|
17
|
+
*/
|
|
18
|
+
/**
|
|
19
|
+
* Enumeration of supported identity platforms.
|
|
20
|
+
*
|
|
21
|
+
* - `ThunderID`: Represents the ThunderID cloud identity platform (asgardeo.io domains).
|
|
22
|
+
* - `IdentityServer`: Represents WSO2 Identity Server (on-prem or custom domains).
|
|
23
|
+
* - `Unknown`: Used when the platform cannot be determined from the configuration.
|
|
24
|
+
*
|
|
25
|
+
* This enum is used to distinguish between different identity providers and to
|
|
26
|
+
* enable platform-specific logic throughout the SDK.
|
|
27
|
+
*/
|
|
28
|
+
export declare enum Platform {
|
|
29
|
+
/** ThunderID cloud identity platform (asgardeo.io domains) */
|
|
30
|
+
ThunderID = "THUNDERID",
|
|
31
|
+
/** @experimental ThunderID V2 */
|
|
32
|
+
ThunderIDV2 = "ThunderIDV2",
|
|
33
|
+
/** WSO2 Identity Server (on-prem or custom domains) */
|
|
34
|
+
IdentityServer = "IDENTITY_SERVER",
|
|
35
|
+
/** Unknown or unsupported platform */
|
|
36
|
+
Unknown = "UNKNOWN"
|
|
37
|
+
}
|
|
38
|
+
//# sourceMappingURL=platforms.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"platforms.d.ts","sourceRoot":"","sources":["../../src/models/platforms.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH;;;;;;;;;GASG;AACH,oBAAY,QAAQ;IAClB,8DAA8D;IAC9D,SAAS,cAAc;IACvB,iCAAiC;IACjC,WAAW,gBAAgB;IAC3B,uDAAuD;IACvD,cAAc,oBAAoB;IAClC,sCAAsC;IACtC,OAAO,YAAY;CACpB"}
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
|
|
3
|
+
*
|
|
4
|
+
* WSO2 LLC. licenses this file to you under the Apache License,
|
|
5
|
+
* Version 2.0 (the "License"); you may not use this file except
|
|
6
|
+
* in compliance with the License.
|
|
7
|
+
* You may obtain a copy of the License at
|
|
8
|
+
*
|
|
9
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
*
|
|
11
|
+
* Unless required by applicable law or agreed to in writing,
|
|
12
|
+
* software distributed under the License is distributed on an
|
|
13
|
+
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
14
|
+
* KIND, either express or implied. See the License for the
|
|
15
|
+
* specific language governing permissions and limitations
|
|
16
|
+
* under the License.
|
|
17
|
+
*/
|
|
18
|
+
export interface SchemaAttribute {
|
|
19
|
+
caseExact: boolean;
|
|
20
|
+
description?: string;
|
|
21
|
+
displayName?: string;
|
|
22
|
+
displayOrder?: string;
|
|
23
|
+
multiValued: boolean;
|
|
24
|
+
mutability: string;
|
|
25
|
+
name: string;
|
|
26
|
+
regEx?: string;
|
|
27
|
+
required?: boolean;
|
|
28
|
+
returned: string;
|
|
29
|
+
sharedProfileValueResolvingMethod?: string;
|
|
30
|
+
subAttributes?: SchemaAttribute[];
|
|
31
|
+
supportedByDefault?: string;
|
|
32
|
+
type: string;
|
|
33
|
+
uniqueness: string;
|
|
34
|
+
}
|
|
35
|
+
/**
|
|
36
|
+
* Represents a SCIM2 schema definition
|
|
37
|
+
*/
|
|
38
|
+
export interface Schema {
|
|
39
|
+
/** Schema attributes */
|
|
40
|
+
attributes: SchemaAttribute[];
|
|
41
|
+
/** Schema description */
|
|
42
|
+
description: string;
|
|
43
|
+
/** Schema identifier */
|
|
44
|
+
id: string;
|
|
45
|
+
/** Schema name */
|
|
46
|
+
name: string;
|
|
47
|
+
}
|
|
48
|
+
export interface FlattenedSchema extends Schema {
|
|
49
|
+
schemaId: string;
|
|
50
|
+
}
|
|
51
|
+
/**
|
|
52
|
+
* Well-known SCIM2 schema IDs
|
|
53
|
+
*/
|
|
54
|
+
export declare enum WellKnownSchemaIds {
|
|
55
|
+
/** Core Schema */
|
|
56
|
+
Core = "urn:ietf:params:scim:schemas:core:2.0",
|
|
57
|
+
/** Custom User Schema */
|
|
58
|
+
CustomUser = "urn:scim:schemas:extension:custom:User",
|
|
59
|
+
/** Enterprise User Schema */
|
|
60
|
+
EnterpriseUser = "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
|
|
61
|
+
/** System User Schema */
|
|
62
|
+
SystemUser = "urn:scim:wso2:schema",
|
|
63
|
+
/** User Schema */
|
|
64
|
+
User = "urn:ietf:params:scim:schemas:core:2.0:User"
|
|
65
|
+
}
|
|
66
|
+
//# sourceMappingURL=scim2-schema.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scim2-schema.d.ts","sourceRoot":"","sources":["../../src/models/scim2-schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,OAAO,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,OAAO,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,iCAAiC,CAAC,EAAE,MAAM,CAAC;IAC3C,aAAa,CAAC,EAAE,eAAe,EAAE,CAAC;IAClC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,MAAM;IACrB,wBAAwB;IACxB,UAAU,EAAE,eAAe,EAAE,CAAC;IAC9B,yBAAyB;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,wBAAwB;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,kBAAkB;IAClB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,eAAgB,SAAQ,MAAM;IAC7C,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,oBAAY,kBAAkB;IAC5B,kBAAkB;IAClB,IAAI,0CAA0C;IAC9C,yBAAyB;IACzB,UAAU,2CAA2C;IACrD,6BAA6B;IAC7B,cAAc,+DAA+D;IAC7E,yBAAyB;IACzB,UAAU,yBAAyB;IACnC,kBAAkB;IAClB,IAAI,+CAA+C;CACpD"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright (c) 2020, WSO2 LLC. (https://www.wso2.com). All Rights Reserved.
|
|
3
|
+
*
|
|
4
|
+
* WSO2 LLC. licenses this file to you under the Apache License,
|
|
5
|
+
* Version 2.0 (the "License"); you may not use this file except
|
|
6
|
+
* in compliance with the License.
|
|
7
|
+
* You may obtain a copy of the License at
|
|
8
|
+
*
|
|
9
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
*
|
|
11
|
+
* Unless required by applicable law or agreed to in writing,
|
|
12
|
+
* software distributed under the License is distributed on an
|
|
13
|
+
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
14
|
+
* KIND, either express or implied. See the License for the
|
|
15
|
+
* specific language governing permissions and limitations
|
|
16
|
+
* under the License.
|
|
17
|
+
*/
|
|
18
|
+
export interface SessionData {
|
|
19
|
+
access_token: string;
|
|
20
|
+
created_at: number;
|
|
21
|
+
expires_in: string;
|
|
22
|
+
id_token: string;
|
|
23
|
+
refresh_token?: string;
|
|
24
|
+
scope: string;
|
|
25
|
+
session_state: string;
|
|
26
|
+
token_type: string;
|
|
27
|
+
}
|
|
28
|
+
export interface UserSession {
|
|
29
|
+
scopes: string[];
|
|
30
|
+
sessionState: string;
|
|
31
|
+
}
|
|
32
|
+
//# sourceMappingURL=session.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../src/models/session.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,WAAW,WAAW;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB"}
|