@thunderid/javascript 0.3.0 → 0.3.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/StorageManager.d.ts +2 -2
- package/dist/StorageManager.d.ts.map +1 -1
- package/dist/ThunderIDJavaScriptClient.d.ts +2 -7
- package/dist/ThunderIDJavaScriptClient.d.ts.map +1 -1
- package/dist/api/{v2/executeEmbeddedRecoveryFlowV2.d.ts → executeEmbeddedRecoveryFlow.d.ts} +7 -7
- package/dist/api/executeEmbeddedRecoveryFlow.d.ts.map +1 -0
- package/dist/api/executeEmbeddedSignInFlow.d.ts +3 -3
- package/dist/api/executeEmbeddedSignInFlow.d.ts.map +1 -1
- package/dist/api/executeEmbeddedSignUpFlow.d.ts +4 -27
- package/dist/api/executeEmbeddedSignUpFlow.d.ts.map +1 -1
- package/dist/api/{v2/executeEmbeddedUserOnboardingFlowV2.d.ts → executeEmbeddedUserOnboardingFlow.d.ts} +6 -6
- package/dist/api/executeEmbeddedUserOnboardingFlow.d.ts.map +1 -0
- package/dist/api/getBrandingPreference.d.ts.map +1 -1
- package/dist/api/{v2/getFlowMetaV2.d.ts → getFlowMeta.d.ts} +7 -7
- package/dist/api/getFlowMeta.d.ts.map +1 -0
- package/dist/api/{v2/getOrganizationUnitChildren.d.ts → getOrganizationUnitChildren.d.ts} +1 -1
- package/dist/api/getOrganizationUnitChildren.d.ts.map +1 -0
- package/dist/cjs/index.cjs +1096 -1342
- package/dist/edge/index.js +1084 -1319
- package/dist/i18n/models/i18n.d.ts +3 -0
- package/dist/i18n/models/i18n.d.ts.map +1 -1
- package/dist/i18n/translations/en-US.d.ts.map +1 -1
- package/dist/i18n/translations/fr-FR.d.ts.map +1 -1
- package/dist/i18n/translations/hi-IN.d.ts.map +1 -1
- package/dist/i18n/translations/ja-JP.d.ts.map +1 -1
- package/dist/i18n/translations/pt-BR.d.ts.map +1 -1
- package/dist/i18n/translations/pt-PT.d.ts.map +1 -1
- package/dist/i18n/translations/si-LK.d.ts.map +1 -1
- package/dist/i18n/translations/ta-IN.d.ts.map +1 -1
- package/dist/i18n/translations/te-IN.d.ts.map +1 -1
- package/dist/index.d.ts +29 -36
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1084 -1319
- package/dist/models/client.d.ts +3 -28
- package/dist/models/client.d.ts.map +1 -1
- package/dist/models/config.d.ts +1 -1
- package/dist/models/config.d.ts.map +1 -1
- package/dist/models/embedded-flow.d.ts +572 -92
- package/dist/models/embedded-flow.d.ts.map +1 -1
- package/dist/models/{v2/embedded-recovery-flow-v2.d.ts → embedded-recovery-flow.d.ts} +2 -3
- package/dist/models/embedded-recovery-flow.d.ts.map +1 -0
- package/dist/models/embedded-signin-flow.d.ts +310 -66
- package/dist/models/embedded-signin-flow.d.ts.map +1 -1
- package/dist/models/{v2/embedded-signup-flow-v2.d.ts → embedded-signup-flow.d.ts} +4 -5
- package/dist/models/embedded-signup-flow.d.ts.map +1 -0
- package/dist/models/extensions/components.d.ts +55 -0
- package/dist/models/extensions/components.d.ts.map +1 -0
- package/dist/models/{v2/flow-meta-v2.d.ts → flow-meta.d.ts} +1 -1
- package/dist/models/flow-meta.d.ts.map +1 -0
- package/dist/models/organization-unit.d.ts.map +1 -0
- package/dist/models/translation.d.ts.map +1 -0
- package/dist/models/{v2/vars.d.ts → vars.d.ts} +1 -1
- package/dist/models/vars.d.ts.map +1 -0
- package/dist/utils/buildValidatorFromRules.d.ts +31 -0
- package/dist/utils/buildValidatorFromRules.d.ts.map +1 -0
- package/dist/utils/containsMetaFlowTemplateLiteral.d.ts.map +1 -0
- package/dist/utils/countryCodeToFlagEmoji.d.ts.map +1 -0
- package/dist/utils/evaluateValidationRule.d.ts +42 -0
- package/dist/utils/evaluateValidationRule.d.ts.map +1 -0
- package/dist/utils/extractEmojiFromUri.d.ts.map +1 -0
- package/dist/utils/getRedirectBasedSignUpUrl.d.ts +1 -1
- package/dist/utils/getRedirectBasedSignUpUrl.d.ts.map +1 -1
- package/dist/utils/injectRequestedPermissions.d.ts.map +1 -0
- package/dist/utils/isEmojiUri.d.ts.map +1 -0
- package/dist/utils/isMetaFlowTemplateLiteral.d.ts.map +1 -0
- package/dist/utils/isTranslationFlowTemplateLiteral.d.ts.map +1 -0
- package/dist/utils/parseApiErrorMessage.d.ts.map +1 -1
- package/dist/utils/parseFlowTemplateLiteral.d.ts.map +1 -0
- package/dist/utils/{v2/resolveFlowTemplateLiterals.d.ts → resolveFlowTemplateLiterals.d.ts} +2 -2
- package/dist/utils/resolveFlowTemplateLiterals.d.ts.map +1 -0
- package/dist/utils/resolveLocaleDisplayName.d.ts.map +1 -0
- package/dist/utils/resolveLocaleEmoji.d.ts.map +1 -0
- package/dist/utils/{v2/resolveMeta.d.ts → resolveMeta.d.ts} +1 -1
- package/dist/utils/resolveMeta.d.ts.map +1 -0
- package/package.json +7 -7
- package/dist/api/initializeEmbeddedSignInFlow.d.ts +0 -52
- package/dist/api/initializeEmbeddedSignInFlow.d.ts.map +0 -1
- package/dist/api/v2/executeEmbeddedRecoveryFlowV2.d.ts.map +0 -1
- package/dist/api/v2/executeEmbeddedSignInFlowV2.d.ts +0 -22
- package/dist/api/v2/executeEmbeddedSignInFlowV2.d.ts.map +0 -1
- package/dist/api/v2/executeEmbeddedSignUpFlowV2.d.ts +0 -22
- package/dist/api/v2/executeEmbeddedSignUpFlowV2.d.ts.map +0 -1
- package/dist/api/v2/executeEmbeddedUserOnboardingFlowV2.d.ts.map +0 -1
- package/dist/api/v2/getFlowMetaV2.d.ts.map +0 -1
- package/dist/api/v2/getOrganizationUnitChildren.d.ts.map +0 -1
- package/dist/constants/v2/OIDCDiscoveryConstants.d.ts +0 -40
- package/dist/constants/v2/OIDCDiscoveryConstants.d.ts.map +0 -1
- package/dist/models/platforms.d.ts +0 -33
- package/dist/models/platforms.d.ts.map +0 -1
- package/dist/models/v2/embedded-flow-v2.d.ts +0 -550
- package/dist/models/v2/embedded-flow-v2.d.ts.map +0 -1
- package/dist/models/v2/embedded-recovery-flow-v2.d.ts.map +0 -1
- package/dist/models/v2/embedded-signin-flow-v2.d.ts +0 -345
- package/dist/models/v2/embedded-signin-flow-v2.d.ts.map +0 -1
- package/dist/models/v2/embedded-signup-flow-v2.d.ts.map +0 -1
- package/dist/models/v2/extensions/components.d.ts +0 -89
- package/dist/models/v2/extensions/components.d.ts.map +0 -1
- package/dist/models/v2/flow-meta-v2.d.ts.map +0 -1
- package/dist/models/v2/organization-unit.d.ts.map +0 -1
- package/dist/models/v2/translation.d.ts.map +0 -1
- package/dist/models/v2/vars.d.ts.map +0 -1
- package/dist/utils/identifyPlatform.d.ts +0 -31
- package/dist/utils/identifyPlatform.d.ts.map +0 -1
- package/dist/utils/resolveFieldType.d.ts +0 -21
- package/dist/utils/resolveFieldType.d.ts.map +0 -1
- package/dist/utils/v2/containsMetaFlowTemplateLiteral.d.ts.map +0 -1
- package/dist/utils/v2/countryCodeToFlagEmoji.d.ts.map +0 -1
- package/dist/utils/v2/extractEmojiFromUri.d.ts.map +0 -1
- package/dist/utils/v2/injectRequestedPermissions.d.ts.map +0 -1
- package/dist/utils/v2/isEmojiUri.d.ts.map +0 -1
- package/dist/utils/v2/isMetaFlowTemplateLiteral.d.ts.map +0 -1
- package/dist/utils/v2/isTranslationFlowTemplateLiteral.d.ts.map +0 -1
- package/dist/utils/v2/parseFlowTemplateLiteral.d.ts.map +0 -1
- package/dist/utils/v2/resolveFlowTemplateLiterals.d.ts.map +0 -1
- package/dist/utils/v2/resolveLocaleDisplayName.d.ts.map +0 -1
- package/dist/utils/v2/resolveLocaleEmoji.d.ts.map +0 -1
- package/dist/utils/v2/resolveMeta.d.ts.map +0 -1
- /package/dist/models/{v2/organization-unit.d.ts → organization-unit.d.ts} +0 -0
- /package/dist/models/{v2/translation.d.ts → translation.d.ts} +0 -0
- /package/dist/utils/{v2/containsMetaFlowTemplateLiteral.d.ts → containsMetaFlowTemplateLiteral.d.ts} +0 -0
- /package/dist/utils/{v2/countryCodeToFlagEmoji.d.ts → countryCodeToFlagEmoji.d.ts} +0 -0
- /package/dist/utils/{v2/extractEmojiFromUri.d.ts → extractEmojiFromUri.d.ts} +0 -0
- /package/dist/utils/{v2/injectRequestedPermissions.d.ts → injectRequestedPermissions.d.ts} +0 -0
- /package/dist/utils/{v2/isEmojiUri.d.ts → isEmojiUri.d.ts} +0 -0
- /package/dist/utils/{v2/isMetaFlowTemplateLiteral.d.ts → isMetaFlowTemplateLiteral.d.ts} +0 -0
- /package/dist/utils/{v2/isTranslationFlowTemplateLiteral.d.ts → isTranslationFlowTemplateLiteral.d.ts} +0 -0
- /package/dist/utils/{v2/parseFlowTemplateLiteral.d.ts → parseFlowTemplateLiteral.d.ts} +0 -0
- /package/dist/utils/{v2/resolveLocaleDisplayName.d.ts → resolveLocaleDisplayName.d.ts} +0 -0
- /package/dist/utils/{v2/resolveLocaleEmoji.d.ts → resolveLocaleEmoji.d.ts} +0 -0
package/dist/cjs/index.cjs
CHANGED
|
@@ -349,101 +349,91 @@ var ThunderIDAPIError = class extends ThunderIDError {
|
|
|
349
349
|
};
|
|
350
350
|
|
|
351
351
|
//#endregion
|
|
352
|
-
//#region src/
|
|
352
|
+
//#region src/models/embedded-signin-flow.ts
|
|
353
353
|
/**
|
|
354
|
-
*
|
|
354
|
+
* Status enumeration for ThunderID embedded sign-in flow operations.
|
|
355
355
|
*
|
|
356
|
-
*
|
|
357
|
-
*
|
|
358
|
-
*
|
|
356
|
+
* These statuses indicate the current state of the sign-in flow and determine
|
|
357
|
+
* the next action required by the client application. Each status provides
|
|
358
|
+
* specific guidance on how to proceed with the authentication process.
|
|
359
359
|
*
|
|
360
360
|
* @example
|
|
361
361
|
* ```typescript
|
|
362
|
-
*
|
|
363
|
-
*
|
|
364
|
-
*
|
|
365
|
-
*
|
|
366
|
-
*
|
|
367
|
-
*
|
|
368
|
-
*
|
|
369
|
-
*
|
|
370
|
-
*
|
|
371
|
-
*
|
|
372
|
-
* code_challenge_method: "S256"
|
|
373
|
-
* }
|
|
374
|
-
* });
|
|
375
|
-
* console.log(authResponse);
|
|
376
|
-
* } catch (error) {
|
|
377
|
-
* if (error instanceof ThunderIDAPIError) {
|
|
378
|
-
* console.error('Authorization failed:', error.message);
|
|
379
|
-
* }
|
|
362
|
+
* switch (response.flowStatus) {
|
|
363
|
+
* case EmbeddedSignInFlowStatus.Incomplete:
|
|
364
|
+
* // More user input needed - render form components
|
|
365
|
+
* break;
|
|
366
|
+
* case EmbeddedSignInFlowStatus.Complete:
|
|
367
|
+
* // Authentication successful - handle completion
|
|
368
|
+
* break;
|
|
369
|
+
* case EmbeddedSignInFlowStatus.Error:
|
|
370
|
+
* // Authentication failed - show error message
|
|
371
|
+
* break;
|
|
380
372
|
* }
|
|
381
373
|
* ```
|
|
374
|
+
*
|
|
375
|
+
* @experimental Part of the new ThunderID API
|
|
382
376
|
*/
|
|
383
|
-
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
|
|
394
|
-
|
|
395
|
-
|
|
396
|
-
|
|
397
|
-
|
|
398
|
-
|
|
399
|
-
|
|
400
|
-
|
|
401
|
-
|
|
402
|
-
|
|
403
|
-
|
|
404
|
-
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
|
|
417
|
-
|
|
418
|
-
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
427
|
-
|
|
428
|
-
|
|
429
|
-
|
|
430
|
-
|
|
431
|
-
|
|
432
|
-
|
|
433
|
-
|
|
434
|
-
|
|
435
|
-
|
|
436
|
-
|
|
437
|
-
|
|
438
|
-
throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "executeEmbeddedSignInFlow-NetworkError-001", "javascript", 0, "Network Error");
|
|
439
|
-
}
|
|
440
|
-
};
|
|
441
|
-
var executeEmbeddedSignInFlow_default = executeEmbeddedSignInFlow;
|
|
377
|
+
let EmbeddedSignInFlowStatus = /* @__PURE__ */ function(EmbeddedSignInFlowStatus$1) {
|
|
378
|
+
/**
|
|
379
|
+
* Sign-in flow completed successfully.
|
|
380
|
+
*
|
|
381
|
+
* The user has been authenticated and the flow can proceed to
|
|
382
|
+
* OAuth2 completion or redirection. Check for redirectUrl or
|
|
383
|
+
* assertion data in the response.
|
|
384
|
+
*/
|
|
385
|
+
EmbeddedSignInFlowStatus$1["Complete"] = "COMPLETE";
|
|
386
|
+
/**
|
|
387
|
+
* Sign-in flow encountered an error.
|
|
388
|
+
*
|
|
389
|
+
* Authentication failed due to invalid credentials, system error,
|
|
390
|
+
* or other issues. Check error details in the response and handle
|
|
391
|
+
* appropriately (retry, show error message, etc.).
|
|
392
|
+
*/
|
|
393
|
+
EmbeddedSignInFlowStatus$1["Error"] = "ERROR";
|
|
394
|
+
/**
|
|
395
|
+
* Sign-in flow requires additional user input.
|
|
396
|
+
*
|
|
397
|
+
* More authentication steps are needed. The response will contain
|
|
398
|
+
* components in data.meta.components that should be rendered to
|
|
399
|
+
* collect additional user input (e.g., MFA, password, etc.).
|
|
400
|
+
*/
|
|
401
|
+
EmbeddedSignInFlowStatus$1["Incomplete"] = "INCOMPLETE";
|
|
402
|
+
return EmbeddedSignInFlowStatus$1;
|
|
403
|
+
}({});
|
|
404
|
+
/**
|
|
405
|
+
* Type enumeration for ThunderID embedded sign-in flow responses.
|
|
406
|
+
*
|
|
407
|
+
* Determines the nature of the flow response and how the client should
|
|
408
|
+
* handle the returned data. This affects both UI rendering and flow
|
|
409
|
+
* continuation logic.
|
|
410
|
+
*
|
|
411
|
+
* @experimental Part of the new ThunderID API
|
|
412
|
+
*/
|
|
413
|
+
let EmbeddedSignInFlowType = /* @__PURE__ */ function(EmbeddedSignInFlowType$1) {
|
|
414
|
+
/**
|
|
415
|
+
* Response requires external redirection.
|
|
416
|
+
*
|
|
417
|
+
* Used for social login providers, external identity providers,
|
|
418
|
+
* or other flows that require navigating to an external URL.
|
|
419
|
+
* The response will contain redirection information.
|
|
420
|
+
*/
|
|
421
|
+
EmbeddedSignInFlowType$1["Redirection"] = "REDIRECTION";
|
|
422
|
+
/**
|
|
423
|
+
* Response contains view components for rendering.
|
|
424
|
+
*
|
|
425
|
+
* Standard embedded flow response containing UI components
|
|
426
|
+
* that should be rendered within the current application
|
|
427
|
+
* context. Most common type for embedded authentication.
|
|
428
|
+
*/
|
|
429
|
+
EmbeddedSignInFlowType$1["View"] = "VIEW";
|
|
430
|
+
return EmbeddedSignInFlowType$1;
|
|
431
|
+
}({});
|
|
442
432
|
|
|
443
433
|
//#endregion
|
|
444
|
-
//#region src/
|
|
434
|
+
//#region src/utils/injectRequestedPermissions.ts
|
|
445
435
|
/**
|
|
446
|
-
* Copyright (c)
|
|
436
|
+
* Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
|
|
447
437
|
*
|
|
448
438
|
* WSO2 LLC. licenses this file to you under the Apache License,
|
|
449
439
|
* Version 2.0 (the "License"); you may not use this file except
|
|
@@ -459,140 +449,286 @@ var executeEmbeddedSignInFlow_default = executeEmbeddedSignInFlow;
|
|
|
459
449
|
* specific language governing permissions and limitations
|
|
460
450
|
* under the License.
|
|
461
451
|
*/
|
|
462
|
-
let EmbeddedFlowType = /* @__PURE__ */ function(EmbeddedFlowType$1) {
|
|
463
|
-
EmbeddedFlowType$1["Authentication"] = "AUTHENTICATION";
|
|
464
|
-
EmbeddedFlowType$1["Recovery"] = "RECOVERY";
|
|
465
|
-
EmbeddedFlowType$1["Registration"] = "REGISTRATION";
|
|
466
|
-
EmbeddedFlowType$1["UserOnboarding"] = "USER_ONBOARDING";
|
|
467
|
-
return EmbeddedFlowType$1;
|
|
468
|
-
}({});
|
|
469
|
-
let EmbeddedFlowStatus = /* @__PURE__ */ function(EmbeddedFlowStatus$1) {
|
|
470
|
-
EmbeddedFlowStatus$1["Complete"] = "COMPLETE";
|
|
471
|
-
EmbeddedFlowStatus$1["Incomplete"] = "INCOMPLETE";
|
|
472
|
-
return EmbeddedFlowStatus$1;
|
|
473
|
-
}({});
|
|
474
|
-
let EmbeddedFlowResponseType = /* @__PURE__ */ function(EmbeddedFlowResponseType$1) {
|
|
475
|
-
EmbeddedFlowResponseType$1["Redirection"] = "REDIRECTION";
|
|
476
|
-
EmbeddedFlowResponseType$1["View"] = "VIEW";
|
|
477
|
-
return EmbeddedFlowResponseType$1;
|
|
478
|
-
}({});
|
|
479
|
-
let EmbeddedFlowComponentType = /* @__PURE__ */ function(EmbeddedFlowComponentType$2) {
|
|
480
|
-
EmbeddedFlowComponentType$2["Button"] = "BUTTON";
|
|
481
|
-
EmbeddedFlowComponentType$2["Checkbox"] = "CHECKBOX";
|
|
482
|
-
EmbeddedFlowComponentType$2["Divider"] = "DIVIDER";
|
|
483
|
-
EmbeddedFlowComponentType$2["Form"] = "FORM";
|
|
484
|
-
EmbeddedFlowComponentType$2["Image"] = "IMAGE";
|
|
485
|
-
EmbeddedFlowComponentType$2["Input"] = "INPUT";
|
|
486
|
-
EmbeddedFlowComponentType$2["Radio"] = "RADIO";
|
|
487
|
-
EmbeddedFlowComponentType$2["Select"] = "SELECT";
|
|
488
|
-
EmbeddedFlowComponentType$2["Typography"] = "TYPOGRAPHY";
|
|
489
|
-
return EmbeddedFlowComponentType$2;
|
|
490
|
-
}({});
|
|
491
|
-
|
|
492
|
-
//#endregion
|
|
493
|
-
//#region src/api/executeEmbeddedSignUpFlow.ts
|
|
494
452
|
/**
|
|
495
|
-
*
|
|
496
|
-
*
|
|
497
|
-
* @param requestConfig - Request configuration object containing URL and payload.
|
|
498
|
-
* @returns A promise that resolves with the flow execution response.
|
|
499
|
-
* @throws ThunderIDAPIError when the request fails or URL is invalid.
|
|
453
|
+
* Strips the top-level `scopes` field from a payload and injects it as
|
|
454
|
+
* `inputs.requested_permissions` (space-separated string).
|
|
500
455
|
*
|
|
501
|
-
*
|
|
502
|
-
* ```typescript
|
|
503
|
-
* try {
|
|
504
|
-
* const embeddedSignUpResponse = await executeEmbeddedSignUpFlow({
|
|
505
|
-
* url: "https://localhost:8090/api/server/v1/flow/execute",
|
|
506
|
-
* payload: {
|
|
507
|
-
* flowType: "REGISTRATION"
|
|
508
|
-
* }
|
|
509
|
-
* });
|
|
510
|
-
* console.log(embeddedSignUpResponse);
|
|
511
|
-
* } catch (error) {
|
|
512
|
-
* if (error instanceof ThunderIDAPIError) {
|
|
513
|
-
* console.error('Embedded SignUp flow execution failed:', error.message);
|
|
514
|
-
* }
|
|
515
|
-
* }
|
|
516
|
-
* ```
|
|
456
|
+
* The backend reads requested_permissions from UserInputs (the `inputs` map), not a top-level field.
|
|
517
457
|
*/
|
|
518
|
-
const
|
|
519
|
-
|
|
520
|
-
|
|
521
|
-
|
|
522
|
-
|
|
523
|
-
|
|
524
|
-
|
|
525
|
-
|
|
526
|
-
|
|
527
|
-
|
|
458
|
+
const injectRequestedPermissions = (payload) => {
|
|
459
|
+
const { scopes,...rest } = payload;
|
|
460
|
+
const normalizedScopes = Array.isArray(scopes) ? scopes.map((s) => String(s).trim()).filter(Boolean).join(" ") : typeof scopes === "string" ? scopes.trim() : "";
|
|
461
|
+
if (!normalizedScopes) return rest;
|
|
462
|
+
const existingInputs = rest["inputs"] != null && typeof rest["inputs"] === "object" && !Array.isArray(rest["inputs"]) ? rest["inputs"] : {};
|
|
463
|
+
return {
|
|
464
|
+
...rest,
|
|
465
|
+
inputs: {
|
|
466
|
+
...existingInputs,
|
|
467
|
+
requested_permissions: normalizedScopes
|
|
468
|
+
}
|
|
469
|
+
};
|
|
470
|
+
};
|
|
471
|
+
var injectRequestedPermissions_default = injectRequestedPermissions;
|
|
472
|
+
|
|
473
|
+
//#endregion
|
|
474
|
+
//#region src/api/executeEmbeddedSignInFlow.ts
|
|
475
|
+
const executeEmbeddedSignInFlow = async ({ url, baseUrl, payload, authId,...requestConfig }) => {
|
|
476
|
+
if (!payload) throw new ThunderIDAPIError("Authorization payload is required", "executeEmbeddedSignInFlow-ValidationError-002", "javascript", 400, "If an authorization payload is not provided, the request cannot be constructed correctly.");
|
|
477
|
+
const endpoint = url ?? `${baseUrl}/flow/execute`;
|
|
478
|
+
const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
|
|
479
|
+
const isNewFlowStart = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload;
|
|
480
|
+
const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
|
|
481
|
+
const basePayload = isNewFlowStart ? injectRequestedPermissions_default(cleanPayload) : cleanPayload;
|
|
482
|
+
const requestPayload = isNewFlowStart || hasOnlyFlowId ? {
|
|
483
|
+
...basePayload,
|
|
484
|
+
verbose: true
|
|
485
|
+
} : basePayload;
|
|
486
|
+
const response = await fetch(endpoint, {
|
|
487
|
+
...requestConfig,
|
|
488
|
+
body: JSON.stringify(requestPayload),
|
|
489
|
+
headers: {
|
|
490
|
+
Accept: "application/json",
|
|
491
|
+
"Content-Type": "application/json",
|
|
492
|
+
...requestConfig.headers
|
|
493
|
+
},
|
|
494
|
+
method: requestConfig.method || "POST"
|
|
495
|
+
});
|
|
496
|
+
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedSignInFlow-ResponseError-001", "javascript", response.status, response.statusText, "Authorization request failed");
|
|
497
|
+
const flowResponse = await response.json();
|
|
498
|
+
if (flowResponse.flowStatus === EmbeddedSignInFlowStatus.Complete && flowResponse.assertion && authId) try {
|
|
499
|
+
const oauth2Response = await fetch(`${baseUrl}/oauth2/auth/callback`, {
|
|
528
500
|
body: JSON.stringify({
|
|
529
|
-
|
|
530
|
-
|
|
501
|
+
assertion: flowResponse.assertion,
|
|
502
|
+
authId
|
|
531
503
|
}),
|
|
504
|
+
credentials: "include",
|
|
532
505
|
headers: {
|
|
533
506
|
Accept: "application/json",
|
|
534
507
|
"Content-Type": "application/json",
|
|
535
508
|
...requestConfig.headers
|
|
536
509
|
},
|
|
537
|
-
method:
|
|
510
|
+
method: "POST"
|
|
538
511
|
});
|
|
539
|
-
if (!
|
|
540
|
-
|
|
541
|
-
|
|
542
|
-
|
|
543
|
-
|
|
512
|
+
if (!oauth2Response.ok) throw new ThunderIDAPIError(await oauth2Response.text(), "executeEmbeddedSignInFlow-OAuth2Error-002", "javascript", oauth2Response.status, oauth2Response.statusText, "OAuth2 authorization failed");
|
|
513
|
+
const oauth2Result = await oauth2Response.json();
|
|
514
|
+
return {
|
|
515
|
+
flowStatus: flowResponse.flowStatus,
|
|
516
|
+
redirectUrl: oauth2Result["redirect_uri"]
|
|
517
|
+
};
|
|
518
|
+
} catch (authError) {
|
|
519
|
+
if (authError instanceof ThunderIDAPIError) throw authError;
|
|
520
|
+
throw new ThunderIDAPIError(authError instanceof Error ? authError.message : "Unknown error", "executeEmbeddedSignInFlow-OAuth2Error-001", "javascript", 500, "Failed to complete OAuth2 authorization after successful embedded sign-in flow.", "OAuth2 authorization failed");
|
|
544
521
|
}
|
|
522
|
+
return flowResponse;
|
|
545
523
|
};
|
|
546
|
-
var
|
|
524
|
+
var executeEmbeddedSignInFlow_default = executeEmbeddedSignInFlow;
|
|
547
525
|
|
|
548
526
|
//#endregion
|
|
549
|
-
//#region src/
|
|
527
|
+
//#region src/models/embedded-signup-flow.ts
|
|
550
528
|
/**
|
|
551
|
-
*
|
|
529
|
+
* Status enumeration for ThunderID embedded sign-up flow operations.
|
|
552
530
|
*
|
|
553
|
-
*
|
|
554
|
-
*
|
|
555
|
-
*
|
|
556
|
-
*
|
|
557
|
-
*
|
|
558
|
-
*
|
|
559
|
-
*
|
|
560
|
-
*
|
|
561
|
-
*
|
|
562
|
-
*
|
|
563
|
-
*
|
|
531
|
+
* These statuses indicate the current state of the registration flow and determine
|
|
532
|
+
* the next action required by the client application. Each status provides specific
|
|
533
|
+
* guidance on how to proceed with the user registration process.
|
|
534
|
+
*
|
|
535
|
+
* @example
|
|
536
|
+
* ```typescript
|
|
537
|
+
* switch (response.flowStatus) {
|
|
538
|
+
* case EmbeddedSignUpFlowStatus.Incomplete:
|
|
539
|
+
* // More user input needed - render registration form components
|
|
540
|
+
* break;
|
|
541
|
+
* case EmbeddedSignUpFlowStatus.Complete:
|
|
542
|
+
* // Registration successful - handle completion
|
|
543
|
+
* break;
|
|
544
|
+
* case EmbeddedSignUpFlowStatus.Error:
|
|
545
|
+
* // Registration failed - show error details
|
|
546
|
+
* const errorResponse = response as EmbeddedSignUpFlowErrorResponse;
|
|
547
|
+
* showError(errorResponse.error.description.defaultValue);
|
|
548
|
+
* break;
|
|
564
549
|
* }
|
|
565
550
|
* ```
|
|
551
|
+
*
|
|
552
|
+
* @experimental Part of the new ThunderID API
|
|
566
553
|
*/
|
|
567
|
-
|
|
568
|
-
|
|
569
|
-
|
|
570
|
-
|
|
571
|
-
|
|
572
|
-
|
|
573
|
-
|
|
574
|
-
|
|
575
|
-
|
|
554
|
+
let EmbeddedSignUpFlowStatus = /* @__PURE__ */ function(EmbeddedSignUpFlowStatus$1) {
|
|
555
|
+
/**
|
|
556
|
+
* Sign-up flow completed successfully.
|
|
557
|
+
*
|
|
558
|
+
* The user has successfully registered and the flow can proceed to
|
|
559
|
+
* OAuth2 completion or redirection. Check for redirectUrl or assertion
|
|
560
|
+
* data in the response for next steps.
|
|
561
|
+
*/
|
|
562
|
+
EmbeddedSignUpFlowStatus$1["Complete"] = "COMPLETE";
|
|
563
|
+
/**
|
|
564
|
+
* Sign-up flow encountered an error and cannot proceed.
|
|
565
|
+
*
|
|
566
|
+
* Registration failed due to validation errors, duplicate user,
|
|
567
|
+
* system errors, or other issues. The response will be of type
|
|
568
|
+
* `EmbeddedSignUpFlowErrorResponse` containing detailed failure
|
|
569
|
+
* information that can be displayed to the user.
|
|
570
|
+
*
|
|
571
|
+
* @see {@link EmbeddedSignUpFlowErrorResponse} for error response structure
|
|
572
|
+
*/
|
|
573
|
+
EmbeddedSignUpFlowStatus$1["Error"] = "ERROR";
|
|
574
|
+
/**
|
|
575
|
+
* Sign-up flow requires additional user input.
|
|
576
|
+
*
|
|
577
|
+
* More registration steps are needed. The response will contain
|
|
578
|
+
* components in data.meta.components that should be rendered to
|
|
579
|
+
* collect additional user information (e.g., profile data, verification).
|
|
580
|
+
*/
|
|
581
|
+
EmbeddedSignUpFlowStatus$1["Incomplete"] = "INCOMPLETE";
|
|
582
|
+
return EmbeddedSignUpFlowStatus$1;
|
|
583
|
+
}({});
|
|
584
|
+
/**
|
|
585
|
+
* Type enumeration for ThunderID embedded sign-up flow responses.
|
|
586
|
+
*
|
|
587
|
+
* Determines the nature of the registration flow response and how the client
|
|
588
|
+
* should handle the returned data. This affects both UI rendering and flow
|
|
589
|
+
* continuation logic during the user registration process.
|
|
590
|
+
*
|
|
591
|
+
* @experimental Part of the new ThunderID API
|
|
592
|
+
*/
|
|
593
|
+
let EmbeddedSignUpFlowType = /* @__PURE__ */ function(EmbeddedSignUpFlowType$1) {
|
|
594
|
+
/**
|
|
595
|
+
* Response requires external redirection.
|
|
596
|
+
*
|
|
597
|
+
* Used for social registration providers, external identity providers,
|
|
598
|
+
* or other flows that require navigating to an external URL during
|
|
599
|
+
* the registration process. The response will contain redirection information.
|
|
600
|
+
*/
|
|
601
|
+
EmbeddedSignUpFlowType$1["Redirection"] = "REDIRECTION";
|
|
602
|
+
/**
|
|
603
|
+
* Response contains view components for rendering.
|
|
604
|
+
*
|
|
605
|
+
* Standard embedded registration flow response containing UI components
|
|
606
|
+
* that should be rendered within the current application context.
|
|
607
|
+
* Most common type for embedded user registration.
|
|
608
|
+
*/
|
|
609
|
+
EmbeddedSignUpFlowType$1["View"] = "VIEW";
|
|
610
|
+
return EmbeddedSignUpFlowType$1;
|
|
611
|
+
}({});
|
|
612
|
+
|
|
613
|
+
//#endregion
|
|
614
|
+
//#region src/api/executeEmbeddedSignUpFlow.ts
|
|
615
|
+
const executeEmbeddedSignUpFlow = async ({ url, baseUrl, payload, authId,...requestConfig }) => {
|
|
616
|
+
if (!payload) throw new ThunderIDAPIError("Registration payload is required", "executeEmbeddedSignUpFlow-ValidationError-002", "javascript", 400, "If a registration payload is not provided, the request cannot be constructed correctly.");
|
|
617
|
+
const endpoint = url ?? `${baseUrl}/flow/execute`;
|
|
618
|
+
const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
|
|
619
|
+
const isNewFlowStart = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload;
|
|
620
|
+
const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
|
|
621
|
+
const basePayload = isNewFlowStart ? injectRequestedPermissions_default(cleanPayload) : cleanPayload;
|
|
622
|
+
const requestPayload = isNewFlowStart || hasOnlyFlowId ? {
|
|
623
|
+
...basePayload,
|
|
624
|
+
verbose: true
|
|
625
|
+
} : basePayload;
|
|
626
|
+
const response = await fetch(endpoint, {
|
|
627
|
+
...requestConfig,
|
|
628
|
+
body: JSON.stringify(requestPayload),
|
|
629
|
+
headers: {
|
|
630
|
+
Accept: "application/json",
|
|
631
|
+
"Content-Type": "application/json",
|
|
632
|
+
...requestConfig.headers
|
|
633
|
+
},
|
|
634
|
+
method: requestConfig.method || "POST"
|
|
635
|
+
});
|
|
636
|
+
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedSignUpFlow-ResponseError-001", "javascript", response.status, response.statusText, "Registration request failed");
|
|
637
|
+
const flowResponse = await response.json();
|
|
638
|
+
if (flowResponse.flowStatus === EmbeddedSignUpFlowStatus.Complete && flowResponse.assertion && authId) try {
|
|
639
|
+
const oauth2Response = await fetch(`${baseUrl}/oauth2/auth/callback`, {
|
|
640
|
+
body: JSON.stringify({
|
|
641
|
+
assertion: flowResponse.assertion,
|
|
642
|
+
authId
|
|
643
|
+
}),
|
|
644
|
+
credentials: "include",
|
|
576
645
|
headers: {
|
|
577
646
|
Accept: "application/json",
|
|
578
647
|
"Content-Type": "application/json",
|
|
579
648
|
...requestConfig.headers
|
|
580
649
|
},
|
|
581
|
-
method: "
|
|
650
|
+
method: "POST"
|
|
582
651
|
});
|
|
583
|
-
if (!
|
|
584
|
-
|
|
585
|
-
|
|
586
|
-
|
|
587
|
-
|
|
652
|
+
if (!oauth2Response.ok) throw new ThunderIDAPIError(await oauth2Response.text(), "executeEmbeddedSignUpFlow-OAuth2Error-002", "javascript", oauth2Response.status, oauth2Response.statusText, "OAuth2 authorization failed");
|
|
653
|
+
const oauth2Result = await oauth2Response.json();
|
|
654
|
+
return {
|
|
655
|
+
flowStatus: flowResponse.flowStatus,
|
|
656
|
+
redirectUrl: oauth2Result["redirect_uri"]
|
|
657
|
+
};
|
|
658
|
+
} catch (authError) {
|
|
659
|
+
if (authError instanceof ThunderIDAPIError) throw authError;
|
|
660
|
+
throw new ThunderIDAPIError(authError instanceof Error ? authError.message : "Unknown error", "executeEmbeddedSignUpFlow-OAuth2Error-001", "javascript", 500, "Failed to complete OAuth2 authorization after successful embedded sign-up flow.", "OAuth2 authorization failed");
|
|
588
661
|
}
|
|
662
|
+
return flowResponse;
|
|
589
663
|
};
|
|
590
|
-
var
|
|
664
|
+
var executeEmbeddedSignUpFlow_default = executeEmbeddedSignUpFlow;
|
|
591
665
|
|
|
592
666
|
//#endregion
|
|
593
|
-
//#region src/
|
|
667
|
+
//#region src/api/executeEmbeddedRecoveryFlow.ts
|
|
594
668
|
/**
|
|
595
|
-
*
|
|
669
|
+
* Executes an embedded recovery flow by sending a request to the flow execution endpoint.
|
|
670
|
+
*
|
|
671
|
+
* This function handles password-recovery and account-recovery flows driven by the
|
|
672
|
+
* ThunderID server. The server returns UI components for each step (e.g. username
|
|
673
|
+
* collection, OTP verification, password reset) and this function forwards the
|
|
674
|
+
* user's responses back to the server.
|
|
675
|
+
*
|
|
676
|
+
* @param requestConfig - Request configuration containing URL, payload, and optional headers.
|
|
677
|
+
* @returns A promise that resolves with the flow execution response.
|
|
678
|
+
* @throws ThunderIDAPIError when the request fails or a payload is missing.
|
|
679
|
+
*
|
|
680
|
+
* @example
|
|
681
|
+
* ```typescript
|
|
682
|
+
* // Initiate recovery flow
|
|
683
|
+
* const response = await executeEmbeddedRecoveryFlow({
|
|
684
|
+
* baseUrl: 'https://localhost:8090',
|
|
685
|
+
* payload: {
|
|
686
|
+
* flowType: 'RECOVERY',
|
|
687
|
+
* applicationId: 'my-app-id',
|
|
688
|
+
* },
|
|
689
|
+
* });
|
|
690
|
+
*
|
|
691
|
+
* // Continue recovery flow with user input
|
|
692
|
+
* const nextResponse = await executeEmbeddedRecoveryFlow({
|
|
693
|
+
* baseUrl: 'https://localhost:8090',
|
|
694
|
+
* payload: {
|
|
695
|
+
* executionId: response.executionId,
|
|
696
|
+
* action: 'submit',
|
|
697
|
+
* inputs: { username: 'user@example.com' },
|
|
698
|
+
* challengeToken: response.challengeToken,
|
|
699
|
+
* },
|
|
700
|
+
* });
|
|
701
|
+
* ```
|
|
702
|
+
*/
|
|
703
|
+
const executeEmbeddedRecoveryFlow = async ({ url, baseUrl, payload,...requestConfig }) => {
|
|
704
|
+
if (!payload) throw new ThunderIDAPIError("Recovery payload is required", "executeEmbeddedRecoveryFlow-ValidationError-002", "javascript", 400, "If a recovery payload is not provided, the request cannot be constructed correctly.");
|
|
705
|
+
const endpoint = url ?? `${baseUrl}/flow/execute`;
|
|
706
|
+
const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
|
|
707
|
+
const hasOnlyAppIdAndFlowType = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload && Object.keys(cleanPayload).length === 2;
|
|
708
|
+
const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
|
|
709
|
+
const requestPayload = hasOnlyAppIdAndFlowType || hasOnlyFlowId ? {
|
|
710
|
+
...cleanPayload,
|
|
711
|
+
verbose: true
|
|
712
|
+
} : cleanPayload;
|
|
713
|
+
const response = await fetch(endpoint, {
|
|
714
|
+
...requestConfig,
|
|
715
|
+
body: JSON.stringify(requestPayload),
|
|
716
|
+
headers: {
|
|
717
|
+
Accept: "application/json",
|
|
718
|
+
"Content-Type": "application/json",
|
|
719
|
+
...requestConfig.headers
|
|
720
|
+
},
|
|
721
|
+
method: requestConfig.method || "POST"
|
|
722
|
+
});
|
|
723
|
+
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedRecoveryFlow-ResponseError-001", "javascript", response.status, response.statusText, "Recovery request failed");
|
|
724
|
+
return await response.json();
|
|
725
|
+
};
|
|
726
|
+
var executeEmbeddedRecoveryFlow_default = executeEmbeddedRecoveryFlow;
|
|
727
|
+
|
|
728
|
+
//#endregion
|
|
729
|
+
//#region src/models/embedded-flow.ts
|
|
730
|
+
/**
|
|
731
|
+
* Copyright (c) 2025-2026, WSO2 LLC. (https://www.wso2.com).
|
|
596
732
|
*
|
|
597
733
|
* WSO2 LLC. licenses this file to you under the Apache License,
|
|
598
734
|
* Version 2.0 (the "License"); you may not use this file except
|
|
@@ -608,174 +744,476 @@ var getUserInfo_default = getUserInfo;
|
|
|
608
744
|
* specific language governing permissions and limitations
|
|
609
745
|
* under the License.
|
|
610
746
|
*/
|
|
747
|
+
let EmbeddedFlowType = /* @__PURE__ */ function(EmbeddedFlowType$1) {
|
|
748
|
+
EmbeddedFlowType$1["Authentication"] = "AUTHENTICATION";
|
|
749
|
+
EmbeddedFlowType$1["Recovery"] = "RECOVERY";
|
|
750
|
+
EmbeddedFlowType$1["Registration"] = "REGISTRATION";
|
|
751
|
+
EmbeddedFlowType$1["UserOnboarding"] = "USER_ONBOARDING";
|
|
752
|
+
return EmbeddedFlowType$1;
|
|
753
|
+
}({});
|
|
754
|
+
let EmbeddedFlowResponseType = /* @__PURE__ */ function(EmbeddedFlowResponseType$1) {
|
|
755
|
+
EmbeddedFlowResponseType$1["Redirection"] = "REDIRECTION";
|
|
756
|
+
EmbeddedFlowResponseType$1["View"] = "VIEW";
|
|
757
|
+
return EmbeddedFlowResponseType$1;
|
|
758
|
+
}({});
|
|
611
759
|
/**
|
|
612
|
-
*
|
|
613
|
-
* Matches patterns like "DEFAULT/", "ASGARDEO_USER/", "PRIMARY/", etc.
|
|
614
|
-
* The pattern matches any uppercase letters, numbers, and underscores followed by a forward slash.
|
|
615
|
-
*/
|
|
616
|
-
const USERSTORE_PREFIX_REGEX = /^[A-Z_][A-Z0-9_]*\//;
|
|
617
|
-
/**
|
|
618
|
-
* Removes userstore prefixes from a username if they exist.
|
|
619
|
-
* This is commonly used to clean usernames returned from SCIM2 endpoints
|
|
620
|
-
* that include userstore prefixes like "DEFAULT/", "ASGARDEO_USER/", "PRIMARY/", etc.
|
|
760
|
+
* Component types supported by the ThunderID embedded flow API.
|
|
621
761
|
*
|
|
622
|
-
*
|
|
623
|
-
*
|
|
762
|
+
* These types define the different UI components that can be rendered
|
|
763
|
+
* as part of the embedded authentication flows. Each type corresponds
|
|
764
|
+
* to a specific UI element with its own behavior and properties.
|
|
624
765
|
*
|
|
625
766
|
* @example
|
|
626
767
|
* ```typescript
|
|
627
|
-
*
|
|
628
|
-
*
|
|
629
|
-
*
|
|
630
|
-
*
|
|
631
|
-
*
|
|
632
|
-
*
|
|
633
|
-
* const primaryUser = removeUserstorePrefix("PRIMARY/admin");
|
|
634
|
-
* console.log(primaryUser); // "admin"
|
|
635
|
-
*
|
|
636
|
-
* const alreadyClean = removeUserstorePrefix("user.name");
|
|
637
|
-
* console.log(alreadyClean); // "user.name"
|
|
638
|
-
*
|
|
639
|
-
* const emptyInput = removeUserstorePrefix("");
|
|
640
|
-
* console.log(emptyInput); // ""
|
|
768
|
+
* // Check component type to render appropriate UI
|
|
769
|
+
* if (component.type === EmbeddedFlowComponentType.TextInput) {
|
|
770
|
+
* // Render text input field
|
|
771
|
+
* } else if (component.type === EmbeddedFlowComponentType.Action) {
|
|
772
|
+
* // Render button/action
|
|
773
|
+
* }
|
|
641
774
|
* ```
|
|
775
|
+
*
|
|
776
|
+
* @experimental This API may change in future versions
|
|
642
777
|
*/
|
|
643
|
-
|
|
644
|
-
|
|
645
|
-
|
|
646
|
-
|
|
778
|
+
let EmbeddedFlowComponentType = /* @__PURE__ */ function(EmbeddedFlowComponentType$1) {
|
|
779
|
+
/** Interactive action component (buttons, links) for user interactions */
|
|
780
|
+
EmbeddedFlowComponentType$1["Action"] = "ACTION";
|
|
781
|
+
/** Container block component that groups other components */
|
|
782
|
+
EmbeddedFlowComponentType$1["Block"] = "BLOCK";
|
|
783
|
+
/** Consent component for displaying consent purposes and attributes */
|
|
784
|
+
EmbeddedFlowComponentType$1["Consent"] = "CONSENT";
|
|
785
|
+
/** Copyable text display component that shows text with a copy-to-clipboard action */
|
|
786
|
+
EmbeddedFlowComponentType$1["CopyableText"] = "COPYABLE_TEXT";
|
|
787
|
+
/** Date input field for selecting a calendar date */
|
|
788
|
+
EmbeddedFlowComponentType$1["DateInput"] = "DATE_INPUT";
|
|
789
|
+
/** Divider component for visual separation of content */
|
|
790
|
+
EmbeddedFlowComponentType$1["Divider"] = "DIVIDER";
|
|
791
|
+
/** Email input field with validation for email addresses. */
|
|
792
|
+
EmbeddedFlowComponentType$1["EmailInput"] = "EMAIL_INPUT";
|
|
793
|
+
/** Icon display component for rendering named vector icons */
|
|
794
|
+
EmbeddedFlowComponentType$1["Icon"] = "ICON";
|
|
795
|
+
/** Image display component for logos and illustrations */
|
|
796
|
+
EmbeddedFlowComponentType$1["Image"] = "IMAGE";
|
|
797
|
+
/** One-time password input field for multi-factor authentication */
|
|
798
|
+
EmbeddedFlowComponentType$1["OtpInput"] = "OTP_INPUT";
|
|
799
|
+
/** Organization unit tree picker for selecting an OU */
|
|
800
|
+
EmbeddedFlowComponentType$1["OuSelect"] = "OU_SELECT";
|
|
801
|
+
/** Password input field with masking for sensitive data */
|
|
802
|
+
EmbeddedFlowComponentType$1["PasswordInput"] = "PASSWORD_INPUT";
|
|
803
|
+
/** Phone number input field with country code support */
|
|
804
|
+
EmbeddedFlowComponentType$1["PhoneInput"] = "PHONE_INPUT";
|
|
805
|
+
/** Rich text display component that renders formatted HTML content */
|
|
806
|
+
EmbeddedFlowComponentType$1["RichText"] = "RICH_TEXT";
|
|
807
|
+
/** Select/dropdown input component for single choice selection */
|
|
808
|
+
EmbeddedFlowComponentType$1["Select"] = "SELECT";
|
|
809
|
+
/** Stack layout component for arranging children in a row or column */
|
|
810
|
+
EmbeddedFlowComponentType$1["Stack"] = "STACK";
|
|
811
|
+
/** Text display component for labels, headings, and messages */
|
|
812
|
+
EmbeddedFlowComponentType$1["Text"] = "TEXT";
|
|
813
|
+
/** Standard text input field for user data entry */
|
|
814
|
+
EmbeddedFlowComponentType$1["TextInput"] = "TEXT_INPUT";
|
|
815
|
+
/** Timer component for displaying a countdown */
|
|
816
|
+
EmbeddedFlowComponentType$1["Timer"] = "TIMER";
|
|
817
|
+
/** QR code display component for wallet-based flows (e.g. OpenID4VP) */
|
|
818
|
+
EmbeddedFlowComponentType$1["QrCode"] = "QR_CODE";
|
|
819
|
+
return EmbeddedFlowComponentType$1;
|
|
820
|
+
}({});
|
|
647
821
|
/**
|
|
648
|
-
*
|
|
649
|
-
* This is a helper function for processing user objects returned from SCIM2 endpoints.
|
|
650
|
-
* Handles various username field variations: username, userName, and user_name.
|
|
651
|
-
*
|
|
652
|
-
* @param user - The user object to process
|
|
653
|
-
* @returns The user object with processed username fields
|
|
654
|
-
*
|
|
655
|
-
* @example
|
|
656
|
-
* ```typescript
|
|
657
|
-
* const user = { username: "DEFAULT/john.doe", email: "john@example.com" };
|
|
658
|
-
* const processedUser = processUserUsername(user);
|
|
659
|
-
* console.log(processedUser.username); // "john.doe"
|
|
822
|
+
* Action variant types for buttons and interactive elements.
|
|
660
823
|
*
|
|
661
|
-
*
|
|
662
|
-
|
|
663
|
-
|
|
824
|
+
* @experimental This API may change in future versions
|
|
825
|
+
*/
|
|
826
|
+
let EmbeddedFlowActionVariant = /* @__PURE__ */ function(EmbeddedFlowActionVariant$1) {
|
|
827
|
+
/** Danger action button for destructive operations */
|
|
828
|
+
EmbeddedFlowActionVariant$1["Danger"] = "DANGER";
|
|
829
|
+
/** Info action button for informational purposes */
|
|
830
|
+
EmbeddedFlowActionVariant$1["Info"] = "INFO";
|
|
831
|
+
/** Link-styled action button */
|
|
832
|
+
EmbeddedFlowActionVariant$1["Link"] = "LINK";
|
|
833
|
+
/** Outlined action button for secondary emphasis */
|
|
834
|
+
EmbeddedFlowActionVariant$1["Outlined"] = "OUTLINED";
|
|
835
|
+
/** Primary action button with highest visual emphasis */
|
|
836
|
+
EmbeddedFlowActionVariant$1["Primary"] = "PRIMARY";
|
|
837
|
+
/** Secondary action button with moderate visual emphasis */
|
|
838
|
+
EmbeddedFlowActionVariant$1["Secondary"] = "SECONDARY";
|
|
839
|
+
/** Success action button for positive confirmations */
|
|
840
|
+
EmbeddedFlowActionVariant$1["Success"] = "SUCCESS";
|
|
841
|
+
/** Tertiary action button with minimal visual emphasis */
|
|
842
|
+
EmbeddedFlowActionVariant$1["Tertiary"] = "TERTIARY";
|
|
843
|
+
/** Warning action button for cautionary actions */
|
|
844
|
+
EmbeddedFlowActionVariant$1["Warning"] = "WARNING";
|
|
845
|
+
return EmbeddedFlowActionVariant$1;
|
|
846
|
+
}({});
|
|
847
|
+
/**
|
|
848
|
+
* Text variant types for typography components.
|
|
664
849
|
*
|
|
665
|
-
*
|
|
666
|
-
* const processedSnakeCaseUser = processUserUsername(snakeCaseUser);
|
|
667
|
-
* console.log(processedSnakeCaseUser.user_name); // "admin"
|
|
668
|
-
* ```
|
|
850
|
+
* @experimental This API may change in future versions
|
|
669
851
|
*/
|
|
670
|
-
|
|
671
|
-
|
|
672
|
-
|
|
673
|
-
|
|
674
|
-
|
|
675
|
-
|
|
676
|
-
|
|
677
|
-
|
|
678
|
-
|
|
852
|
+
let EmbeddedFlowTextVariant = /* @__PURE__ */ function(EmbeddedFlowTextVariant$1) {
|
|
853
|
+
/** Primary body text for main content */
|
|
854
|
+
EmbeddedFlowTextVariant$1["Body1"] = "BODY_1";
|
|
855
|
+
/** Secondary body text for supplementary content */
|
|
856
|
+
EmbeddedFlowTextVariant$1["Body2"] = "BODY_2";
|
|
857
|
+
/** Text styled for button labels */
|
|
858
|
+
EmbeddedFlowTextVariant$1["ButtonText"] = "BUTTON_TEXT";
|
|
859
|
+
/** Small caption text for annotations and descriptions */
|
|
860
|
+
EmbeddedFlowTextVariant$1["Caption"] = "CAPTION";
|
|
861
|
+
/** Largest heading level for main titles */
|
|
862
|
+
EmbeddedFlowTextVariant$1["Heading1"] = "HEADING_1";
|
|
863
|
+
/** Second level heading for major sections */
|
|
864
|
+
EmbeddedFlowTextVariant$1["Heading2"] = "HEADING_2";
|
|
865
|
+
/** Third level heading for subsections */
|
|
866
|
+
EmbeddedFlowTextVariant$1["Heading3"] = "HEADING_3";
|
|
867
|
+
/** Fourth level heading for minor sections */
|
|
868
|
+
EmbeddedFlowTextVariant$1["Heading4"] = "HEADING_4";
|
|
869
|
+
/** Fifth level heading for detailed sections */
|
|
870
|
+
EmbeddedFlowTextVariant$1["Heading5"] = "HEADING_5";
|
|
871
|
+
/** Smallest heading level for fine-grained sections */
|
|
872
|
+
EmbeddedFlowTextVariant$1["Heading6"] = "HEADING_6";
|
|
873
|
+
/** Overline text for labels and categories */
|
|
874
|
+
EmbeddedFlowTextVariant$1["Overline"] = "OVERLINE";
|
|
875
|
+
/** Primary subtitle text with larger emphasis */
|
|
876
|
+
EmbeddedFlowTextVariant$1["Subtitle1"] = "SUBTITLE_1";
|
|
877
|
+
/** Secondary subtitle text with moderate emphasis */
|
|
878
|
+
EmbeddedFlowTextVariant$1["Subtitle2"] = "SUBTITLE_2";
|
|
879
|
+
return EmbeddedFlowTextVariant$1;
|
|
880
|
+
}({});
|
|
881
|
+
/**
|
|
882
|
+
* Event types for action components.
|
|
883
|
+
*
|
|
884
|
+
* @experimental This API may change in future versions
|
|
885
|
+
*/
|
|
886
|
+
let EmbeddedFlowEventType = /* @__PURE__ */ function(EmbeddedFlowEventType$1) {
|
|
887
|
+
/** Navigate back to the previous step */
|
|
888
|
+
EmbeddedFlowEventType$1["Back"] = "BACK";
|
|
889
|
+
/** Cancel the current operation */
|
|
890
|
+
EmbeddedFlowEventType$1["Cancel"] = "CANCEL";
|
|
891
|
+
/** Navigate to a different flow step or page */
|
|
892
|
+
EmbeddedFlowEventType$1["Navigate"] = "NAVIGATE";
|
|
893
|
+
/** Reset form fields to initial state */
|
|
894
|
+
EmbeddedFlowEventType$1["Reset"] = "RESET";
|
|
895
|
+
/** Submit form data to the server */
|
|
896
|
+
EmbeddedFlowEventType$1["Submit"] = "SUBMIT";
|
|
897
|
+
/** Trigger an action or event */
|
|
898
|
+
EmbeddedFlowEventType$1["Trigger"] = "TRIGGER";
|
|
899
|
+
return EmbeddedFlowEventType$1;
|
|
900
|
+
}({});
|
|
679
901
|
|
|
680
902
|
//#endregion
|
|
681
|
-
//#region src/api/
|
|
903
|
+
//#region src/api/executeEmbeddedUserOnboardingFlow.ts
|
|
682
904
|
/**
|
|
683
|
-
*
|
|
905
|
+
* Executes an embedded user onboarding flow by sending a request to the flow execution endpoint.
|
|
906
|
+
*
|
|
907
|
+
* This function handles both:
|
|
908
|
+
* - Admin flow: Initiates onboarding, collects user details, generates invite link
|
|
909
|
+
* - End-user flow: Validates invite token and allows password setting
|
|
910
|
+
*
|
|
911
|
+
* @param requestConfig - Request configuration object containing URL, payload, and optional auth token.
|
|
912
|
+
* @returns A promise that resolves with the flow execution response.
|
|
913
|
+
* @throws ThunderIDAPIError when the request fails or URL is invalid.
|
|
684
914
|
*
|
|
685
|
-
* @param config - Request configuration object.
|
|
686
|
-
* @returns A promise that resolves with the user profile information.
|
|
687
915
|
* @example
|
|
688
916
|
* ```typescript
|
|
689
|
-
* //
|
|
690
|
-
*
|
|
691
|
-
*
|
|
692
|
-
*
|
|
693
|
-
*
|
|
694
|
-
*
|
|
695
|
-
*
|
|
696
|
-
*
|
|
697
|
-
* console.error('Failed to get user profile:', error.message);
|
|
917
|
+
* // Admin initiating user onboarding (requires auth token)
|
|
918
|
+
* const response = await executeEmbeddedUserOnboardingFlow({
|
|
919
|
+
* baseUrl: "https://api.thunder.io",
|
|
920
|
+
* payload: {
|
|
921
|
+
* flowType: "USER_ONBOARDING"
|
|
922
|
+
* },
|
|
923
|
+
* headers: {
|
|
924
|
+
* Authorization: `Bearer ${accessToken}`
|
|
698
925
|
* }
|
|
699
|
-
* }
|
|
926
|
+
* });
|
|
927
|
+
*
|
|
928
|
+
* // End-user accepting invite (no auth required)
|
|
929
|
+
* const response = await executeEmbeddedUserOnboardingFlow({
|
|
930
|
+
* baseUrl: "https://api.thunder.io",
|
|
931
|
+
* payload: {
|
|
932
|
+
* executionId: "flow-id-from-url",
|
|
933
|
+
* inputs: { inviteToken: "token-from-url" }
|
|
934
|
+
* }
|
|
935
|
+
* });
|
|
700
936
|
* ```
|
|
937
|
+
*/
|
|
938
|
+
const executeEmbeddedUserOnboardingFlow = async ({ url, baseUrl, payload,...requestConfig }) => {
|
|
939
|
+
if (!payload) throw new ThunderIDAPIError("User onboarding payload is required", "executeEmbeddedUserOnboardingFlow-ValidationError-002", "javascript", 400, "If a user onboarding payload is not provided, the request cannot be constructed correctly.");
|
|
940
|
+
const endpoint = url ?? `${baseUrl}/flow/execute`;
|
|
941
|
+
const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
|
|
942
|
+
const hasOnlyFlowType = typeof cleanPayload === "object" && cleanPayload !== null && "flowType" in cleanPayload && Object.keys(cleanPayload).length === 1;
|
|
943
|
+
const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
|
|
944
|
+
const hasFlowIdWithInputs = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && "inputs" in cleanPayload;
|
|
945
|
+
const requestPayload = hasOnlyFlowType || hasOnlyFlowId || hasFlowIdWithInputs ? {
|
|
946
|
+
...cleanPayload,
|
|
947
|
+
verbose: true
|
|
948
|
+
} : cleanPayload;
|
|
949
|
+
if ("flowType" in requestPayload && requestPayload["flowType"] !== EmbeddedFlowType.UserOnboarding) requestPayload["flowType"] = EmbeddedFlowType.UserOnboarding;
|
|
950
|
+
const response = await fetch(endpoint, {
|
|
951
|
+
...requestConfig,
|
|
952
|
+
body: JSON.stringify(requestPayload),
|
|
953
|
+
headers: {
|
|
954
|
+
Accept: "application/json",
|
|
955
|
+
"Content-Type": "application/json",
|
|
956
|
+
...requestConfig.headers
|
|
957
|
+
},
|
|
958
|
+
method: requestConfig.method || "POST"
|
|
959
|
+
});
|
|
960
|
+
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedUserOnboardingFlow-ResponseError-001", "javascript", response.status, response.statusText, "User onboarding request failed");
|
|
961
|
+
return await response.json();
|
|
962
|
+
};
|
|
963
|
+
var executeEmbeddedUserOnboardingFlow_default = executeEmbeddedUserOnboardingFlow;
|
|
964
|
+
|
|
965
|
+
//#endregion
|
|
966
|
+
//#region src/api/getFlowMeta.ts
|
|
967
|
+
/**
|
|
968
|
+
* Fetches aggregated flow metadata from the `GET /flow/meta` endpoint.
|
|
969
|
+
*
|
|
970
|
+
* The response includes:
|
|
971
|
+
* - Application or OU details depending on the `type` parameter
|
|
972
|
+
* - Resolved design configuration (theme and layout)
|
|
973
|
+
* - i18n translations filtered by `language` and `namespace`
|
|
974
|
+
* - Registration flow enablement status
|
|
975
|
+
*
|
|
976
|
+
* @param config - Request configuration including `baseUrl`/`url`, and optional
|
|
977
|
+
* `type`, `id`, `language`, and `namespace` filters. When `type`
|
|
978
|
+
* and `id` are omitted the server returns i18n-only metadata.
|
|
979
|
+
* @returns A promise that resolves to the {@link FlowMetadataResponse}.
|
|
980
|
+
*
|
|
981
|
+
* @throws {ThunderIDAPIError} When the server returns a non-OK response.
|
|
701
982
|
*
|
|
702
983
|
* @example
|
|
703
984
|
* ```typescript
|
|
704
|
-
*
|
|
705
|
-
*
|
|
706
|
-
*
|
|
707
|
-
*
|
|
708
|
-
*
|
|
709
|
-
*
|
|
710
|
-
*
|
|
711
|
-
*
|
|
712
|
-
*
|
|
713
|
-
*
|
|
714
|
-
*
|
|
715
|
-
*
|
|
716
|
-
*
|
|
717
|
-
* ok: response.status >= 200 && response.status < 300,
|
|
718
|
-
* status: response.status,
|
|
719
|
-
* statusText: response.statusText,
|
|
720
|
-
* json: () => Promise.resolve(response.data),
|
|
721
|
-
* text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
|
|
722
|
-
* } as Response;
|
|
723
|
-
* }
|
|
724
|
-
* });
|
|
725
|
-
* console.log(userProfile);
|
|
726
|
-
* } catch (error) {
|
|
727
|
-
* if (error instanceof ThunderIDAPIError) {
|
|
728
|
-
* console.error('Failed to get user profile:', error.message);
|
|
729
|
-
* }
|
|
730
|
-
* }
|
|
985
|
+
* import getFlowMeta from './api/getFlowMeta';
|
|
986
|
+
* import { FlowMetaType } from './models/flow-meta';
|
|
987
|
+
*
|
|
988
|
+
* const meta = await getFlowMeta({
|
|
989
|
+
* baseUrl: 'https://localhost:8090',
|
|
990
|
+
* type: FlowMetaType.App,
|
|
991
|
+
* id: '60a9b38b-6eba-9f9e-55f9-267067de4680',
|
|
992
|
+
* language: 'en',
|
|
993
|
+
* namespace: 'auth',
|
|
994
|
+
* });
|
|
995
|
+
*
|
|
996
|
+
* console.log(meta.application?.name);
|
|
997
|
+
* console.log(meta.i18n.translations);
|
|
731
998
|
* ```
|
|
999
|
+
*
|
|
1000
|
+
* @experimental This function targets the ThunderID V2 platform API
|
|
732
1001
|
*/
|
|
733
|
-
const
|
|
734
|
-
|
|
735
|
-
|
|
736
|
-
|
|
737
|
-
|
|
738
|
-
|
|
739
|
-
|
|
740
|
-
const
|
|
741
|
-
const
|
|
1002
|
+
const getFlowMeta = async ({ url, baseUrl, type, id, language, namespace,...requestConfig }) => {
|
|
1003
|
+
const queryParams = new URLSearchParams({
|
|
1004
|
+
...id ? { id } : {},
|
|
1005
|
+
...type ? { type } : {},
|
|
1006
|
+
...language ? { language } : {},
|
|
1007
|
+
...namespace ? { namespace } : {}
|
|
1008
|
+
});
|
|
1009
|
+
const endpoint = `${url ?? `${baseUrl}/flow/meta`}?${queryParams.toString()}`;
|
|
1010
|
+
const response = await fetch(endpoint, {
|
|
742
1011
|
...requestConfig,
|
|
743
1012
|
headers: {
|
|
744
1013
|
Accept: "application/json",
|
|
745
|
-
"Content-Type": "application/scim+json",
|
|
746
1014
|
...requestConfig.headers
|
|
747
1015
|
},
|
|
748
1016
|
method: "GET"
|
|
749
|
-
};
|
|
750
|
-
|
|
751
|
-
|
|
752
|
-
if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getScim2Me-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch user profile");
|
|
753
|
-
return processUsername_default(await response.json());
|
|
754
|
-
} catch (error$1) {
|
|
755
|
-
if (error$1 instanceof ThunderIDAPIError) throw error$1;
|
|
756
|
-
throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getScim2Me-NetworkError-001", "javascript", 0, "Network Error");
|
|
757
|
-
}
|
|
1017
|
+
});
|
|
1018
|
+
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "getFlowMeta-ResponseError-001", "javascript", response.status, response.statusText, "Flow metadata request failed");
|
|
1019
|
+
return await response.json();
|
|
758
1020
|
};
|
|
759
|
-
var
|
|
1021
|
+
var getFlowMeta_default = getFlowMeta;
|
|
760
1022
|
|
|
761
1023
|
//#endregion
|
|
762
|
-
//#region src/api/
|
|
1024
|
+
//#region src/api/getOrganizationUnitChildren.ts
|
|
763
1025
|
/**
|
|
764
|
-
* Retrieves the
|
|
1026
|
+
* Retrieves the child organization units of a given parent OU.
|
|
1027
|
+
*
|
|
1028
|
+
* @param config - Request configuration including `baseUrl`/`url`, `organizationUnitId`,
|
|
1029
|
+
* and optional `limit`/`offset` pagination parameters.
|
|
1030
|
+
* @returns A promise that resolves with the paginated list of child organization units.
|
|
1031
|
+
*
|
|
1032
|
+
* @throws {ThunderIDAPIError} When the server returns a non-OK response.
|
|
765
1033
|
*
|
|
766
|
-
* @param config - Request configuration object.
|
|
767
|
-
* @returns A promise that resolves with the SCIM2 schemas information.
|
|
768
1034
|
* @example
|
|
769
1035
|
* ```typescript
|
|
770
|
-
*
|
|
771
|
-
*
|
|
772
|
-
*
|
|
773
|
-
*
|
|
1036
|
+
* const children = await getOrganizationUnitChildren({
|
|
1037
|
+
* baseUrl: 'https://localhost:8090',
|
|
1038
|
+
* organizationUnitId: '0d5e071b-d3d3-475d-b3c6-1a20ee2fa9b1',
|
|
1039
|
+
* limit: 10,
|
|
1040
|
+
* offset: 0,
|
|
1041
|
+
* });
|
|
1042
|
+
* console.log(children.organizationUnits);
|
|
1043
|
+
* ```
|
|
1044
|
+
*
|
|
1045
|
+
* @experimental This function targets the ThunderID V2 platform API
|
|
1046
|
+
*/
|
|
1047
|
+
const getOrganizationUnitChildren = async ({ url, baseUrl, organizationUnitId, limit = 10, offset = 0,...requestConfig }) => {
|
|
1048
|
+
if (!organizationUnitId) throw new ThunderIDAPIError("Organization Unit ID is required", "getOrganizationUnitChildren-ValidationError-001", "javascript", 400, "If an organization unit ID is not provided, the request cannot be constructed correctly.");
|
|
1049
|
+
const queryParams = new URLSearchParams({
|
|
1050
|
+
limit: String(limit),
|
|
1051
|
+
offset: String(offset)
|
|
1052
|
+
});
|
|
1053
|
+
const endpoint = url ?? `${baseUrl}/organization-units/${organizationUnitId}/ous?${queryParams.toString()}`;
|
|
1054
|
+
const response = await fetch(endpoint, {
|
|
1055
|
+
...requestConfig,
|
|
1056
|
+
headers: {
|
|
1057
|
+
Accept: "application/json",
|
|
1058
|
+
...requestConfig.headers
|
|
1059
|
+
},
|
|
1060
|
+
method: "GET"
|
|
1061
|
+
});
|
|
1062
|
+
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "getOrganizationUnitChildren-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch organization unit children");
|
|
1063
|
+
return await response.json();
|
|
1064
|
+
};
|
|
1065
|
+
var getOrganizationUnitChildren_default = getOrganizationUnitChildren;
|
|
1066
|
+
|
|
1067
|
+
//#endregion
|
|
1068
|
+
//#region src/api/getUserInfo.ts
|
|
1069
|
+
/**
|
|
1070
|
+
* Retrieves the user information from the specified OIDC userinfo endpoint.
|
|
1071
|
+
*
|
|
1072
|
+
* @param requestConfig - Request configuration object.
|
|
1073
|
+
* @returns A promise that resolves with the user information.
|
|
1074
|
+
* @throw
|
|
1075
|
+
* const userInfo = await getUserInfo({
|
|
1076
|
+
* url: "https://localhost:8090/oauth2/userinfo",
|
|
774
1077
|
* });
|
|
775
|
-
* console.log(
|
|
1078
|
+
* console.log(userInfo);
|
|
776
1079
|
* } catch (error) {
|
|
777
1080
|
* if (error instanceof ThunderIDAPIError) {
|
|
778
|
-
* console.error('Failed to get
|
|
1081
|
+
* console.error('Failed to get user info:', error.message);
|
|
1082
|
+
* }
|
|
1083
|
+
* }
|
|
1084
|
+
* ```
|
|
1085
|
+
*/
|
|
1086
|
+
const getUserInfo = async ({ url,...requestConfig }) => {
|
|
1087
|
+
try {
|
|
1088
|
+
new URL(url);
|
|
1089
|
+
} catch (error$1) {
|
|
1090
|
+
throw new ThunderIDAPIError("Invalid endpoint URL provided", "getUserInfo-ValidationError-001", "javascript", 400, "Invalid Request");
|
|
1091
|
+
}
|
|
1092
|
+
try {
|
|
1093
|
+
const response = await fetch(url, {
|
|
1094
|
+
...requestConfig,
|
|
1095
|
+
headers: {
|
|
1096
|
+
Accept: "application/json",
|
|
1097
|
+
"Content-Type": "application/json",
|
|
1098
|
+
...requestConfig.headers
|
|
1099
|
+
},
|
|
1100
|
+
method: "GET"
|
|
1101
|
+
});
|
|
1102
|
+
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "getUserInfo-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch user info");
|
|
1103
|
+
return await response.json();
|
|
1104
|
+
} catch (error$1) {
|
|
1105
|
+
if (error$1 instanceof ThunderIDAPIError) throw error$1;
|
|
1106
|
+
throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getUserInfo-NetworkError-001", "javascript", 0, "Network Error");
|
|
1107
|
+
}
|
|
1108
|
+
};
|
|
1109
|
+
var getUserInfo_default = getUserInfo;
|
|
1110
|
+
|
|
1111
|
+
//#endregion
|
|
1112
|
+
//#region src/utils/processUsername.ts
|
|
1113
|
+
/**
|
|
1114
|
+
* Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
|
|
1115
|
+
*
|
|
1116
|
+
* WSO2 LLC. licenses this file to you under the Apache License,
|
|
1117
|
+
* Version 2.0 (the "License"); you may not use this file except
|
|
1118
|
+
* in compliance with the License.
|
|
1119
|
+
* You may obtain a copy of the License at
|
|
1120
|
+
*
|
|
1121
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
1122
|
+
*
|
|
1123
|
+
* Unless required by applicable law or agreed to in writing,
|
|
1124
|
+
* software distributed under the License is distributed on an
|
|
1125
|
+
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
1126
|
+
* KIND, either express or implied. See the License for the
|
|
1127
|
+
* specific language governing permissions and limitations
|
|
1128
|
+
* under the License.
|
|
1129
|
+
*/
|
|
1130
|
+
/**
|
|
1131
|
+
* Regular expression to match userstore prefixes in usernames.
|
|
1132
|
+
* Matches patterns like "DEFAULT/", "ASGARDEO_USER/", "PRIMARY/", etc.
|
|
1133
|
+
* The pattern matches any uppercase letters, numbers, and underscores followed by a forward slash.
|
|
1134
|
+
*/
|
|
1135
|
+
const USERSTORE_PREFIX_REGEX = /^[A-Z_][A-Z0-9_]*\//;
|
|
1136
|
+
/**
|
|
1137
|
+
* Removes userstore prefixes from a username if they exist.
|
|
1138
|
+
* This is commonly used to clean usernames returned from SCIM2 endpoints
|
|
1139
|
+
* that include userstore prefixes like "DEFAULT/", "ASGARDEO_USER/", "PRIMARY/", etc.
|
|
1140
|
+
*
|
|
1141
|
+
* @param username - The username string to process
|
|
1142
|
+
* @returns The username without the userstore prefix, or the original username if no prefix exists
|
|
1143
|
+
*
|
|
1144
|
+
* @example
|
|
1145
|
+
* ```typescript
|
|
1146
|
+
* const cleanUsername = removeUserstorePrefix("DEFAULT/john.doe");
|
|
1147
|
+
* console.log(cleanUsername); // "john.doe"
|
|
1148
|
+
*
|
|
1149
|
+
* const thunderidUser = removeUserstorePrefix("ASGARDEO_USER/jane.doe");
|
|
1150
|
+
* console.log(thunderidUser); // "jane.doe"
|
|
1151
|
+
*
|
|
1152
|
+
* const primaryUser = removeUserstorePrefix("PRIMARY/admin");
|
|
1153
|
+
* console.log(primaryUser); // "admin"
|
|
1154
|
+
*
|
|
1155
|
+
* const alreadyClean = removeUserstorePrefix("user.name");
|
|
1156
|
+
* console.log(alreadyClean); // "user.name"
|
|
1157
|
+
*
|
|
1158
|
+
* const emptyInput = removeUserstorePrefix("");
|
|
1159
|
+
* console.log(emptyInput); // ""
|
|
1160
|
+
* ```
|
|
1161
|
+
*/
|
|
1162
|
+
const removeUserstorePrefix = (username) => {
|
|
1163
|
+
if (!username) return "";
|
|
1164
|
+
return username.replace(USERSTORE_PREFIX_REGEX, "");
|
|
1165
|
+
};
|
|
1166
|
+
/**
|
|
1167
|
+
* Processes a user object to remove userstore prefixes from username fields.
|
|
1168
|
+
* This is a helper function for processing user objects returned from SCIM2 endpoints.
|
|
1169
|
+
* Handles various username field variations: username, userName, and user_name.
|
|
1170
|
+
*
|
|
1171
|
+
* @param user - The user object to process
|
|
1172
|
+
* @returns The user object with processed username fields
|
|
1173
|
+
*
|
|
1174
|
+
* @example
|
|
1175
|
+
* ```typescript
|
|
1176
|
+
* const user = { username: "DEFAULT/john.doe", email: "john@example.com" };
|
|
1177
|
+
* const processedUser = processUserUsername(user);
|
|
1178
|
+
* console.log(processedUser.username); // "john.doe"
|
|
1179
|
+
*
|
|
1180
|
+
* const camelCaseUser = { userName: "ASGARDEO_USER/jane.doe", email: "jane@example.com" };
|
|
1181
|
+
* const processedCamelCaseUser = processUserUsername(camelCaseUser);
|
|
1182
|
+
* console.log(processedCamelCaseUser.userName); // "jane.doe"
|
|
1183
|
+
*
|
|
1184
|
+
* const snakeCaseUser = { user_name: "PRIMARY/admin", email: "admin@example.com" };
|
|
1185
|
+
* const processedSnakeCaseUser = processUserUsername(snakeCaseUser);
|
|
1186
|
+
* console.log(processedSnakeCaseUser.user_name); // "admin"
|
|
1187
|
+
* ```
|
|
1188
|
+
*/
|
|
1189
|
+
const processUsername = (user) => {
|
|
1190
|
+
if (!user) return user;
|
|
1191
|
+
const processedUser = { ...user };
|
|
1192
|
+
if (processedUser.username) processedUser.username = removeUserstorePrefix(processedUser.username);
|
|
1193
|
+
if (processedUser.userName) processedUser.userName = removeUserstorePrefix(processedUser.userName);
|
|
1194
|
+
if (processedUser.user_name) processedUser.user_name = removeUserstorePrefix(processedUser.user_name);
|
|
1195
|
+
return processedUser;
|
|
1196
|
+
};
|
|
1197
|
+
var processUsername_default = processUsername;
|
|
1198
|
+
|
|
1199
|
+
//#endregion
|
|
1200
|
+
//#region src/api/getScim2Me.ts
|
|
1201
|
+
/**
|
|
1202
|
+
* Retrieves the user profile information from the specified SCIM2 /Me endpoint.
|
|
1203
|
+
*
|
|
1204
|
+
* @param config - Request configuration object.
|
|
1205
|
+
* @returns A promise that resolves with the user profile information.
|
|
1206
|
+
* @example
|
|
1207
|
+
* ```typescript
|
|
1208
|
+
* // Using default fetch
|
|
1209
|
+
* try {
|
|
1210
|
+
* const userProfile = await getScim2Me({
|
|
1211
|
+
* url: "https://localhost:8090/scim2/Me",
|
|
1212
|
+
* });
|
|
1213
|
+
* console.log(userProfile);
|
|
1214
|
+
* } catch (error) {
|
|
1215
|
+
* if (error instanceof ThunderIDAPIError) {
|
|
1216
|
+
* console.error('Failed to get user profile:', error.message);
|
|
779
1217
|
* }
|
|
780
1218
|
* }
|
|
781
1219
|
* ```
|
|
@@ -784,8 +1222,8 @@ var getScim2Me_default = getScim2Me;
|
|
|
784
1222
|
* ```typescript
|
|
785
1223
|
* // Using custom fetcher (e.g., axios-based httpClient)
|
|
786
1224
|
* try {
|
|
787
|
-
* const
|
|
788
|
-
* url: "https://localhost:8090/scim2/
|
|
1225
|
+
* const userProfile = await getScim2Me({
|
|
1226
|
+
* url: "https://localhost:8090/scim2/Me",
|
|
789
1227
|
* fetcher: async (url, config) => {
|
|
790
1228
|
* const response = await httpClient({
|
|
791
1229
|
* url,
|
|
@@ -803,63 +1241,60 @@ var getScim2Me_default = getScim2Me;
|
|
|
803
1241
|
* } as Response;
|
|
804
1242
|
* }
|
|
805
1243
|
* });
|
|
806
|
-
* console.log(
|
|
1244
|
+
* console.log(userProfile);
|
|
807
1245
|
* } catch (error) {
|
|
808
1246
|
* if (error instanceof ThunderIDAPIError) {
|
|
809
|
-
* console.error('Failed to get
|
|
1247
|
+
* console.error('Failed to get user profile:', error.message);
|
|
810
1248
|
* }
|
|
811
1249
|
* }
|
|
812
1250
|
* ```
|
|
813
1251
|
*/
|
|
814
|
-
const
|
|
1252
|
+
const getScim2Me = async ({ url, baseUrl, fetcher,...requestConfig }) => {
|
|
815
1253
|
try {
|
|
816
1254
|
new URL(url ?? baseUrl);
|
|
817
1255
|
} catch (error$1) {
|
|
818
|
-
throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "
|
|
1256
|
+
throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "getScim2Me-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
|
|
819
1257
|
}
|
|
820
1258
|
const fetchFn = fetcher || fetch;
|
|
821
|
-
const resolvedUrl = url ?? `${baseUrl}/scim2/
|
|
1259
|
+
const resolvedUrl = url ?? `${baseUrl}/scim2/Me`;
|
|
822
1260
|
const requestInit = {
|
|
823
1261
|
...requestConfig,
|
|
824
1262
|
headers: {
|
|
825
1263
|
Accept: "application/json",
|
|
826
|
-
"Content-Type": "application/json",
|
|
1264
|
+
"Content-Type": "application/scim+json",
|
|
827
1265
|
...requestConfig.headers
|
|
828
1266
|
},
|
|
829
1267
|
method: "GET"
|
|
830
1268
|
};
|
|
831
1269
|
try {
|
|
832
1270
|
const response = await fetchFn(resolvedUrl, requestInit);
|
|
833
|
-
if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "
|
|
834
|
-
return await response.json();
|
|
1271
|
+
if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getScim2Me-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch user profile");
|
|
1272
|
+
return processUsername_default(await response.json());
|
|
835
1273
|
} catch (error$1) {
|
|
836
1274
|
if (error$1 instanceof ThunderIDAPIError) throw error$1;
|
|
837
|
-
throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "
|
|
1275
|
+
throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getScim2Me-NetworkError-001", "javascript", 0, "Network Error");
|
|
838
1276
|
}
|
|
839
1277
|
};
|
|
840
|
-
var
|
|
1278
|
+
var getScim2Me_default = getScim2Me;
|
|
841
1279
|
|
|
842
1280
|
//#endregion
|
|
843
|
-
//#region src/api/
|
|
1281
|
+
//#region src/api/getSchemas.ts
|
|
844
1282
|
/**
|
|
845
|
-
* Retrieves
|
|
1283
|
+
* Retrieves the SCIM2 schemas from the specified endpoint.
|
|
846
1284
|
*
|
|
847
|
-
* @param config -
|
|
848
|
-
* @returns A promise that resolves with the
|
|
1285
|
+
* @param config - Request configuration object.
|
|
1286
|
+
* @returns A promise that resolves with the SCIM2 schemas information.
|
|
849
1287
|
* @example
|
|
850
1288
|
* ```typescript
|
|
851
1289
|
* // Using default fetch
|
|
852
1290
|
* try {
|
|
853
|
-
* const
|
|
854
|
-
*
|
|
855
|
-
* filter: "",
|
|
856
|
-
* limit: 10,
|
|
857
|
-
* recursive: false
|
|
1291
|
+
* const schemas = await getSchemas({
|
|
1292
|
+
* url: "https://localhost:8090/scim2/Schemas",
|
|
858
1293
|
* });
|
|
859
|
-
* console.log(
|
|
1294
|
+
* console.log(schemas);
|
|
860
1295
|
* } catch (error) {
|
|
861
1296
|
* if (error instanceof ThunderIDAPIError) {
|
|
862
|
-
* console.error('Failed to get
|
|
1297
|
+
* console.error('Failed to get schemas:', error.message);
|
|
863
1298
|
* }
|
|
864
1299
|
* }
|
|
865
1300
|
* ```
|
|
@@ -868,11 +1303,8 @@ var getSchemas_default = getSchemas;
|
|
|
868
1303
|
* ```typescript
|
|
869
1304
|
* // Using custom fetcher (e.g., axios-based httpClient)
|
|
870
1305
|
* try {
|
|
871
|
-
* const
|
|
872
|
-
*
|
|
873
|
-
* filter: "",
|
|
874
|
-
* limit: 10,
|
|
875
|
-
* recursive: false,
|
|
1306
|
+
* const schemas = await getSchemas({
|
|
1307
|
+
* url: "https://localhost:8090/scim2/Schemas",
|
|
876
1308
|
* fetcher: async (url, config) => {
|
|
877
1309
|
* const response = await httpClient({
|
|
878
1310
|
* url,
|
|
@@ -890,43 +1322,130 @@ var getSchemas_default = getSchemas;
|
|
|
890
1322
|
* } as Response;
|
|
891
1323
|
* }
|
|
892
1324
|
* });
|
|
893
|
-
* console.log(
|
|
1325
|
+
* console.log(schemas);
|
|
894
1326
|
* } catch (error) {
|
|
895
1327
|
* if (error instanceof ThunderIDAPIError) {
|
|
896
|
-
* console.error('Failed to get
|
|
1328
|
+
* console.error('Failed to get schemas:', error.message);
|
|
897
1329
|
* }
|
|
898
1330
|
* }
|
|
899
1331
|
* ```
|
|
900
1332
|
*/
|
|
901
|
-
const
|
|
1333
|
+
const getSchemas = async ({ url, baseUrl, fetcher,...requestConfig }) => {
|
|
902
1334
|
try {
|
|
903
|
-
new URL(baseUrl);
|
|
1335
|
+
new URL(url ?? baseUrl);
|
|
904
1336
|
} catch (error$1) {
|
|
905
|
-
throw new ThunderIDAPIError(`Invalid
|
|
1337
|
+
throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "getSchemas-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
|
|
906
1338
|
}
|
|
907
|
-
const queryParams = new URLSearchParams(Object.fromEntries(Object.entries({
|
|
908
|
-
filter,
|
|
909
|
-
limit: limit.toString(),
|
|
910
|
-
recursive: recursive.toString()
|
|
911
|
-
}).filter(([, value]) => Boolean(value))));
|
|
912
1339
|
const fetchFn = fetcher || fetch;
|
|
913
|
-
const resolvedUrl = `${baseUrl}/
|
|
1340
|
+
const resolvedUrl = url ?? `${baseUrl}/scim2/Schemas`;
|
|
914
1341
|
const requestInit = {
|
|
915
1342
|
...requestConfig,
|
|
916
1343
|
headers: {
|
|
917
|
-
...requestConfig.headers,
|
|
918
1344
|
Accept: "application/json",
|
|
919
|
-
"Content-Type": "application/json"
|
|
1345
|
+
"Content-Type": "application/json",
|
|
1346
|
+
...requestConfig.headers
|
|
920
1347
|
},
|
|
921
1348
|
method: "GET"
|
|
922
1349
|
};
|
|
923
1350
|
try {
|
|
924
1351
|
const response = await fetchFn(resolvedUrl, requestInit);
|
|
925
|
-
if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "
|
|
926
|
-
|
|
927
|
-
|
|
928
|
-
|
|
929
|
-
|
|
1352
|
+
if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getSchemas-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch SCIM2 schemas");
|
|
1353
|
+
return await response.json();
|
|
1354
|
+
} catch (error$1) {
|
|
1355
|
+
if (error$1 instanceof ThunderIDAPIError) throw error$1;
|
|
1356
|
+
throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getSchemas-NetworkError-001", "javascript", 0, "Network Error");
|
|
1357
|
+
}
|
|
1358
|
+
};
|
|
1359
|
+
var getSchemas_default = getSchemas;
|
|
1360
|
+
|
|
1361
|
+
//#endregion
|
|
1362
|
+
//#region src/api/getAllOrganizations.ts
|
|
1363
|
+
/**
|
|
1364
|
+
* Retrieves all organizations with pagination support.
|
|
1365
|
+
*
|
|
1366
|
+
* @param config - Configuration object containing baseUrl, optional query parameters, and request config.
|
|
1367
|
+
* @returns A promise that resolves with the paginated organizations information.
|
|
1368
|
+
* @example
|
|
1369
|
+
* ```typescript
|
|
1370
|
+
* // Using default fetch
|
|
1371
|
+
* try {
|
|
1372
|
+
* const response = await getAllOrganizations({
|
|
1373
|
+
* baseUrl: "https://localhost:8090",
|
|
1374
|
+
* filter: "",
|
|
1375
|
+
* limit: 10,
|
|
1376
|
+
* recursive: false
|
|
1377
|
+
* });
|
|
1378
|
+
* console.log(response.organizations);
|
|
1379
|
+
* } catch (error) {
|
|
1380
|
+
* if (error instanceof ThunderIDAPIError) {
|
|
1381
|
+
* console.error('Failed to get organizations:', error.message);
|
|
1382
|
+
* }
|
|
1383
|
+
* }
|
|
1384
|
+
* ```
|
|
1385
|
+
*
|
|
1386
|
+
* @example
|
|
1387
|
+
* ```typescript
|
|
1388
|
+
* // Using custom fetcher (e.g., axios-based httpClient)
|
|
1389
|
+
* try {
|
|
1390
|
+
* const response = await getAllOrganizations({
|
|
1391
|
+
* baseUrl: "https://localhost:8090",
|
|
1392
|
+
* filter: "",
|
|
1393
|
+
* limit: 10,
|
|
1394
|
+
* recursive: false,
|
|
1395
|
+
* fetcher: async (url, config) => {
|
|
1396
|
+
* const response = await httpClient({
|
|
1397
|
+
* url,
|
|
1398
|
+
* method: config.method,
|
|
1399
|
+
* headers: config.headers,
|
|
1400
|
+
* ...config
|
|
1401
|
+
* });
|
|
1402
|
+
* // Convert axios-like response to fetch-like Response
|
|
1403
|
+
* return {
|
|
1404
|
+
* ok: response.status >= 200 && response.status < 300,
|
|
1405
|
+
* status: response.status,
|
|
1406
|
+
* statusText: response.statusText,
|
|
1407
|
+
* json: () => Promise.resolve(response.data),
|
|
1408
|
+
* text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
|
|
1409
|
+
* } as Response;
|
|
1410
|
+
* }
|
|
1411
|
+
* });
|
|
1412
|
+
* console.log(response.organizations);
|
|
1413
|
+
* } catch (error) {
|
|
1414
|
+
* if (error instanceof ThunderIDAPIError) {
|
|
1415
|
+
* console.error('Failed to get organizations:', error.message);
|
|
1416
|
+
* }
|
|
1417
|
+
* }
|
|
1418
|
+
* ```
|
|
1419
|
+
*/
|
|
1420
|
+
const getAllOrganizations = async ({ baseUrl, filter = "", limit = 10, recursive = false, fetcher,...requestConfig }) => {
|
|
1421
|
+
try {
|
|
1422
|
+
new URL(baseUrl);
|
|
1423
|
+
} catch (error$1) {
|
|
1424
|
+
throw new ThunderIDAPIError(`Invalid base URL provided. ${error$1?.toString()}`, "getAllOrganizations-ValidationError-001", "javascript", 400, "The provided `baseUrl` does not adhere to the URL schema.");
|
|
1425
|
+
}
|
|
1426
|
+
const queryParams = new URLSearchParams(Object.fromEntries(Object.entries({
|
|
1427
|
+
filter,
|
|
1428
|
+
limit: limit.toString(),
|
|
1429
|
+
recursive: recursive.toString()
|
|
1430
|
+
}).filter(([, value]) => Boolean(value))));
|
|
1431
|
+
const fetchFn = fetcher || fetch;
|
|
1432
|
+
const resolvedUrl = `${baseUrl}/api/server/v1/organizations?${queryParams.toString()}`;
|
|
1433
|
+
const requestInit = {
|
|
1434
|
+
...requestConfig,
|
|
1435
|
+
headers: {
|
|
1436
|
+
...requestConfig.headers,
|
|
1437
|
+
Accept: "application/json",
|
|
1438
|
+
"Content-Type": "application/json"
|
|
1439
|
+
},
|
|
1440
|
+
method: "GET"
|
|
1441
|
+
};
|
|
1442
|
+
try {
|
|
1443
|
+
const response = await fetchFn(resolvedUrl, requestInit);
|
|
1444
|
+
if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getAllOrganizations-ResponseError-001", "javascript", response.status, response.statusText, "Failed to get organizations");
|
|
1445
|
+
const data = await response.json();
|
|
1446
|
+
return {
|
|
1447
|
+
hasMore: data.hasMore,
|
|
1448
|
+
nextCursor: data.nextCursor,
|
|
930
1449
|
organizations: data.organizations || [],
|
|
931
1450
|
totalCount: data.totalCount
|
|
932
1451
|
};
|
|
@@ -1468,42 +1987,6 @@ const updateMeProfile = async ({ url, baseUrl, payload, fetcher,...requestConfig
|
|
|
1468
1987
|
};
|
|
1469
1988
|
var updateMeProfile_default = updateMeProfile;
|
|
1470
1989
|
|
|
1471
|
-
//#endregion
|
|
1472
|
-
//#region src/models/platforms.ts
|
|
1473
|
-
/**
|
|
1474
|
-
* Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
|
|
1475
|
-
*
|
|
1476
|
-
* WSO2 LLC. licenses this file to you under the Apache License,
|
|
1477
|
-
* Version 2.0 (the "License"); you may not use this file except
|
|
1478
|
-
* in compliance with the License.
|
|
1479
|
-
* You may obtain a copy of the License at
|
|
1480
|
-
*
|
|
1481
|
-
* http://www.apache.org/licenses/LICENSE-2.0
|
|
1482
|
-
*
|
|
1483
|
-
* Unless required by applicable law or agreed to in writing,
|
|
1484
|
-
* software distributed under the License is distributed on an
|
|
1485
|
-
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
1486
|
-
* KIND, either express or implied. See the License for the
|
|
1487
|
-
* specific language governing permissions and limitations
|
|
1488
|
-
* under the License.
|
|
1489
|
-
*/
|
|
1490
|
-
/**
|
|
1491
|
-
* Enumeration of supported identity platforms.
|
|
1492
|
-
*
|
|
1493
|
-
* - `ThunderID`: Represents the ThunderID identity platform.
|
|
1494
|
-
* - `IdentityServer`: Represents WSO2 Identity Server (on-prem or custom domains).
|
|
1495
|
-
* - `Unknown`: Used when the platform cannot be determined from the configuration.
|
|
1496
|
-
*/
|
|
1497
|
-
let Platform = /* @__PURE__ */ function(Platform$1) {
|
|
1498
|
-
/** ThunderID identity platform */
|
|
1499
|
-
Platform$1["ThunderID"] = "THUNDERID";
|
|
1500
|
-
/** WSO2 Identity Server (on-prem or custom domains) */
|
|
1501
|
-
Platform$1["IdentityServer"] = "IDENTITY_SERVER";
|
|
1502
|
-
/** Unknown or unsupported platform */
|
|
1503
|
-
Platform$1["Unknown"] = "UNKNOWN";
|
|
1504
|
-
return Platform$1;
|
|
1505
|
-
}({});
|
|
1506
|
-
|
|
1507
1990
|
//#endregion
|
|
1508
1991
|
//#region src/utils/logger.ts
|
|
1509
1992
|
const PREFIX = "⚡ ThunderID";
|
|
@@ -1810,114 +2293,6 @@ const createPackageComponentLogger = (packageName, component) => {
|
|
|
1810
2293
|
return createPackageLogger(packageName).child(component);
|
|
1811
2294
|
};
|
|
1812
2295
|
|
|
1813
|
-
//#endregion
|
|
1814
|
-
//#region src/errors/ThunderIDRuntimeError.ts
|
|
1815
|
-
/**
|
|
1816
|
-
* Base class for all runtime errors in ThunderID. This class extends ThunderIDError
|
|
1817
|
-
* and adds support for additional error details. Use this class for errors that occur
|
|
1818
|
-
* during runtime execution that are not related to API calls.
|
|
1819
|
-
*
|
|
1820
|
-
* @example
|
|
1821
|
-
* ```typescript
|
|
1822
|
-
* throw new ThunderIDRuntimeError(
|
|
1823
|
-
* "Failed to parse configuration",
|
|
1824
|
-
* "CONFIG_PARSE_ERROR",
|
|
1825
|
-
* { invalidField: "redirectUri" }
|
|
1826
|
-
* );
|
|
1827
|
-
* ```
|
|
1828
|
-
*/
|
|
1829
|
-
var ThunderIDRuntimeError = class extends ThunderIDError {
|
|
1830
|
-
/**
|
|
1831
|
-
* Creates an instance of ThunderIDRuntimeError.
|
|
1832
|
-
*
|
|
1833
|
-
* @param message - Human-readable description of the error
|
|
1834
|
-
* @param code - A unique error code that identifies the error type
|
|
1835
|
-
* @param details - Additional details about the error that might be helpful for debugging
|
|
1836
|
-
* @param origin - Optional. The SDK origin (e.g. 'react', 'vue'). Defaults to generic 'ThunderID'
|
|
1837
|
-
* @constructor
|
|
1838
|
-
*/
|
|
1839
|
-
constructor(message, code, origin, details) {
|
|
1840
|
-
super(message, code, origin);
|
|
1841
|
-
this.details = details;
|
|
1842
|
-
Object.defineProperty(this, "name", {
|
|
1843
|
-
configurable: true,
|
|
1844
|
-
value: "ThunderIDRuntimeError",
|
|
1845
|
-
writable: true
|
|
1846
|
-
});
|
|
1847
|
-
}
|
|
1848
|
-
/**
|
|
1849
|
-
* Returns a string representation of the runtime error
|
|
1850
|
-
* @returns Formatted error string with name, code, details, and message
|
|
1851
|
-
*/
|
|
1852
|
-
toString() {
|
|
1853
|
-
const details = this.details ? `\nDetails: ${JSON.stringify(this.details, null, 2)}` : "";
|
|
1854
|
-
return `[${this.name}] (code="${this.code}")${details}\nMessage: ${this.message}`;
|
|
1855
|
-
}
|
|
1856
|
-
};
|
|
1857
|
-
|
|
1858
|
-
//#endregion
|
|
1859
|
-
//#region src/utils/isRecognizedBaseUrlPattern.ts
|
|
1860
|
-
/**
|
|
1861
|
-
* Utility to determine if sensible ThunderID fallbacks can be used based on the given base URL.
|
|
1862
|
-
*
|
|
1863
|
-
* This checks if the URL follows the standard ThunderID pattern: /t/{orgHandle}
|
|
1864
|
-
* Returns true if sensible fallbacks (like deriving organization handle, tenant, etc.) can be used, false otherwise.
|
|
1865
|
-
*
|
|
1866
|
-
* @param baseUrl - The base URL of the ThunderID identity server (string or undefined)
|
|
1867
|
-
* @returns boolean - true if sensible fallbacks can be used, false otherwise
|
|
1868
|
-
*
|
|
1869
|
-
* @example
|
|
1870
|
-
* isRecognizedBaseUrlPattern('https://localhost:8090/t/dxlab'); // true
|
|
1871
|
-
* isRecognizedBaseUrlPattern('https://custom.example.com/auth'); // false
|
|
1872
|
-
*/
|
|
1873
|
-
const isRecognizedBaseUrlPattern = (baseUrl) => {
|
|
1874
|
-
if (!baseUrl) throw new ThunderIDRuntimeError("Base URL is required to derive if the `baseUrl` is recognized.", "isRecognizedBaseUrlPattern-ValidationError-001", "javascript", "A valid base URL must be provided to derive if the `baseUrl` is recognized to use the sensible fallbacks.");
|
|
1875
|
-
let parsedUrl;
|
|
1876
|
-
try {
|
|
1877
|
-
parsedUrl = new URL(baseUrl);
|
|
1878
|
-
} catch (error$1) {
|
|
1879
|
-
throw new ThunderIDRuntimeError(`Invalid base URL format: ${baseUrl}`, "isRecognizedBaseUrlPattern-ValidationError-002", "javascript", "The provided base URL does not conform to valid URL syntax.");
|
|
1880
|
-
}
|
|
1881
|
-
const pathSegments = parsedUrl.pathname?.split("/")?.filter((segment) => segment?.length > 0);
|
|
1882
|
-
if (pathSegments.length < 2 || pathSegments[0] !== "t") {
|
|
1883
|
-
logger_default.warn("[isRecognizedBaseUrlPattern] The provided base URL does not follow the expected URL pattern (/t/{orgHandle}).");
|
|
1884
|
-
return false;
|
|
1885
|
-
}
|
|
1886
|
-
return true;
|
|
1887
|
-
};
|
|
1888
|
-
var isRecognizedBaseUrlPattern_default = isRecognizedBaseUrlPattern;
|
|
1889
|
-
|
|
1890
|
-
//#endregion
|
|
1891
|
-
//#region src/utils/identifyPlatform.ts
|
|
1892
|
-
/**
|
|
1893
|
-
* Identifies the platform based on the given base URL.
|
|
1894
|
-
*
|
|
1895
|
-
* If the URL is recognized and matches the ThunderID domain, returns Platform.ThunderID.
|
|
1896
|
-
* Otherwise, returns Platform.IdentityServer.
|
|
1897
|
-
*
|
|
1898
|
-
* @param baseUrl - The base URL to check
|
|
1899
|
-
* @returns Platform enum value
|
|
1900
|
-
*/
|
|
1901
|
-
const identifyPlatform = (config) => {
|
|
1902
|
-
const { baseUrl } = config;
|
|
1903
|
-
try {
|
|
1904
|
-
if (isRecognizedBaseUrlPattern_default(baseUrl)) {
|
|
1905
|
-
try {
|
|
1906
|
-
const url = new URL(baseUrl);
|
|
1907
|
-
if (/\.thunderid\.io$/i.test(url.hostname) || /thunderid\.io$/i.test(url.hostname)) return Platform.ThunderID;
|
|
1908
|
-
} catch {
|
|
1909
|
-
logger_default.debug(`[identifyPlatform] Could not identify platform from the base URL: ${baseUrl}. Defaulting to WSO2 Identity Server as the platform.`);
|
|
1910
|
-
}
|
|
1911
|
-
return Platform.IdentityServer;
|
|
1912
|
-
}
|
|
1913
|
-
return Platform.Unknown;
|
|
1914
|
-
} catch (error$1) {
|
|
1915
|
-
logger_default.debug(`[identifyPlatform] Error identifying platform from base URL: ${baseUrl}. Error: ${error$1.message}`);
|
|
1916
|
-
return Platform.Unknown;
|
|
1917
|
-
}
|
|
1918
|
-
};
|
|
1919
|
-
var identifyPlatform_default = identifyPlatform;
|
|
1920
|
-
|
|
1921
2296
|
//#endregion
|
|
1922
2297
|
//#region src/api/getBrandingPreference.ts
|
|
1923
2298
|
/**
|
|
@@ -1998,575 +2373,28 @@ const getBrandingPreference = async ({ baseUrl, locale, name, type, fetcher,...r
|
|
|
1998
2373
|
...requestConfig.headers
|
|
1999
2374
|
},
|
|
2000
2375
|
method: "GET"
|
|
2001
|
-
};
|
|
2002
|
-
try {
|
|
2003
|
-
const response = await fetchFn(resolvedUrl, requestInit);
|
|
2004
|
-
if (!response?.ok) {
|
|
2005
|
-
const errorText = await response.text();
|
|
2006
|
-
|
|
2007
|
-
|
|
2008
|
-
|
|
2009
|
-
|
|
2010
|
-
|
|
2011
|
-
|
|
2012
|
-
|
|
2013
|
-
}
|
|
2014
|
-
|
|
2015
|
-
|
|
2016
|
-
|
|
2017
|
-
|
|
2018
|
-
|
|
2019
|
-
|
|
2020
|
-
|
|
2021
|
-
return await response.json();
|
|
2022
|
-
} catch (error$1) {
|
|
2023
|
-
if (error$1 instanceof ThunderIDAPIError) throw error$1;
|
|
2024
|
-
throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getBrandingPreference-NetworkError-001", "javascript", 0, "Network Error");
|
|
2025
|
-
}
|
|
2026
|
-
};
|
|
2027
|
-
var getBrandingPreference_default = getBrandingPreference;
|
|
2028
|
-
|
|
2029
|
-
//#endregion
|
|
2030
|
-
//#region src/models/v2/embedded-signin-flow-v2.ts
|
|
2031
|
-
/**
|
|
2032
|
-
* Status enumeration for ThunderID embedded sign-in flow operations.
|
|
2033
|
-
*
|
|
2034
|
-
* These statuses indicate the current state of the sign-in flow and determine
|
|
2035
|
-
* the next action required by the client application. Each status provides
|
|
2036
|
-
* specific guidance on how to proceed with the authentication process.
|
|
2037
|
-
*
|
|
2038
|
-
* @example
|
|
2039
|
-
* ```typescript
|
|
2040
|
-
* switch (response.flowStatus) {
|
|
2041
|
-
* case EmbeddedSignInFlowStatus.Incomplete:
|
|
2042
|
-
* // More user input needed - render form components
|
|
2043
|
-
* break;
|
|
2044
|
-
* case EmbeddedSignInFlowStatus.Complete:
|
|
2045
|
-
* // Authentication successful - handle completion
|
|
2046
|
-
* break;
|
|
2047
|
-
* case EmbeddedSignInFlowStatus.Error:
|
|
2048
|
-
* // Authentication failed - show error message
|
|
2049
|
-
* break;
|
|
2050
|
-
* }
|
|
2051
|
-
* ```
|
|
2052
|
-
*
|
|
2053
|
-
* @experimental Part of the new ThunderID API
|
|
2054
|
-
*/
|
|
2055
|
-
let EmbeddedSignInFlowStatus$1 = /* @__PURE__ */ function(EmbeddedSignInFlowStatus$2) {
|
|
2056
|
-
/**
|
|
2057
|
-
* Sign-in flow completed successfully.
|
|
2058
|
-
*
|
|
2059
|
-
* The user has been authenticated and the flow can proceed to
|
|
2060
|
-
* OAuth2 completion or redirection. Check for redirectUrl or
|
|
2061
|
-
* assertion data in the response.
|
|
2062
|
-
*/
|
|
2063
|
-
EmbeddedSignInFlowStatus$2["Complete"] = "COMPLETE";
|
|
2064
|
-
/**
|
|
2065
|
-
* Sign-in flow encountered an error.
|
|
2066
|
-
*
|
|
2067
|
-
* Authentication failed due to invalid credentials, system error,
|
|
2068
|
-
* or other issues. Check error details in the response and handle
|
|
2069
|
-
* appropriately (retry, show error message, etc.).
|
|
2070
|
-
*/
|
|
2071
|
-
EmbeddedSignInFlowStatus$2["Error"] = "ERROR";
|
|
2072
|
-
/**
|
|
2073
|
-
* Sign-in flow requires additional user input.
|
|
2074
|
-
*
|
|
2075
|
-
* More authentication steps are needed. The response will contain
|
|
2076
|
-
* components in data.meta.components that should be rendered to
|
|
2077
|
-
* collect additional user input (e.g., MFA, password, etc.).
|
|
2078
|
-
*/
|
|
2079
|
-
EmbeddedSignInFlowStatus$2["Incomplete"] = "INCOMPLETE";
|
|
2080
|
-
return EmbeddedSignInFlowStatus$2;
|
|
2081
|
-
}({});
|
|
2082
|
-
/**
|
|
2083
|
-
* Type enumeration for ThunderID embedded sign-in flow responses.
|
|
2084
|
-
*
|
|
2085
|
-
* Determines the nature of the flow response and how the client should
|
|
2086
|
-
* handle the returned data. This affects both UI rendering and flow
|
|
2087
|
-
* continuation logic.
|
|
2088
|
-
*
|
|
2089
|
-
* @experimental Part of the new ThunderID API
|
|
2090
|
-
*/
|
|
2091
|
-
let EmbeddedSignInFlowType$1 = /* @__PURE__ */ function(EmbeddedSignInFlowType$2) {
|
|
2092
|
-
/**
|
|
2093
|
-
* Response requires external redirection.
|
|
2094
|
-
*
|
|
2095
|
-
* Used for social login providers, external identity providers,
|
|
2096
|
-
* or other flows that require navigating to an external URL.
|
|
2097
|
-
* The response will contain redirection information.
|
|
2098
|
-
*/
|
|
2099
|
-
EmbeddedSignInFlowType$2["Redirection"] = "REDIRECTION";
|
|
2100
|
-
/**
|
|
2101
|
-
* Response contains view components for rendering.
|
|
2102
|
-
*
|
|
2103
|
-
* Standard embedded flow response containing UI components
|
|
2104
|
-
* that should be rendered within the current application
|
|
2105
|
-
* context. Most common type for embedded authentication.
|
|
2106
|
-
*/
|
|
2107
|
-
EmbeddedSignInFlowType$2["View"] = "VIEW";
|
|
2108
|
-
return EmbeddedSignInFlowType$2;
|
|
2109
|
-
}({});
|
|
2110
|
-
|
|
2111
|
-
//#endregion
|
|
2112
|
-
//#region src/utils/v2/injectRequestedPermissions.ts
|
|
2113
|
-
/**
|
|
2114
|
-
* Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
|
|
2115
|
-
*
|
|
2116
|
-
* WSO2 LLC. licenses this file to you under the Apache License,
|
|
2117
|
-
* Version 2.0 (the "License"); you may not use this file except
|
|
2118
|
-
* in compliance with the License.
|
|
2119
|
-
* You may obtain a copy of the License at
|
|
2120
|
-
*
|
|
2121
|
-
* http://www.apache.org/licenses/LICENSE-2.0
|
|
2122
|
-
*
|
|
2123
|
-
* Unless required by applicable law or agreed to in writing,
|
|
2124
|
-
* software distributed under the License is distributed on an
|
|
2125
|
-
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
2126
|
-
* KIND, either express or implied. See the License for the
|
|
2127
|
-
* specific language governing permissions and limitations
|
|
2128
|
-
* under the License.
|
|
2129
|
-
*/
|
|
2130
|
-
/**
|
|
2131
|
-
* Strips the top-level `scopes` field from a payload and injects it as
|
|
2132
|
-
* `inputs.requested_permissions` (space-separated string).
|
|
2133
|
-
*
|
|
2134
|
-
* The backend reads requested_permissions from UserInputs (the `inputs` map), not a top-level field.
|
|
2135
|
-
*/
|
|
2136
|
-
const injectRequestedPermissions = (payload) => {
|
|
2137
|
-
const { scopes,...rest } = payload;
|
|
2138
|
-
const normalizedScopes = Array.isArray(scopes) ? scopes.map((s) => String(s).trim()).filter(Boolean).join(" ") : typeof scopes === "string" ? scopes.trim() : "";
|
|
2139
|
-
if (!normalizedScopes) return rest;
|
|
2140
|
-
const existingInputs = rest["inputs"] != null && typeof rest["inputs"] === "object" && !Array.isArray(rest["inputs"]) ? rest["inputs"] : {};
|
|
2141
|
-
return {
|
|
2142
|
-
...rest,
|
|
2143
|
-
inputs: {
|
|
2144
|
-
...existingInputs,
|
|
2145
|
-
requested_permissions: normalizedScopes
|
|
2146
|
-
}
|
|
2147
|
-
};
|
|
2148
|
-
};
|
|
2149
|
-
var injectRequestedPermissions_default = injectRequestedPermissions;
|
|
2150
|
-
|
|
2151
|
-
//#endregion
|
|
2152
|
-
//#region src/api/v2/executeEmbeddedSignInFlowV2.ts
|
|
2153
|
-
const executeEmbeddedSignInFlowV2 = async ({ url, baseUrl, payload, authId,...requestConfig }) => {
|
|
2154
|
-
if (!payload) throw new ThunderIDAPIError("Authorization payload is required", "executeEmbeddedSignInFlow-ValidationError-002", "javascript", 400, "If an authorization payload is not provided, the request cannot be constructed correctly.");
|
|
2155
|
-
const endpoint = url ?? `${baseUrl}/flow/execute`;
|
|
2156
|
-
const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
|
|
2157
|
-
const isNewFlowStart = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload;
|
|
2158
|
-
const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
|
|
2159
|
-
const basePayload = isNewFlowStart ? injectRequestedPermissions_default(cleanPayload) : cleanPayload;
|
|
2160
|
-
const requestPayload = isNewFlowStart || hasOnlyFlowId ? {
|
|
2161
|
-
...basePayload,
|
|
2162
|
-
verbose: true
|
|
2163
|
-
} : basePayload;
|
|
2164
|
-
const response = await fetch(endpoint, {
|
|
2165
|
-
...requestConfig,
|
|
2166
|
-
body: JSON.stringify(requestPayload),
|
|
2167
|
-
headers: {
|
|
2168
|
-
Accept: "application/json",
|
|
2169
|
-
"Content-Type": "application/json",
|
|
2170
|
-
...requestConfig.headers
|
|
2171
|
-
},
|
|
2172
|
-
method: requestConfig.method || "POST"
|
|
2173
|
-
});
|
|
2174
|
-
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedSignInFlow-ResponseError-001", "javascript", response.status, response.statusText, "Authorization request failed");
|
|
2175
|
-
const flowResponse = await response.json();
|
|
2176
|
-
if (flowResponse.flowStatus === EmbeddedSignInFlowStatus$1.Complete && flowResponse.assertion && authId) try {
|
|
2177
|
-
const oauth2Response = await fetch(`${baseUrl}/oauth2/auth/callback`, {
|
|
2178
|
-
body: JSON.stringify({
|
|
2179
|
-
assertion: flowResponse.assertion,
|
|
2180
|
-
authId
|
|
2181
|
-
}),
|
|
2182
|
-
credentials: "include",
|
|
2183
|
-
headers: {
|
|
2184
|
-
Accept: "application/json",
|
|
2185
|
-
"Content-Type": "application/json",
|
|
2186
|
-
...requestConfig.headers
|
|
2187
|
-
},
|
|
2188
|
-
method: "POST"
|
|
2189
|
-
});
|
|
2190
|
-
if (!oauth2Response.ok) throw new ThunderIDAPIError(await oauth2Response.text(), "executeEmbeddedSignInFlow-OAuth2Error-002", "javascript", oauth2Response.status, oauth2Response.statusText, "OAuth2 authorization failed");
|
|
2191
|
-
const oauth2Result = await oauth2Response.json();
|
|
2192
|
-
return {
|
|
2193
|
-
flowStatus: flowResponse.flowStatus,
|
|
2194
|
-
redirectUrl: oauth2Result["redirect_uri"]
|
|
2195
|
-
};
|
|
2196
|
-
} catch (authError) {
|
|
2197
|
-
if (authError instanceof ThunderIDAPIError) throw authError;
|
|
2198
|
-
throw new ThunderIDAPIError(authError instanceof Error ? authError.message : "Unknown error", "executeEmbeddedSignInFlow-OAuth2Error-001", "javascript", 500, "Failed to complete OAuth2 authorization after successful embedded sign-in flow.", "OAuth2 authorization failed");
|
|
2199
|
-
}
|
|
2200
|
-
return flowResponse;
|
|
2201
|
-
};
|
|
2202
|
-
var executeEmbeddedSignInFlowV2_default = executeEmbeddedSignInFlowV2;
|
|
2203
|
-
|
|
2204
|
-
//#endregion
|
|
2205
|
-
//#region src/models/v2/embedded-signup-flow-v2.ts
|
|
2206
|
-
/**
|
|
2207
|
-
* Status enumeration for ThunderID embedded sign-up flow operations.
|
|
2208
|
-
*
|
|
2209
|
-
* These statuses indicate the current state of the registration flow and determine
|
|
2210
|
-
* the next action required by the client application. Each status provides specific
|
|
2211
|
-
* guidance on how to proceed with the user registration process.
|
|
2212
|
-
*
|
|
2213
|
-
* @example
|
|
2214
|
-
* ```typescript
|
|
2215
|
-
* switch (response.flowStatus) {
|
|
2216
|
-
* case EmbeddedSignUpFlowStatus.Incomplete:
|
|
2217
|
-
* // More user input needed - render registration form components
|
|
2218
|
-
* break;
|
|
2219
|
-
* case EmbeddedSignUpFlowStatus.Complete:
|
|
2220
|
-
* // Registration successful - handle completion
|
|
2221
|
-
* break;
|
|
2222
|
-
* case EmbeddedSignUpFlowStatus.Error:
|
|
2223
|
-
* // Registration failed - show error details
|
|
2224
|
-
* const errorResponse = response as EmbeddedSignUpFlowErrorResponse;
|
|
2225
|
-
* showError(errorResponse.error.description.defaultValue);
|
|
2226
|
-
* break;
|
|
2227
|
-
* }
|
|
2228
|
-
* ```
|
|
2229
|
-
*
|
|
2230
|
-
* @experimental Part of the new ThunderID API
|
|
2231
|
-
*/
|
|
2232
|
-
let EmbeddedSignUpFlowStatus = /* @__PURE__ */ function(EmbeddedSignUpFlowStatus$1) {
|
|
2233
|
-
/**
|
|
2234
|
-
* Sign-up flow completed successfully.
|
|
2235
|
-
*
|
|
2236
|
-
* The user has successfully registered and the flow can proceed to
|
|
2237
|
-
* OAuth2 completion or redirection. Check for redirectUrl or assertion
|
|
2238
|
-
* data in the response for next steps.
|
|
2239
|
-
*/
|
|
2240
|
-
EmbeddedSignUpFlowStatus$1["Complete"] = "COMPLETE";
|
|
2241
|
-
/**
|
|
2242
|
-
* Sign-up flow encountered an error and cannot proceed.
|
|
2243
|
-
*
|
|
2244
|
-
* Registration failed due to validation errors, duplicate user,
|
|
2245
|
-
* system errors, or other issues. The response will be of type
|
|
2246
|
-
* `EmbeddedSignUpFlowErrorResponse` containing detailed failure
|
|
2247
|
-
* information that can be displayed to the user.
|
|
2248
|
-
*
|
|
2249
|
-
* @see {@link EmbeddedSignUpFlowErrorResponse} for error response structure
|
|
2250
|
-
*/
|
|
2251
|
-
EmbeddedSignUpFlowStatus$1["Error"] = "ERROR";
|
|
2252
|
-
/**
|
|
2253
|
-
* Sign-up flow requires additional user input.
|
|
2254
|
-
*
|
|
2255
|
-
* More registration steps are needed. The response will contain
|
|
2256
|
-
* components in data.meta.components that should be rendered to
|
|
2257
|
-
* collect additional user information (e.g., profile data, verification).
|
|
2258
|
-
*/
|
|
2259
|
-
EmbeddedSignUpFlowStatus$1["Incomplete"] = "INCOMPLETE";
|
|
2260
|
-
return EmbeddedSignUpFlowStatus$1;
|
|
2261
|
-
}({});
|
|
2262
|
-
/**
|
|
2263
|
-
* Type enumeration for ThunderID embedded sign-up flow responses.
|
|
2264
|
-
*
|
|
2265
|
-
* Determines the nature of the registration flow response and how the client
|
|
2266
|
-
* should handle the returned data. This affects both UI rendering and flow
|
|
2267
|
-
* continuation logic during the user registration process.
|
|
2268
|
-
*
|
|
2269
|
-
* @experimental Part of the new ThunderID API
|
|
2270
|
-
*/
|
|
2271
|
-
let EmbeddedSignUpFlowType = /* @__PURE__ */ function(EmbeddedSignUpFlowType$1) {
|
|
2272
|
-
/**
|
|
2273
|
-
* Response requires external redirection.
|
|
2274
|
-
*
|
|
2275
|
-
* Used for social registration providers, external identity providers,
|
|
2276
|
-
* or other flows that require navigating to an external URL during
|
|
2277
|
-
* the registration process. The response will contain redirection information.
|
|
2278
|
-
*/
|
|
2279
|
-
EmbeddedSignUpFlowType$1["Redirection"] = "REDIRECTION";
|
|
2280
|
-
/**
|
|
2281
|
-
* Response contains view components for rendering.
|
|
2282
|
-
*
|
|
2283
|
-
* Standard embedded registration flow response containing UI components
|
|
2284
|
-
* that should be rendered within the current application context.
|
|
2285
|
-
* Most common type for embedded user registration.
|
|
2286
|
-
*/
|
|
2287
|
-
EmbeddedSignUpFlowType$1["View"] = "VIEW";
|
|
2288
|
-
return EmbeddedSignUpFlowType$1;
|
|
2289
|
-
}({});
|
|
2290
|
-
|
|
2291
|
-
//#endregion
|
|
2292
|
-
//#region src/api/v2/executeEmbeddedSignUpFlowV2.ts
|
|
2293
|
-
const executeEmbeddedSignUpFlowV2 = async ({ url, baseUrl, payload, authId,...requestConfig }) => {
|
|
2294
|
-
if (!payload) throw new ThunderIDAPIError("Registration payload is required", "executeEmbeddedSignUpFlow-ValidationError-002", "javascript", 400, "If a registration payload is not provided, the request cannot be constructed correctly.");
|
|
2295
|
-
const endpoint = url ?? `${baseUrl}/flow/execute`;
|
|
2296
|
-
const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
|
|
2297
|
-
const isNewFlowStart = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload;
|
|
2298
|
-
const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
|
|
2299
|
-
const basePayload = isNewFlowStart ? injectRequestedPermissions_default(cleanPayload) : cleanPayload;
|
|
2300
|
-
const requestPayload = isNewFlowStart || hasOnlyFlowId ? {
|
|
2301
|
-
...basePayload,
|
|
2302
|
-
verbose: true
|
|
2303
|
-
} : basePayload;
|
|
2304
|
-
const response = await fetch(endpoint, {
|
|
2305
|
-
...requestConfig,
|
|
2306
|
-
body: JSON.stringify(requestPayload),
|
|
2307
|
-
headers: {
|
|
2308
|
-
Accept: "application/json",
|
|
2309
|
-
"Content-Type": "application/json",
|
|
2310
|
-
...requestConfig.headers
|
|
2311
|
-
},
|
|
2312
|
-
method: requestConfig.method || "POST"
|
|
2313
|
-
});
|
|
2314
|
-
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedSignUpFlow-ResponseError-001", "javascript", response.status, response.statusText, "Registration request failed");
|
|
2315
|
-
const flowResponse = await response.json();
|
|
2316
|
-
if (flowResponse.flowStatus === EmbeddedSignUpFlowStatus.Complete && flowResponse.assertion && authId) try {
|
|
2317
|
-
const oauth2Response = await fetch(`${baseUrl}/oauth2/auth/callback`, {
|
|
2318
|
-
body: JSON.stringify({
|
|
2319
|
-
assertion: flowResponse.assertion,
|
|
2320
|
-
authId
|
|
2321
|
-
}),
|
|
2322
|
-
credentials: "include",
|
|
2323
|
-
headers: {
|
|
2324
|
-
Accept: "application/json",
|
|
2325
|
-
"Content-Type": "application/json",
|
|
2326
|
-
...requestConfig.headers
|
|
2327
|
-
},
|
|
2328
|
-
method: "POST"
|
|
2329
|
-
});
|
|
2330
|
-
if (!oauth2Response.ok) throw new ThunderIDAPIError(await oauth2Response.text(), "executeEmbeddedSignUpFlow-OAuth2Error-002", "javascript", oauth2Response.status, oauth2Response.statusText, "OAuth2 authorization failed");
|
|
2331
|
-
const oauth2Result = await oauth2Response.json();
|
|
2332
|
-
return {
|
|
2333
|
-
flowStatus: flowResponse.flowStatus,
|
|
2334
|
-
redirectUrl: oauth2Result["redirect_uri"]
|
|
2335
|
-
};
|
|
2336
|
-
} catch (authError) {
|
|
2337
|
-
if (authError instanceof ThunderIDAPIError) throw authError;
|
|
2338
|
-
throw new ThunderIDAPIError(authError instanceof Error ? authError.message : "Unknown error", "executeEmbeddedSignUpFlow-OAuth2Error-001", "javascript", 500, "Failed to complete OAuth2 authorization after successful embedded sign-up flow.", "OAuth2 authorization failed");
|
|
2339
|
-
}
|
|
2340
|
-
return flowResponse;
|
|
2341
|
-
};
|
|
2342
|
-
var executeEmbeddedSignUpFlowV2_default = executeEmbeddedSignUpFlowV2;
|
|
2343
|
-
|
|
2344
|
-
//#endregion
|
|
2345
|
-
//#region src/api/v2/executeEmbeddedRecoveryFlowV2.ts
|
|
2346
|
-
/**
|
|
2347
|
-
* Executes an embedded recovery flow by sending a request to the flow execution endpoint.
|
|
2348
|
-
*
|
|
2349
|
-
* This function handles password-recovery and account-recovery flows driven by the
|
|
2350
|
-
* ThunderID server. The server returns UI components for each step (e.g. username
|
|
2351
|
-
* collection, OTP verification, password reset) and this function forwards the
|
|
2352
|
-
* user's responses back to the server.
|
|
2353
|
-
*
|
|
2354
|
-
* @param requestConfig - Request configuration containing URL, payload, and optional headers.
|
|
2355
|
-
* @returns A promise that resolves with the flow execution response.
|
|
2356
|
-
* @throws ThunderIDAPIError when the request fails or a payload is missing.
|
|
2357
|
-
*
|
|
2358
|
-
* @example
|
|
2359
|
-
* ```typescript
|
|
2360
|
-
* // Initiate recovery flow
|
|
2361
|
-
* const response = await executeEmbeddedRecoveryFlowV2({
|
|
2362
|
-
* baseUrl: 'https://localhost:8090',
|
|
2363
|
-
* payload: {
|
|
2364
|
-
* flowType: 'RECOVERY',
|
|
2365
|
-
* applicationId: 'my-app-id',
|
|
2366
|
-
* },
|
|
2367
|
-
* });
|
|
2368
|
-
*
|
|
2369
|
-
* // Continue recovery flow with user input
|
|
2370
|
-
* const nextResponse = await executeEmbeddedRecoveryFlowV2({
|
|
2371
|
-
* baseUrl: 'https://localhost:8090',
|
|
2372
|
-
* payload: {
|
|
2373
|
-
* executionId: response.executionId,
|
|
2374
|
-
* action: 'submit',
|
|
2375
|
-
* inputs: { username: 'user@example.com' },
|
|
2376
|
-
* challengeToken: response.challengeToken,
|
|
2377
|
-
* },
|
|
2378
|
-
* });
|
|
2379
|
-
* ```
|
|
2380
|
-
*/
|
|
2381
|
-
const executeEmbeddedRecoveryFlowV2 = async ({ url, baseUrl, payload,...requestConfig }) => {
|
|
2382
|
-
if (!payload) throw new ThunderIDAPIError("Recovery payload is required", "executeEmbeddedRecoveryFlow-ValidationError-002", "javascript", 400, "If a recovery payload is not provided, the request cannot be constructed correctly.");
|
|
2383
|
-
const endpoint = url ?? `${baseUrl}/flow/execute`;
|
|
2384
|
-
const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
|
|
2385
|
-
const hasOnlyAppIdAndFlowType = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload && Object.keys(cleanPayload).length === 2;
|
|
2386
|
-
const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
|
|
2387
|
-
const requestPayload = hasOnlyAppIdAndFlowType || hasOnlyFlowId ? {
|
|
2388
|
-
...cleanPayload,
|
|
2389
|
-
verbose: true
|
|
2390
|
-
} : cleanPayload;
|
|
2391
|
-
const response = await fetch(endpoint, {
|
|
2392
|
-
...requestConfig,
|
|
2393
|
-
body: JSON.stringify(requestPayload),
|
|
2394
|
-
headers: {
|
|
2395
|
-
Accept: "application/json",
|
|
2396
|
-
"Content-Type": "application/json",
|
|
2397
|
-
...requestConfig.headers
|
|
2398
|
-
},
|
|
2399
|
-
method: requestConfig.method || "POST"
|
|
2400
|
-
});
|
|
2401
|
-
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedRecoveryFlow-ResponseError-001", "javascript", response.status, response.statusText, "Recovery request failed");
|
|
2402
|
-
return await response.json();
|
|
2403
|
-
};
|
|
2404
|
-
var executeEmbeddedRecoveryFlowV2_default = executeEmbeddedRecoveryFlowV2;
|
|
2405
|
-
|
|
2406
|
-
//#endregion
|
|
2407
|
-
//#region src/api/v2/executeEmbeddedUserOnboardingFlowV2.ts
|
|
2408
|
-
/**
|
|
2409
|
-
* Executes an embedded user onboarding flow by sending a request to the flow execution endpoint.
|
|
2410
|
-
*
|
|
2411
|
-
* This function handles both:
|
|
2412
|
-
* - Admin flow: Initiates onboarding, collects user details, generates invite link
|
|
2413
|
-
* - End-user flow: Validates invite token and allows password setting
|
|
2414
|
-
*
|
|
2415
|
-
* @param requestConfig - Request configuration object containing URL, payload, and optional auth token.
|
|
2416
|
-
* @returns A promise that resolves with the flow execution response.
|
|
2417
|
-
* @throws ThunderIDAPIError when the request fails or URL is invalid.
|
|
2418
|
-
*
|
|
2419
|
-
* @example
|
|
2420
|
-
* ```typescript
|
|
2421
|
-
* // Admin initiating user onboarding (requires auth token)
|
|
2422
|
-
* const response = await executeEmbeddedUserOnboardingFlowV2({
|
|
2423
|
-
* baseUrl: "https://api.thunder.io",
|
|
2424
|
-
* payload: {
|
|
2425
|
-
* flowType: "USER_ONBOARDING"
|
|
2426
|
-
* },
|
|
2427
|
-
* headers: {
|
|
2428
|
-
* Authorization: `Bearer ${accessToken}`
|
|
2429
|
-
* }
|
|
2430
|
-
* });
|
|
2431
|
-
*
|
|
2432
|
-
* // End-user accepting invite (no auth required)
|
|
2433
|
-
* const response = await executeEmbeddedUserOnboardingFlowV2({
|
|
2434
|
-
* baseUrl: "https://api.thunder.io",
|
|
2435
|
-
* payload: {
|
|
2436
|
-
* executionId: "flow-id-from-url",
|
|
2437
|
-
* inputs: { inviteToken: "token-from-url" }
|
|
2438
|
-
* }
|
|
2439
|
-
* });
|
|
2440
|
-
* ```
|
|
2441
|
-
*/
|
|
2442
|
-
const executeEmbeddedUserOnboardingFlowV2 = async ({ url, baseUrl, payload,...requestConfig }) => {
|
|
2443
|
-
if (!payload) throw new ThunderIDAPIError("User onboarding payload is required", "executeEmbeddedUserOnboardingFlow-ValidationError-002", "javascript", 400, "If a user onboarding payload is not provided, the request cannot be constructed correctly.");
|
|
2444
|
-
const endpoint = url ?? `${baseUrl}/flow/execute`;
|
|
2445
|
-
const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
|
|
2446
|
-
const hasOnlyFlowType = typeof cleanPayload === "object" && cleanPayload !== null && "flowType" in cleanPayload && Object.keys(cleanPayload).length === 1;
|
|
2447
|
-
const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
|
|
2448
|
-
const hasFlowIdWithInputs = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && "inputs" in cleanPayload;
|
|
2449
|
-
const requestPayload = hasOnlyFlowType || hasOnlyFlowId || hasFlowIdWithInputs ? {
|
|
2450
|
-
...cleanPayload,
|
|
2451
|
-
verbose: true
|
|
2452
|
-
} : cleanPayload;
|
|
2453
|
-
if ("flowType" in requestPayload && requestPayload["flowType"] !== EmbeddedFlowType.UserOnboarding) requestPayload["flowType"] = EmbeddedFlowType.UserOnboarding;
|
|
2454
|
-
const response = await fetch(endpoint, {
|
|
2455
|
-
...requestConfig,
|
|
2456
|
-
body: JSON.stringify(requestPayload),
|
|
2457
|
-
headers: {
|
|
2458
|
-
Accept: "application/json",
|
|
2459
|
-
"Content-Type": "application/json",
|
|
2460
|
-
...requestConfig.headers
|
|
2461
|
-
},
|
|
2462
|
-
method: requestConfig.method || "POST"
|
|
2463
|
-
});
|
|
2464
|
-
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedUserOnboardingFlow-ResponseError-001", "javascript", response.status, response.statusText, "User onboarding request failed");
|
|
2465
|
-
return await response.json();
|
|
2466
|
-
};
|
|
2467
|
-
var executeEmbeddedUserOnboardingFlowV2_default = executeEmbeddedUserOnboardingFlowV2;
|
|
2468
|
-
|
|
2469
|
-
//#endregion
|
|
2470
|
-
//#region src/api/v2/getFlowMetaV2.ts
|
|
2471
|
-
/**
|
|
2472
|
-
* Fetches aggregated flow metadata from the `GET /flow/meta` endpoint.
|
|
2473
|
-
*
|
|
2474
|
-
* The response includes:
|
|
2475
|
-
* - Application or OU details depending on the `type` parameter
|
|
2476
|
-
* - Resolved design configuration (theme and layout)
|
|
2477
|
-
* - i18n translations filtered by `language` and `namespace`
|
|
2478
|
-
* - Registration flow enablement status
|
|
2479
|
-
*
|
|
2480
|
-
* @param config - Request configuration including `baseUrl`/`url`, and optional
|
|
2481
|
-
* `type`, `id`, `language`, and `namespace` filters. When `type`
|
|
2482
|
-
* and `id` are omitted the server returns i18n-only metadata.
|
|
2483
|
-
* @returns A promise that resolves to the {@link FlowMetadataResponse}.
|
|
2484
|
-
*
|
|
2485
|
-
* @throws {ThunderIDAPIError} When the server returns a non-OK response.
|
|
2486
|
-
*
|
|
2487
|
-
* @example
|
|
2488
|
-
* ```typescript
|
|
2489
|
-
* import getFlowMetaV2 from './api/v2/getFlowMetaV2';
|
|
2490
|
-
* import { FlowMetaType } from './models/v2/flow-meta-v2';
|
|
2491
|
-
*
|
|
2492
|
-
* const meta = await getFlowMetaV2({
|
|
2493
|
-
* baseUrl: 'https://localhost:8090',
|
|
2494
|
-
* type: FlowMetaType.App,
|
|
2495
|
-
* id: '60a9b38b-6eba-9f9e-55f9-267067de4680',
|
|
2496
|
-
* language: 'en',
|
|
2497
|
-
* namespace: 'auth',
|
|
2498
|
-
* });
|
|
2499
|
-
*
|
|
2500
|
-
* console.log(meta.application?.name);
|
|
2501
|
-
* console.log(meta.i18n.translations);
|
|
2502
|
-
* ```
|
|
2503
|
-
*
|
|
2504
|
-
* @experimental This function targets the ThunderID V2 platform API
|
|
2505
|
-
*/
|
|
2506
|
-
const getFlowMetaV2 = async ({ url, baseUrl, type, id, language, namespace,...requestConfig }) => {
|
|
2507
|
-
const queryParams = new URLSearchParams({
|
|
2508
|
-
...id ? { id } : {},
|
|
2509
|
-
...type ? { type } : {},
|
|
2510
|
-
...language ? { language } : {},
|
|
2511
|
-
...namespace ? { namespace } : {}
|
|
2512
|
-
});
|
|
2513
|
-
const endpoint = `${url ?? `${baseUrl}/flow/meta`}?${queryParams.toString()}`;
|
|
2514
|
-
const response = await fetch(endpoint, {
|
|
2515
|
-
...requestConfig,
|
|
2516
|
-
headers: {
|
|
2517
|
-
Accept: "application/json",
|
|
2518
|
-
...requestConfig.headers
|
|
2519
|
-
},
|
|
2520
|
-
method: "GET"
|
|
2521
|
-
});
|
|
2522
|
-
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "getFlowMetaV2-ResponseError-001", "javascript", response.status, response.statusText, "Flow metadata request failed");
|
|
2523
|
-
return await response.json();
|
|
2524
|
-
};
|
|
2525
|
-
var getFlowMetaV2_default = getFlowMetaV2;
|
|
2526
|
-
|
|
2527
|
-
//#endregion
|
|
2528
|
-
//#region src/api/v2/getOrganizationUnitChildren.ts
|
|
2529
|
-
/**
|
|
2530
|
-
* Retrieves the child organization units of a given parent OU.
|
|
2531
|
-
*
|
|
2532
|
-
* @param config - Request configuration including `baseUrl`/`url`, `organizationUnitId`,
|
|
2533
|
-
* and optional `limit`/`offset` pagination parameters.
|
|
2534
|
-
* @returns A promise that resolves with the paginated list of child organization units.
|
|
2535
|
-
*
|
|
2536
|
-
* @throws {ThunderIDAPIError} When the server returns a non-OK response.
|
|
2537
|
-
*
|
|
2538
|
-
* @example
|
|
2539
|
-
* ```typescript
|
|
2540
|
-
* const children = await getOrganizationUnitChildren({
|
|
2541
|
-
* baseUrl: 'https://localhost:8090',
|
|
2542
|
-
* organizationUnitId: '0d5e071b-d3d3-475d-b3c6-1a20ee2fa9b1',
|
|
2543
|
-
* limit: 10,
|
|
2544
|
-
* offset: 0,
|
|
2545
|
-
* });
|
|
2546
|
-
* console.log(children.organizationUnits);
|
|
2547
|
-
* ```
|
|
2548
|
-
*
|
|
2549
|
-
* @experimental This function targets the ThunderID V2 platform API
|
|
2550
|
-
*/
|
|
2551
|
-
const getOrganizationUnitChildren = async ({ url, baseUrl, organizationUnitId, limit = 10, offset = 0,...requestConfig }) => {
|
|
2552
|
-
if (!organizationUnitId) throw new ThunderIDAPIError("Organization Unit ID is required", "getOrganizationUnitChildren-ValidationError-001", "javascript", 400, "If an organization unit ID is not provided, the request cannot be constructed correctly.");
|
|
2553
|
-
const queryParams = new URLSearchParams({
|
|
2554
|
-
limit: String(limit),
|
|
2555
|
-
offset: String(offset)
|
|
2556
|
-
});
|
|
2557
|
-
const endpoint = url ?? `${baseUrl}/organization-units/${organizationUnitId}/ous?${queryParams.toString()}`;
|
|
2558
|
-
const response = await fetch(endpoint, {
|
|
2559
|
-
...requestConfig,
|
|
2560
|
-
headers: {
|
|
2561
|
-
Accept: "application/json",
|
|
2562
|
-
...requestConfig.headers
|
|
2563
|
-
},
|
|
2564
|
-
method: "GET"
|
|
2565
|
-
});
|
|
2566
|
-
if (!response.ok) throw new ThunderIDAPIError(await response.text(), "getOrganizationUnitChildren-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch organization unit children");
|
|
2567
|
-
return await response.json();
|
|
2376
|
+
};
|
|
2377
|
+
try {
|
|
2378
|
+
const response = await fetchFn(resolvedUrl, requestInit);
|
|
2379
|
+
if (!response?.ok) {
|
|
2380
|
+
const errorText = await response.text();
|
|
2381
|
+
let errorDescription;
|
|
2382
|
+
try {
|
|
2383
|
+
const errorBody = JSON.parse(errorText);
|
|
2384
|
+
errorDescription = errorBody?.description || errorBody?.message || errorText;
|
|
2385
|
+
} catch {
|
|
2386
|
+
errorDescription = errorText;
|
|
2387
|
+
}
|
|
2388
|
+
logger_default.warn(`[BrandingError] ${errorDescription} To resolve this issue, please configure branding preferences in the ThunderID console. If you want to suppress this warning and stop fetching branding preferences, set \`<ThunderIDProvider>\` -> \`preferences\` -> \`theme\` -> \`inheritFromBranding\` to false.`);
|
|
2389
|
+
throw new ThunderIDAPIError(errorText, "getBrandingPreference-ResponseError-001", "javascript", response.status, response.statusText, "Failed to get branding preference");
|
|
2390
|
+
}
|
|
2391
|
+
return await response.json();
|
|
2392
|
+
} catch (error$1) {
|
|
2393
|
+
if (error$1 instanceof ThunderIDAPIError) throw error$1;
|
|
2394
|
+
throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getBrandingPreference-NetworkError-001", "javascript", 0, "Network Error");
|
|
2395
|
+
}
|
|
2568
2396
|
};
|
|
2569
|
-
var
|
|
2397
|
+
var getBrandingPreference_default = getBrandingPreference;
|
|
2570
2398
|
|
|
2571
2399
|
//#endregion
|
|
2572
2400
|
//#region src/constants/ApplicationNativeAuthenticationConstants.ts
|
|
@@ -2708,198 +2536,52 @@ const VendorConstants = { VENDOR_PREFIX: "thunderid" };
|
|
|
2708
2536
|
var VendorConstants_default = VendorConstants;
|
|
2709
2537
|
|
|
2710
2538
|
//#endregion
|
|
2711
|
-
//#region src/
|
|
2712
|
-
let EmbeddedSignInFlowStatus = /* @__PURE__ */ function(EmbeddedSignInFlowStatus$2) {
|
|
2713
|
-
EmbeddedSignInFlowStatus$2["FailCompleted"] = "FAIL_COMPLETED";
|
|
2714
|
-
EmbeddedSignInFlowStatus$2["FailIncomplete"] = "FAIL_INCOMPLETE";
|
|
2715
|
-
EmbeddedSignInFlowStatus$2["Incomplete"] = "INCOMPLETE";
|
|
2716
|
-
EmbeddedSignInFlowStatus$2["SuccessCompleted"] = "SUCCESS_COMPLETED";
|
|
2717
|
-
return EmbeddedSignInFlowStatus$2;
|
|
2718
|
-
}({});
|
|
2719
|
-
let EmbeddedSignInFlowType = /* @__PURE__ */ function(EmbeddedSignInFlowType$2) {
|
|
2720
|
-
EmbeddedSignInFlowType$2["Authentication"] = "AUTHENTICATION";
|
|
2721
|
-
return EmbeddedSignInFlowType$2;
|
|
2722
|
-
}({});
|
|
2723
|
-
let EmbeddedSignInFlowStepType = /* @__PURE__ */ function(EmbeddedSignInFlowStepType$1) {
|
|
2724
|
-
EmbeddedSignInFlowStepType$1["AuthenticatorPrompt"] = "AUTHENTICATOR_PROMPT";
|
|
2725
|
-
EmbeddedSignInFlowStepType$1["MultiOptionsPrompt"] = "MULTI_OPTIONS_PROMPT";
|
|
2726
|
-
return EmbeddedSignInFlowStepType$1;
|
|
2727
|
-
}({});
|
|
2728
|
-
let EmbeddedSignInFlowAuthenticatorParamType = /* @__PURE__ */ function(EmbeddedSignInFlowAuthenticatorParamType$1) {
|
|
2729
|
-
EmbeddedSignInFlowAuthenticatorParamType$1["Integer"] = "INTEGER";
|
|
2730
|
-
EmbeddedSignInFlowAuthenticatorParamType$1["MultiValued"] = "MULTI_VALUED";
|
|
2731
|
-
EmbeddedSignInFlowAuthenticatorParamType$1["String"] = "STRING";
|
|
2732
|
-
return EmbeddedSignInFlowAuthenticatorParamType$1;
|
|
2733
|
-
}({});
|
|
2734
|
-
let EmbeddedSignInFlowAuthenticatorExtendedParamType = /* @__PURE__ */ function(EmbeddedSignInFlowAuthenticatorExtendedParamType$1) {
|
|
2735
|
-
EmbeddedSignInFlowAuthenticatorExtendedParamType$1["Otp"] = "OTPCode";
|
|
2736
|
-
return EmbeddedSignInFlowAuthenticatorExtendedParamType$1;
|
|
2737
|
-
}({});
|
|
2738
|
-
let EmbeddedSignInFlowAuthenticatorKnownIdPType = /* @__PURE__ */ function(EmbeddedSignInFlowAuthenticatorKnownIdPType$1) {
|
|
2739
|
-
EmbeddedSignInFlowAuthenticatorKnownIdPType$1["Local"] = "LOCAL";
|
|
2740
|
-
return EmbeddedSignInFlowAuthenticatorKnownIdPType$1;
|
|
2741
|
-
}({});
|
|
2742
|
-
let EmbeddedSignInFlowAuthenticatorPromptType = /* @__PURE__ */ function(EmbeddedSignInFlowAuthenticatorPromptType$1) {
|
|
2743
|
-
/**
|
|
2744
|
-
* Prompt for internal system use, such as API keys or tokens.
|
|
2745
|
-
*/
|
|
2746
|
-
EmbeddedSignInFlowAuthenticatorPromptType$1["InternalPrompt"] = "INTERNAL_PROMPT";
|
|
2747
|
-
/**
|
|
2748
|
-
* Prompt for redirection to another page or service.
|
|
2749
|
-
*/
|
|
2750
|
-
EmbeddedSignInFlowAuthenticatorPromptType$1["RedirectionPrompt"] = "REDIRECTION_PROMPT";
|
|
2751
|
-
/**
|
|
2752
|
-
* Prompt for user input, typically for username/password or similar credentials.
|
|
2753
|
-
*/
|
|
2754
|
-
EmbeddedSignInFlowAuthenticatorPromptType$1["UserPrompt"] = "USER_PROMPT";
|
|
2755
|
-
return EmbeddedSignInFlowAuthenticatorPromptType$1;
|
|
2756
|
-
}({});
|
|
2757
|
-
|
|
2758
|
-
//#endregion
|
|
2759
|
-
//#region src/models/v2/embedded-flow-v2.ts
|
|
2539
|
+
//#region src/errors/ThunderIDRuntimeError.ts
|
|
2760
2540
|
/**
|
|
2761
|
-
*
|
|
2762
|
-
*
|
|
2763
|
-
*
|
|
2764
|
-
* as part of the embedded authentication flows. Each type corresponds
|
|
2765
|
-
* to a specific UI element with its own behavior and properties.
|
|
2541
|
+
* Base class for all runtime errors in ThunderID. This class extends ThunderIDError
|
|
2542
|
+
* and adds support for additional error details. Use this class for errors that occur
|
|
2543
|
+
* during runtime execution that are not related to API calls.
|
|
2766
2544
|
*
|
|
2767
2545
|
* @example
|
|
2768
2546
|
* ```typescript
|
|
2769
|
-
*
|
|
2770
|
-
*
|
|
2771
|
-
*
|
|
2772
|
-
*
|
|
2773
|
-
*
|
|
2774
|
-
* }
|
|
2547
|
+
* throw new ThunderIDRuntimeError(
|
|
2548
|
+
* "Failed to parse configuration",
|
|
2549
|
+
* "CONFIG_PARSE_ERROR",
|
|
2550
|
+
* { invalidField: "redirectUri" }
|
|
2551
|
+
* );
|
|
2775
2552
|
* ```
|
|
2776
|
-
*
|
|
2777
|
-
* @experimental This API may change in future versions
|
|
2778
|
-
*/
|
|
2779
|
-
let EmbeddedFlowComponentType$1 = /* @__PURE__ */ function(EmbeddedFlowComponentType$2) {
|
|
2780
|
-
/** Interactive action component (buttons, links) for user interactions */
|
|
2781
|
-
EmbeddedFlowComponentType$2["Action"] = "ACTION";
|
|
2782
|
-
/** Container block component that groups other components */
|
|
2783
|
-
EmbeddedFlowComponentType$2["Block"] = "BLOCK";
|
|
2784
|
-
/** Consent component for displaying consent purposes and attributes */
|
|
2785
|
-
EmbeddedFlowComponentType$2["Consent"] = "CONSENT";
|
|
2786
|
-
/** Copyable text display component that shows text with a copy-to-clipboard action */
|
|
2787
|
-
EmbeddedFlowComponentType$2["CopyableText"] = "COPYABLE_TEXT";
|
|
2788
|
-
/** Divider component for visual separation of content */
|
|
2789
|
-
EmbeddedFlowComponentType$2["Divider"] = "DIVIDER";
|
|
2790
|
-
/** Email input field with validation for email addresses. */
|
|
2791
|
-
EmbeddedFlowComponentType$2["EmailInput"] = "EMAIL_INPUT";
|
|
2792
|
-
/** Icon display component for rendering named vector icons */
|
|
2793
|
-
EmbeddedFlowComponentType$2["Icon"] = "ICON";
|
|
2794
|
-
/** Image display component for logos and illustrations */
|
|
2795
|
-
EmbeddedFlowComponentType$2["Image"] = "IMAGE";
|
|
2796
|
-
/** One-time password input field for multi-factor authentication */
|
|
2797
|
-
EmbeddedFlowComponentType$2["OtpInput"] = "OTP_INPUT";
|
|
2798
|
-
/** Organization unit tree picker for selecting an OU */
|
|
2799
|
-
EmbeddedFlowComponentType$2["OuSelect"] = "OU_SELECT";
|
|
2800
|
-
/** Password input field with masking for sensitive data */
|
|
2801
|
-
EmbeddedFlowComponentType$2["PasswordInput"] = "PASSWORD_INPUT";
|
|
2802
|
-
/** Phone number input field with country code support */
|
|
2803
|
-
EmbeddedFlowComponentType$2["PhoneInput"] = "PHONE_INPUT";
|
|
2804
|
-
/** Rich text display component that renders formatted HTML content */
|
|
2805
|
-
EmbeddedFlowComponentType$2["RichText"] = "RICH_TEXT";
|
|
2806
|
-
/** Select/dropdown input component for single choice selection */
|
|
2807
|
-
EmbeddedFlowComponentType$2["Select"] = "SELECT";
|
|
2808
|
-
/** Stack layout component for arranging children in a row or column */
|
|
2809
|
-
EmbeddedFlowComponentType$2["Stack"] = "STACK";
|
|
2810
|
-
/** Text display component for labels, headings, and messages */
|
|
2811
|
-
EmbeddedFlowComponentType$2["Text"] = "TEXT";
|
|
2812
|
-
/** Standard text input field for user data entry */
|
|
2813
|
-
EmbeddedFlowComponentType$2["TextInput"] = "TEXT_INPUT";
|
|
2814
|
-
/** Timer component for displaying a countdown */
|
|
2815
|
-
EmbeddedFlowComponentType$2["Timer"] = "TIMER";
|
|
2816
|
-
/** QR code display component for wallet-based flows (e.g. OpenID4VP) */
|
|
2817
|
-
EmbeddedFlowComponentType$2["QrCode"] = "QR_CODE";
|
|
2818
|
-
return EmbeddedFlowComponentType$2;
|
|
2819
|
-
}({});
|
|
2820
|
-
/**
|
|
2821
|
-
* Action variant types for buttons and interactive elements.
|
|
2822
|
-
*
|
|
2823
|
-
* @experimental This API may change in future versions
|
|
2824
|
-
*/
|
|
2825
|
-
let EmbeddedFlowActionVariant = /* @__PURE__ */ function(EmbeddedFlowActionVariant$1) {
|
|
2826
|
-
/** Danger action button for destructive operations */
|
|
2827
|
-
EmbeddedFlowActionVariant$1["Danger"] = "DANGER";
|
|
2828
|
-
/** Info action button for informational purposes */
|
|
2829
|
-
EmbeddedFlowActionVariant$1["Info"] = "INFO";
|
|
2830
|
-
/** Link-styled action button */
|
|
2831
|
-
EmbeddedFlowActionVariant$1["Link"] = "LINK";
|
|
2832
|
-
/** Outlined action button for secondary emphasis */
|
|
2833
|
-
EmbeddedFlowActionVariant$1["Outlined"] = "OUTLINED";
|
|
2834
|
-
/** Primary action button with highest visual emphasis */
|
|
2835
|
-
EmbeddedFlowActionVariant$1["Primary"] = "PRIMARY";
|
|
2836
|
-
/** Secondary action button with moderate visual emphasis */
|
|
2837
|
-
EmbeddedFlowActionVariant$1["Secondary"] = "SECONDARY";
|
|
2838
|
-
/** Success action button for positive confirmations */
|
|
2839
|
-
EmbeddedFlowActionVariant$1["Success"] = "SUCCESS";
|
|
2840
|
-
/** Tertiary action button with minimal visual emphasis */
|
|
2841
|
-
EmbeddedFlowActionVariant$1["Tertiary"] = "TERTIARY";
|
|
2842
|
-
/** Warning action button for cautionary actions */
|
|
2843
|
-
EmbeddedFlowActionVariant$1["Warning"] = "WARNING";
|
|
2844
|
-
return EmbeddedFlowActionVariant$1;
|
|
2845
|
-
}({});
|
|
2846
|
-
/**
|
|
2847
|
-
* Text variant types for typography components.
|
|
2848
|
-
*
|
|
2849
|
-
* @experimental This API may change in future versions
|
|
2850
|
-
*/
|
|
2851
|
-
let EmbeddedFlowTextVariant = /* @__PURE__ */ function(EmbeddedFlowTextVariant$1) {
|
|
2852
|
-
/** Primary body text for main content */
|
|
2853
|
-
EmbeddedFlowTextVariant$1["Body1"] = "BODY_1";
|
|
2854
|
-
/** Secondary body text for supplementary content */
|
|
2855
|
-
EmbeddedFlowTextVariant$1["Body2"] = "BODY_2";
|
|
2856
|
-
/** Text styled for button labels */
|
|
2857
|
-
EmbeddedFlowTextVariant$1["ButtonText"] = "BUTTON_TEXT";
|
|
2858
|
-
/** Small caption text for annotations and descriptions */
|
|
2859
|
-
EmbeddedFlowTextVariant$1["Caption"] = "CAPTION";
|
|
2860
|
-
/** Largest heading level for main titles */
|
|
2861
|
-
EmbeddedFlowTextVariant$1["Heading1"] = "HEADING_1";
|
|
2862
|
-
/** Second level heading for major sections */
|
|
2863
|
-
EmbeddedFlowTextVariant$1["Heading2"] = "HEADING_2";
|
|
2864
|
-
/** Third level heading for subsections */
|
|
2865
|
-
EmbeddedFlowTextVariant$1["Heading3"] = "HEADING_3";
|
|
2866
|
-
/** Fourth level heading for minor sections */
|
|
2867
|
-
EmbeddedFlowTextVariant$1["Heading4"] = "HEADING_4";
|
|
2868
|
-
/** Fifth level heading for detailed sections */
|
|
2869
|
-
EmbeddedFlowTextVariant$1["Heading5"] = "HEADING_5";
|
|
2870
|
-
/** Smallest heading level for fine-grained sections */
|
|
2871
|
-
EmbeddedFlowTextVariant$1["Heading6"] = "HEADING_6";
|
|
2872
|
-
/** Overline text for labels and categories */
|
|
2873
|
-
EmbeddedFlowTextVariant$1["Overline"] = "OVERLINE";
|
|
2874
|
-
/** Primary subtitle text with larger emphasis */
|
|
2875
|
-
EmbeddedFlowTextVariant$1["Subtitle1"] = "SUBTITLE_1";
|
|
2876
|
-
/** Secondary subtitle text with moderate emphasis */
|
|
2877
|
-
EmbeddedFlowTextVariant$1["Subtitle2"] = "SUBTITLE_2";
|
|
2878
|
-
return EmbeddedFlowTextVariant$1;
|
|
2879
|
-
}({});
|
|
2880
|
-
/**
|
|
2881
|
-
* Event types for action components.
|
|
2882
|
-
*
|
|
2883
|
-
* @experimental This API may change in future versions
|
|
2884
2553
|
*/
|
|
2885
|
-
|
|
2886
|
-
/**
|
|
2887
|
-
|
|
2888
|
-
|
|
2889
|
-
|
|
2890
|
-
|
|
2891
|
-
|
|
2892
|
-
|
|
2893
|
-
|
|
2894
|
-
|
|
2895
|
-
|
|
2896
|
-
|
|
2897
|
-
|
|
2898
|
-
|
|
2899
|
-
|
|
2554
|
+
var ThunderIDRuntimeError = class extends ThunderIDError {
|
|
2555
|
+
/**
|
|
2556
|
+
* Creates an instance of ThunderIDRuntimeError.
|
|
2557
|
+
*
|
|
2558
|
+
* @param message - Human-readable description of the error
|
|
2559
|
+
* @param code - A unique error code that identifies the error type
|
|
2560
|
+
* @param details - Additional details about the error that might be helpful for debugging
|
|
2561
|
+
* @param origin - Optional. The SDK origin (e.g. 'react', 'vue'). Defaults to generic 'ThunderID'
|
|
2562
|
+
* @constructor
|
|
2563
|
+
*/
|
|
2564
|
+
constructor(message, code, origin, details) {
|
|
2565
|
+
super(message, code, origin);
|
|
2566
|
+
this.details = details;
|
|
2567
|
+
Object.defineProperty(this, "name", {
|
|
2568
|
+
configurable: true,
|
|
2569
|
+
value: "ThunderIDRuntimeError",
|
|
2570
|
+
writable: true
|
|
2571
|
+
});
|
|
2572
|
+
}
|
|
2573
|
+
/**
|
|
2574
|
+
* Returns a string representation of the runtime error
|
|
2575
|
+
* @returns Formatted error string with name, code, details, and message
|
|
2576
|
+
*/
|
|
2577
|
+
toString() {
|
|
2578
|
+
const details = this.details ? `\nDetails: ${JSON.stringify(this.details, null, 2)}` : "";
|
|
2579
|
+
return `[${this.name}] (code="${this.code}")${details}\nMessage: ${this.message}`;
|
|
2580
|
+
}
|
|
2581
|
+
};
|
|
2900
2582
|
|
|
2901
2583
|
//#endregion
|
|
2902
|
-
//#region src/models/
|
|
2584
|
+
//#region src/models/embedded-recovery-flow.ts
|
|
2903
2585
|
/**
|
|
2904
2586
|
* Status enumeration for the embedded recovery flow operations.
|
|
2905
2587
|
*
|
|
@@ -2940,7 +2622,7 @@ let EmbeddedRecoveryFlowType = /* @__PURE__ */ function(EmbeddedRecoveryFlowType
|
|
|
2940
2622
|
}({});
|
|
2941
2623
|
|
|
2942
2624
|
//#endregion
|
|
2943
|
-
//#region src/models/
|
|
2625
|
+
//#region src/models/flow-meta.ts
|
|
2944
2626
|
/**
|
|
2945
2627
|
* Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
|
|
2946
2628
|
*
|
|
@@ -3266,13 +2948,6 @@ var DefaultCrypto = class {
|
|
|
3266
2948
|
}
|
|
3267
2949
|
};
|
|
3268
2950
|
|
|
3269
|
-
//#endregion
|
|
3270
|
-
//#region src/models/agent.ts
|
|
3271
|
-
let AgentConfig;
|
|
3272
|
-
(function(_AgentConfig) {
|
|
3273
|
-
_AgentConfig.DEFAULT_AUTHENTICATOR_NAME = "Username & Password";
|
|
3274
|
-
})(AgentConfig || (AgentConfig = {}));
|
|
3275
|
-
|
|
3276
2951
|
//#endregion
|
|
3277
2952
|
//#region src/models/store.ts
|
|
3278
2953
|
/**
|
|
@@ -4244,10 +3919,10 @@ var ThunderIDJavaScriptClient = class {
|
|
|
4244
3919
|
signInSilently(_options) {
|
|
4245
3920
|
throw new Error("Method not implemented.");
|
|
4246
3921
|
}
|
|
4247
|
-
signUp(
|
|
3922
|
+
signUp(_options) {
|
|
4248
3923
|
throw new Error("Method not implemented.");
|
|
4249
3924
|
}
|
|
4250
|
-
recover(
|
|
3925
|
+
recover() {
|
|
4251
3926
|
throw new Error("Method not implemented.");
|
|
4252
3927
|
}
|
|
4253
3928
|
switchOrganization(_organization, _sessionId) {
|
|
@@ -4617,40 +4292,11 @@ var ThunderIDJavaScriptClient = class {
|
|
|
4617
4292
|
const error$1 = Boolean(url.searchParams.get("error"));
|
|
4618
4293
|
return stateParam ? stateParam === OIDCRequestConstants_default.Params.SIGN_OUT_SUCCESS && error$1 : false;
|
|
4619
4294
|
}
|
|
4620
|
-
async getAgentToken(agentConfig) {
|
|
4621
|
-
const authorizeURL = new URL(await this.getSignInUrl({ response_mode: "direct" }));
|
|
4622
|
-
const authorizeResponse = await initializeEmbeddedSignInFlow_default({
|
|
4623
|
-
payload: Object.fromEntries(authorizeURL.searchParams.entries()),
|
|
4624
|
-
url: `${authorizeURL.origin}${authorizeURL.pathname}`
|
|
4625
|
-
});
|
|
4626
|
-
const authenticatorName = agentConfig.authenticatorName ?? AgentConfig.DEFAULT_AUTHENTICATOR_NAME;
|
|
4627
|
-
const targetAuthenticator = authorizeResponse.nextStep.authenticators.find((auth) => auth.authenticator === authenticatorName);
|
|
4628
|
-
if (!targetAuthenticator) throw new Error(`Authenticator '${authenticatorName}' not found among authentication steps.`);
|
|
4629
|
-
const authnResponse = await executeEmbeddedSignInFlow_default({
|
|
4630
|
-
baseUrl: this.baseURL,
|
|
4631
|
-
payload: {
|
|
4632
|
-
flowId: authorizeResponse.flowId,
|
|
4633
|
-
selectedAuthenticator: {
|
|
4634
|
-
authenticatorId: targetAuthenticator.authenticatorId,
|
|
4635
|
-
params: {
|
|
4636
|
-
password: agentConfig.agentSecret,
|
|
4637
|
-
username: agentConfig.agentID
|
|
4638
|
-
}
|
|
4639
|
-
}
|
|
4640
|
-
}
|
|
4641
|
-
});
|
|
4642
|
-
if (authnResponse.flowStatus !== EmbeddedSignInFlowStatus.SuccessCompleted) throw new Error("Agent authentication failed.");
|
|
4643
|
-
return this.requestAccessToken(authnResponse.authData["code"], authnResponse.authData["session_state"], authnResponse.authData["state"]);
|
|
4644
|
-
}
|
|
4645
4295
|
async getOBOSignInURL(agentConfig) {
|
|
4646
4296
|
const authURL = await this.getSignInUrl({ requested_actor: agentConfig.agentID });
|
|
4647
4297
|
if (authURL) return authURL.toString();
|
|
4648
4298
|
throw new Error("Could not build Authorize URL");
|
|
4649
4299
|
}
|
|
4650
|
-
async getOBOToken(agentConfig, authCodeResponse) {
|
|
4651
|
-
const agentToken = await this.getAgentToken(agentConfig);
|
|
4652
|
-
return this.requestAccessToken(authCodeResponse.code, authCodeResponse.session_state, authCodeResponse.state, void 0, { params: { actor_token: agentToken.accessToken } });
|
|
4653
|
-
}
|
|
4654
4300
|
};
|
|
4655
4301
|
var ThunderIDJavaScriptClient_default = ThunderIDJavaScriptClient;
|
|
4656
4302
|
|
|
@@ -5369,6 +5015,38 @@ const deriveOrganizationHandleFromBaseUrl = (baseUrl) => {
|
|
|
5369
5015
|
};
|
|
5370
5016
|
var deriveOrganizationHandleFromBaseUrl_default = deriveOrganizationHandleFromBaseUrl;
|
|
5371
5017
|
|
|
5018
|
+
//#endregion
|
|
5019
|
+
//#region src/utils/isRecognizedBaseUrlPattern.ts
|
|
5020
|
+
/**
|
|
5021
|
+
* Utility to determine if sensible ThunderID fallbacks can be used based on the given base URL.
|
|
5022
|
+
*
|
|
5023
|
+
* This checks if the URL follows the standard ThunderID pattern: /t/{orgHandle}
|
|
5024
|
+
* Returns true if sensible fallbacks (like deriving organization handle, tenant, etc.) can be used, false otherwise.
|
|
5025
|
+
*
|
|
5026
|
+
* @param baseUrl - The base URL of the ThunderID identity server (string or undefined)
|
|
5027
|
+
* @returns boolean - true if sensible fallbacks can be used, false otherwise
|
|
5028
|
+
*
|
|
5029
|
+
* @example
|
|
5030
|
+
* isRecognizedBaseUrlPattern('https://localhost:8090/t/dxlab'); // true
|
|
5031
|
+
* isRecognizedBaseUrlPattern('https://custom.example.com/auth'); // false
|
|
5032
|
+
*/
|
|
5033
|
+
const isRecognizedBaseUrlPattern = (baseUrl) => {
|
|
5034
|
+
if (!baseUrl) throw new ThunderIDRuntimeError("Base URL is required to derive if the `baseUrl` is recognized.", "isRecognizedBaseUrlPattern-ValidationError-001", "javascript", "A valid base URL must be provided to derive if the `baseUrl` is recognized to use the sensible fallbacks.");
|
|
5035
|
+
let parsedUrl;
|
|
5036
|
+
try {
|
|
5037
|
+
parsedUrl = new URL(baseUrl);
|
|
5038
|
+
} catch (error$1) {
|
|
5039
|
+
throw new ThunderIDRuntimeError(`Invalid base URL format: ${baseUrl}`, "isRecognizedBaseUrlPattern-ValidationError-002", "javascript", "The provided base URL does not conform to valid URL syntax.");
|
|
5040
|
+
}
|
|
5041
|
+
const pathSegments = parsedUrl.pathname?.split("/")?.filter((segment) => segment?.length > 0);
|
|
5042
|
+
if (pathSegments.length < 2 || pathSegments[0] !== "t") {
|
|
5043
|
+
logger_default.warn("[isRecognizedBaseUrlPattern] The provided base URL does not follow the expected URL pattern (/t/{orgHandle}).");
|
|
5044
|
+
return false;
|
|
5045
|
+
}
|
|
5046
|
+
return true;
|
|
5047
|
+
};
|
|
5048
|
+
var isRecognizedBaseUrlPattern_default = isRecognizedBaseUrlPattern;
|
|
5049
|
+
|
|
5372
5050
|
//#endregion
|
|
5373
5051
|
//#region src/utils/flattenUserSchema.ts
|
|
5374
5052
|
/**
|
|
@@ -5717,14 +5395,14 @@ var generateFlattenedUserProfile_default = generateFlattenedUserProfile;
|
|
|
5717
5395
|
* If the baseUrl is recognized (standard ThunderID pattern), constructs the sign-up URL.
|
|
5718
5396
|
* Otherwise, returns an empty string.
|
|
5719
5397
|
*
|
|
5720
|
-
* @param
|
|
5398
|
+
* @param config - The ThunderID client configuration
|
|
5721
5399
|
* @returns The sign-up URL if baseUrl is recognized, otherwise an empty string
|
|
5722
5400
|
*/
|
|
5723
5401
|
const getRedirectBasedSignUpUrl = (config) => {
|
|
5724
5402
|
const { baseUrl } = config;
|
|
5725
5403
|
if (!isRecognizedBaseUrlPattern_default(baseUrl)) return "";
|
|
5726
5404
|
let signUpBaseUrl = baseUrl;
|
|
5727
|
-
|
|
5405
|
+
try {
|
|
5728
5406
|
const url$1 = new URL(baseUrl);
|
|
5729
5407
|
if (/([a-z0-9-]+\.)*api\.thunderid\.io$/i.test(url$1.hostname)) {
|
|
5730
5408
|
url$1.hostname = url$1.hostname.replace("api.", "accounts.");
|
|
@@ -5742,7 +5420,7 @@ const getRedirectBasedSignUpUrl = (config) => {
|
|
|
5742
5420
|
var getRedirectBasedSignUpUrl_default = getRedirectBasedSignUpUrl;
|
|
5743
5421
|
|
|
5744
5422
|
//#endregion
|
|
5745
|
-
//#region src/utils/
|
|
5423
|
+
//#region src/utils/isEmojiUri.ts
|
|
5746
5424
|
/**
|
|
5747
5425
|
* Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
|
|
5748
5426
|
*
|
|
@@ -5778,7 +5456,7 @@ const isEmojiUri = (uri) => typeof uri === "string" && uri.startsWith(EMOJI_URI_
|
|
|
5778
5456
|
var isEmojiUri_default = isEmojiUri;
|
|
5779
5457
|
|
|
5780
5458
|
//#endregion
|
|
5781
|
-
//#region src/utils/
|
|
5459
|
+
//#region src/utils/extractEmojiFromUri.ts
|
|
5782
5460
|
/**
|
|
5783
5461
|
* Extracts the emoji character from an `emoji:` URI.
|
|
5784
5462
|
*
|
|
@@ -5831,18 +5509,6 @@ var extractEmojiFromUri_default = extractEmojiFromUri;
|
|
|
5831
5509
|
const removeTrailingSlash = (path) => path.endsWith("/") ? path.slice(0, -1) : path;
|
|
5832
5510
|
var removeTrailingSlash_default = removeTrailingSlash;
|
|
5833
5511
|
|
|
5834
|
-
//#endregion
|
|
5835
|
-
//#region src/utils/resolveFieldType.ts
|
|
5836
|
-
const resolveFieldType = (field) => {
|
|
5837
|
-
if (field.type === EmbeddedSignInFlowAuthenticatorParamType.String) {
|
|
5838
|
-
if (field.param === EmbeddedSignInFlowAuthenticatorExtendedParamType.Otp) return FieldType.Otp;
|
|
5839
|
-
if (field?.confidential) return FieldType.Password;
|
|
5840
|
-
return FieldType.Text;
|
|
5841
|
-
}
|
|
5842
|
-
throw new ThunderIDRuntimeError(`Field type is not supported: ${field.type}`, "resolveFieldType-Invalid-001", "javascript", "The provided field type is not supported. Please check the field configuration.");
|
|
5843
|
-
};
|
|
5844
|
-
var resolveFieldType_default = resolveFieldType;
|
|
5845
|
-
|
|
5846
5512
|
//#endregion
|
|
5847
5513
|
//#region src/utils/resolveFieldName.ts
|
|
5848
5514
|
const resolveFieldName = (field) => {
|
|
@@ -5852,7 +5518,7 @@ const resolveFieldName = (field) => {
|
|
|
5852
5518
|
var resolveFieldName_default = resolveFieldName;
|
|
5853
5519
|
|
|
5854
5520
|
//#endregion
|
|
5855
|
-
//#region src/utils/
|
|
5521
|
+
//#region src/utils/resolveMeta.ts
|
|
5856
5522
|
/**
|
|
5857
5523
|
* Resolves a dot-path expression against a FlowMetadataResponse object.
|
|
5858
5524
|
*
|
|
@@ -5879,7 +5545,7 @@ function resolveMeta(path, meta) {
|
|
|
5879
5545
|
}
|
|
5880
5546
|
|
|
5881
5547
|
//#endregion
|
|
5882
|
-
//#region src/utils/
|
|
5548
|
+
//#region src/utils/parseFlowTemplateLiteral.ts
|
|
5883
5549
|
/**
|
|
5884
5550
|
* Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
|
|
5885
5551
|
*
|
|
@@ -5975,7 +5641,7 @@ function parseFlowTemplateLiteral(content) {
|
|
|
5975
5641
|
}
|
|
5976
5642
|
|
|
5977
5643
|
//#endregion
|
|
5978
|
-
//#region src/utils/
|
|
5644
|
+
//#region src/utils/resolveFlowTemplateLiterals.ts
|
|
5979
5645
|
/**
|
|
5980
5646
|
* Global version of {@link FLOW_TEMPLATE_LITERAL_REGEX} for use with `String.prototype.replace`.
|
|
5981
5647
|
*/
|
|
@@ -6012,7 +5678,7 @@ function resolveFlowTemplateLiterals(text, { t, meta }) {
|
|
|
6012
5678
|
}
|
|
6013
5679
|
|
|
6014
5680
|
//#endregion
|
|
6015
|
-
//#region src/utils/
|
|
5681
|
+
//#region src/utils/countryCodeToFlagEmoji.ts
|
|
6016
5682
|
/**
|
|
6017
5683
|
* Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
|
|
6018
5684
|
*
|
|
@@ -6042,7 +5708,7 @@ function countryCodeToFlagEmoji(countryCode) {
|
|
|
6042
5708
|
}
|
|
6043
5709
|
|
|
6044
5710
|
//#endregion
|
|
6045
|
-
//#region src/utils/
|
|
5711
|
+
//#region src/utils/resolveLocaleDisplayName.ts
|
|
6046
5712
|
/**
|
|
6047
5713
|
* Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
|
|
6048
5714
|
*
|
|
@@ -6080,7 +5746,7 @@ function resolveLocaleDisplayName(locale, displayLocale) {
|
|
|
6080
5746
|
}
|
|
6081
5747
|
|
|
6082
5748
|
//#endregion
|
|
6083
|
-
//#region src/utils/
|
|
5749
|
+
//#region src/utils/resolveLocaleEmoji.ts
|
|
6084
5750
|
/**
|
|
6085
5751
|
* Maps BCP 47 language subtags to ISO 3166-1 alpha-2 country codes used for
|
|
6086
5752
|
* flag emoji resolution when no country subtag is present in the locale.
|
|
@@ -6145,6 +5811,81 @@ function resolveLocaleEmoji(locale) {
|
|
|
6145
5811
|
}
|
|
6146
5812
|
var resolveLocaleEmoji_default = resolveLocaleEmoji;
|
|
6147
5813
|
|
|
5814
|
+
//#endregion
|
|
5815
|
+
//#region src/utils/evaluateValidationRule.ts
|
|
5816
|
+
/**
|
|
5817
|
+
* Default i18n fallback keys returned when a `ValidationRule.message` is not provided.
|
|
5818
|
+
* Match the server-side defaults so a flow author who omits `message` sees the same
|
|
5819
|
+
* string regardless of whether the rule was evaluated client-side or server-side.
|
|
5820
|
+
*/
|
|
5821
|
+
const DEFAULT_VALIDATION_MESSAGE_KEYS = {
|
|
5822
|
+
regex: "validation.pattern.invalid",
|
|
5823
|
+
minLength: "validation.minLength.invalid",
|
|
5824
|
+
maxLength: "validation.maxLength.invalid"
|
|
5825
|
+
};
|
|
5826
|
+
/**
|
|
5827
|
+
* Evaluates a single validation rule against the given input value.
|
|
5828
|
+
*
|
|
5829
|
+
* Returns `null` when the rule passes, or the rule's `message` (or the default
|
|
5830
|
+
* fallback key if `message` is absent) when it fails.
|
|
5831
|
+
*
|
|
5832
|
+
* Behavior notes:
|
|
5833
|
+
* - **regex**: an invalid regex pattern (one that cannot be compiled) is treated as
|
|
5834
|
+
* **passing** on the client. This is lenient — the server is authoritative and
|
|
5835
|
+
* will still enforce the rule if it can compile the pattern. Failing closed in the
|
|
5836
|
+
* SDK risks denial-of-service for misconfigured flows.
|
|
5837
|
+
* - **minLength / maxLength**: compared against `value.length`. A non-numeric `value`
|
|
5838
|
+
* on the rule is treated as the rule passing.
|
|
5839
|
+
* - Unknown rule types are treated as passing (forward compatibility with future types).
|
|
5840
|
+
*/
|
|
5841
|
+
const evaluateValidationRule = (rule, value) => {
|
|
5842
|
+
const fail = () => rule.message ?? DEFAULT_VALIDATION_MESSAGE_KEYS[rule.type];
|
|
5843
|
+
switch (rule.type) {
|
|
5844
|
+
case "regex": {
|
|
5845
|
+
if (typeof rule.value !== "string" || rule.value === "") return null;
|
|
5846
|
+
let re;
|
|
5847
|
+
try {
|
|
5848
|
+
re = new RegExp(rule.value);
|
|
5849
|
+
} catch {
|
|
5850
|
+
return null;
|
|
5851
|
+
}
|
|
5852
|
+
return re.test(value) ? null : fail();
|
|
5853
|
+
}
|
|
5854
|
+
case "minLength":
|
|
5855
|
+
if (typeof rule.value !== "number" || Number.isNaN(rule.value)) return null;
|
|
5856
|
+
return value.length >= rule.value ? null : fail();
|
|
5857
|
+
case "maxLength":
|
|
5858
|
+
if (typeof rule.value !== "number" || Number.isNaN(rule.value)) return null;
|
|
5859
|
+
return value.length <= rule.value ? null : fail();
|
|
5860
|
+
default: return null;
|
|
5861
|
+
}
|
|
5862
|
+
};
|
|
5863
|
+
var evaluateValidationRule_default = evaluateValidationRule;
|
|
5864
|
+
|
|
5865
|
+
//#endregion
|
|
5866
|
+
//#region src/utils/buildValidatorFromRules.ts
|
|
5867
|
+
/**
|
|
5868
|
+
* Composes an array of `ValidationRule`s into a single validator function suitable for
|
|
5869
|
+
* `useForm`'s `FormField.validator` slot.
|
|
5870
|
+
*
|
|
5871
|
+
* The composed validator evaluates rules in declaration order and returns the **first**
|
|
5872
|
+
* failing rule's message — matching the SDK's render-prop shape of a single string per
|
|
5873
|
+
* field. When all rules pass it returns `null`.
|
|
5874
|
+
*
|
|
5875
|
+
* Returns `null` when no rules are supplied so callers can compose conditionally.
|
|
5876
|
+
*/
|
|
5877
|
+
const buildValidatorFromRules = (rules) => {
|
|
5878
|
+
if (!rules || rules.length === 0) return null;
|
|
5879
|
+
return (value) => {
|
|
5880
|
+
for (const rule of rules) {
|
|
5881
|
+
const message = evaluateValidationRule_default(rule, value);
|
|
5882
|
+
if (message !== null) return message;
|
|
5883
|
+
}
|
|
5884
|
+
return null;
|
|
5885
|
+
};
|
|
5886
|
+
};
|
|
5887
|
+
var buildValidatorFromRules_default = buildValidatorFromRules;
|
|
5888
|
+
|
|
6148
5889
|
//#endregion
|
|
6149
5890
|
//#region src/utils/withVendorCSSClassPrefix.ts
|
|
6150
5891
|
/**
|
|
@@ -6446,6 +6187,9 @@ const en_US = {
|
|
|
6446
6187
|
"elements.fields.organization.select.label": "Select Organization",
|
|
6447
6188
|
"elements.fields.organization.select.placeholder": "Choose an organization",
|
|
6448
6189
|
"validations.required.field.error": "This field is required",
|
|
6190
|
+
"validation.pattern.invalid": "This value does not match the required format.",
|
|
6191
|
+
"validation.minLength.invalid": "This value is too short.",
|
|
6192
|
+
"validation.maxLength.invalid": "This value is too long.",
|
|
6449
6193
|
"signin.heading": "Sign In",
|
|
6450
6194
|
"signin.subheading": "Welcome back! Please sign in to continue.",
|
|
6451
6195
|
"signup.heading": "Sign Up",
|
|
@@ -6556,6 +6300,9 @@ const fr_FR = {
|
|
|
6556
6300
|
"elements.fields.organization.select.label": "Sélectionner l'organisation",
|
|
6557
6301
|
"elements.fields.organization.select.placeholder": "Choisissez une organisation",
|
|
6558
6302
|
"validations.required.field.error": "Ce champ est obligatoire",
|
|
6303
|
+
"validation.pattern.invalid": "Cette valeur ne correspond pas au format requis.",
|
|
6304
|
+
"validation.minLength.invalid": "Cette valeur est trop courte.",
|
|
6305
|
+
"validation.maxLength.invalid": "Cette valeur est trop longue.",
|
|
6559
6306
|
"signin.heading": "Se connecter",
|
|
6560
6307
|
"signin.subheading": "Entrez vos identifiants pour continuer.",
|
|
6561
6308
|
"signup.heading": "S'inscrire",
|
|
@@ -6666,6 +6413,9 @@ const te_IN = {
|
|
|
6666
6413
|
"elements.fields.organization.select.label": "ఆర్గనైజేషన్ను ఎంచుకోండి",
|
|
6667
6414
|
"elements.fields.organization.select.placeholder": "సంస్థను ఎంచుకోండి",
|
|
6668
6415
|
"validations.required.field.error": "ఈ ఫీల్డ్ అవసరం",
|
|
6416
|
+
"validation.pattern.invalid": "ఈ విలువ అవసరమైన ఆకృతికి సరిపోలడం లేదు.",
|
|
6417
|
+
"validation.minLength.invalid": "ఈ విలువ చాలా చిన్నది.",
|
|
6418
|
+
"validation.maxLength.invalid": "ఈ విలువ చాలా పెద్దది.",
|
|
6669
6419
|
"signin.heading": "సైన్ ఇన్ చేయండి",
|
|
6670
6420
|
"signin.subheading": "కొనసాగించడానికి మీ వివరాలు ఇవ్వండి.",
|
|
6671
6421
|
"signup.heading": "సైన్ అప్ చేయండి",
|
|
@@ -6776,6 +6526,9 @@ const hi_IN = {
|
|
|
6776
6526
|
"elements.fields.organization.select.label": "संगठन चुनें",
|
|
6777
6527
|
"elements.fields.organization.select.placeholder": "एक संगठन चुनें",
|
|
6778
6528
|
"validations.required.field.error": "यह फील्ड आवश्यक है",
|
|
6529
|
+
"validation.pattern.invalid": "यह मान आवश्यक प्रारूप से मेल नहीं खाता।",
|
|
6530
|
+
"validation.minLength.invalid": "यह मान बहुत छोटा है।",
|
|
6531
|
+
"validation.maxLength.invalid": "यह मान बहुत लंबा है।",
|
|
6779
6532
|
"signin.heading": "साइन इन",
|
|
6780
6533
|
"signin.subheading": "जारी रखने के लिए अपनी प्रमाणिक जानकारी दर्ज करें।",
|
|
6781
6534
|
"signup.heading": "साइन अप",
|
|
@@ -6886,6 +6639,9 @@ const pt_BR = {
|
|
|
6886
6639
|
"elements.fields.organization.select.label": "Selecionar Organização",
|
|
6887
6640
|
"elements.fields.organization.select.placeholder": "Selecione uma organização",
|
|
6888
6641
|
"validations.required.field.error": "Este campo é obrigatório",
|
|
6642
|
+
"validation.pattern.invalid": "Este valor não corresponde ao formato necessário.",
|
|
6643
|
+
"validation.minLength.invalid": "Este valor é muito curto.",
|
|
6644
|
+
"validation.maxLength.invalid": "Este valor é muito longo.",
|
|
6889
6645
|
"signin.heading": "Entrar",
|
|
6890
6646
|
"signin.subheading": "Digite suas credencias para continuar.",
|
|
6891
6647
|
"signup.heading": "Cadastra-se",
|
|
@@ -6996,6 +6752,9 @@ const pt_PT = {
|
|
|
6996
6752
|
"elements.fields.organization.select.label": "Selecionar Organização",
|
|
6997
6753
|
"elements.fields.organization.select.placeholder": "Selecione uma organização",
|
|
6998
6754
|
"validations.required.field.error": "Este campo é obrigatório",
|
|
6755
|
+
"validation.pattern.invalid": "Este valor não corresponde ao formato necessário.",
|
|
6756
|
+
"validation.minLength.invalid": "Este valor é demasiado curto.",
|
|
6757
|
+
"validation.maxLength.invalid": "Este valor é demasiado longo.",
|
|
6999
6758
|
"signin.heading": "Iniciar Sessão",
|
|
7000
6759
|
"signin.subheading": "Introduza as suas credenciais para continuar.",
|
|
7001
6760
|
"signup.heading": "Registar-se",
|
|
@@ -7106,6 +6865,9 @@ const ta_IN = {
|
|
|
7106
6865
|
"elements.fields.organization.select.label": "அமைப்பை தேர்ந்தெடு",
|
|
7107
6866
|
"elements.fields.organization.select.placeholder": "அமைப்பை தெரிந்தெடுக்கவும்",
|
|
7108
6867
|
"validations.required.field.error": "இந்த புலம் தேவை",
|
|
6868
|
+
"validation.pattern.invalid": "இந்த மதிப்பு தேவையான வடிவத்துடன் பொருந்தவில்லை.",
|
|
6869
|
+
"validation.minLength.invalid": "இந்த மதிப்பு மிகவும் குறுகியது.",
|
|
6870
|
+
"validation.maxLength.invalid": "இந்த மதிப்பு மிகவும் நீளமானது.",
|
|
7109
6871
|
"signin.heading": "உள்நுழை",
|
|
7110
6872
|
"signin.subheading": "தொடர உங்கள் சான்றுகளை உள்ளிடவும்.",
|
|
7111
6873
|
"signup.heading": "பதிவு செய்",
|
|
@@ -7216,6 +6978,9 @@ const si_LK = {
|
|
|
7216
6978
|
"elements.fields.organization.select.label": "සංවිධානය තෝරන්න",
|
|
7217
6979
|
"elements.fields.organization.select.placeholder": "සංවිධානයක් සැළුම් කරන්න",
|
|
7218
6980
|
"validations.required.field.error": "මෙම ක්ෂේත්රය අවශ්යයි",
|
|
6981
|
+
"validation.pattern.invalid": "මෙම අගය අවශ්ය ආකෘතියට නොගැලපේ.",
|
|
6982
|
+
"validation.minLength.invalid": "මෙම අගය ඉතා කෙටියි.",
|
|
6983
|
+
"validation.maxLength.invalid": "මෙම අගය ඉතා දිගයි.",
|
|
7219
6984
|
"signin.heading": "ලොග් වෙන්න",
|
|
7220
6985
|
"signin.subheading": "ඉදිරියට යාමට ඔබේ සත්යාපන තොරතුරු ඇතුළත් කරන්න.",
|
|
7221
6986
|
"signup.heading": "ලියාපදිංචි වන්න",
|
|
@@ -7374,34 +7139,26 @@ var normalizeTranslations_default = normalizeTranslations;
|
|
|
7374
7139
|
exports.ApplicationNativeAuthenticationConstants = ApplicationNativeAuthenticationConstants_default;
|
|
7375
7140
|
exports.AuthenticationHelper = AuthenticationHelper_default;
|
|
7376
7141
|
exports.DEFAULT_THEME = DEFAULT_THEME;
|
|
7142
|
+
exports.DEFAULT_VALIDATION_MESSAGE_KEYS = DEFAULT_VALIDATION_MESSAGE_KEYS;
|
|
7377
7143
|
exports.EMOJI_URI_SCHEME = EMOJI_URI_SCHEME;
|
|
7378
|
-
exports.
|
|
7144
|
+
exports.EmbeddedFlowActionVariant = EmbeddedFlowActionVariant;
|
|
7379
7145
|
exports.EmbeddedFlowComponentType = EmbeddedFlowComponentType;
|
|
7380
|
-
exports.
|
|
7381
|
-
exports.EmbeddedFlowEventTypeV2 = EmbeddedFlowEventType;
|
|
7146
|
+
exports.EmbeddedFlowEventType = EmbeddedFlowEventType;
|
|
7382
7147
|
exports.EmbeddedFlowResponseType = EmbeddedFlowResponseType;
|
|
7383
|
-
exports.
|
|
7384
|
-
exports.EmbeddedFlowTextVariantV2 = EmbeddedFlowTextVariant;
|
|
7148
|
+
exports.EmbeddedFlowTextVariant = EmbeddedFlowTextVariant;
|
|
7385
7149
|
exports.EmbeddedFlowType = EmbeddedFlowType;
|
|
7386
|
-
exports.
|
|
7387
|
-
exports.
|
|
7388
|
-
exports.EmbeddedSignInFlowAuthenticatorKnownIdPType = EmbeddedSignInFlowAuthenticatorKnownIdPType;
|
|
7389
|
-
exports.EmbeddedSignInFlowAuthenticatorParamType = EmbeddedSignInFlowAuthenticatorParamType;
|
|
7390
|
-
exports.EmbeddedSignInFlowAuthenticatorPromptType = EmbeddedSignInFlowAuthenticatorPromptType;
|
|
7150
|
+
exports.EmbeddedRecoveryFlowStatus = EmbeddedRecoveryFlowStatus;
|
|
7151
|
+
exports.EmbeddedRecoveryFlowType = EmbeddedRecoveryFlowType;
|
|
7391
7152
|
exports.EmbeddedSignInFlowStatus = EmbeddedSignInFlowStatus;
|
|
7392
|
-
exports.EmbeddedSignInFlowStatusV2 = EmbeddedSignInFlowStatus$1;
|
|
7393
|
-
exports.EmbeddedSignInFlowStepType = EmbeddedSignInFlowStepType;
|
|
7394
7153
|
exports.EmbeddedSignInFlowType = EmbeddedSignInFlowType;
|
|
7395
|
-
exports.
|
|
7396
|
-
exports.
|
|
7397
|
-
exports.EmbeddedSignUpFlowTypeV2 = EmbeddedSignUpFlowType;
|
|
7154
|
+
exports.EmbeddedSignUpFlowStatus = EmbeddedSignUpFlowStatus;
|
|
7155
|
+
exports.EmbeddedSignUpFlowType = EmbeddedSignUpFlowType;
|
|
7398
7156
|
exports.FieldType = FieldType;
|
|
7399
7157
|
exports.FlowMetaType = FlowMetaType;
|
|
7400
7158
|
exports.FlowMode = FlowMode;
|
|
7401
7159
|
exports.HttpClient = HttpClient;
|
|
7402
7160
|
exports.IsomorphicCrypto = IsomorphicCrypto;
|
|
7403
7161
|
exports.OIDCRequestConstants = OIDCRequestConstants_default;
|
|
7404
|
-
exports.Platform = Platform;
|
|
7405
7162
|
exports.StorageManager = StorageManager_default;
|
|
7406
7163
|
exports.ThunderIDAPIError = ThunderIDAPIError;
|
|
7407
7164
|
exports.ThunderIDAuthException = ThunderIDAuthException;
|
|
@@ -7415,6 +7172,7 @@ exports.WellKnownSchemaIds = WellKnownSchemaIds;
|
|
|
7415
7172
|
exports.arrayBufferToBase64url = arrayBufferToBase64url_default;
|
|
7416
7173
|
exports.base64urlToArrayBuffer = base64urlToArrayBuffer_default;
|
|
7417
7174
|
exports.bem = bem_default;
|
|
7175
|
+
exports.buildValidatorFromRules = buildValidatorFromRules_default;
|
|
7418
7176
|
exports.configureLogger = configure;
|
|
7419
7177
|
exports.countryCodeToFlagEmoji = countryCodeToFlagEmoji;
|
|
7420
7178
|
exports.createComponentLogger = createComponentLogger;
|
|
@@ -7428,12 +7186,11 @@ exports.debug = debug;
|
|
|
7428
7186
|
exports.deepMerge = deepMerge_default;
|
|
7429
7187
|
exports.deriveOrganizationHandleFromBaseUrl = deriveOrganizationHandleFromBaseUrl_default;
|
|
7430
7188
|
exports.error = error;
|
|
7431
|
-
exports.
|
|
7189
|
+
exports.evaluateValidationRule = evaluateValidationRule_default;
|
|
7190
|
+
exports.executeEmbeddedRecoveryFlow = executeEmbeddedRecoveryFlow_default;
|
|
7432
7191
|
exports.executeEmbeddedSignInFlow = executeEmbeddedSignInFlow_default;
|
|
7433
|
-
exports.executeEmbeddedSignInFlowV2 = executeEmbeddedSignInFlowV2_default;
|
|
7434
7192
|
exports.executeEmbeddedSignUpFlow = executeEmbeddedSignUpFlow_default;
|
|
7435
|
-
exports.
|
|
7436
|
-
exports.executeEmbeddedUserOnboardingFlowV2 = executeEmbeddedUserOnboardingFlowV2_default;
|
|
7193
|
+
exports.executeEmbeddedUserOnboardingFlow = executeEmbeddedUserOnboardingFlow_default;
|
|
7437
7194
|
exports.extractEmojiFromUri = extractEmojiFromUri_default;
|
|
7438
7195
|
exports.extractPkceStorageKeyFromState = extractPkceStorageKeyFromState_default;
|
|
7439
7196
|
exports.extractUserClaimsFromIdToken = extractUserClaimsFromIdToken_default;
|
|
@@ -7445,7 +7202,7 @@ exports.get = get_default;
|
|
|
7445
7202
|
exports.getAllOrganizations = getAllOrganizations_default;
|
|
7446
7203
|
exports.getBrandingPreference = getBrandingPreference_default;
|
|
7447
7204
|
exports.getDefaultI18nBundles = getDefaultI18nBundles_default;
|
|
7448
|
-
exports.
|
|
7205
|
+
exports.getFlowMeta = getFlowMeta_default;
|
|
7449
7206
|
exports.getLatestStateParam = getLatestStateParam_default;
|
|
7450
7207
|
exports.getMeOrganizations = getMeOrganizations_default;
|
|
7451
7208
|
exports.getOrganization = getOrganization_default;
|
|
@@ -7454,9 +7211,7 @@ exports.getRedirectBasedSignUpUrl = getRedirectBasedSignUpUrl_default;
|
|
|
7454
7211
|
exports.getSchemas = getSchemas_default;
|
|
7455
7212
|
exports.getScim2Me = getScim2Me_default;
|
|
7456
7213
|
exports.getUserInfo = getUserInfo_default;
|
|
7457
|
-
exports.identifyPlatform = identifyPlatform_default;
|
|
7458
7214
|
exports.info = info;
|
|
7459
|
-
exports.initializeEmbeddedSignInFlow = initializeEmbeddedSignInFlow_default;
|
|
7460
7215
|
exports.isEmojiUri = isEmojiUri_default;
|
|
7461
7216
|
exports.isEmpty = isEmpty_default;
|
|
7462
7217
|
exports.isRecognizedBaseUrlPattern = isRecognizedBaseUrlPattern_default;
|
|
@@ -7466,7 +7221,6 @@ exports.processOpenIDScopes = processOpenIDScopes_default;
|
|
|
7466
7221
|
exports.processUsername = processUsername_default;
|
|
7467
7222
|
exports.removeTrailingSlash = removeTrailingSlash_default;
|
|
7468
7223
|
exports.resolveFieldName = resolveFieldName_default;
|
|
7469
|
-
exports.resolveFieldType = resolveFieldType_default;
|
|
7470
7224
|
exports.resolveFlowTemplateLiterals = resolveFlowTemplateLiterals;
|
|
7471
7225
|
exports.resolveLocaleDisplayName = resolveLocaleDisplayName;
|
|
7472
7226
|
exports.resolveLocaleEmoji = resolveLocaleEmoji_default;
|