@thunderid/javascript 0.3.0 → 0.3.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (150) hide show
  1. package/dist/StorageManager.d.ts +2 -2
  2. package/dist/StorageManager.d.ts.map +1 -1
  3. package/dist/ThunderIDJavaScriptClient.d.ts +2 -12
  4. package/dist/ThunderIDJavaScriptClient.d.ts.map +1 -1
  5. package/dist/api/{v2/executeEmbeddedRecoveryFlowV2.d.ts → executeEmbeddedRecoveryFlow.d.ts} +7 -7
  6. package/dist/api/executeEmbeddedRecoveryFlow.d.ts.map +1 -0
  7. package/dist/api/executeEmbeddedSignInFlow.d.ts +3 -3
  8. package/dist/api/executeEmbeddedSignInFlow.d.ts.map +1 -1
  9. package/dist/api/executeEmbeddedSignUpFlow.d.ts +4 -27
  10. package/dist/api/executeEmbeddedSignUpFlow.d.ts.map +1 -1
  11. package/dist/api/{v2/executeEmbeddedUserOnboardingFlowV2.d.ts → executeEmbeddedUserOnboardingFlow.d.ts} +6 -6
  12. package/dist/api/executeEmbeddedUserOnboardingFlow.d.ts.map +1 -0
  13. package/dist/api/{v2/getFlowMetaV2.d.ts → getFlowMeta.d.ts} +7 -7
  14. package/dist/api/getFlowMeta.d.ts.map +1 -0
  15. package/dist/api/getOrganizationUnitChildren.d.ts +86 -0
  16. package/dist/api/getOrganizationUnitChildren.d.ts.map +1 -0
  17. package/dist/cjs/index.cjs +1440 -2496
  18. package/dist/edge/index.js +1428 -2464
  19. package/dist/errors/exception.d.ts +1 -3
  20. package/dist/errors/exception.d.ts.map +1 -1
  21. package/dist/i18n/models/i18n.d.ts +3 -0
  22. package/dist/i18n/models/i18n.d.ts.map +1 -1
  23. package/dist/i18n/translations/en-US.d.ts.map +1 -1
  24. package/dist/i18n/translations/fr-FR.d.ts.map +1 -1
  25. package/dist/i18n/translations/hi-IN.d.ts.map +1 -1
  26. package/dist/i18n/translations/ja-JP.d.ts.map +1 -1
  27. package/dist/i18n/translations/pt-BR.d.ts.map +1 -1
  28. package/dist/i18n/translations/pt-PT.d.ts.map +1 -1
  29. package/dist/i18n/translations/si-LK.d.ts.map +1 -1
  30. package/dist/i18n/translations/ta-IN.d.ts.map +1 -1
  31. package/dist/i18n/translations/te-IN.d.ts.map +1 -1
  32. package/dist/index.d.ts +29 -53
  33. package/dist/index.d.ts.map +1 -1
  34. package/dist/index.js +1428 -2464
  35. package/dist/models/client.d.ts +3 -53
  36. package/dist/models/client.d.ts.map +1 -1
  37. package/dist/models/config.d.ts +1 -16
  38. package/dist/models/config.d.ts.map +1 -1
  39. package/dist/models/embedded-flow.d.ts +572 -92
  40. package/dist/models/embedded-flow.d.ts.map +1 -1
  41. package/dist/models/{v2/embedded-recovery-flow-v2.d.ts → embedded-recovery-flow.d.ts} +2 -3
  42. package/dist/models/embedded-recovery-flow.d.ts.map +1 -0
  43. package/dist/models/embedded-signin-flow.d.ts +310 -66
  44. package/dist/models/embedded-signin-flow.d.ts.map +1 -1
  45. package/dist/models/{v2/embedded-signup-flow-v2.d.ts → embedded-signup-flow.d.ts} +4 -5
  46. package/dist/models/embedded-signup-flow.d.ts.map +1 -0
  47. package/dist/models/extensions/components.d.ts +55 -0
  48. package/dist/models/extensions/components.d.ts.map +1 -0
  49. package/dist/models/{v2/flow-meta-v2.d.ts → flow-meta.d.ts} +1 -1
  50. package/dist/models/flow-meta.d.ts.map +1 -0
  51. package/dist/models/translation.d.ts.map +1 -0
  52. package/dist/models/{v2/vars.d.ts → vars.d.ts} +1 -1
  53. package/dist/models/vars.d.ts.map +1 -0
  54. package/dist/utils/buildValidatorFromRules.d.ts +31 -0
  55. package/dist/utils/buildValidatorFromRules.d.ts.map +1 -0
  56. package/dist/utils/containsMetaFlowTemplateLiteral.d.ts.map +1 -0
  57. package/dist/utils/countryCodeToFlagEmoji.d.ts.map +1 -0
  58. package/dist/utils/evaluateValidationRule.d.ts +42 -0
  59. package/dist/utils/evaluateValidationRule.d.ts.map +1 -0
  60. package/dist/utils/extractEmojiFromUri.d.ts.map +1 -0
  61. package/dist/utils/getRedirectBasedSignUpUrl.d.ts +1 -1
  62. package/dist/utils/getRedirectBasedSignUpUrl.d.ts.map +1 -1
  63. package/dist/utils/injectRequestedPermissions.d.ts.map +1 -0
  64. package/dist/utils/isEmojiUri.d.ts.map +1 -0
  65. package/dist/utils/isMetaFlowTemplateLiteral.d.ts.map +1 -0
  66. package/dist/utils/isTranslationFlowTemplateLiteral.d.ts.map +1 -0
  67. package/dist/utils/parseApiErrorMessage.d.ts.map +1 -1
  68. package/dist/utils/parseFlowTemplateLiteral.d.ts.map +1 -0
  69. package/dist/utils/{v2/resolveFlowTemplateLiterals.d.ts → resolveFlowTemplateLiterals.d.ts} +2 -2
  70. package/dist/utils/resolveFlowTemplateLiterals.d.ts.map +1 -0
  71. package/dist/utils/resolveLocaleDisplayName.d.ts.map +1 -0
  72. package/dist/utils/resolveLocaleEmoji.d.ts.map +1 -0
  73. package/dist/utils/{v2/resolveMeta.d.ts → resolveMeta.d.ts} +1 -1
  74. package/dist/utils/resolveMeta.d.ts.map +1 -0
  75. package/package.json +7 -7
  76. package/dist/api/createOrganization.d.ts +0 -130
  77. package/dist/api/createOrganization.d.ts.map +0 -1
  78. package/dist/api/getAllOrganizations.d.ts +0 -104
  79. package/dist/api/getAllOrganizations.d.ts.map +0 -1
  80. package/dist/api/getBrandingPreference.d.ts +0 -104
  81. package/dist/api/getBrandingPreference.d.ts.map +0 -1
  82. package/dist/api/getMeOrganizations.d.ts +0 -120
  83. package/dist/api/getMeOrganizations.d.ts.map +0 -1
  84. package/dist/api/getOrganization.d.ts +0 -110
  85. package/dist/api/getOrganization.d.ts.map +0 -1
  86. package/dist/api/initializeEmbeddedSignInFlow.d.ts +0 -52
  87. package/dist/api/initializeEmbeddedSignInFlow.d.ts.map +0 -1
  88. package/dist/api/updateOrganization.d.ts +0 -119
  89. package/dist/api/updateOrganization.d.ts.map +0 -1
  90. package/dist/api/v2/executeEmbeddedRecoveryFlowV2.d.ts.map +0 -1
  91. package/dist/api/v2/executeEmbeddedSignInFlowV2.d.ts +0 -22
  92. package/dist/api/v2/executeEmbeddedSignInFlowV2.d.ts.map +0 -1
  93. package/dist/api/v2/executeEmbeddedSignUpFlowV2.d.ts +0 -22
  94. package/dist/api/v2/executeEmbeddedSignUpFlowV2.d.ts.map +0 -1
  95. package/dist/api/v2/executeEmbeddedUserOnboardingFlowV2.d.ts.map +0 -1
  96. package/dist/api/v2/getFlowMetaV2.d.ts.map +0 -1
  97. package/dist/api/v2/getOrganizationUnitChildren.d.ts +0 -43
  98. package/dist/api/v2/getOrganizationUnitChildren.d.ts.map +0 -1
  99. package/dist/constants/v2/OIDCDiscoveryConstants.d.ts +0 -40
  100. package/dist/constants/v2/OIDCDiscoveryConstants.d.ts.map +0 -1
  101. package/dist/models/branding-preference.d.ts +0 -249
  102. package/dist/models/branding-preference.d.ts.map +0 -1
  103. package/dist/models/organization.d.ts +0 -34
  104. package/dist/models/organization.d.ts.map +0 -1
  105. package/dist/models/platforms.d.ts +0 -33
  106. package/dist/models/platforms.d.ts.map +0 -1
  107. package/dist/models/v2/embedded-flow-v2.d.ts +0 -550
  108. package/dist/models/v2/embedded-flow-v2.d.ts.map +0 -1
  109. package/dist/models/v2/embedded-recovery-flow-v2.d.ts.map +0 -1
  110. package/dist/models/v2/embedded-signin-flow-v2.d.ts +0 -345
  111. package/dist/models/v2/embedded-signin-flow-v2.d.ts.map +0 -1
  112. package/dist/models/v2/embedded-signup-flow-v2.d.ts.map +0 -1
  113. package/dist/models/v2/extensions/components.d.ts +0 -89
  114. package/dist/models/v2/extensions/components.d.ts.map +0 -1
  115. package/dist/models/v2/flow-meta-v2.d.ts.map +0 -1
  116. package/dist/models/v2/organization-unit.d.ts +0 -103
  117. package/dist/models/v2/organization-unit.d.ts.map +0 -1
  118. package/dist/models/v2/translation.d.ts.map +0 -1
  119. package/dist/models/v2/vars.d.ts.map +0 -1
  120. package/dist/utils/deriveOrganizationHandleFromBaseUrl.d.ts +0 -40
  121. package/dist/utils/deriveOrganizationHandleFromBaseUrl.d.ts.map +0 -1
  122. package/dist/utils/identifyPlatform.d.ts +0 -31
  123. package/dist/utils/identifyPlatform.d.ts.map +0 -1
  124. package/dist/utils/resolveFieldType.d.ts +0 -21
  125. package/dist/utils/resolveFieldType.d.ts.map +0 -1
  126. package/dist/utils/transformBrandingPreferenceToTheme.d.ts +0 -49
  127. package/dist/utils/transformBrandingPreferenceToTheme.d.ts.map +0 -1
  128. package/dist/utils/v2/containsMetaFlowTemplateLiteral.d.ts.map +0 -1
  129. package/dist/utils/v2/countryCodeToFlagEmoji.d.ts.map +0 -1
  130. package/dist/utils/v2/extractEmojiFromUri.d.ts.map +0 -1
  131. package/dist/utils/v2/injectRequestedPermissions.d.ts.map +0 -1
  132. package/dist/utils/v2/isEmojiUri.d.ts.map +0 -1
  133. package/dist/utils/v2/isMetaFlowTemplateLiteral.d.ts.map +0 -1
  134. package/dist/utils/v2/isTranslationFlowTemplateLiteral.d.ts.map +0 -1
  135. package/dist/utils/v2/parseFlowTemplateLiteral.d.ts.map +0 -1
  136. package/dist/utils/v2/resolveFlowTemplateLiterals.d.ts.map +0 -1
  137. package/dist/utils/v2/resolveLocaleDisplayName.d.ts.map +0 -1
  138. package/dist/utils/v2/resolveLocaleEmoji.d.ts.map +0 -1
  139. package/dist/utils/v2/resolveMeta.d.ts.map +0 -1
  140. /package/dist/models/{v2/translation.d.ts → translation.d.ts} +0 -0
  141. /package/dist/utils/{v2/containsMetaFlowTemplateLiteral.d.ts → containsMetaFlowTemplateLiteral.d.ts} +0 -0
  142. /package/dist/utils/{v2/countryCodeToFlagEmoji.d.ts → countryCodeToFlagEmoji.d.ts} +0 -0
  143. /package/dist/utils/{v2/extractEmojiFromUri.d.ts → extractEmojiFromUri.d.ts} +0 -0
  144. /package/dist/utils/{v2/injectRequestedPermissions.d.ts → injectRequestedPermissions.d.ts} +0 -0
  145. /package/dist/utils/{v2/isEmojiUri.d.ts → isEmojiUri.d.ts} +0 -0
  146. /package/dist/utils/{v2/isMetaFlowTemplateLiteral.d.ts → isMetaFlowTemplateLiteral.d.ts} +0 -0
  147. /package/dist/utils/{v2/isTranslationFlowTemplateLiteral.d.ts → isTranslationFlowTemplateLiteral.d.ts} +0 -0
  148. /package/dist/utils/{v2/parseFlowTemplateLiteral.d.ts → parseFlowTemplateLiteral.d.ts} +0 -0
  149. /package/dist/utils/{v2/resolveLocaleDisplayName.d.ts → resolveLocaleDisplayName.d.ts} +0 -0
  150. /package/dist/utils/{v2/resolveLocaleEmoji.d.ts → resolveLocaleEmoji.d.ts} +0 -0
@@ -102,12 +102,10 @@ var TokenConstants_default = TokenConstants;
102
102
  /**
103
103
  * @deprecated Use `ThunderIDRuntimeError` for runtime errors and `ThunderIDAPIError` for API errors.
104
104
  */
105
- var ThunderIDAuthException = class {
106
- name;
105
+ var ThunderIDAuthException = class extends Error {
107
106
  code;
108
- message;
109
107
  constructor(code, name, message) {
110
- this.message = message;
108
+ super(message);
111
109
  this.name = name;
112
110
  this.code = code;
113
111
  Object.setPrototypeOf(this, new.target.prototype);
@@ -349,101 +347,91 @@ var ThunderIDAPIError = class extends ThunderIDError {
349
347
  };
350
348
 
351
349
  //#endregion
352
- //#region src/api/initializeEmbeddedSignInFlow.ts
350
+ //#region src/models/embedded-signin-flow.ts
353
351
  /**
354
- * Sends an authorization request to the specified OAuth2/OIDC authorization endpoint.
352
+ * Status enumeration for ThunderID embedded sign-in flow operations.
355
353
  *
356
- * @param requestConfig - Request configuration object containing URL and payload.
357
- * @returns A promise that resolves with the authorization response.
358
- * @throws ThunderIDAPIError when the request fails or URL is invalid.
354
+ * These statuses indicate the current state of the sign-in flow and determine
355
+ * the next action required by the client application. Each status provides
356
+ * specific guidance on how to proceed with the authentication process.
359
357
  *
360
358
  * @example
361
359
  * ```typescript
362
- * try {
363
- * const authResponse = await initializeEmbeddedSignInFlow({
364
- * url: "https://localhost:8090/oauth2/authorize",
365
- * payload: {
366
- * response_type: "code",
367
- * client_id: "your-client-id",
368
- * redirect_uri: "https://your-app.com/callback",
369
- * scope: "openid profile email",
370
- * state: "random-state-value",
371
- * code_challenge: "your-pkce-challenge",
372
- * code_challenge_method: "S256"
373
- * }
374
- * });
375
- * console.log(authResponse);
376
- * } catch (error) {
377
- * if (error instanceof ThunderIDAPIError) {
378
- * console.error('Authorization failed:', error.message);
379
- * }
360
+ * switch (response.flowStatus) {
361
+ * case EmbeddedSignInFlowStatus.Incomplete:
362
+ * // More user input needed - render form components
363
+ * break;
364
+ * case EmbeddedSignInFlowStatus.Complete:
365
+ * // Authentication successful - handle completion
366
+ * break;
367
+ * case EmbeddedSignInFlowStatus.Error:
368
+ * // Authentication failed - show error message
369
+ * break;
380
370
  * }
381
371
  * ```
372
+ *
373
+ * @experimental Part of the new ThunderID API
382
374
  */
383
- const initializeEmbeddedSignInFlow = async ({ url, baseUrl, payload,...requestConfig }) => {
384
- try {
385
- new URL(url ?? baseUrl);
386
- } catch (error$1) {
387
- throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "getSchemas-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
388
- }
389
- if (!payload) throw new ThunderIDAPIError("Authorization payload is required", "initializeEmbeddedSignInFlow-ValidationError-002", "javascript", 400, "If an authorization payload is not provided, the request cannot be constructed correctly.");
390
- const searchParams = new URLSearchParams();
391
- Object.entries(payload).forEach(([key, value]) => {
392
- if (value !== void 0 && value !== null) searchParams.append(key, String(value));
393
- });
394
- try {
395
- const response = await fetch(url ?? `${baseUrl}/oauth2/authorize`, {
396
- ...requestConfig,
397
- body: searchParams.toString(),
398
- headers: {
399
- ...requestConfig.headers,
400
- Accept: "application/json",
401
- "Content-Type": "application/x-www-form-urlencoded"
402
- },
403
- method: requestConfig.method || "POST"
404
- });
405
- if (!response.ok) throw new ThunderIDAPIError(await response.text(), "initializeEmbeddedSignInFlow-ResponseError-001", "javascript", response.status, response.statusText, "Authorization request failed");
406
- return await response.json();
407
- } catch (error$1) {
408
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
409
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "initializeEmbeddedSignInFlow-NetworkError-001", "javascript", 0, "Network Error");
410
- }
411
- };
412
- var initializeEmbeddedSignInFlow_default = initializeEmbeddedSignInFlow;
413
-
414
- //#endregion
415
- //#region src/api/executeEmbeddedSignInFlow.ts
416
- const executeEmbeddedSignInFlow = async ({ url, baseUrl, payload,...requestConfig }) => {
417
- try {
418
- new URL(url ?? baseUrl);
419
- } catch (error$1) {
420
- throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "executeEmbeddedSignInFlow-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
421
- }
422
- if (!payload) throw new ThunderIDAPIError("Authorization payload is required", "executeEmbeddedSignInFlow-ValidationError-002", "javascript", 400, "If an authorization payload is not provided, the request cannot be constructed correctly.");
423
- try {
424
- const response = await fetch(url ?? `${baseUrl}/oauth2/authn`, {
425
- ...requestConfig,
426
- body: JSON.stringify(payload),
427
- headers: {
428
- Accept: "application/json",
429
- "Content-Type": "application/json",
430
- ...requestConfig.headers
431
- },
432
- method: requestConfig.method || "POST"
433
- });
434
- if (!response.ok) throw new ThunderIDAPIError(await response.text(), "initializeEmbeddedSignInFlow-ResponseError-001", "javascript", response.status, response.statusText, "Authorization request failed");
435
- return await response.json();
436
- } catch (error$1) {
437
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
438
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "executeEmbeddedSignInFlow-NetworkError-001", "javascript", 0, "Network Error");
439
- }
440
- };
441
- var executeEmbeddedSignInFlow_default = executeEmbeddedSignInFlow;
375
+ let EmbeddedSignInFlowStatus = /* @__PURE__ */ function(EmbeddedSignInFlowStatus$1) {
376
+ /**
377
+ * Sign-in flow completed successfully.
378
+ *
379
+ * The user has been authenticated and the flow can proceed to
380
+ * OAuth2 completion or redirection. Check for redirectUrl or
381
+ * assertion data in the response.
382
+ */
383
+ EmbeddedSignInFlowStatus$1["Complete"] = "COMPLETE";
384
+ /**
385
+ * Sign-in flow encountered an error.
386
+ *
387
+ * Authentication failed due to invalid credentials, system error,
388
+ * or other issues. Check error details in the response and handle
389
+ * appropriately (retry, show error message, etc.).
390
+ */
391
+ EmbeddedSignInFlowStatus$1["Error"] = "ERROR";
392
+ /**
393
+ * Sign-in flow requires additional user input.
394
+ *
395
+ * More authentication steps are needed. The response will contain
396
+ * components in data.meta.components that should be rendered to
397
+ * collect additional user input (e.g., MFA, password, etc.).
398
+ */
399
+ EmbeddedSignInFlowStatus$1["Incomplete"] = "INCOMPLETE";
400
+ return EmbeddedSignInFlowStatus$1;
401
+ }({});
402
+ /**
403
+ * Type enumeration for ThunderID embedded sign-in flow responses.
404
+ *
405
+ * Determines the nature of the flow response and how the client should
406
+ * handle the returned data. This affects both UI rendering and flow
407
+ * continuation logic.
408
+ *
409
+ * @experimental Part of the new ThunderID API
410
+ */
411
+ let EmbeddedSignInFlowType = /* @__PURE__ */ function(EmbeddedSignInFlowType$1) {
412
+ /**
413
+ * Response requires external redirection.
414
+ *
415
+ * Used for social login providers, external identity providers,
416
+ * or other flows that require navigating to an external URL.
417
+ * The response will contain redirection information.
418
+ */
419
+ EmbeddedSignInFlowType$1["Redirection"] = "REDIRECTION";
420
+ /**
421
+ * Response contains view components for rendering.
422
+ *
423
+ * Standard embedded flow response containing UI components
424
+ * that should be rendered within the current application
425
+ * context. Most common type for embedded authentication.
426
+ */
427
+ EmbeddedSignInFlowType$1["View"] = "VIEW";
428
+ return EmbeddedSignInFlowType$1;
429
+ }({});
442
430
 
443
431
  //#endregion
444
- //#region src/models/embedded-flow.ts
432
+ //#region src/utils/injectRequestedPermissions.ts
445
433
  /**
446
- * Copyright (c) 2025-2026, WSO2 LLC. (https://www.wso2.com).
434
+ * Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
447
435
  *
448
436
  * WSO2 LLC. licenses this file to you under the Apache License,
449
437
  * Version 2.0 (the "License"); you may not use this file except
@@ -459,140 +447,286 @@ var executeEmbeddedSignInFlow_default = executeEmbeddedSignInFlow;
459
447
  * specific language governing permissions and limitations
460
448
  * under the License.
461
449
  */
462
- let EmbeddedFlowType = /* @__PURE__ */ function(EmbeddedFlowType$1) {
463
- EmbeddedFlowType$1["Authentication"] = "AUTHENTICATION";
464
- EmbeddedFlowType$1["Recovery"] = "RECOVERY";
465
- EmbeddedFlowType$1["Registration"] = "REGISTRATION";
466
- EmbeddedFlowType$1["UserOnboarding"] = "USER_ONBOARDING";
467
- return EmbeddedFlowType$1;
468
- }({});
469
- let EmbeddedFlowStatus = /* @__PURE__ */ function(EmbeddedFlowStatus$1) {
470
- EmbeddedFlowStatus$1["Complete"] = "COMPLETE";
471
- EmbeddedFlowStatus$1["Incomplete"] = "INCOMPLETE";
472
- return EmbeddedFlowStatus$1;
473
- }({});
474
- let EmbeddedFlowResponseType = /* @__PURE__ */ function(EmbeddedFlowResponseType$1) {
475
- EmbeddedFlowResponseType$1["Redirection"] = "REDIRECTION";
476
- EmbeddedFlowResponseType$1["View"] = "VIEW";
477
- return EmbeddedFlowResponseType$1;
478
- }({});
479
- let EmbeddedFlowComponentType = /* @__PURE__ */ function(EmbeddedFlowComponentType$2) {
480
- EmbeddedFlowComponentType$2["Button"] = "BUTTON";
481
- EmbeddedFlowComponentType$2["Checkbox"] = "CHECKBOX";
482
- EmbeddedFlowComponentType$2["Divider"] = "DIVIDER";
483
- EmbeddedFlowComponentType$2["Form"] = "FORM";
484
- EmbeddedFlowComponentType$2["Image"] = "IMAGE";
485
- EmbeddedFlowComponentType$2["Input"] = "INPUT";
486
- EmbeddedFlowComponentType$2["Radio"] = "RADIO";
487
- EmbeddedFlowComponentType$2["Select"] = "SELECT";
488
- EmbeddedFlowComponentType$2["Typography"] = "TYPOGRAPHY";
489
- return EmbeddedFlowComponentType$2;
490
- }({});
491
-
492
- //#endregion
493
- //#region src/api/executeEmbeddedSignUpFlow.ts
494
450
  /**
495
- * Executes an embedded signup flow by sending a request to the specified flow execution endpoint.
496
- *
497
- * @param requestConfig - Request configuration object containing URL and payload.
498
- * @returns A promise that resolves with the flow execution response.
499
- * @throws ThunderIDAPIError when the request fails or URL is invalid.
451
+ * Strips the top-level `scopes` field from a payload and injects it as
452
+ * `inputs.requested_permissions` (space-separated string).
500
453
  *
501
- * @example
502
- * ```typescript
503
- * try {
504
- * const embeddedSignUpResponse = await executeEmbeddedSignUpFlow({
505
- * url: "https://localhost:8090/api/server/v1/flow/execute",
506
- * payload: {
507
- * flowType: "REGISTRATION"
508
- * }
509
- * });
510
- * console.log(embeddedSignUpResponse);
511
- * } catch (error) {
512
- * if (error instanceof ThunderIDAPIError) {
513
- * console.error('Embedded SignUp flow execution failed:', error.message);
514
- * }
515
- * }
516
- * ```
454
+ * The backend reads requested_permissions from UserInputs (the `inputs` map), not a top-level field.
517
455
  */
518
- const executeEmbeddedSignUpFlow = async ({ url, baseUrl, payload,...requestConfig }) => {
519
- if (!baseUrl && !url) throw new ThunderIDAPIError("Embedded SignUp flow execution failed: Base URL or URL is not provided.", "javascript-executeEmbeddedSignUpFlow-ValidationError-001", "javascript", 400, "At least one of the baseUrl or url must be provided to execute the embedded sign up flow.");
520
- try {
521
- new URL(url ?? baseUrl);
522
- } catch (error$1) {
523
- throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "executeEmbeddedSignUpFlow-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
524
- }
525
- try {
526
- const response = await fetch(url ?? `${baseUrl}/api/server/v1/flow/execute`, {
527
- ...requestConfig,
456
+ const injectRequestedPermissions = (payload) => {
457
+ const { scopes,...rest } = payload;
458
+ const normalizedScopes = Array.isArray(scopes) ? scopes.map((s) => String(s).trim()).filter(Boolean).join(" ") : typeof scopes === "string" ? scopes.trim() : "";
459
+ if (!normalizedScopes) return rest;
460
+ const existingInputs = rest["inputs"] != null && typeof rest["inputs"] === "object" && !Array.isArray(rest["inputs"]) ? rest["inputs"] : {};
461
+ return {
462
+ ...rest,
463
+ inputs: {
464
+ ...existingInputs,
465
+ requested_permissions: normalizedScopes
466
+ }
467
+ };
468
+ };
469
+ var injectRequestedPermissions_default = injectRequestedPermissions;
470
+
471
+ //#endregion
472
+ //#region src/api/executeEmbeddedSignInFlow.ts
473
+ const executeEmbeddedSignInFlow = async ({ url, baseUrl, payload, authId,...requestConfig }) => {
474
+ if (!payload) throw new ThunderIDAPIError("Authorization payload is required", "executeEmbeddedSignInFlow-ValidationError-002", "javascript", 400, "If an authorization payload is not provided, the request cannot be constructed correctly.");
475
+ const endpoint = url ?? `${baseUrl}/flow/execute`;
476
+ const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
477
+ const isNewFlowStart = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload;
478
+ const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
479
+ const basePayload = isNewFlowStart ? injectRequestedPermissions_default(cleanPayload) : cleanPayload;
480
+ const requestPayload = isNewFlowStart || hasOnlyFlowId ? {
481
+ ...basePayload,
482
+ verbose: true
483
+ } : basePayload;
484
+ const response = await fetch(endpoint, {
485
+ ...requestConfig,
486
+ body: JSON.stringify(requestPayload),
487
+ headers: {
488
+ Accept: "application/json",
489
+ "Content-Type": "application/json",
490
+ ...requestConfig.headers
491
+ },
492
+ method: requestConfig.method || "POST"
493
+ });
494
+ if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedSignInFlow-ResponseError-001", "javascript", response.status, response.statusText, "Authorization request failed");
495
+ const flowResponse = await response.json();
496
+ if (flowResponse.flowStatus === EmbeddedSignInFlowStatus.Complete && flowResponse.assertion && authId) try {
497
+ const oauth2Response = await fetch(`${baseUrl}/oauth2/auth/callback`, {
528
498
  body: JSON.stringify({
529
- ...payload ?? {},
530
- flowType: EmbeddedFlowType.Registration
499
+ assertion: flowResponse.assertion,
500
+ authId
531
501
  }),
502
+ credentials: "include",
532
503
  headers: {
533
504
  Accept: "application/json",
534
505
  "Content-Type": "application/json",
535
506
  ...requestConfig.headers
536
507
  },
537
- method: requestConfig.method || "POST"
508
+ method: "POST"
538
509
  });
539
- if (!response.ok) throw new ThunderIDAPIError(await response.text(), "javascript-executeEmbeddedSignUpFlow-ResponseError-100", "javascript", response.status, response.statusText, "Embedded SignUp flow execution failed");
540
- return await response.json();
541
- } catch (error$1) {
542
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
543
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "executeEmbeddedSignUpFlow-NetworkError-001", "javascript", 0, "Network Error");
510
+ if (!oauth2Response.ok) throw new ThunderIDAPIError(await oauth2Response.text(), "executeEmbeddedSignInFlow-OAuth2Error-002", "javascript", oauth2Response.status, oauth2Response.statusText, "OAuth2 authorization failed");
511
+ const oauth2Result = await oauth2Response.json();
512
+ return {
513
+ flowStatus: flowResponse.flowStatus,
514
+ redirectUrl: oauth2Result["redirect_uri"]
515
+ };
516
+ } catch (authError) {
517
+ if (authError instanceof ThunderIDAPIError) throw authError;
518
+ throw new ThunderIDAPIError(authError instanceof Error ? authError.message : "Unknown error", "executeEmbeddedSignInFlow-OAuth2Error-001", "javascript", 500, "Failed to complete OAuth2 authorization after successful embedded sign-in flow.", "OAuth2 authorization failed");
544
519
  }
520
+ return flowResponse;
545
521
  };
546
- var executeEmbeddedSignUpFlow_default = executeEmbeddedSignUpFlow;
522
+ var executeEmbeddedSignInFlow_default = executeEmbeddedSignInFlow;
547
523
 
548
524
  //#endregion
549
- //#region src/api/getUserInfo.ts
525
+ //#region src/models/embedded-signup-flow.ts
550
526
  /**
551
- * Retrieves the user information from the specified OIDC userinfo endpoint.
527
+ * Status enumeration for ThunderID embedded sign-up flow operations.
552
528
  *
553
- * @param requestConfig - Request configuration object.
554
- * @returns A promise that resolves with the user information.
555
- * @throw
556
- * const userInfo = await getUserInfo({
557
- * url: "https://localhost:8090/oauth2/userinfo",
558
- * });
559
- * console.log(userInfo);
560
- * } catch (error) {
561
- * if (error instanceof ThunderIDAPIError) {
562
- * console.error('Failed to get user info:', error.message);
563
- * }
529
+ * These statuses indicate the current state of the registration flow and determine
530
+ * the next action required by the client application. Each status provides specific
531
+ * guidance on how to proceed with the user registration process.
532
+ *
533
+ * @example
534
+ * ```typescript
535
+ * switch (response.flowStatus) {
536
+ * case EmbeddedSignUpFlowStatus.Incomplete:
537
+ * // More user input needed - render registration form components
538
+ * break;
539
+ * case EmbeddedSignUpFlowStatus.Complete:
540
+ * // Registration successful - handle completion
541
+ * break;
542
+ * case EmbeddedSignUpFlowStatus.Error:
543
+ * // Registration failed - show error details
544
+ * const errorResponse = response as EmbeddedSignUpFlowErrorResponse;
545
+ * showError(errorResponse.error.description.defaultValue);
546
+ * break;
564
547
  * }
565
548
  * ```
549
+ *
550
+ * @experimental Part of the new ThunderID API
566
551
  */
567
- const getUserInfo = async ({ url,...requestConfig }) => {
568
- try {
569
- new URL(url);
570
- } catch (error$1) {
571
- throw new ThunderIDAPIError("Invalid endpoint URL provided", "getUserInfo-ValidationError-001", "javascript", 400, "Invalid Request");
572
- }
573
- try {
574
- const response = await fetch(url, {
575
- ...requestConfig,
576
- headers: {
552
+ let EmbeddedSignUpFlowStatus = /* @__PURE__ */ function(EmbeddedSignUpFlowStatus$1) {
553
+ /**
554
+ * Sign-up flow completed successfully.
555
+ *
556
+ * The user has successfully registered and the flow can proceed to
557
+ * OAuth2 completion or redirection. Check for redirectUrl or assertion
558
+ * data in the response for next steps.
559
+ */
560
+ EmbeddedSignUpFlowStatus$1["Complete"] = "COMPLETE";
561
+ /**
562
+ * Sign-up flow encountered an error and cannot proceed.
563
+ *
564
+ * Registration failed due to validation errors, duplicate user,
565
+ * system errors, or other issues. The response will be of type
566
+ * `EmbeddedSignUpFlowErrorResponse` containing detailed failure
567
+ * information that can be displayed to the user.
568
+ *
569
+ * @see {@link EmbeddedSignUpFlowErrorResponse} for error response structure
570
+ */
571
+ EmbeddedSignUpFlowStatus$1["Error"] = "ERROR";
572
+ /**
573
+ * Sign-up flow requires additional user input.
574
+ *
575
+ * More registration steps are needed. The response will contain
576
+ * components in data.meta.components that should be rendered to
577
+ * collect additional user information (e.g., profile data, verification).
578
+ */
579
+ EmbeddedSignUpFlowStatus$1["Incomplete"] = "INCOMPLETE";
580
+ return EmbeddedSignUpFlowStatus$1;
581
+ }({});
582
+ /**
583
+ * Type enumeration for ThunderID embedded sign-up flow responses.
584
+ *
585
+ * Determines the nature of the registration flow response and how the client
586
+ * should handle the returned data. This affects both UI rendering and flow
587
+ * continuation logic during the user registration process.
588
+ *
589
+ * @experimental Part of the new ThunderID API
590
+ */
591
+ let EmbeddedSignUpFlowType = /* @__PURE__ */ function(EmbeddedSignUpFlowType$1) {
592
+ /**
593
+ * Response requires external redirection.
594
+ *
595
+ * Used for social registration providers, external identity providers,
596
+ * or other flows that require navigating to an external URL during
597
+ * the registration process. The response will contain redirection information.
598
+ */
599
+ EmbeddedSignUpFlowType$1["Redirection"] = "REDIRECTION";
600
+ /**
601
+ * Response contains view components for rendering.
602
+ *
603
+ * Standard embedded registration flow response containing UI components
604
+ * that should be rendered within the current application context.
605
+ * Most common type for embedded user registration.
606
+ */
607
+ EmbeddedSignUpFlowType$1["View"] = "VIEW";
608
+ return EmbeddedSignUpFlowType$1;
609
+ }({});
610
+
611
+ //#endregion
612
+ //#region src/api/executeEmbeddedSignUpFlow.ts
613
+ const executeEmbeddedSignUpFlow = async ({ url, baseUrl, payload, authId,...requestConfig }) => {
614
+ if (!payload) throw new ThunderIDAPIError("Registration payload is required", "executeEmbeddedSignUpFlow-ValidationError-002", "javascript", 400, "If a registration payload is not provided, the request cannot be constructed correctly.");
615
+ const endpoint = url ?? `${baseUrl}/flow/execute`;
616
+ const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
617
+ const isNewFlowStart = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload;
618
+ const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
619
+ const basePayload = isNewFlowStart ? injectRequestedPermissions_default(cleanPayload) : cleanPayload;
620
+ const requestPayload = isNewFlowStart || hasOnlyFlowId ? {
621
+ ...basePayload,
622
+ verbose: true
623
+ } : basePayload;
624
+ const response = await fetch(endpoint, {
625
+ ...requestConfig,
626
+ body: JSON.stringify(requestPayload),
627
+ headers: {
628
+ Accept: "application/json",
629
+ "Content-Type": "application/json",
630
+ ...requestConfig.headers
631
+ },
632
+ method: requestConfig.method || "POST"
633
+ });
634
+ if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedSignUpFlow-ResponseError-001", "javascript", response.status, response.statusText, "Registration request failed");
635
+ const flowResponse = await response.json();
636
+ if (flowResponse.flowStatus === EmbeddedSignUpFlowStatus.Complete && flowResponse.assertion && authId) try {
637
+ const oauth2Response = await fetch(`${baseUrl}/oauth2/auth/callback`, {
638
+ body: JSON.stringify({
639
+ assertion: flowResponse.assertion,
640
+ authId
641
+ }),
642
+ credentials: "include",
643
+ headers: {
577
644
  Accept: "application/json",
578
645
  "Content-Type": "application/json",
579
646
  ...requestConfig.headers
580
647
  },
581
- method: "GET"
648
+ method: "POST"
582
649
  });
583
- if (!response.ok) throw new ThunderIDAPIError(await response.text(), "getUserInfo-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch user info");
584
- return await response.json();
585
- } catch (error$1) {
586
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
587
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getUserInfo-NetworkError-001", "javascript", 0, "Network Error");
650
+ if (!oauth2Response.ok) throw new ThunderIDAPIError(await oauth2Response.text(), "executeEmbeddedSignUpFlow-OAuth2Error-002", "javascript", oauth2Response.status, oauth2Response.statusText, "OAuth2 authorization failed");
651
+ const oauth2Result = await oauth2Response.json();
652
+ return {
653
+ flowStatus: flowResponse.flowStatus,
654
+ redirectUrl: oauth2Result["redirect_uri"]
655
+ };
656
+ } catch (authError) {
657
+ if (authError instanceof ThunderIDAPIError) throw authError;
658
+ throw new ThunderIDAPIError(authError instanceof Error ? authError.message : "Unknown error", "executeEmbeddedSignUpFlow-OAuth2Error-001", "javascript", 500, "Failed to complete OAuth2 authorization after successful embedded sign-up flow.", "OAuth2 authorization failed");
588
659
  }
660
+ return flowResponse;
589
661
  };
590
- var getUserInfo_default = getUserInfo;
662
+ var executeEmbeddedSignUpFlow_default = executeEmbeddedSignUpFlow;
591
663
 
592
664
  //#endregion
593
- //#region src/utils/processUsername.ts
665
+ //#region src/api/executeEmbeddedRecoveryFlow.ts
594
666
  /**
595
- * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
667
+ * Executes an embedded recovery flow by sending a request to the flow execution endpoint.
668
+ *
669
+ * This function handles password-recovery and account-recovery flows driven by the
670
+ * ThunderID server. The server returns UI components for each step (e.g. username
671
+ * collection, OTP verification, password reset) and this function forwards the
672
+ * user's responses back to the server.
673
+ *
674
+ * @param requestConfig - Request configuration containing URL, payload, and optional headers.
675
+ * @returns A promise that resolves with the flow execution response.
676
+ * @throws ThunderIDAPIError when the request fails or a payload is missing.
677
+ *
678
+ * @example
679
+ * ```typescript
680
+ * // Initiate recovery flow
681
+ * const response = await executeEmbeddedRecoveryFlow({
682
+ * baseUrl: 'https://localhost:8090',
683
+ * payload: {
684
+ * flowType: 'RECOVERY',
685
+ * applicationId: 'my-app-id',
686
+ * },
687
+ * });
688
+ *
689
+ * // Continue recovery flow with user input
690
+ * const nextResponse = await executeEmbeddedRecoveryFlow({
691
+ * baseUrl: 'https://localhost:8090',
692
+ * payload: {
693
+ * executionId: response.executionId,
694
+ * action: 'submit',
695
+ * inputs: { username: 'user@example.com' },
696
+ * challengeToken: response.challengeToken,
697
+ * },
698
+ * });
699
+ * ```
700
+ */
701
+ const executeEmbeddedRecoveryFlow = async ({ url, baseUrl, payload,...requestConfig }) => {
702
+ if (!payload) throw new ThunderIDAPIError("Recovery payload is required", "executeEmbeddedRecoveryFlow-ValidationError-002", "javascript", 400, "If a recovery payload is not provided, the request cannot be constructed correctly.");
703
+ const endpoint = url ?? `${baseUrl}/flow/execute`;
704
+ const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
705
+ const hasOnlyAppIdAndFlowType = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload && Object.keys(cleanPayload).length === 2;
706
+ const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
707
+ const requestPayload = hasOnlyAppIdAndFlowType || hasOnlyFlowId ? {
708
+ ...cleanPayload,
709
+ verbose: true
710
+ } : cleanPayload;
711
+ const response = await fetch(endpoint, {
712
+ ...requestConfig,
713
+ body: JSON.stringify(requestPayload),
714
+ headers: {
715
+ Accept: "application/json",
716
+ "Content-Type": "application/json",
717
+ ...requestConfig.headers
718
+ },
719
+ method: requestConfig.method || "POST"
720
+ });
721
+ if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedRecoveryFlow-ResponseError-001", "javascript", response.status, response.statusText, "Recovery request failed");
722
+ return await response.json();
723
+ };
724
+ var executeEmbeddedRecoveryFlow_default = executeEmbeddedRecoveryFlow;
725
+
726
+ //#endregion
727
+ //#region src/models/embedded-flow.ts
728
+ /**
729
+ * Copyright (c) 2025-2026, WSO2 LLC. (https://www.wso2.com).
596
730
  *
597
731
  * WSO2 LLC. licenses this file to you under the Apache License,
598
732
  * Version 2.0 (the "License"); you may not use this file except
@@ -608,1510 +742,371 @@ var getUserInfo_default = getUserInfo;
608
742
  * specific language governing permissions and limitations
609
743
  * under the License.
610
744
  */
745
+ let EmbeddedFlowType = /* @__PURE__ */ function(EmbeddedFlowType$1) {
746
+ EmbeddedFlowType$1["Authentication"] = "AUTHENTICATION";
747
+ EmbeddedFlowType$1["Recovery"] = "RECOVERY";
748
+ EmbeddedFlowType$1["Registration"] = "REGISTRATION";
749
+ EmbeddedFlowType$1["UserOnboarding"] = "USER_ONBOARDING";
750
+ return EmbeddedFlowType$1;
751
+ }({});
752
+ let EmbeddedFlowResponseType = /* @__PURE__ */ function(EmbeddedFlowResponseType$1) {
753
+ EmbeddedFlowResponseType$1["Redirection"] = "REDIRECTION";
754
+ EmbeddedFlowResponseType$1["View"] = "VIEW";
755
+ return EmbeddedFlowResponseType$1;
756
+ }({});
611
757
  /**
612
- * Regular expression to match userstore prefixes in usernames.
613
- * Matches patterns like "DEFAULT/", "ASGARDEO_USER/", "PRIMARY/", etc.
614
- * The pattern matches any uppercase letters, numbers, and underscores followed by a forward slash.
615
- */
616
- const USERSTORE_PREFIX_REGEX = /^[A-Z_][A-Z0-9_]*\//;
617
- /**
618
- * Removes userstore prefixes from a username if they exist.
619
- * This is commonly used to clean usernames returned from SCIM2 endpoints
620
- * that include userstore prefixes like "DEFAULT/", "ASGARDEO_USER/", "PRIMARY/", etc.
758
+ * Component types supported by the ThunderID embedded flow API.
621
759
  *
622
- * @param username - The username string to process
623
- * @returns The username without the userstore prefix, or the original username if no prefix exists
760
+ * These types define the different UI components that can be rendered
761
+ * as part of the embedded authentication flows. Each type corresponds
762
+ * to a specific UI element with its own behavior and properties.
624
763
  *
625
764
  * @example
626
765
  * ```typescript
627
- * const cleanUsername = removeUserstorePrefix("DEFAULT/john.doe");
628
- * console.log(cleanUsername); // "john.doe"
629
- *
630
- * const thunderidUser = removeUserstorePrefix("ASGARDEO_USER/jane.doe");
631
- * console.log(thunderidUser); // "jane.doe"
632
- *
633
- * const primaryUser = removeUserstorePrefix("PRIMARY/admin");
634
- * console.log(primaryUser); // "admin"
635
- *
636
- * const alreadyClean = removeUserstorePrefix("user.name");
637
- * console.log(alreadyClean); // "user.name"
638
- *
639
- * const emptyInput = removeUserstorePrefix("");
640
- * console.log(emptyInput); // ""
766
+ * // Check component type to render appropriate UI
767
+ * if (component.type === EmbeddedFlowComponentType.TextInput) {
768
+ * // Render text input field
769
+ * } else if (component.type === EmbeddedFlowComponentType.Action) {
770
+ * // Render button/action
771
+ * }
641
772
  * ```
773
+ *
774
+ * @experimental This API may change in future versions
642
775
  */
643
- const removeUserstorePrefix = (username) => {
644
- if (!username) return "";
645
- return username.replace(USERSTORE_PREFIX_REGEX, "");
646
- };
776
+ let EmbeddedFlowComponentType = /* @__PURE__ */ function(EmbeddedFlowComponentType$1) {
777
+ /** Interactive action component (buttons, links) for user interactions */
778
+ EmbeddedFlowComponentType$1["Action"] = "ACTION";
779
+ /** Container block component that groups other components */
780
+ EmbeddedFlowComponentType$1["Block"] = "BLOCK";
781
+ /** Consent component for displaying consent purposes and attributes */
782
+ EmbeddedFlowComponentType$1["Consent"] = "CONSENT";
783
+ /** Copyable text display component that shows text with a copy-to-clipboard action */
784
+ EmbeddedFlowComponentType$1["CopyableText"] = "COPYABLE_TEXT";
785
+ /** Date input field for selecting a calendar date */
786
+ EmbeddedFlowComponentType$1["DateInput"] = "DATE_INPUT";
787
+ /** Divider component for visual separation of content */
788
+ EmbeddedFlowComponentType$1["Divider"] = "DIVIDER";
789
+ /** Email input field with validation for email addresses. */
790
+ EmbeddedFlowComponentType$1["EmailInput"] = "EMAIL_INPUT";
791
+ /** Icon display component for rendering named vector icons */
792
+ EmbeddedFlowComponentType$1["Icon"] = "ICON";
793
+ /** Image display component for logos and illustrations */
794
+ EmbeddedFlowComponentType$1["Image"] = "IMAGE";
795
+ /** One-time password input field for multi-factor authentication */
796
+ EmbeddedFlowComponentType$1["OtpInput"] = "OTP_INPUT";
797
+ /** Organization unit tree picker for selecting an OU */
798
+ EmbeddedFlowComponentType$1["OuSelect"] = "OU_SELECT";
799
+ /** Password input field with masking for sensitive data */
800
+ EmbeddedFlowComponentType$1["PasswordInput"] = "PASSWORD_INPUT";
801
+ /** Phone number input field with country code support */
802
+ EmbeddedFlowComponentType$1["PhoneInput"] = "PHONE_INPUT";
803
+ /** Rich text display component that renders formatted HTML content */
804
+ EmbeddedFlowComponentType$1["RichText"] = "RICH_TEXT";
805
+ /** Select/dropdown input component for single choice selection */
806
+ EmbeddedFlowComponentType$1["Select"] = "SELECT";
807
+ /** Stack layout component for arranging children in a row or column */
808
+ EmbeddedFlowComponentType$1["Stack"] = "STACK";
809
+ /** Text display component for labels, headings, and messages */
810
+ EmbeddedFlowComponentType$1["Text"] = "TEXT";
811
+ /** Standard text input field for user data entry */
812
+ EmbeddedFlowComponentType$1["TextInput"] = "TEXT_INPUT";
813
+ /** Timer component for displaying a countdown */
814
+ EmbeddedFlowComponentType$1["Timer"] = "TIMER";
815
+ /** QR code display component for wallet-based flows (e.g. OpenID4VP) */
816
+ EmbeddedFlowComponentType$1["QrCode"] = "QR_CODE";
817
+ return EmbeddedFlowComponentType$1;
818
+ }({});
647
819
  /**
648
- * Processes a user object to remove userstore prefixes from username fields.
649
- * This is a helper function for processing user objects returned from SCIM2 endpoints.
650
- * Handles various username field variations: username, userName, and user_name.
651
- *
652
- * @param user - The user object to process
653
- * @returns The user object with processed username fields
820
+ * Action variant types for buttons and interactive elements.
654
821
  *
655
- * @example
656
- * ```typescript
657
- * const user = { username: "DEFAULT/john.doe", email: "john@example.com" };
658
- * const processedUser = processUserUsername(user);
659
- * console.log(processedUser.username); // "john.doe"
822
+ * @experimental This API may change in future versions
823
+ */
824
+ let EmbeddedFlowActionVariant = /* @__PURE__ */ function(EmbeddedFlowActionVariant$1) {
825
+ /** Danger action button for destructive operations */
826
+ EmbeddedFlowActionVariant$1["Danger"] = "DANGER";
827
+ /** Info action button for informational purposes */
828
+ EmbeddedFlowActionVariant$1["Info"] = "INFO";
829
+ /** Link-styled action button */
830
+ EmbeddedFlowActionVariant$1["Link"] = "LINK";
831
+ /** Outlined action button for secondary emphasis */
832
+ EmbeddedFlowActionVariant$1["Outlined"] = "OUTLINED";
833
+ /** Primary action button with highest visual emphasis */
834
+ EmbeddedFlowActionVariant$1["Primary"] = "PRIMARY";
835
+ /** Secondary action button with moderate visual emphasis */
836
+ EmbeddedFlowActionVariant$1["Secondary"] = "SECONDARY";
837
+ /** Success action button for positive confirmations */
838
+ EmbeddedFlowActionVariant$1["Success"] = "SUCCESS";
839
+ /** Tertiary action button with minimal visual emphasis */
840
+ EmbeddedFlowActionVariant$1["Tertiary"] = "TERTIARY";
841
+ /** Warning action button for cautionary actions */
842
+ EmbeddedFlowActionVariant$1["Warning"] = "WARNING";
843
+ return EmbeddedFlowActionVariant$1;
844
+ }({});
845
+ /**
846
+ * Text variant types for typography components.
660
847
  *
661
- * const camelCaseUser = { userName: "ASGARDEO_USER/jane.doe", email: "jane@example.com" };
662
- * const processedCamelCaseUser = processUserUsername(camelCaseUser);
663
- * console.log(processedCamelCaseUser.userName); // "jane.doe"
848
+ * @experimental This API may change in future versions
849
+ */
850
+ let EmbeddedFlowTextVariant = /* @__PURE__ */ function(EmbeddedFlowTextVariant$1) {
851
+ /** Primary body text for main content */
852
+ EmbeddedFlowTextVariant$1["Body1"] = "BODY_1";
853
+ /** Secondary body text for supplementary content */
854
+ EmbeddedFlowTextVariant$1["Body2"] = "BODY_2";
855
+ /** Text styled for button labels */
856
+ EmbeddedFlowTextVariant$1["ButtonText"] = "BUTTON_TEXT";
857
+ /** Small caption text for annotations and descriptions */
858
+ EmbeddedFlowTextVariant$1["Caption"] = "CAPTION";
859
+ /** Largest heading level for main titles */
860
+ EmbeddedFlowTextVariant$1["Heading1"] = "HEADING_1";
861
+ /** Second level heading for major sections */
862
+ EmbeddedFlowTextVariant$1["Heading2"] = "HEADING_2";
863
+ /** Third level heading for subsections */
864
+ EmbeddedFlowTextVariant$1["Heading3"] = "HEADING_3";
865
+ /** Fourth level heading for minor sections */
866
+ EmbeddedFlowTextVariant$1["Heading4"] = "HEADING_4";
867
+ /** Fifth level heading for detailed sections */
868
+ EmbeddedFlowTextVariant$1["Heading5"] = "HEADING_5";
869
+ /** Smallest heading level for fine-grained sections */
870
+ EmbeddedFlowTextVariant$1["Heading6"] = "HEADING_6";
871
+ /** Overline text for labels and categories */
872
+ EmbeddedFlowTextVariant$1["Overline"] = "OVERLINE";
873
+ /** Primary subtitle text with larger emphasis */
874
+ EmbeddedFlowTextVariant$1["Subtitle1"] = "SUBTITLE_1";
875
+ /** Secondary subtitle text with moderate emphasis */
876
+ EmbeddedFlowTextVariant$1["Subtitle2"] = "SUBTITLE_2";
877
+ return EmbeddedFlowTextVariant$1;
878
+ }({});
879
+ /**
880
+ * Event types for action components.
664
881
  *
665
- * const snakeCaseUser = { user_name: "PRIMARY/admin", email: "admin@example.com" };
666
- * const processedSnakeCaseUser = processUserUsername(snakeCaseUser);
667
- * console.log(processedSnakeCaseUser.user_name); // "admin"
668
- * ```
882
+ * @experimental This API may change in future versions
669
883
  */
670
- const processUsername = (user) => {
671
- if (!user) return user;
672
- const processedUser = { ...user };
673
- if (processedUser.username) processedUser.username = removeUserstorePrefix(processedUser.username);
674
- if (processedUser.userName) processedUser.userName = removeUserstorePrefix(processedUser.userName);
675
- if (processedUser.user_name) processedUser.user_name = removeUserstorePrefix(processedUser.user_name);
676
- return processedUser;
677
- };
678
- var processUsername_default = processUsername;
884
+ let EmbeddedFlowEventType = /* @__PURE__ */ function(EmbeddedFlowEventType$1) {
885
+ /** Navigate back to the previous step */
886
+ EmbeddedFlowEventType$1["Back"] = "BACK";
887
+ /** Cancel the current operation */
888
+ EmbeddedFlowEventType$1["Cancel"] = "CANCEL";
889
+ /** Navigate to a different flow step or page */
890
+ EmbeddedFlowEventType$1["Navigate"] = "NAVIGATE";
891
+ /** Reset form fields to initial state */
892
+ EmbeddedFlowEventType$1["Reset"] = "RESET";
893
+ /** Submit form data to the server */
894
+ EmbeddedFlowEventType$1["Submit"] = "SUBMIT";
895
+ /** Trigger an action or event */
896
+ EmbeddedFlowEventType$1["Trigger"] = "TRIGGER";
897
+ return EmbeddedFlowEventType$1;
898
+ }({});
679
899
 
680
900
  //#endregion
681
- //#region src/api/getScim2Me.ts
901
+ //#region src/api/executeEmbeddedUserOnboardingFlow.ts
682
902
  /**
683
- * Retrieves the user profile information from the specified SCIM2 /Me endpoint.
903
+ * Executes an embedded user onboarding flow by sending a request to the flow execution endpoint.
904
+ *
905
+ * This function handles both:
906
+ * - Admin flow: Initiates onboarding, collects user details, generates invite link
907
+ * - End-user flow: Validates invite token and allows password setting
908
+ *
909
+ * @param requestConfig - Request configuration object containing URL, payload, and optional auth token.
910
+ * @returns A promise that resolves with the flow execution response.
911
+ * @throws ThunderIDAPIError when the request fails or URL is invalid.
684
912
  *
685
- * @param config - Request configuration object.
686
- * @returns A promise that resolves with the user profile information.
687
913
  * @example
688
914
  * ```typescript
689
- * // Using default fetch
690
- * try {
691
- * const userProfile = await getScim2Me({
692
- * url: "https://localhost:8090/scim2/Me",
693
- * });
694
- * console.log(userProfile);
695
- * } catch (error) {
696
- * if (error instanceof ThunderIDAPIError) {
697
- * console.error('Failed to get user profile:', error.message);
915
+ * // Admin initiating user onboarding (requires auth token)
916
+ * const response = await executeEmbeddedUserOnboardingFlow({
917
+ * baseUrl: "https://api.thunder.io",
918
+ * payload: {
919
+ * flowType: "USER_ONBOARDING"
920
+ * },
921
+ * headers: {
922
+ * Authorization: `Bearer ${accessToken}`
698
923
  * }
699
- * }
924
+ * });
925
+ *
926
+ * // End-user accepting invite (no auth required)
927
+ * const response = await executeEmbeddedUserOnboardingFlow({
928
+ * baseUrl: "https://api.thunder.io",
929
+ * payload: {
930
+ * executionId: "flow-id-from-url",
931
+ * inputs: { inviteToken: "token-from-url" }
932
+ * }
933
+ * });
700
934
  * ```
935
+ */
936
+ const executeEmbeddedUserOnboardingFlow = async ({ url, baseUrl, payload,...requestConfig }) => {
937
+ if (!payload) throw new ThunderIDAPIError("User onboarding payload is required", "executeEmbeddedUserOnboardingFlow-ValidationError-002", "javascript", 400, "If a user onboarding payload is not provided, the request cannot be constructed correctly.");
938
+ const endpoint = url ?? `${baseUrl}/flow/execute`;
939
+ const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
940
+ const hasOnlyFlowType = typeof cleanPayload === "object" && cleanPayload !== null && "flowType" in cleanPayload && Object.keys(cleanPayload).length === 1;
941
+ const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
942
+ const hasFlowIdWithInputs = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && "inputs" in cleanPayload;
943
+ const requestPayload = hasOnlyFlowType || hasOnlyFlowId || hasFlowIdWithInputs ? {
944
+ ...cleanPayload,
945
+ verbose: true
946
+ } : cleanPayload;
947
+ if ("flowType" in requestPayload && requestPayload["flowType"] !== EmbeddedFlowType.UserOnboarding) requestPayload["flowType"] = EmbeddedFlowType.UserOnboarding;
948
+ const response = await fetch(endpoint, {
949
+ ...requestConfig,
950
+ body: JSON.stringify(requestPayload),
951
+ headers: {
952
+ Accept: "application/json",
953
+ "Content-Type": "application/json",
954
+ ...requestConfig.headers
955
+ },
956
+ method: requestConfig.method || "POST"
957
+ });
958
+ if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedUserOnboardingFlow-ResponseError-001", "javascript", response.status, response.statusText, "User onboarding request failed");
959
+ return await response.json();
960
+ };
961
+ var executeEmbeddedUserOnboardingFlow_default = executeEmbeddedUserOnboardingFlow;
962
+
963
+ //#endregion
964
+ //#region src/api/getFlowMeta.ts
965
+ /**
966
+ * Fetches aggregated flow metadata from the `GET /flow/meta` endpoint.
967
+ *
968
+ * The response includes:
969
+ * - Application or OU details depending on the `type` parameter
970
+ * - Resolved design configuration (theme and layout)
971
+ * - i18n translations filtered by `language` and `namespace`
972
+ * - Registration flow enablement status
973
+ *
974
+ * @param config - Request configuration including `baseUrl`/`url`, and optional
975
+ * `type`, `id`, `language`, and `namespace` filters. When `type`
976
+ * and `id` are omitted the server returns i18n-only metadata.
977
+ * @returns A promise that resolves to the {@link FlowMetadataResponse}.
978
+ *
979
+ * @throws {ThunderIDAPIError} When the server returns a non-OK response.
701
980
  *
702
981
  * @example
703
982
  * ```typescript
704
- * // Using custom fetcher (e.g., axios-based httpClient)
705
- * try {
706
- * const userProfile = await getScim2Me({
707
- * url: "https://localhost:8090/scim2/Me",
708
- * fetcher: async (url, config) => {
709
- * const response = await httpClient({
710
- * url,
711
- * method: config.method,
712
- * headers: config.headers,
713
- * ...config
714
- * });
715
- * // Convert axios-like response to fetch-like Response
716
- * return {
717
- * ok: response.status >= 200 && response.status < 300,
718
- * status: response.status,
719
- * statusText: response.statusText,
720
- * json: () => Promise.resolve(response.data),
721
- * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
722
- * } as Response;
723
- * }
724
- * });
725
- * console.log(userProfile);
726
- * } catch (error) {
727
- * if (error instanceof ThunderIDAPIError) {
728
- * console.error('Failed to get user profile:', error.message);
729
- * }
730
- * }
983
+ * import getFlowMeta from './api/getFlowMeta';
984
+ * import { FlowMetaType } from './models/flow-meta';
985
+ *
986
+ * const meta = await getFlowMeta({
987
+ * baseUrl: 'https://localhost:8090',
988
+ * type: FlowMetaType.App,
989
+ * id: '60a9b38b-6eba-9f9e-55f9-267067de4680',
990
+ * language: 'en',
991
+ * namespace: 'auth',
992
+ * });
993
+ *
994
+ * console.log(meta.application?.name);
995
+ * console.log(meta.i18n.translations);
731
996
  * ```
997
+ *
998
+ * @experimental This function targets the ThunderID V2 platform API
732
999
  */
733
- const getScim2Me = async ({ url, baseUrl, fetcher,...requestConfig }) => {
1000
+ const getFlowMeta = async ({ url, baseUrl, type, id, language, namespace,...requestConfig }) => {
1001
+ const queryParams = new URLSearchParams({
1002
+ ...id ? { id } : {},
1003
+ ...type ? { type } : {},
1004
+ ...language ? { language } : {},
1005
+ ...namespace ? { namespace } : {}
1006
+ });
1007
+ const endpoint = `${url ?? `${baseUrl}/flow/meta`}?${queryParams.toString()}`;
1008
+ const response = await fetch(endpoint, {
1009
+ ...requestConfig,
1010
+ headers: {
1011
+ Accept: "application/json",
1012
+ ...requestConfig.headers
1013
+ },
1014
+ method: "GET"
1015
+ });
1016
+ if (!response.ok) throw new ThunderIDAPIError(await response.text(), "getFlowMeta-ResponseError-001", "javascript", response.status, response.statusText, "Flow metadata request failed");
1017
+ return await response.json();
1018
+ };
1019
+ var getFlowMeta_default = getFlowMeta;
1020
+
1021
+ //#endregion
1022
+ //#region src/api/getOrganizationUnitChildren.ts
1023
+ /**
1024
+ * Retrieves the child organization units of a given organization unit.
1025
+ *
1026
+ * @param config - Request configuration object.
1027
+ * @returns A promise that resolves with the list of child organization units.
1028
+ */
1029
+ const getOrganizationUnitChildren = async ({ url, baseUrl, organizationUnitId, limit, offset, fetcher,...requestConfig }) => {
734
1030
  try {
735
1031
  new URL(url ?? baseUrl);
736
1032
  } catch (error$1) {
737
- throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "getScim2Me-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
1033
+ throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "getOrganizationUnitChildren-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
738
1034
  }
739
1035
  const fetchFn = fetcher || fetch;
740
- const resolvedUrl = url ?? `${baseUrl}/scim2/Me`;
1036
+ const queryParams = new URLSearchParams();
1037
+ if (limit !== void 0) queryParams.set("limit", String(limit));
1038
+ if (offset !== void 0) queryParams.set("offset", String(offset));
1039
+ const query = queryParams.toString();
1040
+ const resolvedBase = url ?? `${baseUrl}/api/server/v1/organization-units/${organizationUnitId}/children`;
1041
+ const resolvedUrl = query ? `${resolvedBase}?${query}` : resolvedBase;
741
1042
  const requestInit = {
742
1043
  ...requestConfig,
743
1044
  headers: {
744
1045
  Accept: "application/json",
745
- "Content-Type": "application/scim+json",
1046
+ "Content-Type": "application/json",
746
1047
  ...requestConfig.headers
747
1048
  },
748
1049
  method: "GET"
749
1050
  };
750
1051
  try {
751
1052
  const response = await fetchFn(resolvedUrl, requestInit);
752
- if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getScim2Me-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch user profile");
753
- return processUsername_default(await response.json());
1053
+ if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getOrganizationUnitChildren-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch organization unit children");
1054
+ return await response.json();
754
1055
  } catch (error$1) {
755
1056
  if (error$1 instanceof ThunderIDAPIError) throw error$1;
756
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getScim2Me-NetworkError-001", "javascript", 0, "Network Error");
1057
+ throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getOrganizationUnitChildren-NetworkError-001", "javascript", 0, "Network Error");
757
1058
  }
758
1059
  };
759
- var getScim2Me_default = getScim2Me;
1060
+ var getOrganizationUnitChildren_default = getOrganizationUnitChildren;
760
1061
 
761
1062
  //#endregion
762
- //#region src/api/getSchemas.ts
1063
+ //#region src/api/getUserInfo.ts
763
1064
  /**
764
- * Retrieves the SCIM2 schemas from the specified endpoint.
1065
+ * Retrieves the user information from the specified OIDC userinfo endpoint.
765
1066
  *
766
- * @param config - Request configuration object.
767
- * @returns A promise that resolves with the SCIM2 schemas information.
768
- * @example
769
- * ```typescript
770
- * // Using default fetch
771
- * try {
772
- * const schemas = await getSchemas({
773
- * url: "https://localhost:8090/scim2/Schemas",
774
- * });
775
- * console.log(schemas);
776
- * } catch (error) {
777
- * if (error instanceof ThunderIDAPIError) {
778
- * console.error('Failed to get schemas:', error.message);
779
- * }
780
- * }
781
- * ```
782
- *
783
- * @example
784
- * ```typescript
785
- * // Using custom fetcher (e.g., axios-based httpClient)
786
- * try {
787
- * const schemas = await getSchemas({
788
- * url: "https://localhost:8090/scim2/Schemas",
789
- * fetcher: async (url, config) => {
790
- * const response = await httpClient({
791
- * url,
792
- * method: config.method,
793
- * headers: config.headers,
794
- * ...config
795
- * });
796
- * // Convert axios-like response to fetch-like Response
797
- * return {
798
- * ok: response.status >= 200 && response.status < 300,
799
- * status: response.status,
800
- * statusText: response.statusText,
801
- * json: () => Promise.resolve(response.data),
802
- * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
803
- * } as Response;
804
- * }
805
- * });
806
- * console.log(schemas);
807
- * } catch (error) {
808
- * if (error instanceof ThunderIDAPIError) {
809
- * console.error('Failed to get schemas:', error.message);
810
- * }
811
- * }
812
- * ```
813
- */
814
- const getSchemas = async ({ url, baseUrl, fetcher,...requestConfig }) => {
815
- try {
816
- new URL(url ?? baseUrl);
817
- } catch (error$1) {
818
- throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "getSchemas-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
819
- }
820
- const fetchFn = fetcher || fetch;
821
- const resolvedUrl = url ?? `${baseUrl}/scim2/Schemas`;
822
- const requestInit = {
823
- ...requestConfig,
824
- headers: {
825
- Accept: "application/json",
826
- "Content-Type": "application/json",
827
- ...requestConfig.headers
828
- },
829
- method: "GET"
830
- };
831
- try {
832
- const response = await fetchFn(resolvedUrl, requestInit);
833
- if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getSchemas-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch SCIM2 schemas");
834
- return await response.json();
835
- } catch (error$1) {
836
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
837
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getSchemas-NetworkError-001", "javascript", 0, "Network Error");
838
- }
839
- };
840
- var getSchemas_default = getSchemas;
841
-
842
- //#endregion
843
- //#region src/api/getAllOrganizations.ts
844
- /**
845
- * Retrieves all organizations with pagination support.
846
- *
847
- * @param config - Configuration object containing baseUrl, optional query parameters, and request config.
848
- * @returns A promise that resolves with the paginated organizations information.
849
- * @example
850
- * ```typescript
851
- * // Using default fetch
852
- * try {
853
- * const response = await getAllOrganizations({
854
- * baseUrl: "https://localhost:8090",
855
- * filter: "",
856
- * limit: 10,
857
- * recursive: false
858
- * });
859
- * console.log(response.organizations);
860
- * } catch (error) {
861
- * if (error instanceof ThunderIDAPIError) {
862
- * console.error('Failed to get organizations:', error.message);
863
- * }
864
- * }
865
- * ```
866
- *
867
- * @example
868
- * ```typescript
869
- * // Using custom fetcher (e.g., axios-based httpClient)
870
- * try {
871
- * const response = await getAllOrganizations({
872
- * baseUrl: "https://localhost:8090",
873
- * filter: "",
874
- * limit: 10,
875
- * recursive: false,
876
- * fetcher: async (url, config) => {
877
- * const response = await httpClient({
878
- * url,
879
- * method: config.method,
880
- * headers: config.headers,
881
- * ...config
882
- * });
883
- * // Convert axios-like response to fetch-like Response
884
- * return {
885
- * ok: response.status >= 200 && response.status < 300,
886
- * status: response.status,
887
- * statusText: response.statusText,
888
- * json: () => Promise.resolve(response.data),
889
- * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
890
- * } as Response;
891
- * }
892
- * });
893
- * console.log(response.organizations);
894
- * } catch (error) {
895
- * if (error instanceof ThunderIDAPIError) {
896
- * console.error('Failed to get organizations:', error.message);
897
- * }
898
- * }
899
- * ```
900
- */
901
- const getAllOrganizations = async ({ baseUrl, filter = "", limit = 10, recursive = false, fetcher,...requestConfig }) => {
902
- try {
903
- new URL(baseUrl);
904
- } catch (error$1) {
905
- throw new ThunderIDAPIError(`Invalid base URL provided. ${error$1?.toString()}`, "getAllOrganizations-ValidationError-001", "javascript", 400, "The provided `baseUrl` does not adhere to the URL schema.");
906
- }
907
- const queryParams = new URLSearchParams(Object.fromEntries(Object.entries({
908
- filter,
909
- limit: limit.toString(),
910
- recursive: recursive.toString()
911
- }).filter(([, value]) => Boolean(value))));
912
- const fetchFn = fetcher || fetch;
913
- const resolvedUrl = `${baseUrl}/api/server/v1/organizations?${queryParams.toString()}`;
914
- const requestInit = {
915
- ...requestConfig,
916
- headers: {
917
- ...requestConfig.headers,
918
- Accept: "application/json",
919
- "Content-Type": "application/json"
920
- },
921
- method: "GET"
922
- };
923
- try {
924
- const response = await fetchFn(resolvedUrl, requestInit);
925
- if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getAllOrganizations-ResponseError-001", "javascript", response.status, response.statusText, "Failed to get organizations");
926
- const data = await response.json();
927
- return {
928
- hasMore: data.hasMore,
929
- nextCursor: data.nextCursor,
930
- organizations: data.organizations || [],
931
- totalCount: data.totalCount
932
- };
933
- } catch (error$1) {
934
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
935
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getAllOrganizations-NetworkError-001", "javascript", 0, "Network Error");
936
- }
937
- };
938
- var getAllOrganizations_default = getAllOrganizations;
939
-
940
- //#endregion
941
- //#region src/api/createOrganization.ts
942
- /**
943
- * Creates a new organization.
944
- *
945
- * @param config - Configuration object containing baseUrl, payload and optional request config.
946
- * @returns A promise that resolves with the created organization information.
947
- * @example
948
- * ```typescript
949
- * // Using default fetch
950
- * try {
951
- * const organization = await createOrganization({
952
- * baseUrl: "https://localhost:8090",
953
- * payload: {
954
- * description: "Share your screens",
955
- * name: "Team Viewer",
956
- * orgHandle: "team-viewer",
957
- * parentId: "f4825104-4948-40d9-ab65-a960eee3e3d5",
958
- * type: "TENANT"
959
- * }
960
- * });
961
- * console.log(organization);
962
- * } catch (error) {
963
- * if (error instanceof ThunderIDAPIError) {
964
- * console.error('Failed to create organization:', error.message);
965
- * }
966
- * }
967
- * ```
968
- *
969
- * @example
970
- * ```typescript
971
- * // Using custom fetcher (e.g., axios-based httpClient)
972
- * try {
973
- * const organization = await createOrganization({
974
- * baseUrl: "https://localhost:8090",
975
- * payload: {
976
- * description: "Share your screens",
977
- * name: "Team Viewer",
978
- * orgHandle: "team-viewer",
979
- * parentId: "f4825104-4948-40d9-ab65-a960eee3e3d5",
980
- * type: "TENANT"
981
- * },
982
- * fetcher: async (url, config) => {
983
- * const response = await httpClient({
984
- * url,
985
- * method: config.method,
986
- * headers: config.headers,
987
- * data: config.body,
988
- * ...config
989
- * });
990
- * // Convert axios-like response to fetch-like Response
991
- * return {
992
- * ok: response.status >= 200 && response.status < 300,
993
- * status: response.status,
994
- * statusText: response.statusText,
995
- * json: () => Promise.resolve(response.data),
996
- * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
997
- * } as Response;
998
- * }
999
- * });
1000
- * console.log(organization);
1001
- * } catch (error) {
1002
- * if (error instanceof ThunderIDAPIError) {
1003
- * console.error('Failed to create organization:', error.message);
1004
- * }
1005
- * }
1006
- * ```
1007
- */
1008
- const createOrganization = async ({ baseUrl, payload, fetcher,...requestConfig }) => {
1009
- try {
1010
- new URL(baseUrl);
1011
- } catch (error$1) {
1012
- throw new ThunderIDAPIError(`Invalid base URL provided. ${error$1?.toString()}`, "createOrganization-ValidationError-001", "javascript", 400, "The provided `baseUrl` does not adhere to the URL schema.");
1013
- }
1014
- if (!payload) throw new ThunderIDAPIError("Organization payload is required", "createOrganization-ValidationError-002", "javascript", 400, "Invalid Request");
1015
- const organizationPayload = {
1016
- ...payload,
1017
- type: "TENANT"
1018
- };
1019
- const fetchFn = fetcher || fetch;
1020
- const resolvedUrl = `${baseUrl}/api/server/v1/organizations`;
1021
- const requestInit = {
1022
- ...requestConfig,
1023
- body: JSON.stringify(organizationPayload),
1024
- headers: {
1025
- Accept: "application/json",
1026
- "Content-Type": "application/json",
1027
- ...requestConfig.headers
1028
- },
1029
- method: "POST"
1030
- };
1031
- try {
1032
- const response = await fetchFn(resolvedUrl, requestInit);
1033
- if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "createOrganization-ResponseError-001", "javascript", response.status, response.statusText, "Failed to create organization");
1034
- return await response.json();
1035
- } catch (error$1) {
1036
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
1037
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "createOrganization-NetworkError-001", "javascript", 0, "Network Error");
1038
- }
1039
- };
1040
- var createOrganization_default = createOrganization;
1041
-
1042
- //#endregion
1043
- //#region src/api/getMeOrganizations.ts
1044
- /**
1045
- * Retrieves the organizations associated with the current user.
1046
- *
1047
- * @param config - Configuration object containing baseUrl, optional query parameters, and request config.
1048
- * @returns A promise that resolves with the organizations information.
1049
- * @example
1050
- * ```typescript
1051
- * // Using default fetch
1052
- * try {
1053
- * const organizations = await getMeOrganizations({
1054
- * baseUrl: "https://localhost:8090",
1055
- * after: "",
1056
- * before: "",
1057
- * filter: "",
1058
- * limit: 10,
1059
- * recursive: false
1060
- * });
1061
- * console.log(organizations);
1062
- * } catch (error) {
1063
- * if (error instanceof ThunderIDAPIError) {
1064
- * console.error('Failed to get organizations:', error.message);
1065
- * }
1066
- * }
1067
- * ```
1068
- *
1069
- * @example
1070
- * ```typescript
1071
- * // Using custom fetcher (e.g., axios-based httpClient)
1072
- * try {
1073
- * const organizations = await getMeOrganizations({
1074
- * baseUrl: "https://localhost:8090",
1075
- * after: "",
1076
- * before: "",
1077
- * filter: "",
1078
- * limit: 10,
1079
- * recursive: false,
1080
- * fetcher: async (url, config) => {
1081
- * const response = await httpClient({
1082
- * url,
1083
- * method: config.method,
1084
- * headers: config.headers,
1085
- * ...config
1086
- * });
1087
- * // Convert axios-like response to fetch-like Response
1088
- * return {
1089
- * ok: response.status >= 200 && response.status < 300,
1090
- * status: response.status,
1091
- * statusText: response.statusText,
1092
- * json: () => Promise.resolve(response.data),
1093
- * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
1094
- * } as Response;
1095
- * }
1096
- * });
1097
- * console.log(organizations);
1098
- * } catch (error) {
1099
- * if (error instanceof ThunderIDAPIError) {
1100
- * console.error('Failed to get organizations:', error.message);
1101
- * }
1102
- * }
1103
- * ```
1104
- */
1105
- const getMeOrganizations = async ({ baseUrl, after = "", authorizedAppName = "", before = "", filter = "", limit = 10, recursive = false, fetcher,...requestConfig }) => {
1106
- try {
1107
- new URL(baseUrl);
1108
- } catch (error$1) {
1109
- throw new ThunderIDAPIError(`Invalid base URL provided. ${error$1?.toString()}`, "getMeOrganizations-ValidationError-001", "javascript", 400, "The provided `baseUrl` does not adhere to the URL schema.");
1110
- }
1111
- const queryParams = new URLSearchParams(Object.fromEntries(Object.entries({
1112
- after,
1113
- authorizedAppName,
1114
- before,
1115
- filter,
1116
- limit: limit.toString(),
1117
- recursive: recursive.toString()
1118
- }).filter(([, value]) => Boolean(value))));
1119
- const fetchFn = fetcher || fetch;
1120
- const resolvedUrl = `${baseUrl}/api/users/v1/me/organizations?${queryParams.toString()}`;
1121
- const requestInit = {
1122
- ...requestConfig,
1123
- headers: {
1124
- Accept: "application/json",
1125
- "Content-Type": "application/json",
1126
- ...requestConfig.headers
1127
- },
1128
- method: "GET"
1129
- };
1130
- try {
1131
- const response = await fetchFn(resolvedUrl, requestInit);
1132
- if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getMeOrganizations-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch associated organizations of the user");
1133
- return (await response.json())["organizations"] || [];
1134
- } catch (error$1) {
1135
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
1136
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getMeOrganizations-NetworkError-001", "javascript", 0, "Network Error");
1137
- }
1138
- };
1139
- var getMeOrganizations_default = getMeOrganizations;
1140
-
1141
- //#endregion
1142
- //#region src/api/getOrganization.ts
1143
- /**
1144
- * Retrieves detailed information for a specific organization.
1145
- *
1146
- * @param config - Configuration object containing baseUrl, organizationId, and request config.
1147
- * @returns A promise that resolves with the organization details.
1148
- * @example
1149
- * ```typescript
1150
- * // Using default fetch
1151
- * try {
1152
- * const organization = await getOrganization({
1153
- * baseUrl: "https://localhost:8090",
1154
- * organizationId: "0d5e071b-d3d3-475d-b3c6-1a20ee2fa9b1"
1155
- * });
1156
- * console.log(organization);
1157
- * } catch (error) {
1158
- * if (error instanceof ThunderIDAPIError) {
1159
- * console.error('Failed to get organization:', error.message);
1160
- * }
1161
- * }
1162
- * ```
1163
- *
1164
- * @example
1165
- * ```typescript
1166
- * // Using custom fetcher (e.g., axios-based httpClient)
1167
- * try {
1168
- * const organization = await getOrganization({
1169
- * baseUrl: "https://localhost:8090",
1170
- * organizationId: "0d5e071b-d3d3-475d-b3c6-1a20ee2fa9b1",
1171
- * fetcher: async (url, config) => {
1172
- * const response = await httpClient({
1173
- * url,
1174
- * method: config.method,
1175
- * headers: config.headers,
1176
- * ...config
1177
- * });
1178
- * // Convert axios-like response to fetch-like Response
1179
- * return {
1180
- * ok: response.status >= 200 && response.status < 300,
1181
- * status: response.status,
1182
- * statusText: response.statusText,
1183
- * json: () => Promise.resolve(response.data),
1184
- * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
1185
- * } as Response;
1186
- * }
1187
- * });
1188
- * console.log(organization);
1189
- * } catch (error) {
1190
- * if (error instanceof ThunderIDAPIError) {
1191
- * console.error('Failed to get organization:', error.message);
1192
- * }
1193
- * }
1194
- * ```
1195
- */
1196
- const getOrganization = async ({ baseUrl, organizationId, fetcher,...requestConfig }) => {
1197
- try {
1198
- new URL(baseUrl);
1199
- } catch (error$1) {
1200
- throw new ThunderIDAPIError(`Invalid base URL provided. ${error$1?.toString()}`, "getOrganization-ValidationError-001", "javascript", 400, "The provided `baseUrl` does not adhere to the URL schema.");
1201
- }
1202
- if (!organizationId) throw new ThunderIDAPIError("Organization ID is required", "getOrganization-ValidationError-002", "javascript", 400, "Invalid Request");
1203
- const fetchFn = fetcher || fetch;
1204
- const resolvedUrl = `${baseUrl}/api/server/v1/organizations/${organizationId}`;
1205
- const requestInit = {
1206
- ...requestConfig,
1207
- headers: {
1208
- Accept: "application/json",
1209
- "Content-Type": "application/json",
1210
- ...requestConfig.headers
1211
- },
1212
- method: "GET"
1213
- };
1214
- try {
1215
- const response = await fetchFn(resolvedUrl, requestInit);
1216
- if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getOrganization-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch organization details");
1217
- return await response.json();
1218
- } catch (error$1) {
1219
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
1220
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getOrganization-NetworkError-001", "javascript", 0, "Network Error");
1221
- }
1222
- };
1223
- var getOrganization_default = getOrganization;
1224
-
1225
- //#endregion
1226
- //#region src/utils/isEmpty.ts
1227
- /**
1228
- * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
1229
- *
1230
- * WSO2 LLC. licenses this file to you under the Apache License,
1231
- * Version 2.0 (the "License"); you may not use this file except
1232
- * in compliance with the License.
1233
- * You may obtain a copy of the License at
1234
- *
1235
- * http://www.apache.org/licenses/LICENSE-2.0
1236
- *
1237
- * Unless required by applicable law or agreed to in writing,
1238
- * software distributed under the License is distributed on an
1239
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
1240
- * KIND, either express or implied. See the License for the
1241
- * specific language governing permissions and limitations
1242
- * under the License.
1243
- */
1244
- /**
1245
- * Checks if a value is considered empty.
1246
- *
1247
- * A value is considered empty if it is:
1248
- * - null
1249
- * - undefined
1250
- * - empty string ("")
1251
- * - string containing only whitespace characters
1252
- * - empty array ([])
1253
- * - empty object ({})
1254
- *
1255
- * @param value - The value to check
1256
- * @returns true if the value is empty, false otherwise
1257
- *
1258
- * @example
1259
- * ```typescript
1260
- * isEmpty(null); // true
1261
- * isEmpty(undefined); // true
1262
- * isEmpty(""); // true
1263
- * isEmpty(" "); // true
1264
- * isEmpty("hello"); // false
1265
- * isEmpty([]); // true
1266
- * isEmpty([1, 2, 3]); // false
1267
- * isEmpty({}); // true
1268
- * isEmpty({ name: "John" }); // false
1269
- * isEmpty(0); // false
1270
- * isEmpty(false); // false
1271
- * ```
1272
- */
1273
- const isEmpty = (value) => {
1274
- if (value === null || value === void 0) return true;
1275
- if (typeof value === "string") return value.trim() === "";
1276
- if (Array.isArray(value)) return value.length === 0;
1277
- if (typeof value === "object" && value.constructor === Object) return Object.keys(value).length === 0;
1278
- return false;
1279
- };
1280
- var isEmpty_default = isEmpty;
1281
-
1282
- //#endregion
1283
- //#region src/api/updateOrganization.ts
1284
- /**
1285
- * Updates the organization information using the Organizations Management API.
1286
- *
1287
- * @param config - Configuration object with baseUrl, organizationId, operations and optional request config.
1288
- * @returns A promise that resolves with the updated organization information.
1289
- * @example
1290
- * ```typescript
1291
- * // Using the helper function to create operations automatically
1292
- * const operations = createPatchOperations({
1293
- * name: "Updated Organization Name", // Will use REPLACE
1294
- * description: "", // Will use REMOVE (empty string)
1295
- * customField: "Some value" // Will use REPLACE
1296
- * });
1297
- *
1298
- * await updateOrganization({
1299
- * baseUrl: "https://localhost:8090",
1300
- * organizationId: "0d5e071b-d3d3-475d-b3c6-1a20ee2fa9b1",
1301
- * operations
1302
- * });
1303
- *
1304
- * // Or manually specify operations
1305
- * await updateOrganization({
1306
- * baseUrl: "https://localhost:8090",
1307
- * organizationId: "0d5e071b-d3d3-475d-b3c6-1a20ee2fa9b1",
1308
- * operations: [
1309
- * { operation: "REPLACE", path: "/name", value: "Updated Organization Name" },
1310
- * { operation: "REMOVE", path: "/description" }
1311
- * ]
1312
- * });
1313
- * ```
1314
- *
1315
- * @example
1316
- * ```typescript
1317
- * // Using custom fetcher (e.g., axios-based httpClient)
1318
- * await updateOrganization({
1319
- * baseUrl: "https://localhost:8090",
1320
- * organizationId: "0d5e071b-d3d3-475d-b3c6-1a20ee2fa9b1",
1321
- * operations: [
1322
- * { operation: "REPLACE", path: "/name", value: "Updated Organization Name" }
1323
- * ],
1324
- * fetcher: async (url, config) => {
1325
- * const response = await httpClient({
1326
- * url,
1327
- * method: config.method,
1328
- * headers: config.headers,
1329
- * data: config.body,
1330
- * ...config
1331
- * });
1332
- * // Convert axios-like response to fetch-like Response
1333
- * return {
1334
- * ok: response.status >= 200 && response.status < 300,
1335
- * status: response.status,
1336
- * statusText: response.statusText,
1337
- * json: () => Promise.resolve(response.data),
1338
- * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
1339
- * } as Response;
1340
- * }
1341
- * });
1342
- * ```
1343
- */
1344
- const updateOrganization = async ({ baseUrl, organizationId, operations, fetcher,...requestConfig }) => {
1345
- try {
1346
- new URL(baseUrl);
1347
- } catch (error$1) {
1348
- throw new ThunderIDAPIError(`Invalid base URL provided. ${error$1?.toString()}`, "updateOrganization-ValidationError-001", "javascript", 400, "The provided `baseUrl` does not adhere to the URL schema.");
1349
- }
1350
- if (!organizationId) throw new ThunderIDAPIError("Organization ID is required", "updateOrganization-ValidationError-002", "javascript", 400, "Invalid Request");
1351
- if (!operations || !Array.isArray(operations) || operations.length === 0) throw new ThunderIDAPIError("Operations array is required and cannot be empty", "updateOrganization-ValidationError-003", "javascript", 400, "Invalid Request");
1352
- const fetchFn = fetcher || fetch;
1353
- const resolvedUrl = `${baseUrl}/api/server/v1/organizations/${organizationId}`;
1354
- const requestInit = {
1355
- ...requestConfig,
1356
- body: JSON.stringify(operations),
1357
- headers: {
1358
- Accept: "application/json",
1359
- "Content-Type": "application/json",
1360
- ...requestConfig.headers
1361
- },
1362
- method: "PATCH"
1363
- };
1364
- try {
1365
- const response = await fetchFn(resolvedUrl, requestInit);
1366
- if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "updateOrganization-ResponseError-001", "javascript", response.status, response.statusText, "Failed to update organization");
1367
- return await response.json();
1368
- } catch (error$1) {
1369
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
1370
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "updateOrganization-NetworkError-001", "javascript", 0, "Network Error");
1371
- }
1372
- };
1373
- /**
1374
- * Helper function to convert field updates to patch operations format.
1375
- * Uses REMOVE operation when the value is empty, otherwise uses REPLACE.
1376
- *
1377
- * @param payload - Object containing field updates
1378
- * @returns Array of patch operations
1379
- */
1380
- const createPatchOperations = (payload) => Object.entries(payload).map(([key, value]) => {
1381
- if (isEmpty_default(value)) return {
1382
- operation: "REMOVE",
1383
- path: `/${key}`
1384
- };
1385
- return {
1386
- operation: "REPLACE",
1387
- path: `/${key}`,
1388
- value
1389
- };
1390
- });
1391
- var updateOrganization_default = updateOrganization;
1392
-
1393
- //#endregion
1394
- //#region src/api/updateMeProfile.ts
1395
- /**
1396
- * Updates the user profile information at the specified SCIM2 Me endpoint.
1397
- *
1398
- * @param config - Configuration object with URL, payload and optional request config.
1399
- * @returns A promise that resolves with the updated user profile information.
1400
- * @example
1401
- * ```typescript
1402
- * // Using default fetch
1403
- * await updateMeProfile({
1404
- * url: "https://localhost:8090/scim2/Me",
1405
- * payload: { "urn:scim:wso2:schema": { mobileNumbers: ["0777933830"] } }
1406
- * });
1407
- * ```
1408
- *
1409
- * @example
1410
- * ```typescript
1411
- * // Using custom fetcher (e.g., axios-based httpClient)
1412
- * await updateMeProfile({
1413
- * url: "https://localhost:8090/scim2/Me",
1414
- * payload: { "urn:scim:wso2:schema": { mobileNumbers: ["0777933830"] } },
1415
- * fetcher: async (url, config) => {
1416
- * const response = await httpClient({
1417
- * url,
1418
- * method: config.method,
1419
- * headers: config.headers,
1420
- * data: config.body,
1421
- * ...config
1422
- * });
1423
- * // Convert axios-like response to fetch-like Response
1424
- * return {
1425
- * ok: response.status >= 200 && response.status < 300,
1426
- * status: response.status,
1427
- * statusText: response.statusText,
1428
- * json: () => Promise.resolve(response.data),
1429
- * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
1430
- * } as Response;
1431
- * }
1432
- * });
1433
- * ```
1434
- */
1435
- const updateMeProfile = async ({ url, baseUrl, payload, fetcher,...requestConfig }) => {
1436
- try {
1437
- new URL(url ?? baseUrl);
1438
- } catch (error$1) {
1439
- throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "updateMeProfile-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
1440
- }
1441
- const data = {
1442
- Operations: [{
1443
- op: "replace",
1444
- value: payload
1445
- }],
1446
- schemas: ["urn:ietf:params:scim:api:messages:2.0:PatchOp"]
1447
- };
1448
- const fetchFn = fetcher || fetch;
1449
- const resolvedUrl = url ?? `${baseUrl}/scim2/Me`;
1450
- const requestInit = {
1451
- method: "PATCH",
1452
- ...requestConfig,
1453
- body: JSON.stringify(data),
1454
- headers: {
1455
- ...requestConfig.headers,
1456
- Accept: "application/json",
1457
- "Content-Type": "application/scim+json"
1458
- }
1459
- };
1460
- try {
1461
- const response = await fetchFn(resolvedUrl, requestInit);
1462
- if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "updateMeProfile-ResponseError-001", "javascript", response.status, response.statusText, "Failed to update user profile");
1463
- return processUsername_default(await response.json());
1464
- } catch (error$1) {
1465
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
1466
- throw new ThunderIDAPIError(error$1?.response?.data?.detail || "An error occurred while updating the user profile. Please try again.", "updateMeProfile-NetworkError-001", "javascript", error$1?.data?.status, "Network Error");
1467
- }
1468
- };
1469
- var updateMeProfile_default = updateMeProfile;
1470
-
1471
- //#endregion
1472
- //#region src/models/platforms.ts
1473
- /**
1474
- * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
1475
- *
1476
- * WSO2 LLC. licenses this file to you under the Apache License,
1477
- * Version 2.0 (the "License"); you may not use this file except
1478
- * in compliance with the License.
1479
- * You may obtain a copy of the License at
1480
- *
1481
- * http://www.apache.org/licenses/LICENSE-2.0
1482
- *
1483
- * Unless required by applicable law or agreed to in writing,
1484
- * software distributed under the License is distributed on an
1485
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
1486
- * KIND, either express or implied. See the License for the
1487
- * specific language governing permissions and limitations
1488
- * under the License.
1489
- */
1490
- /**
1491
- * Enumeration of supported identity platforms.
1492
- *
1493
- * - `ThunderID`: Represents the ThunderID identity platform.
1494
- * - `IdentityServer`: Represents WSO2 Identity Server (on-prem or custom domains).
1495
- * - `Unknown`: Used when the platform cannot be determined from the configuration.
1496
- */
1497
- let Platform = /* @__PURE__ */ function(Platform$1) {
1498
- /** ThunderID identity platform */
1499
- Platform$1["ThunderID"] = "THUNDERID";
1500
- /** WSO2 Identity Server (on-prem or custom domains) */
1501
- Platform$1["IdentityServer"] = "IDENTITY_SERVER";
1502
- /** Unknown or unsupported platform */
1503
- Platform$1["Unknown"] = "UNKNOWN";
1504
- return Platform$1;
1505
- }({});
1506
-
1507
- //#endregion
1508
- //#region src/utils/logger.ts
1509
- const PREFIX = "⚡ ThunderID";
1510
- /**
1511
- * Default logger configuration
1512
- */
1513
- const DEFAULT_CONFIG$1 = {
1514
- level: "info",
1515
- prefix: `${PREFIX}`,
1516
- showLevel: true,
1517
- timestamps: true
1518
- };
1519
- /**
1520
- * Environment detection utilities
1521
- */
1522
- const isBrowser = () => typeof window !== "undefined" && typeof window.document !== "undefined";
1523
- const isNode = () => typeof process !== "undefined" && process.versions && process.versions.node;
1524
- /**
1525
- * Color codes for terminal output (Node.js)
1526
- */
1527
- const COLORS = {
1528
- blue: "\x1B[34m",
1529
- bright: "\x1B[1m",
1530
- cyan: "\x1B[36m",
1531
- dim: "\x1B[2m",
1532
- gray: "\x1B[90m",
1533
- green: "\x1B[32m",
1534
- magenta: "\x1B[35m",
1535
- red: "\x1B[31m",
1536
- reset: "\x1B[0m",
1537
- white: "\x1B[37m",
1538
- yellow: "\x1B[33m"
1539
- };
1540
- /**
1541
- * Browser console styling
1542
- */
1543
- const BROWSER_STYLES = {
1544
- debug: "color: #6b7280; font-weight: normal;",
1545
- error: "color: #dc2626; font-weight: bold;",
1546
- info: "color: #2563eb; font-weight: bold;",
1547
- prefix: "color: #7c3aed; font-weight: bold;",
1548
- timestamp: "color: #6b7280; font-size: 0.9em;",
1549
- warn: "color: #d97706; font-weight: bold;"
1550
- };
1551
- const LOG_LEVEL_ORDER = {
1552
- debug: 0,
1553
- error: 3,
1554
- info: 1,
1555
- warn: 2
1556
- };
1557
- /**
1558
- * Universal logger class that works in both browser and Node.js environments
1559
- */
1560
- var Logger = class Logger {
1561
- config;
1562
- constructor(config = {}) {
1563
- this.config = {
1564
- ...DEFAULT_CONFIG$1,
1565
- ...config
1566
- };
1567
- }
1568
- /**
1569
- * Update logger configuration
1570
- */
1571
- configure(config) {
1572
- this.config = {
1573
- ...this.config,
1574
- ...config
1575
- };
1576
- }
1577
- /**
1578
- * Get current configuration
1579
- */
1580
- getConfig() {
1581
- return { ...this.config };
1582
- }
1583
- /**
1584
- * Check if a log level should be output
1585
- */
1586
- shouldLog(level) {
1587
- return LOG_LEVEL_ORDER[level] >= LOG_LEVEL_ORDER[this.config.level];
1588
- }
1589
- /**
1590
- * Get timestamp string
1591
- */
1592
- static getTimestamp() {
1593
- return (/* @__PURE__ */ new Date()).toISOString();
1594
- }
1595
- /**
1596
- * Get log level string
1597
- */
1598
- static getLevelString(level) {
1599
- switch (level) {
1600
- case "debug": return "DEBUG";
1601
- case "info": return "INFO";
1602
- case "warn": return "WARN";
1603
- case "error": return "ERROR";
1604
- default: return "UNKNOWN";
1605
- }
1606
- }
1607
- /**
1608
- * Format message for Node.js terminal
1609
- */
1610
- formatForNode(level, message) {
1611
- const parts = [];
1612
- if (this.config.timestamps) parts.push(`${COLORS.gray}[${Logger.getTimestamp()}]${COLORS.reset}`);
1613
- if (this.config.prefix) parts.push(`${COLORS.magenta}${this.config.prefix}${COLORS.reset}`);
1614
- if (this.config.showLevel) {
1615
- const levelStr = Logger.getLevelString(level);
1616
- let coloredLevel;
1617
- switch (level) {
1618
- case "debug":
1619
- coloredLevel = `${COLORS.gray}[${levelStr}]${COLORS.reset}`;
1620
- break;
1621
- case "info":
1622
- coloredLevel = `${COLORS.blue}[${levelStr}]${COLORS.reset}`;
1623
- break;
1624
- case "warn":
1625
- coloredLevel = `${COLORS.yellow}[${levelStr}]${COLORS.reset}`;
1626
- break;
1627
- case "error":
1628
- coloredLevel = `${COLORS.red}[${levelStr}]${COLORS.reset}`;
1629
- break;
1630
- default: coloredLevel = `[${levelStr}]`;
1631
- }
1632
- parts.push(coloredLevel);
1633
- }
1634
- parts.push(message);
1635
- return parts.join(" ");
1636
- }
1637
- /**
1638
- * Log message using appropriate method
1639
- */
1640
- logMessage(level, message, ...args) {
1641
- if (!this.shouldLog(level)) return;
1642
- if (this.config.formatter) {
1643
- this.config.formatter(level, message, ...args);
1644
- return;
1645
- }
1646
- if (isBrowser()) this.logToBrowser(level, message, ...args);
1647
- else if (isNode()) this.logToNode(level, message, ...args);
1648
- else console.log(message, ...args);
1649
- }
1650
- /**
1651
- * Log to browser console with styling
1652
- */
1653
- logToBrowser(level, message, ...args) {
1654
- const parts = [];
1655
- const styles = [];
1656
- if (this.config.timestamps) {
1657
- parts.push(`%c[${Logger.getTimestamp()}]`);
1658
- styles.push(BROWSER_STYLES.timestamp);
1659
- }
1660
- if (this.config.prefix) {
1661
- parts.push(`%c${this.config.prefix}`);
1662
- styles.push(BROWSER_STYLES.prefix);
1663
- }
1664
- if (this.config.showLevel) {
1665
- const levelStr = Logger.getLevelString(level);
1666
- parts.push(`%c[${levelStr}]`);
1667
- switch (level) {
1668
- case "debug":
1669
- styles.push(BROWSER_STYLES.debug);
1670
- break;
1671
- case "info":
1672
- styles.push(BROWSER_STYLES.info);
1673
- break;
1674
- case "warn":
1675
- styles.push(BROWSER_STYLES.warn);
1676
- break;
1677
- case "error":
1678
- styles.push(BROWSER_STYLES.error);
1679
- break;
1680
- default: styles.push("");
1681
- }
1682
- }
1683
- parts.push(`%c${message}`);
1684
- styles.push("color: inherit; font-weight: normal;");
1685
- const formattedMessage = parts.join(" ");
1686
- switch (level) {
1687
- case "debug":
1688
- console.debug(formattedMessage, ...styles, ...args);
1689
- break;
1690
- case "info":
1691
- console.info(formattedMessage, ...styles, ...args);
1692
- break;
1693
- case "warn":
1694
- console.warn(formattedMessage, ...styles, ...args);
1695
- break;
1696
- case "error":
1697
- console.error(formattedMessage, ...styles, ...args);
1698
- break;
1699
- default: console.log(formattedMessage, ...styles, ...args);
1700
- }
1701
- }
1702
- /**
1703
- * Log to Node.js console
1704
- */
1705
- logToNode(level, message, ...args) {
1706
- const formattedMessage = this.formatForNode(level, message);
1707
- switch (level) {
1708
- case "debug":
1709
- console.debug(formattedMessage, ...args);
1710
- break;
1711
- case "info":
1712
- console.info(formattedMessage, ...args);
1713
- break;
1714
- case "warn":
1715
- console.warn(formattedMessage, ...args);
1716
- break;
1717
- case "error":
1718
- console.error(formattedMessage, ...args);
1719
- break;
1720
- default: console.log(formattedMessage, ...args);
1721
- }
1722
- }
1723
- /**
1724
- * Log debug message
1725
- */
1726
- debug(message, ...args) {
1727
- this.logMessage("debug", message, ...args);
1728
- }
1729
- /**
1730
- * Log info message
1731
- */
1732
- info(message, ...args) {
1733
- this.logMessage("info", message, ...args);
1734
- }
1735
- /**
1736
- * Log warning message
1737
- */
1738
- warn(message, ...args) {
1739
- this.logMessage("warn", message, ...args);
1740
- }
1741
- /**
1742
- * Log error message
1743
- */
1744
- error(message, ...args) {
1745
- this.logMessage("error", message, ...args);
1746
- }
1747
- /**
1748
- * Create a child logger with additional prefix
1749
- */
1750
- child(prefix) {
1751
- const childPrefix = this.config.prefix ? `${this.config.prefix} - ${prefix}` : prefix;
1752
- return new Logger({
1753
- ...this.config,
1754
- prefix: childPrefix
1755
- });
1756
- }
1757
- /**
1758
- * Set log level
1759
- */
1760
- setLevel(level) {
1761
- this.config.level = level;
1762
- }
1763
- /**
1764
- * Get current log level
1765
- */
1766
- getLevel() {
1767
- return this.config.level;
1768
- }
1769
- };
1770
- /**
1771
- * Default logger instance
1772
- */
1773
- const logger = new Logger();
1774
- /**
1775
- * Create a new logger instance with custom configuration
1776
- */
1777
- const createLogger = (config) => new Logger(config);
1778
- /**
1779
- * Default export - global logger instance
1780
- */
1781
- var logger_default = logger;
1782
- /**
1783
- * Named exports for convenience
1784
- */
1785
- const debug = (message, ...args) => logger.debug(message, ...args);
1786
- const info = (message, ...args) => logger.info(message, ...args);
1787
- const warn = (message, ...args) => logger.warn(message, ...args);
1788
- const error = (message, ...args) => logger.error(message, ...args);
1789
- /**
1790
- * Configure the default logger
1791
- */
1792
- const configure = (config) => logger.configure(config);
1793
- /**
1794
- * Create component-specific loggers
1795
- */
1796
- const createComponentLogger = (component) => logger.child(component);
1797
- /**
1798
- * Create package-specific logger
1799
- */
1800
- const createPackageLogger = (packageName) => createLogger({
1801
- level: "info",
1802
- prefix: `${PREFIX} - ${packageName}`,
1803
- showLevel: true,
1804
- timestamps: true
1805
- });
1806
- /**
1807
- * Create package component logger (package + component)
1808
- */
1809
- const createPackageComponentLogger = (packageName, component) => {
1810
- return createPackageLogger(packageName).child(component);
1811
- };
1812
-
1813
- //#endregion
1814
- //#region src/errors/ThunderIDRuntimeError.ts
1815
- /**
1816
- * Base class for all runtime errors in ThunderID. This class extends ThunderIDError
1817
- * and adds support for additional error details. Use this class for errors that occur
1818
- * during runtime execution that are not related to API calls.
1819
- *
1820
- * @example
1821
- * ```typescript
1822
- * throw new ThunderIDRuntimeError(
1823
- * "Failed to parse configuration",
1824
- * "CONFIG_PARSE_ERROR",
1825
- * { invalidField: "redirectUri" }
1826
- * );
1827
- * ```
1828
- */
1829
- var ThunderIDRuntimeError = class extends ThunderIDError {
1830
- /**
1831
- * Creates an instance of ThunderIDRuntimeError.
1832
- *
1833
- * @param message - Human-readable description of the error
1834
- * @param code - A unique error code that identifies the error type
1835
- * @param details - Additional details about the error that might be helpful for debugging
1836
- * @param origin - Optional. The SDK origin (e.g. 'react', 'vue'). Defaults to generic 'ThunderID'
1837
- * @constructor
1838
- */
1839
- constructor(message, code, origin, details) {
1840
- super(message, code, origin);
1841
- this.details = details;
1842
- Object.defineProperty(this, "name", {
1843
- configurable: true,
1844
- value: "ThunderIDRuntimeError",
1845
- writable: true
1846
- });
1847
- }
1848
- /**
1849
- * Returns a string representation of the runtime error
1850
- * @returns Formatted error string with name, code, details, and message
1851
- */
1852
- toString() {
1853
- const details = this.details ? `\nDetails: ${JSON.stringify(this.details, null, 2)}` : "";
1854
- return `[${this.name}] (code="${this.code}")${details}\nMessage: ${this.message}`;
1855
- }
1856
- };
1857
-
1858
- //#endregion
1859
- //#region src/utils/isRecognizedBaseUrlPattern.ts
1860
- /**
1861
- * Utility to determine if sensible ThunderID fallbacks can be used based on the given base URL.
1862
- *
1863
- * This checks if the URL follows the standard ThunderID pattern: /t/{orgHandle}
1864
- * Returns true if sensible fallbacks (like deriving organization handle, tenant, etc.) can be used, false otherwise.
1865
- *
1866
- * @param baseUrl - The base URL of the ThunderID identity server (string or undefined)
1867
- * @returns boolean - true if sensible fallbacks can be used, false otherwise
1868
- *
1869
- * @example
1870
- * isRecognizedBaseUrlPattern('https://localhost:8090/t/dxlab'); // true
1871
- * isRecognizedBaseUrlPattern('https://custom.example.com/auth'); // false
1872
- */
1873
- const isRecognizedBaseUrlPattern = (baseUrl) => {
1874
- if (!baseUrl) throw new ThunderIDRuntimeError("Base URL is required to derive if the `baseUrl` is recognized.", "isRecognizedBaseUrlPattern-ValidationError-001", "javascript", "A valid base URL must be provided to derive if the `baseUrl` is recognized to use the sensible fallbacks.");
1875
- let parsedUrl;
1876
- try {
1877
- parsedUrl = new URL(baseUrl);
1878
- } catch (error$1) {
1879
- throw new ThunderIDRuntimeError(`Invalid base URL format: ${baseUrl}`, "isRecognizedBaseUrlPattern-ValidationError-002", "javascript", "The provided base URL does not conform to valid URL syntax.");
1880
- }
1881
- const pathSegments = parsedUrl.pathname?.split("/")?.filter((segment) => segment?.length > 0);
1882
- if (pathSegments.length < 2 || pathSegments[0] !== "t") {
1883
- logger_default.warn("[isRecognizedBaseUrlPattern] The provided base URL does not follow the expected URL pattern (/t/{orgHandle}).");
1884
- return false;
1885
- }
1886
- return true;
1887
- };
1888
- var isRecognizedBaseUrlPattern_default = isRecognizedBaseUrlPattern;
1889
-
1890
- //#endregion
1891
- //#region src/utils/identifyPlatform.ts
1892
- /**
1893
- * Identifies the platform based on the given base URL.
1894
- *
1895
- * If the URL is recognized and matches the ThunderID domain, returns Platform.ThunderID.
1896
- * Otherwise, returns Platform.IdentityServer.
1897
- *
1898
- * @param baseUrl - The base URL to check
1899
- * @returns Platform enum value
1900
- */
1901
- const identifyPlatform = (config) => {
1902
- const { baseUrl } = config;
1903
- try {
1904
- if (isRecognizedBaseUrlPattern_default(baseUrl)) {
1905
- try {
1906
- const url = new URL(baseUrl);
1907
- if (/\.thunderid\.io$/i.test(url.hostname) || /thunderid\.io$/i.test(url.hostname)) return Platform.ThunderID;
1908
- } catch {
1909
- logger_default.debug(`[identifyPlatform] Could not identify platform from the base URL: ${baseUrl}. Defaulting to WSO2 Identity Server as the platform.`);
1910
- }
1911
- return Platform.IdentityServer;
1912
- }
1913
- return Platform.Unknown;
1914
- } catch (error$1) {
1915
- logger_default.debug(`[identifyPlatform] Error identifying platform from base URL: ${baseUrl}. Error: ${error$1.message}`);
1916
- return Platform.Unknown;
1917
- }
1918
- };
1919
- var identifyPlatform_default = identifyPlatform;
1920
-
1921
- //#endregion
1922
- //#region src/api/getBrandingPreference.ts
1923
- /**
1924
- * Retrieves branding preference configuration.
1925
- *
1926
- * @param config - Configuration object containing baseUrl, optional query parameters, and request config.
1927
- * @returns A promise that resolves with the branding preference information.
1928
- * @example
1929
- * ```typescript
1930
- * // Using default fetch
1931
- * try {
1932
- * const response = await getBrandingPreference({
1933
- * baseUrl: "https://localhost:8090",
1934
- * locale: "en-US",
1935
- * name: "my-branding",
1936
- * type: "org"
1937
- * });
1938
- * console.log(response.theme);
1939
- * } catch (error) {
1940
- * if (error instanceof ThunderIDAPIError) {
1941
- * console.error('Failed to get branding preference:', error.message);
1942
- * }
1943
- * }
1944
- * ```
1945
- *
1946
- * @example
1947
- * ```typescript
1948
- * // Using custom fetcher (e.g., axios-based httpClient)
1949
- * try {
1950
- * const response = await getBrandingPreference({
1951
- * baseUrl: "https://localhost:8090",
1952
- * locale: "en-US",
1953
- * name: "my-branding",
1954
- * type: "org",
1955
- * fetcher: async (url, config) => {
1956
- * const response = await httpClient({
1957
- * url,
1958
- * method: config.method,
1959
- * headers: config.headers,
1960
- * ...config
1961
- * });
1962
- * // Convert axios-like response to fetch-like Response
1963
- * return {
1964
- * ok: response.status >= 200 && response.status < 300,
1965
- * status: response.status,
1966
- * statusText: response.statusText,
1967
- * json: () => Promise.resolve(response.data),
1968
- * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
1969
- * } as Response;
1970
- * }
1067
+ * @param requestConfig - Request configuration object.
1068
+ * @returns A promise that resolves with the user information.
1069
+ * @throw
1070
+ * const userInfo = await getUserInfo({
1071
+ * url: "https://localhost:8090/oauth2/userinfo",
1971
1072
  * });
1972
- * console.log(response.theme);
1073
+ * console.log(userInfo);
1973
1074
  * } catch (error) {
1974
1075
  * if (error instanceof ThunderIDAPIError) {
1975
- * console.error('Failed to get branding preference:', error.message);
1976
- * }
1977
- * }
1978
- * ```
1979
- */
1980
- const getBrandingPreference = async ({ baseUrl, locale, name, type, fetcher,...requestConfig }) => {
1981
- try {
1982
- new URL(baseUrl);
1983
- } catch (error$1) {
1984
- throw new ThunderIDAPIError(`Invalid base URL provided. ${error$1?.toString()}`, "getBrandingPreference-ValidationError-001", "javascript", 400, "The provided `baseUrl` does not adhere to the URL schema.");
1985
- }
1986
- const queryParams = new URLSearchParams(Object.fromEntries(Object.entries({
1987
- locale: locale || "",
1988
- name: name || "",
1989
- type: type || ""
1990
- }).filter(([, value]) => Boolean(value))));
1991
- const fetchFn = fetcher || fetch;
1992
- const resolvedUrl = `${baseUrl}/api/server/v1/branding-preference/resolve${queryParams.toString() ? `?${queryParams.toString()}` : ""}`;
1993
- const requestInit = {
1994
- ...requestConfig,
1995
- headers: {
1996
- Accept: "application/json",
1997
- "Content-Type": "application/json",
1998
- ...requestConfig.headers
1999
- },
2000
- method: "GET"
2001
- };
2002
- try {
2003
- const response = await fetchFn(resolvedUrl, requestInit);
2004
- if (!response?.ok) {
2005
- const errorText = await response.text();
2006
- const platform = identifyPlatform_default({ baseUrl });
2007
- let errorDescription;
2008
- try {
2009
- const errorBody = JSON.parse(errorText);
2010
- errorDescription = errorBody?.description || errorBody?.message || errorText;
2011
- } catch {
2012
- errorDescription = errorText;
2013
- }
2014
- let platformConsoleGuidance;
2015
- if (platform === Platform.ThunderID) platformConsoleGuidance = "configure branding preferences in the ThunderID console";
2016
- else if (platform === Platform.IdentityServer) platformConsoleGuidance = "configure branding preferences in the WSO2 Identity Server console";
2017
- else platformConsoleGuidance = "configure branding preferences in the platform console";
2018
- logger_default.warn(`[BrandingError] ${errorDescription} To resolve this issue, please ${platformConsoleGuidance}. If you want to suppress this warning and stop fetching branding preferences, set \`<ThunderIDProvider>\` -> \`preferences\` -> \`theme\` -> \`inheritFromBranding\` to false.`);
2019
- throw new ThunderIDAPIError(errorText, "getBrandingPreference-ResponseError-001", "javascript", response.status, response.statusText, "Failed to get branding preference");
2020
- }
2021
- return await response.json();
2022
- } catch (error$1) {
2023
- if (error$1 instanceof ThunderIDAPIError) throw error$1;
2024
- throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getBrandingPreference-NetworkError-001", "javascript", 0, "Network Error");
2025
- }
2026
- };
2027
- var getBrandingPreference_default = getBrandingPreference;
2028
-
2029
- //#endregion
2030
- //#region src/models/v2/embedded-signin-flow-v2.ts
2031
- /**
2032
- * Status enumeration for ThunderID embedded sign-in flow operations.
2033
- *
2034
- * These statuses indicate the current state of the sign-in flow and determine
2035
- * the next action required by the client application. Each status provides
2036
- * specific guidance on how to proceed with the authentication process.
2037
- *
2038
- * @example
2039
- * ```typescript
2040
- * switch (response.flowStatus) {
2041
- * case EmbeddedSignInFlowStatus.Incomplete:
2042
- * // More user input needed - render form components
2043
- * break;
2044
- * case EmbeddedSignInFlowStatus.Complete:
2045
- * // Authentication successful - handle completion
2046
- * break;
2047
- * case EmbeddedSignInFlowStatus.Error:
2048
- * // Authentication failed - show error message
2049
- * break;
2050
- * }
2051
- * ```
2052
- *
2053
- * @experimental Part of the new ThunderID API
2054
- */
2055
- let EmbeddedSignInFlowStatus$1 = /* @__PURE__ */ function(EmbeddedSignInFlowStatus$2) {
2056
- /**
2057
- * Sign-in flow completed successfully.
2058
- *
2059
- * The user has been authenticated and the flow can proceed to
2060
- * OAuth2 completion or redirection. Check for redirectUrl or
2061
- * assertion data in the response.
2062
- */
2063
- EmbeddedSignInFlowStatus$2["Complete"] = "COMPLETE";
2064
- /**
2065
- * Sign-in flow encountered an error.
2066
- *
2067
- * Authentication failed due to invalid credentials, system error,
2068
- * or other issues. Check error details in the response and handle
2069
- * appropriately (retry, show error message, etc.).
2070
- */
2071
- EmbeddedSignInFlowStatus$2["Error"] = "ERROR";
2072
- /**
2073
- * Sign-in flow requires additional user input.
2074
- *
2075
- * More authentication steps are needed. The response will contain
2076
- * components in data.meta.components that should be rendered to
2077
- * collect additional user input (e.g., MFA, password, etc.).
2078
- */
2079
- EmbeddedSignInFlowStatus$2["Incomplete"] = "INCOMPLETE";
2080
- return EmbeddedSignInFlowStatus$2;
2081
- }({});
2082
- /**
2083
- * Type enumeration for ThunderID embedded sign-in flow responses.
2084
- *
2085
- * Determines the nature of the flow response and how the client should
2086
- * handle the returned data. This affects both UI rendering and flow
2087
- * continuation logic.
2088
- *
2089
- * @experimental Part of the new ThunderID API
2090
- */
2091
- let EmbeddedSignInFlowType$1 = /* @__PURE__ */ function(EmbeddedSignInFlowType$2) {
2092
- /**
2093
- * Response requires external redirection.
2094
- *
2095
- * Used for social login providers, external identity providers,
2096
- * or other flows that require navigating to an external URL.
2097
- * The response will contain redirection information.
2098
- */
2099
- EmbeddedSignInFlowType$2["Redirection"] = "REDIRECTION";
2100
- /**
2101
- * Response contains view components for rendering.
2102
- *
2103
- * Standard embedded flow response containing UI components
2104
- * that should be rendered within the current application
2105
- * context. Most common type for embedded authentication.
2106
- */
2107
- EmbeddedSignInFlowType$2["View"] = "VIEW";
2108
- return EmbeddedSignInFlowType$2;
2109
- }({});
1076
+ * console.error('Failed to get user info:', error.message);
1077
+ * }
1078
+ * }
1079
+ * ```
1080
+ */
1081
+ const getUserInfo = async ({ url,...requestConfig }) => {
1082
+ try {
1083
+ new URL(url);
1084
+ } catch (error$1) {
1085
+ throw new ThunderIDAPIError("Invalid endpoint URL provided", "getUserInfo-ValidationError-001", "javascript", 400, "Invalid Request");
1086
+ }
1087
+ try {
1088
+ const response = await fetch(url, {
1089
+ ...requestConfig,
1090
+ headers: {
1091
+ Accept: "application/json",
1092
+ "Content-Type": "application/json",
1093
+ ...requestConfig.headers
1094
+ },
1095
+ method: "GET"
1096
+ });
1097
+ if (!response.ok) throw new ThunderIDAPIError(await response.text(), "getUserInfo-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch user info");
1098
+ return await response.json();
1099
+ } catch (error$1) {
1100
+ if (error$1 instanceof ThunderIDAPIError) throw error$1;
1101
+ throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getUserInfo-NetworkError-001", "javascript", 0, "Network Error");
1102
+ }
1103
+ };
1104
+ var getUserInfo_default = getUserInfo;
2110
1105
 
2111
1106
  //#endregion
2112
- //#region src/utils/v2/injectRequestedPermissions.ts
1107
+ //#region src/utils/processUsername.ts
2113
1108
  /**
2114
- * Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
1109
+ * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
2115
1110
  *
2116
1111
  * WSO2 LLC. licenses this file to you under the Apache License,
2117
1112
  * Version 2.0 (the "License"); you may not use this file except
@@ -2128,445 +1123,313 @@ let EmbeddedSignInFlowType$1 = /* @__PURE__ */ function(EmbeddedSignInFlowType$2
2128
1123
  * under the License.
2129
1124
  */
2130
1125
  /**
2131
- * Strips the top-level `scopes` field from a payload and injects it as
2132
- * `inputs.requested_permissions` (space-separated string).
2133
- *
2134
- * The backend reads requested_permissions from UserInputs (the `inputs` map), not a top-level field.
1126
+ * Regular expression to match userstore prefixes in usernames.
1127
+ * Matches patterns like "DEFAULT/", "ASGARDEO_USER/", "PRIMARY/", etc.
1128
+ * The pattern matches any uppercase letters, numbers, and underscores followed by a forward slash.
2135
1129
  */
2136
- const injectRequestedPermissions = (payload) => {
2137
- const { scopes,...rest } = payload;
2138
- const normalizedScopes = Array.isArray(scopes) ? scopes.map((s) => String(s).trim()).filter(Boolean).join(" ") : typeof scopes === "string" ? scopes.trim() : "";
2139
- if (!normalizedScopes) return rest;
2140
- const existingInputs = rest["inputs"] != null && typeof rest["inputs"] === "object" && !Array.isArray(rest["inputs"]) ? rest["inputs"] : {};
2141
- return {
2142
- ...rest,
2143
- inputs: {
2144
- ...existingInputs,
2145
- requested_permissions: normalizedScopes
2146
- }
2147
- };
2148
- };
2149
- var injectRequestedPermissions_default = injectRequestedPermissions;
2150
-
2151
- //#endregion
2152
- //#region src/api/v2/executeEmbeddedSignInFlowV2.ts
2153
- const executeEmbeddedSignInFlowV2 = async ({ url, baseUrl, payload, authId,...requestConfig }) => {
2154
- if (!payload) throw new ThunderIDAPIError("Authorization payload is required", "executeEmbeddedSignInFlow-ValidationError-002", "javascript", 400, "If an authorization payload is not provided, the request cannot be constructed correctly.");
2155
- const endpoint = url ?? `${baseUrl}/flow/execute`;
2156
- const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
2157
- const isNewFlowStart = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload;
2158
- const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
2159
- const basePayload = isNewFlowStart ? injectRequestedPermissions_default(cleanPayload) : cleanPayload;
2160
- const requestPayload = isNewFlowStart || hasOnlyFlowId ? {
2161
- ...basePayload,
2162
- verbose: true
2163
- } : basePayload;
2164
- const response = await fetch(endpoint, {
2165
- ...requestConfig,
2166
- body: JSON.stringify(requestPayload),
2167
- headers: {
2168
- Accept: "application/json",
2169
- "Content-Type": "application/json",
2170
- ...requestConfig.headers
2171
- },
2172
- method: requestConfig.method || "POST"
2173
- });
2174
- if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedSignInFlow-ResponseError-001", "javascript", response.status, response.statusText, "Authorization request failed");
2175
- const flowResponse = await response.json();
2176
- if (flowResponse.flowStatus === EmbeddedSignInFlowStatus$1.Complete && flowResponse.assertion && authId) try {
2177
- const oauth2Response = await fetch(`${baseUrl}/oauth2/auth/callback`, {
2178
- body: JSON.stringify({
2179
- assertion: flowResponse.assertion,
2180
- authId
2181
- }),
2182
- credentials: "include",
2183
- headers: {
2184
- Accept: "application/json",
2185
- "Content-Type": "application/json",
2186
- ...requestConfig.headers
2187
- },
2188
- method: "POST"
2189
- });
2190
- if (!oauth2Response.ok) throw new ThunderIDAPIError(await oauth2Response.text(), "executeEmbeddedSignInFlow-OAuth2Error-002", "javascript", oauth2Response.status, oauth2Response.statusText, "OAuth2 authorization failed");
2191
- const oauth2Result = await oauth2Response.json();
2192
- return {
2193
- flowStatus: flowResponse.flowStatus,
2194
- redirectUrl: oauth2Result["redirect_uri"]
2195
- };
2196
- } catch (authError) {
2197
- if (authError instanceof ThunderIDAPIError) throw authError;
2198
- throw new ThunderIDAPIError(authError instanceof Error ? authError.message : "Unknown error", "executeEmbeddedSignInFlow-OAuth2Error-001", "javascript", 500, "Failed to complete OAuth2 authorization after successful embedded sign-in flow.", "OAuth2 authorization failed");
2199
- }
2200
- return flowResponse;
2201
- };
2202
- var executeEmbeddedSignInFlowV2_default = executeEmbeddedSignInFlowV2;
2203
-
2204
- //#endregion
2205
- //#region src/models/v2/embedded-signup-flow-v2.ts
1130
+ const USERSTORE_PREFIX_REGEX = /^[A-Z_][A-Z0-9_]*\//;
2206
1131
  /**
2207
- * Status enumeration for ThunderID embedded sign-up flow operations.
1132
+ * Removes userstore prefixes from a username if they exist.
1133
+ * This is commonly used to clean usernames returned from SCIM2 endpoints
1134
+ * that include userstore prefixes like "DEFAULT/", "ASGARDEO_USER/", "PRIMARY/", etc.
2208
1135
  *
2209
- * These statuses indicate the current state of the registration flow and determine
2210
- * the next action required by the client application. Each status provides specific
2211
- * guidance on how to proceed with the user registration process.
1136
+ * @param username - The username string to process
1137
+ * @returns The username without the userstore prefix, or the original username if no prefix exists
2212
1138
  *
2213
1139
  * @example
2214
1140
  * ```typescript
2215
- * switch (response.flowStatus) {
2216
- * case EmbeddedSignUpFlowStatus.Incomplete:
2217
- * // More user input needed - render registration form components
2218
- * break;
2219
- * case EmbeddedSignUpFlowStatus.Complete:
2220
- * // Registration successful - handle completion
2221
- * break;
2222
- * case EmbeddedSignUpFlowStatus.Error:
2223
- * // Registration failed - show error details
2224
- * const errorResponse = response as EmbeddedSignUpFlowErrorResponse;
2225
- * showError(errorResponse.error.description.defaultValue);
2226
- * break;
2227
- * }
2228
- * ```
1141
+ * const cleanUsername = removeUserstorePrefix("DEFAULT/john.doe");
1142
+ * console.log(cleanUsername); // "john.doe"
2229
1143
  *
2230
- * @experimental Part of the new ThunderID API
2231
- */
2232
- let EmbeddedSignUpFlowStatus = /* @__PURE__ */ function(EmbeddedSignUpFlowStatus$1) {
2233
- /**
2234
- * Sign-up flow completed successfully.
2235
- *
2236
- * The user has successfully registered and the flow can proceed to
2237
- * OAuth2 completion or redirection. Check for redirectUrl or assertion
2238
- * data in the response for next steps.
2239
- */
2240
- EmbeddedSignUpFlowStatus$1["Complete"] = "COMPLETE";
2241
- /**
2242
- * Sign-up flow encountered an error and cannot proceed.
2243
- *
2244
- * Registration failed due to validation errors, duplicate user,
2245
- * system errors, or other issues. The response will be of type
2246
- * `EmbeddedSignUpFlowErrorResponse` containing detailed failure
2247
- * information that can be displayed to the user.
2248
- *
2249
- * @see {@link EmbeddedSignUpFlowErrorResponse} for error response structure
2250
- */
2251
- EmbeddedSignUpFlowStatus$1["Error"] = "ERROR";
2252
- /**
2253
- * Sign-up flow requires additional user input.
2254
- *
2255
- * More registration steps are needed. The response will contain
2256
- * components in data.meta.components that should be rendered to
2257
- * collect additional user information (e.g., profile data, verification).
2258
- */
2259
- EmbeddedSignUpFlowStatus$1["Incomplete"] = "INCOMPLETE";
2260
- return EmbeddedSignUpFlowStatus$1;
2261
- }({});
2262
- /**
2263
- * Type enumeration for ThunderID embedded sign-up flow responses.
1144
+ * const thunderidUser = removeUserstorePrefix("ASGARDEO_USER/jane.doe");
1145
+ * console.log(thunderidUser); // "jane.doe"
2264
1146
  *
2265
- * Determines the nature of the registration flow response and how the client
2266
- * should handle the returned data. This affects both UI rendering and flow
2267
- * continuation logic during the user registration process.
1147
+ * const primaryUser = removeUserstorePrefix("PRIMARY/admin");
1148
+ * console.log(primaryUser); // "admin"
2268
1149
  *
2269
- * @experimental Part of the new ThunderID API
1150
+ * const alreadyClean = removeUserstorePrefix("user.name");
1151
+ * console.log(alreadyClean); // "user.name"
1152
+ *
1153
+ * const emptyInput = removeUserstorePrefix("");
1154
+ * console.log(emptyInput); // ""
1155
+ * ```
2270
1156
  */
2271
- let EmbeddedSignUpFlowType = /* @__PURE__ */ function(EmbeddedSignUpFlowType$1) {
2272
- /**
2273
- * Response requires external redirection.
2274
- *
2275
- * Used for social registration providers, external identity providers,
2276
- * or other flows that require navigating to an external URL during
2277
- * the registration process. The response will contain redirection information.
2278
- */
2279
- EmbeddedSignUpFlowType$1["Redirection"] = "REDIRECTION";
2280
- /**
2281
- * Response contains view components for rendering.
2282
- *
2283
- * Standard embedded registration flow response containing UI components
2284
- * that should be rendered within the current application context.
2285
- * Most common type for embedded user registration.
2286
- */
2287
- EmbeddedSignUpFlowType$1["View"] = "VIEW";
2288
- return EmbeddedSignUpFlowType$1;
2289
- }({});
2290
-
2291
- //#endregion
2292
- //#region src/api/v2/executeEmbeddedSignUpFlowV2.ts
2293
- const executeEmbeddedSignUpFlowV2 = async ({ url, baseUrl, payload, authId,...requestConfig }) => {
2294
- if (!payload) throw new ThunderIDAPIError("Registration payload is required", "executeEmbeddedSignUpFlow-ValidationError-002", "javascript", 400, "If a registration payload is not provided, the request cannot be constructed correctly.");
2295
- const endpoint = url ?? `${baseUrl}/flow/execute`;
2296
- const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
2297
- const isNewFlowStart = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload;
2298
- const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
2299
- const basePayload = isNewFlowStart ? injectRequestedPermissions_default(cleanPayload) : cleanPayload;
2300
- const requestPayload = isNewFlowStart || hasOnlyFlowId ? {
2301
- ...basePayload,
2302
- verbose: true
2303
- } : basePayload;
2304
- const response = await fetch(endpoint, {
2305
- ...requestConfig,
2306
- body: JSON.stringify(requestPayload),
2307
- headers: {
2308
- Accept: "application/json",
2309
- "Content-Type": "application/json",
2310
- ...requestConfig.headers
2311
- },
2312
- method: requestConfig.method || "POST"
2313
- });
2314
- if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedSignUpFlow-ResponseError-001", "javascript", response.status, response.statusText, "Registration request failed");
2315
- const flowResponse = await response.json();
2316
- if (flowResponse.flowStatus === EmbeddedSignUpFlowStatus.Complete && flowResponse.assertion && authId) try {
2317
- const oauth2Response = await fetch(`${baseUrl}/oauth2/auth/callback`, {
2318
- body: JSON.stringify({
2319
- assertion: flowResponse.assertion,
2320
- authId
2321
- }),
2322
- credentials: "include",
2323
- headers: {
2324
- Accept: "application/json",
2325
- "Content-Type": "application/json",
2326
- ...requestConfig.headers
2327
- },
2328
- method: "POST"
2329
- });
2330
- if (!oauth2Response.ok) throw new ThunderIDAPIError(await oauth2Response.text(), "executeEmbeddedSignUpFlow-OAuth2Error-002", "javascript", oauth2Response.status, oauth2Response.statusText, "OAuth2 authorization failed");
2331
- const oauth2Result = await oauth2Response.json();
2332
- return {
2333
- flowStatus: flowResponse.flowStatus,
2334
- redirectUrl: oauth2Result["redirect_uri"]
2335
- };
2336
- } catch (authError) {
2337
- if (authError instanceof ThunderIDAPIError) throw authError;
2338
- throw new ThunderIDAPIError(authError instanceof Error ? authError.message : "Unknown error", "executeEmbeddedSignUpFlow-OAuth2Error-001", "javascript", 500, "Failed to complete OAuth2 authorization after successful embedded sign-up flow.", "OAuth2 authorization failed");
2339
- }
2340
- return flowResponse;
1157
+ const removeUserstorePrefix = (username) => {
1158
+ if (!username) return "";
1159
+ return username.replace(USERSTORE_PREFIX_REGEX, "");
2341
1160
  };
2342
- var executeEmbeddedSignUpFlowV2_default = executeEmbeddedSignUpFlowV2;
2343
-
2344
- //#endregion
2345
- //#region src/api/v2/executeEmbeddedRecoveryFlowV2.ts
2346
1161
  /**
2347
- * Executes an embedded recovery flow by sending a request to the flow execution endpoint.
2348
- *
2349
- * This function handles password-recovery and account-recovery flows driven by the
2350
- * ThunderID server. The server returns UI components for each step (e.g. username
2351
- * collection, OTP verification, password reset) and this function forwards the
2352
- * user's responses back to the server.
1162
+ * Processes a user object to remove userstore prefixes from username fields.
1163
+ * This is a helper function for processing user objects returned from SCIM2 endpoints.
1164
+ * Handles various username field variations: username, userName, and user_name.
2353
1165
  *
2354
- * @param requestConfig - Request configuration containing URL, payload, and optional headers.
2355
- * @returns A promise that resolves with the flow execution response.
2356
- * @throws ThunderIDAPIError when the request fails or a payload is missing.
1166
+ * @param user - The user object to process
1167
+ * @returns The user object with processed username fields
2357
1168
  *
2358
1169
  * @example
2359
1170
  * ```typescript
2360
- * // Initiate recovery flow
2361
- * const response = await executeEmbeddedRecoveryFlowV2({
2362
- * baseUrl: 'https://localhost:8090',
2363
- * payload: {
2364
- * flowType: 'RECOVERY',
2365
- * applicationId: 'my-app-id',
2366
- * },
2367
- * });
1171
+ * const user = { username: "DEFAULT/john.doe", email: "john@example.com" };
1172
+ * const processedUser = processUserUsername(user);
1173
+ * console.log(processedUser.username); // "john.doe"
2368
1174
  *
2369
- * // Continue recovery flow with user input
2370
- * const nextResponse = await executeEmbeddedRecoveryFlowV2({
2371
- * baseUrl: 'https://localhost:8090',
2372
- * payload: {
2373
- * executionId: response.executionId,
2374
- * action: 'submit',
2375
- * inputs: { username: 'user@example.com' },
2376
- * challengeToken: response.challengeToken,
2377
- * },
2378
- * });
1175
+ * const camelCaseUser = { userName: "ASGARDEO_USER/jane.doe", email: "jane@example.com" };
1176
+ * const processedCamelCaseUser = processUserUsername(camelCaseUser);
1177
+ * console.log(processedCamelCaseUser.userName); // "jane.doe"
1178
+ *
1179
+ * const snakeCaseUser = { user_name: "PRIMARY/admin", email: "admin@example.com" };
1180
+ * const processedSnakeCaseUser = processUserUsername(snakeCaseUser);
1181
+ * console.log(processedSnakeCaseUser.user_name); // "admin"
2379
1182
  * ```
2380
1183
  */
2381
- const executeEmbeddedRecoveryFlowV2 = async ({ url, baseUrl, payload,...requestConfig }) => {
2382
- if (!payload) throw new ThunderIDAPIError("Recovery payload is required", "executeEmbeddedRecoveryFlow-ValidationError-002", "javascript", 400, "If a recovery payload is not provided, the request cannot be constructed correctly.");
2383
- const endpoint = url ?? `${baseUrl}/flow/execute`;
2384
- const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
2385
- const hasOnlyAppIdAndFlowType = typeof cleanPayload === "object" && cleanPayload !== null && "applicationId" in cleanPayload && "flowType" in cleanPayload && Object.keys(cleanPayload).length === 2;
2386
- const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
2387
- const requestPayload = hasOnlyAppIdAndFlowType || hasOnlyFlowId ? {
2388
- ...cleanPayload,
2389
- verbose: true
2390
- } : cleanPayload;
2391
- const response = await fetch(endpoint, {
2392
- ...requestConfig,
2393
- body: JSON.stringify(requestPayload),
2394
- headers: {
2395
- Accept: "application/json",
2396
- "Content-Type": "application/json",
2397
- ...requestConfig.headers
2398
- },
2399
- method: requestConfig.method || "POST"
2400
- });
2401
- if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedRecoveryFlow-ResponseError-001", "javascript", response.status, response.statusText, "Recovery request failed");
2402
- return await response.json();
1184
+ const processUsername = (user) => {
1185
+ if (!user) return user;
1186
+ const processedUser = { ...user };
1187
+ if (processedUser.username) processedUser.username = removeUserstorePrefix(processedUser.username);
1188
+ if (processedUser.userName) processedUser.userName = removeUserstorePrefix(processedUser.userName);
1189
+ if (processedUser.user_name) processedUser.user_name = removeUserstorePrefix(processedUser.user_name);
1190
+ return processedUser;
2403
1191
  };
2404
- var executeEmbeddedRecoveryFlowV2_default = executeEmbeddedRecoveryFlowV2;
1192
+ var processUsername_default = processUsername;
2405
1193
 
2406
1194
  //#endregion
2407
- //#region src/api/v2/executeEmbeddedUserOnboardingFlowV2.ts
1195
+ //#region src/api/getScim2Me.ts
2408
1196
  /**
2409
- * Executes an embedded user onboarding flow by sending a request to the flow execution endpoint.
2410
- *
2411
- * This function handles both:
2412
- * - Admin flow: Initiates onboarding, collects user details, generates invite link
2413
- * - End-user flow: Validates invite token and allows password setting
2414
- *
2415
- * @param requestConfig - Request configuration object containing URL, payload, and optional auth token.
2416
- * @returns A promise that resolves with the flow execution response.
2417
- * @throws ThunderIDAPIError when the request fails or URL is invalid.
1197
+ * Retrieves the user profile information from the specified SCIM2 /Me endpoint.
2418
1198
  *
1199
+ * @param config - Request configuration object.
1200
+ * @returns A promise that resolves with the user profile information.
2419
1201
  * @example
2420
1202
  * ```typescript
2421
- * // Admin initiating user onboarding (requires auth token)
2422
- * const response = await executeEmbeddedUserOnboardingFlowV2({
2423
- * baseUrl: "https://api.thunder.io",
2424
- * payload: {
2425
- * flowType: "USER_ONBOARDING"
2426
- * },
2427
- * headers: {
2428
- * Authorization: `Bearer ${accessToken}`
1203
+ * // Using default fetch
1204
+ * try {
1205
+ * const userProfile = await getScim2Me({
1206
+ * url: "https://localhost:8090/scim2/Me",
1207
+ * });
1208
+ * console.log(userProfile);
1209
+ * } catch (error) {
1210
+ * if (error instanceof ThunderIDAPIError) {
1211
+ * console.error('Failed to get user profile:', error.message);
2429
1212
  * }
2430
- * });
1213
+ * }
1214
+ * ```
2431
1215
  *
2432
- * // End-user accepting invite (no auth required)
2433
- * const response = await executeEmbeddedUserOnboardingFlowV2({
2434
- * baseUrl: "https://api.thunder.io",
2435
- * payload: {
2436
- * executionId: "flow-id-from-url",
2437
- * inputs: { inviteToken: "token-from-url" }
1216
+ * @example
1217
+ * ```typescript
1218
+ * // Using custom fetcher (e.g., axios-based httpClient)
1219
+ * try {
1220
+ * const userProfile = await getScim2Me({
1221
+ * url: "https://localhost:8090/scim2/Me",
1222
+ * fetcher: async (url, config) => {
1223
+ * const response = await httpClient({
1224
+ * url,
1225
+ * method: config.method,
1226
+ * headers: config.headers,
1227
+ * ...config
1228
+ * });
1229
+ * // Convert axios-like response to fetch-like Response
1230
+ * return {
1231
+ * ok: response.status >= 200 && response.status < 300,
1232
+ * status: response.status,
1233
+ * statusText: response.statusText,
1234
+ * json: () => Promise.resolve(response.data),
1235
+ * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
1236
+ * } as Response;
1237
+ * }
1238
+ * });
1239
+ * console.log(userProfile);
1240
+ * } catch (error) {
1241
+ * if (error instanceof ThunderIDAPIError) {
1242
+ * console.error('Failed to get user profile:', error.message);
2438
1243
  * }
2439
- * });
1244
+ * }
2440
1245
  * ```
2441
1246
  */
2442
- const executeEmbeddedUserOnboardingFlowV2 = async ({ url, baseUrl, payload,...requestConfig }) => {
2443
- if (!payload) throw new ThunderIDAPIError("User onboarding payload is required", "executeEmbeddedUserOnboardingFlow-ValidationError-002", "javascript", 400, "If a user onboarding payload is not provided, the request cannot be constructed correctly.");
2444
- const endpoint = url ?? `${baseUrl}/flow/execute`;
2445
- const cleanPayload = typeof payload === "object" && payload !== null ? Object.fromEntries(Object.entries(payload).filter(([key]) => key !== "verbose")) : payload;
2446
- const hasOnlyFlowType = typeof cleanPayload === "object" && cleanPayload !== null && "flowType" in cleanPayload && Object.keys(cleanPayload).length === 1;
2447
- const hasOnlyFlowId = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && Object.keys(cleanPayload).length === 1;
2448
- const hasFlowIdWithInputs = typeof cleanPayload === "object" && cleanPayload !== null && "executionId" in cleanPayload && "inputs" in cleanPayload;
2449
- const requestPayload = hasOnlyFlowType || hasOnlyFlowId || hasFlowIdWithInputs ? {
2450
- ...cleanPayload,
2451
- verbose: true
2452
- } : cleanPayload;
2453
- if ("flowType" in requestPayload && requestPayload["flowType"] !== EmbeddedFlowType.UserOnboarding) requestPayload["flowType"] = EmbeddedFlowType.UserOnboarding;
2454
- const response = await fetch(endpoint, {
1247
+ const getScim2Me = async ({ url, baseUrl, fetcher,...requestConfig }) => {
1248
+ try {
1249
+ new URL(url ?? baseUrl);
1250
+ } catch (error$1) {
1251
+ throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "getScim2Me-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
1252
+ }
1253
+ const fetchFn = fetcher || fetch;
1254
+ const resolvedUrl = url ?? `${baseUrl}/scim2/Me`;
1255
+ const requestInit = {
2455
1256
  ...requestConfig,
2456
- body: JSON.stringify(requestPayload),
2457
1257
  headers: {
2458
1258
  Accept: "application/json",
2459
- "Content-Type": "application/json",
1259
+ "Content-Type": "application/scim+json",
2460
1260
  ...requestConfig.headers
2461
1261
  },
2462
- method: requestConfig.method || "POST"
2463
- });
2464
- if (!response.ok) throw new ThunderIDAPIError(await response.text(), "executeEmbeddedUserOnboardingFlow-ResponseError-001", "javascript", response.status, response.statusText, "User onboarding request failed");
2465
- return await response.json();
1262
+ method: "GET"
1263
+ };
1264
+ try {
1265
+ const response = await fetchFn(resolvedUrl, requestInit);
1266
+ if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getScim2Me-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch user profile");
1267
+ return processUsername_default(await response.json());
1268
+ } catch (error$1) {
1269
+ if (error$1 instanceof ThunderIDAPIError) throw error$1;
1270
+ throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getScim2Me-NetworkError-001", "javascript", 0, "Network Error");
1271
+ }
2466
1272
  };
2467
- var executeEmbeddedUserOnboardingFlowV2_default = executeEmbeddedUserOnboardingFlowV2;
1273
+ var getScim2Me_default = getScim2Me;
2468
1274
 
2469
1275
  //#endregion
2470
- //#region src/api/v2/getFlowMetaV2.ts
1276
+ //#region src/api/getSchemas.ts
2471
1277
  /**
2472
- * Fetches aggregated flow metadata from the `GET /flow/meta` endpoint.
2473
- *
2474
- * The response includes:
2475
- * - Application or OU details depending on the `type` parameter
2476
- * - Resolved design configuration (theme and layout)
2477
- * - i18n translations filtered by `language` and `namespace`
2478
- * - Registration flow enablement status
2479
- *
2480
- * @param config - Request configuration including `baseUrl`/`url`, and optional
2481
- * `type`, `id`, `language`, and `namespace` filters. When `type`
2482
- * and `id` are omitted the server returns i18n-only metadata.
2483
- * @returns A promise that resolves to the {@link FlowMetadataResponse}.
2484
- *
2485
- * @throws {ThunderIDAPIError} When the server returns a non-OK response.
1278
+ * Retrieves the SCIM2 schemas from the specified endpoint.
2486
1279
  *
1280
+ * @param config - Request configuration object.
1281
+ * @returns A promise that resolves with the SCIM2 schemas information.
2487
1282
  * @example
2488
1283
  * ```typescript
2489
- * import getFlowMetaV2 from './api/v2/getFlowMetaV2';
2490
- * import { FlowMetaType } from './models/v2/flow-meta-v2';
2491
- *
2492
- * const meta = await getFlowMetaV2({
2493
- * baseUrl: 'https://localhost:8090',
2494
- * type: FlowMetaType.App,
2495
- * id: '60a9b38b-6eba-9f9e-55f9-267067de4680',
2496
- * language: 'en',
2497
- * namespace: 'auth',
2498
- * });
2499
- *
2500
- * console.log(meta.application?.name);
2501
- * console.log(meta.i18n.translations);
1284
+ * // Using default fetch
1285
+ * try {
1286
+ * const schemas = await getSchemas({
1287
+ * url: "https://localhost:8090/scim2/Schemas",
1288
+ * });
1289
+ * console.log(schemas);
1290
+ * } catch (error) {
1291
+ * if (error instanceof ThunderIDAPIError) {
1292
+ * console.error('Failed to get schemas:', error.message);
1293
+ * }
1294
+ * }
2502
1295
  * ```
2503
1296
  *
2504
- * @experimental This function targets the ThunderID V2 platform API
1297
+ * @example
1298
+ * ```typescript
1299
+ * // Using custom fetcher (e.g., axios-based httpClient)
1300
+ * try {
1301
+ * const schemas = await getSchemas({
1302
+ * url: "https://localhost:8090/scim2/Schemas",
1303
+ * fetcher: async (url, config) => {
1304
+ * const response = await httpClient({
1305
+ * url,
1306
+ * method: config.method,
1307
+ * headers: config.headers,
1308
+ * ...config
1309
+ * });
1310
+ * // Convert axios-like response to fetch-like Response
1311
+ * return {
1312
+ * ok: response.status >= 200 && response.status < 300,
1313
+ * status: response.status,
1314
+ * statusText: response.statusText,
1315
+ * json: () => Promise.resolve(response.data),
1316
+ * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
1317
+ * } as Response;
1318
+ * }
1319
+ * });
1320
+ * console.log(schemas);
1321
+ * } catch (error) {
1322
+ * if (error instanceof ThunderIDAPIError) {
1323
+ * console.error('Failed to get schemas:', error.message);
1324
+ * }
1325
+ * }
1326
+ * ```
2505
1327
  */
2506
- const getFlowMetaV2 = async ({ url, baseUrl, type, id, language, namespace,...requestConfig }) => {
2507
- const queryParams = new URLSearchParams({
2508
- ...id ? { id } : {},
2509
- ...type ? { type } : {},
2510
- ...language ? { language } : {},
2511
- ...namespace ? { namespace } : {}
2512
- });
2513
- const endpoint = `${url ?? `${baseUrl}/flow/meta`}?${queryParams.toString()}`;
2514
- const response = await fetch(endpoint, {
1328
+ const getSchemas = async ({ url, baseUrl, fetcher,...requestConfig }) => {
1329
+ try {
1330
+ new URL(url ?? baseUrl);
1331
+ } catch (error$1) {
1332
+ throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "getSchemas-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
1333
+ }
1334
+ const fetchFn = fetcher || fetch;
1335
+ const resolvedUrl = url ?? `${baseUrl}/scim2/Schemas`;
1336
+ const requestInit = {
2515
1337
  ...requestConfig,
2516
1338
  headers: {
2517
1339
  Accept: "application/json",
1340
+ "Content-Type": "application/json",
2518
1341
  ...requestConfig.headers
2519
1342
  },
2520
1343
  method: "GET"
2521
- });
2522
- if (!response.ok) throw new ThunderIDAPIError(await response.text(), "getFlowMetaV2-ResponseError-001", "javascript", response.status, response.statusText, "Flow metadata request failed");
2523
- return await response.json();
1344
+ };
1345
+ try {
1346
+ const response = await fetchFn(resolvedUrl, requestInit);
1347
+ if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "getSchemas-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch SCIM2 schemas");
1348
+ return await response.json();
1349
+ } catch (error$1) {
1350
+ if (error$1 instanceof ThunderIDAPIError) throw error$1;
1351
+ throw new ThunderIDAPIError(`Network or parsing error: ${error$1 instanceof Error ? error$1.message : "Unknown error"}`, "getSchemas-NetworkError-001", "javascript", 0, "Network Error");
1352
+ }
2524
1353
  };
2525
- var getFlowMetaV2_default = getFlowMetaV2;
1354
+ var getSchemas_default = getSchemas;
2526
1355
 
2527
1356
  //#endregion
2528
- //#region src/api/v2/getOrganizationUnitChildren.ts
1357
+ //#region src/api/updateMeProfile.ts
2529
1358
  /**
2530
- * Retrieves the child organization units of a given parent OU.
2531
- *
2532
- * @param config - Request configuration including `baseUrl`/`url`, `organizationUnitId`,
2533
- * and optional `limit`/`offset` pagination parameters.
2534
- * @returns A promise that resolves with the paginated list of child organization units.
2535
- *
2536
- * @throws {ThunderIDAPIError} When the server returns a non-OK response.
1359
+ * Updates the user profile information at the specified SCIM2 Me endpoint.
2537
1360
  *
1361
+ * @param config - Configuration object with URL, payload and optional request config.
1362
+ * @returns A promise that resolves with the updated user profile information.
2538
1363
  * @example
2539
1364
  * ```typescript
2540
- * const children = await getOrganizationUnitChildren({
2541
- * baseUrl: 'https://localhost:8090',
2542
- * organizationUnitId: '0d5e071b-d3d3-475d-b3c6-1a20ee2fa9b1',
2543
- * limit: 10,
2544
- * offset: 0,
1365
+ * // Using default fetch
1366
+ * await updateMeProfile({
1367
+ * url: "https://localhost:8090/scim2/Me",
1368
+ * payload: { "urn:scim:wso2:schema": { mobileNumbers: ["0777933830"] } }
2545
1369
  * });
2546
- * console.log(children.organizationUnits);
2547
1370
  * ```
2548
1371
  *
2549
- * @experimental This function targets the ThunderID V2 platform API
1372
+ * @example
1373
+ * ```typescript
1374
+ * // Using custom fetcher (e.g., axios-based httpClient)
1375
+ * await updateMeProfile({
1376
+ * url: "https://localhost:8090/scim2/Me",
1377
+ * payload: { "urn:scim:wso2:schema": { mobileNumbers: ["0777933830"] } },
1378
+ * fetcher: async (url, config) => {
1379
+ * const response = await httpClient({
1380
+ * url,
1381
+ * method: config.method,
1382
+ * headers: config.headers,
1383
+ * data: config.body,
1384
+ * ...config
1385
+ * });
1386
+ * // Convert axios-like response to fetch-like Response
1387
+ * return {
1388
+ * ok: response.status >= 200 && response.status < 300,
1389
+ * status: response.status,
1390
+ * statusText: response.statusText,
1391
+ * json: () => Promise.resolve(response.data),
1392
+ * text: () => Promise.resolve(typeof response.data === 'string' ? response.data : JSON.stringify(response.data))
1393
+ * } as Response;
1394
+ * }
1395
+ * });
1396
+ * ```
2550
1397
  */
2551
- const getOrganizationUnitChildren = async ({ url, baseUrl, organizationUnitId, limit = 10, offset = 0,...requestConfig }) => {
2552
- if (!organizationUnitId) throw new ThunderIDAPIError("Organization Unit ID is required", "getOrganizationUnitChildren-ValidationError-001", "javascript", 400, "If an organization unit ID is not provided, the request cannot be constructed correctly.");
2553
- const queryParams = new URLSearchParams({
2554
- limit: String(limit),
2555
- offset: String(offset)
2556
- });
2557
- const endpoint = url ?? `${baseUrl}/organization-units/${organizationUnitId}/ous?${queryParams.toString()}`;
2558
- const response = await fetch(endpoint, {
1398
+ const updateMeProfile = async ({ url, baseUrl, payload, fetcher,...requestConfig }) => {
1399
+ try {
1400
+ new URL(url ?? baseUrl);
1401
+ } catch (error$1) {
1402
+ throw new ThunderIDAPIError(`Invalid URL provided. ${error$1?.toString()}`, "updateMeProfile-ValidationError-001", "javascript", 400, "The provided `url` or `baseUrl` path does not adhere to the URL schema.");
1403
+ }
1404
+ const data = {
1405
+ Operations: [{
1406
+ op: "replace",
1407
+ value: payload
1408
+ }],
1409
+ schemas: ["urn:ietf:params:scim:api:messages:2.0:PatchOp"]
1410
+ };
1411
+ const fetchFn = fetcher || fetch;
1412
+ const resolvedUrl = url ?? `${baseUrl}/scim2/Me`;
1413
+ const requestInit = {
1414
+ method: "PATCH",
2559
1415
  ...requestConfig,
1416
+ body: JSON.stringify(data),
2560
1417
  headers: {
1418
+ ...requestConfig.headers,
2561
1419
  Accept: "application/json",
2562
- ...requestConfig.headers
2563
- },
2564
- method: "GET"
2565
- });
2566
- if (!response.ok) throw new ThunderIDAPIError(await response.text(), "getOrganizationUnitChildren-ResponseError-001", "javascript", response.status, response.statusText, "Failed to fetch organization unit children");
2567
- return await response.json();
1420
+ "Content-Type": "application/scim+json"
1421
+ }
1422
+ };
1423
+ try {
1424
+ const response = await fetchFn(resolvedUrl, requestInit);
1425
+ if (!response?.ok) throw new ThunderIDAPIError(await response.text(), "updateMeProfile-ResponseError-001", "javascript", response.status, response.statusText, "Failed to update user profile");
1426
+ return processUsername_default(await response.json());
1427
+ } catch (error$1) {
1428
+ if (error$1 instanceof ThunderIDAPIError) throw error$1;
1429
+ throw new ThunderIDAPIError(error$1?.response?.data?.detail || "An error occurred while updating the user profile. Please try again.", "updateMeProfile-NetworkError-001", "javascript", error$1?.data?.status, "Network Error");
1430
+ }
2568
1431
  };
2569
- var getOrganizationUnitChildren_default = getOrganizationUnitChildren;
1432
+ var updateMeProfile_default = updateMeProfile;
2570
1433
 
2571
1434
  //#endregion
2572
1435
  //#region src/constants/ApplicationNativeAuthenticationConstants.ts
@@ -2708,198 +1571,52 @@ const VendorConstants = { VENDOR_PREFIX: "thunderid" };
2708
1571
  var VendorConstants_default = VendorConstants;
2709
1572
 
2710
1573
  //#endregion
2711
- //#region src/models/embedded-signin-flow.ts
2712
- let EmbeddedSignInFlowStatus = /* @__PURE__ */ function(EmbeddedSignInFlowStatus$2) {
2713
- EmbeddedSignInFlowStatus$2["FailCompleted"] = "FAIL_COMPLETED";
2714
- EmbeddedSignInFlowStatus$2["FailIncomplete"] = "FAIL_INCOMPLETE";
2715
- EmbeddedSignInFlowStatus$2["Incomplete"] = "INCOMPLETE";
2716
- EmbeddedSignInFlowStatus$2["SuccessCompleted"] = "SUCCESS_COMPLETED";
2717
- return EmbeddedSignInFlowStatus$2;
2718
- }({});
2719
- let EmbeddedSignInFlowType = /* @__PURE__ */ function(EmbeddedSignInFlowType$2) {
2720
- EmbeddedSignInFlowType$2["Authentication"] = "AUTHENTICATION";
2721
- return EmbeddedSignInFlowType$2;
2722
- }({});
2723
- let EmbeddedSignInFlowStepType = /* @__PURE__ */ function(EmbeddedSignInFlowStepType$1) {
2724
- EmbeddedSignInFlowStepType$1["AuthenticatorPrompt"] = "AUTHENTICATOR_PROMPT";
2725
- EmbeddedSignInFlowStepType$1["MultiOptionsPrompt"] = "MULTI_OPTIONS_PROMPT";
2726
- return EmbeddedSignInFlowStepType$1;
2727
- }({});
2728
- let EmbeddedSignInFlowAuthenticatorParamType = /* @__PURE__ */ function(EmbeddedSignInFlowAuthenticatorParamType$1) {
2729
- EmbeddedSignInFlowAuthenticatorParamType$1["Integer"] = "INTEGER";
2730
- EmbeddedSignInFlowAuthenticatorParamType$1["MultiValued"] = "MULTI_VALUED";
2731
- EmbeddedSignInFlowAuthenticatorParamType$1["String"] = "STRING";
2732
- return EmbeddedSignInFlowAuthenticatorParamType$1;
2733
- }({});
2734
- let EmbeddedSignInFlowAuthenticatorExtendedParamType = /* @__PURE__ */ function(EmbeddedSignInFlowAuthenticatorExtendedParamType$1) {
2735
- EmbeddedSignInFlowAuthenticatorExtendedParamType$1["Otp"] = "OTPCode";
2736
- return EmbeddedSignInFlowAuthenticatorExtendedParamType$1;
2737
- }({});
2738
- let EmbeddedSignInFlowAuthenticatorKnownIdPType = /* @__PURE__ */ function(EmbeddedSignInFlowAuthenticatorKnownIdPType$1) {
2739
- EmbeddedSignInFlowAuthenticatorKnownIdPType$1["Local"] = "LOCAL";
2740
- return EmbeddedSignInFlowAuthenticatorKnownIdPType$1;
2741
- }({});
2742
- let EmbeddedSignInFlowAuthenticatorPromptType = /* @__PURE__ */ function(EmbeddedSignInFlowAuthenticatorPromptType$1) {
2743
- /**
2744
- * Prompt for internal system use, such as API keys or tokens.
2745
- */
2746
- EmbeddedSignInFlowAuthenticatorPromptType$1["InternalPrompt"] = "INTERNAL_PROMPT";
2747
- /**
2748
- * Prompt for redirection to another page or service.
2749
- */
2750
- EmbeddedSignInFlowAuthenticatorPromptType$1["RedirectionPrompt"] = "REDIRECTION_PROMPT";
2751
- /**
2752
- * Prompt for user input, typically for username/password or similar credentials.
2753
- */
2754
- EmbeddedSignInFlowAuthenticatorPromptType$1["UserPrompt"] = "USER_PROMPT";
2755
- return EmbeddedSignInFlowAuthenticatorPromptType$1;
2756
- }({});
2757
-
2758
- //#endregion
2759
- //#region src/models/v2/embedded-flow-v2.ts
1574
+ //#region src/errors/ThunderIDRuntimeError.ts
2760
1575
  /**
2761
- * Component types supported by the ThunderID embedded flow API.
2762
- *
2763
- * These types define the different UI components that can be rendered
2764
- * as part of the embedded authentication flows. Each type corresponds
2765
- * to a specific UI element with its own behavior and properties.
1576
+ * Base class for all runtime errors in ThunderID. This class extends ThunderIDError
1577
+ * and adds support for additional error details. Use this class for errors that occur
1578
+ * during runtime execution that are not related to API calls.
2766
1579
  *
2767
1580
  * @example
2768
1581
  * ```typescript
2769
- * // Check component type to render appropriate UI
2770
- * if (component.type === EmbeddedFlowComponentType.TextInput) {
2771
- * // Render text input field
2772
- * } else if (component.type === EmbeddedFlowComponentType.Action) {
2773
- * // Render button/action
2774
- * }
1582
+ * throw new ThunderIDRuntimeError(
1583
+ * "Failed to parse configuration",
1584
+ * "CONFIG_PARSE_ERROR",
1585
+ * { invalidField: "redirectUri" }
1586
+ * );
2775
1587
  * ```
2776
- *
2777
- * @experimental This API may change in future versions
2778
1588
  */
2779
- let EmbeddedFlowComponentType$1 = /* @__PURE__ */ function(EmbeddedFlowComponentType$2) {
2780
- /** Interactive action component (buttons, links) for user interactions */
2781
- EmbeddedFlowComponentType$2["Action"] = "ACTION";
2782
- /** Container block component that groups other components */
2783
- EmbeddedFlowComponentType$2["Block"] = "BLOCK";
2784
- /** Consent component for displaying consent purposes and attributes */
2785
- EmbeddedFlowComponentType$2["Consent"] = "CONSENT";
2786
- /** Copyable text display component that shows text with a copy-to-clipboard action */
2787
- EmbeddedFlowComponentType$2["CopyableText"] = "COPYABLE_TEXT";
2788
- /** Divider component for visual separation of content */
2789
- EmbeddedFlowComponentType$2["Divider"] = "DIVIDER";
2790
- /** Email input field with validation for email addresses. */
2791
- EmbeddedFlowComponentType$2["EmailInput"] = "EMAIL_INPUT";
2792
- /** Icon display component for rendering named vector icons */
2793
- EmbeddedFlowComponentType$2["Icon"] = "ICON";
2794
- /** Image display component for logos and illustrations */
2795
- EmbeddedFlowComponentType$2["Image"] = "IMAGE";
2796
- /** One-time password input field for multi-factor authentication */
2797
- EmbeddedFlowComponentType$2["OtpInput"] = "OTP_INPUT";
2798
- /** Organization unit tree picker for selecting an OU */
2799
- EmbeddedFlowComponentType$2["OuSelect"] = "OU_SELECT";
2800
- /** Password input field with masking for sensitive data */
2801
- EmbeddedFlowComponentType$2["PasswordInput"] = "PASSWORD_INPUT";
2802
- /** Phone number input field with country code support */
2803
- EmbeddedFlowComponentType$2["PhoneInput"] = "PHONE_INPUT";
2804
- /** Rich text display component that renders formatted HTML content */
2805
- EmbeddedFlowComponentType$2["RichText"] = "RICH_TEXT";
2806
- /** Select/dropdown input component for single choice selection */
2807
- EmbeddedFlowComponentType$2["Select"] = "SELECT";
2808
- /** Stack layout component for arranging children in a row or column */
2809
- EmbeddedFlowComponentType$2["Stack"] = "STACK";
2810
- /** Text display component for labels, headings, and messages */
2811
- EmbeddedFlowComponentType$2["Text"] = "TEXT";
2812
- /** Standard text input field for user data entry */
2813
- EmbeddedFlowComponentType$2["TextInput"] = "TEXT_INPUT";
2814
- /** Timer component for displaying a countdown */
2815
- EmbeddedFlowComponentType$2["Timer"] = "TIMER";
2816
- /** QR code display component for wallet-based flows (e.g. OpenID4VP) */
2817
- EmbeddedFlowComponentType$2["QrCode"] = "QR_CODE";
2818
- return EmbeddedFlowComponentType$2;
2819
- }({});
2820
- /**
2821
- * Action variant types for buttons and interactive elements.
2822
- *
2823
- * @experimental This API may change in future versions
2824
- */
2825
- let EmbeddedFlowActionVariant = /* @__PURE__ */ function(EmbeddedFlowActionVariant$1) {
2826
- /** Danger action button for destructive operations */
2827
- EmbeddedFlowActionVariant$1["Danger"] = "DANGER";
2828
- /** Info action button for informational purposes */
2829
- EmbeddedFlowActionVariant$1["Info"] = "INFO";
2830
- /** Link-styled action button */
2831
- EmbeddedFlowActionVariant$1["Link"] = "LINK";
2832
- /** Outlined action button for secondary emphasis */
2833
- EmbeddedFlowActionVariant$1["Outlined"] = "OUTLINED";
2834
- /** Primary action button with highest visual emphasis */
2835
- EmbeddedFlowActionVariant$1["Primary"] = "PRIMARY";
2836
- /** Secondary action button with moderate visual emphasis */
2837
- EmbeddedFlowActionVariant$1["Secondary"] = "SECONDARY";
2838
- /** Success action button for positive confirmations */
2839
- EmbeddedFlowActionVariant$1["Success"] = "SUCCESS";
2840
- /** Tertiary action button with minimal visual emphasis */
2841
- EmbeddedFlowActionVariant$1["Tertiary"] = "TERTIARY";
2842
- /** Warning action button for cautionary actions */
2843
- EmbeddedFlowActionVariant$1["Warning"] = "WARNING";
2844
- return EmbeddedFlowActionVariant$1;
2845
- }({});
2846
- /**
2847
- * Text variant types for typography components.
2848
- *
2849
- * @experimental This API may change in future versions
2850
- */
2851
- let EmbeddedFlowTextVariant = /* @__PURE__ */ function(EmbeddedFlowTextVariant$1) {
2852
- /** Primary body text for main content */
2853
- EmbeddedFlowTextVariant$1["Body1"] = "BODY_1";
2854
- /** Secondary body text for supplementary content */
2855
- EmbeddedFlowTextVariant$1["Body2"] = "BODY_2";
2856
- /** Text styled for button labels */
2857
- EmbeddedFlowTextVariant$1["ButtonText"] = "BUTTON_TEXT";
2858
- /** Small caption text for annotations and descriptions */
2859
- EmbeddedFlowTextVariant$1["Caption"] = "CAPTION";
2860
- /** Largest heading level for main titles */
2861
- EmbeddedFlowTextVariant$1["Heading1"] = "HEADING_1";
2862
- /** Second level heading for major sections */
2863
- EmbeddedFlowTextVariant$1["Heading2"] = "HEADING_2";
2864
- /** Third level heading for subsections */
2865
- EmbeddedFlowTextVariant$1["Heading3"] = "HEADING_3";
2866
- /** Fourth level heading for minor sections */
2867
- EmbeddedFlowTextVariant$1["Heading4"] = "HEADING_4";
2868
- /** Fifth level heading for detailed sections */
2869
- EmbeddedFlowTextVariant$1["Heading5"] = "HEADING_5";
2870
- /** Smallest heading level for fine-grained sections */
2871
- EmbeddedFlowTextVariant$1["Heading6"] = "HEADING_6";
2872
- /** Overline text for labels and categories */
2873
- EmbeddedFlowTextVariant$1["Overline"] = "OVERLINE";
2874
- /** Primary subtitle text with larger emphasis */
2875
- EmbeddedFlowTextVariant$1["Subtitle1"] = "SUBTITLE_1";
2876
- /** Secondary subtitle text with moderate emphasis */
2877
- EmbeddedFlowTextVariant$1["Subtitle2"] = "SUBTITLE_2";
2878
- return EmbeddedFlowTextVariant$1;
2879
- }({});
2880
- /**
2881
- * Event types for action components.
2882
- *
2883
- * @experimental This API may change in future versions
2884
- */
2885
- let EmbeddedFlowEventType = /* @__PURE__ */ function(EmbeddedFlowEventType$1) {
2886
- /** Navigate back to the previous step */
2887
- EmbeddedFlowEventType$1["Back"] = "BACK";
2888
- /** Cancel the current operation */
2889
- EmbeddedFlowEventType$1["Cancel"] = "CANCEL";
2890
- /** Navigate to a different flow step or page */
2891
- EmbeddedFlowEventType$1["Navigate"] = "NAVIGATE";
2892
- /** Reset form fields to initial state */
2893
- EmbeddedFlowEventType$1["Reset"] = "RESET";
2894
- /** Submit form data to the server */
2895
- EmbeddedFlowEventType$1["Submit"] = "SUBMIT";
2896
- /** Trigger an action or event */
2897
- EmbeddedFlowEventType$1["Trigger"] = "TRIGGER";
2898
- return EmbeddedFlowEventType$1;
2899
- }({});
1589
+ var ThunderIDRuntimeError = class extends ThunderIDError {
1590
+ /**
1591
+ * Creates an instance of ThunderIDRuntimeError.
1592
+ *
1593
+ * @param message - Human-readable description of the error
1594
+ * @param code - A unique error code that identifies the error type
1595
+ * @param details - Additional details about the error that might be helpful for debugging
1596
+ * @param origin - Optional. The SDK origin (e.g. 'react', 'vue'). Defaults to generic 'ThunderID'
1597
+ * @constructor
1598
+ */
1599
+ constructor(message, code, origin, details) {
1600
+ super(message, code, origin);
1601
+ this.details = details;
1602
+ Object.defineProperty(this, "name", {
1603
+ configurable: true,
1604
+ value: "ThunderIDRuntimeError",
1605
+ writable: true
1606
+ });
1607
+ }
1608
+ /**
1609
+ * Returns a string representation of the runtime error
1610
+ * @returns Formatted error string with name, code, details, and message
1611
+ */
1612
+ toString() {
1613
+ const details = this.details ? `\nDetails: ${JSON.stringify(this.details, null, 2)}` : "";
1614
+ return `[${this.name}] (code="${this.code}")${details}\nMessage: ${this.message}`;
1615
+ }
1616
+ };
2900
1617
 
2901
1618
  //#endregion
2902
- //#region src/models/v2/embedded-recovery-flow-v2.ts
1619
+ //#region src/models/embedded-recovery-flow.ts
2903
1620
  /**
2904
1621
  * Status enumeration for the embedded recovery flow operations.
2905
1622
  *
@@ -2940,7 +1657,7 @@ let EmbeddedRecoveryFlowType = /* @__PURE__ */ function(EmbeddedRecoveryFlowType
2940
1657
  }({});
2941
1658
 
2942
1659
  //#endregion
2943
- //#region src/models/v2/flow-meta-v2.ts
1660
+ //#region src/models/flow-meta.ts
2944
1661
  /**
2945
1662
  * Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
2946
1663
  *
@@ -3264,47 +1981,346 @@ var DefaultCrypto = class {
3264
1981
  });
3265
1982
  return true;
3266
1983
  }
3267
- };
3268
-
3269
- //#endregion
3270
- //#region src/models/agent.ts
3271
- let AgentConfig;
3272
- (function(_AgentConfig) {
3273
- _AgentConfig.DEFAULT_AUTHENTICATOR_NAME = "Username & Password";
3274
- })(AgentConfig || (AgentConfig = {}));
3275
-
3276
- //#endregion
3277
- //#region src/models/store.ts
3278
- /**
3279
- * Enum representing different types of data stores used in the application.
3280
- */
3281
- let Stores = /* @__PURE__ */ function(Stores$1) {
1984
+ };
1985
+
1986
+ //#endregion
1987
+ //#region src/models/store.ts
1988
+ /**
1989
+ * Enum representing different types of data stores used in the application.
1990
+ */
1991
+ let Stores = /* @__PURE__ */ function(Stores$1) {
1992
+ /**
1993
+ * Store for configuration data that defines the application's behavior and settings.
1994
+ */
1995
+ Stores$1["ConfigData"] = "config_data";
1996
+ /**
1997
+ * Store for OpenID Connect provider metadata, including endpoints and configuration.
1998
+ */
1999
+ Stores$1["OIDCProviderMetaData"] = "oidc_provider_meta_data";
2000
+ /**
2001
+ * Store for persisted data that needs to be retained across sessions and application restarts.
2002
+ */
2003
+ Stores$1["PersistedData"] = "persisted_data";
2004
+ /**
2005
+ * Store for user session-related data like tokens and authentication state.
2006
+ */
2007
+ Stores$1["SessionData"] = "session_data";
2008
+ /**
2009
+ * Store for temporary data that needs to persist only for a short duration.
2010
+ */
2011
+ Stores$1["TemporaryData"] = "temporary_data";
2012
+ /**
2013
+ * Store for data that leverages local storage if available, falling back to the configured storage.
2014
+ */
2015
+ Stores$1["HybridData"] = "hybrid_data";
2016
+ return Stores$1;
2017
+ }({});
2018
+
2019
+ //#endregion
2020
+ //#region src/utils/logger.ts
2021
+ const PREFIX = "⚡ ThunderID";
2022
+ /**
2023
+ * Default logger configuration
2024
+ */
2025
+ const DEFAULT_CONFIG$1 = {
2026
+ level: "info",
2027
+ prefix: `${PREFIX}`,
2028
+ showLevel: true,
2029
+ timestamps: true
2030
+ };
2031
+ /**
2032
+ * Environment detection utilities
2033
+ */
2034
+ const isBrowser = () => typeof window !== "undefined" && typeof window.document !== "undefined";
2035
+ const isNode = () => typeof process !== "undefined" && process.versions && process.versions.node;
2036
+ /**
2037
+ * Color codes for terminal output (Node.js)
2038
+ */
2039
+ const COLORS = {
2040
+ blue: "\x1B[34m",
2041
+ bright: "\x1B[1m",
2042
+ cyan: "\x1B[36m",
2043
+ dim: "\x1B[2m",
2044
+ gray: "\x1B[90m",
2045
+ green: "\x1B[32m",
2046
+ magenta: "\x1B[35m",
2047
+ red: "\x1B[31m",
2048
+ reset: "\x1B[0m",
2049
+ white: "\x1B[37m",
2050
+ yellow: "\x1B[33m"
2051
+ };
2052
+ /**
2053
+ * Browser console styling
2054
+ */
2055
+ const BROWSER_STYLES = {
2056
+ debug: "color: #6b7280; font-weight: normal;",
2057
+ error: "color: #dc2626; font-weight: bold;",
2058
+ info: "color: #2563eb; font-weight: bold;",
2059
+ prefix: "color: #7c3aed; font-weight: bold;",
2060
+ timestamp: "color: #6b7280; font-size: 0.9em;",
2061
+ warn: "color: #d97706; font-weight: bold;"
2062
+ };
2063
+ const LOG_LEVEL_ORDER = {
2064
+ debug: 0,
2065
+ error: 3,
2066
+ info: 1,
2067
+ warn: 2
2068
+ };
2069
+ /**
2070
+ * Universal logger class that works in both browser and Node.js environments
2071
+ */
2072
+ var Logger = class Logger {
2073
+ config;
2074
+ constructor(config = {}) {
2075
+ this.config = {
2076
+ ...DEFAULT_CONFIG$1,
2077
+ ...config
2078
+ };
2079
+ }
2080
+ /**
2081
+ * Update logger configuration
2082
+ */
2083
+ configure(config) {
2084
+ this.config = {
2085
+ ...this.config,
2086
+ ...config
2087
+ };
2088
+ }
2089
+ /**
2090
+ * Get current configuration
2091
+ */
2092
+ getConfig() {
2093
+ return { ...this.config };
2094
+ }
2095
+ /**
2096
+ * Check if a log level should be output
2097
+ */
2098
+ shouldLog(level) {
2099
+ return LOG_LEVEL_ORDER[level] >= LOG_LEVEL_ORDER[this.config.level];
2100
+ }
2101
+ /**
2102
+ * Get timestamp string
2103
+ */
2104
+ static getTimestamp() {
2105
+ return (/* @__PURE__ */ new Date()).toISOString();
2106
+ }
2107
+ /**
2108
+ * Get log level string
2109
+ */
2110
+ static getLevelString(level) {
2111
+ switch (level) {
2112
+ case "debug": return "DEBUG";
2113
+ case "info": return "INFO";
2114
+ case "warn": return "WARN";
2115
+ case "error": return "ERROR";
2116
+ default: return "UNKNOWN";
2117
+ }
2118
+ }
2119
+ /**
2120
+ * Format message for Node.js terminal
2121
+ */
2122
+ formatForNode(level, message) {
2123
+ const parts = [];
2124
+ if (this.config.timestamps) parts.push(`${COLORS.gray}[${Logger.getTimestamp()}]${COLORS.reset}`);
2125
+ if (this.config.prefix) parts.push(`${COLORS.magenta}${this.config.prefix}${COLORS.reset}`);
2126
+ if (this.config.showLevel) {
2127
+ const levelStr = Logger.getLevelString(level);
2128
+ let coloredLevel;
2129
+ switch (level) {
2130
+ case "debug":
2131
+ coloredLevel = `${COLORS.gray}[${levelStr}]${COLORS.reset}`;
2132
+ break;
2133
+ case "info":
2134
+ coloredLevel = `${COLORS.blue}[${levelStr}]${COLORS.reset}`;
2135
+ break;
2136
+ case "warn":
2137
+ coloredLevel = `${COLORS.yellow}[${levelStr}]${COLORS.reset}`;
2138
+ break;
2139
+ case "error":
2140
+ coloredLevel = `${COLORS.red}[${levelStr}]${COLORS.reset}`;
2141
+ break;
2142
+ default: coloredLevel = `[${levelStr}]`;
2143
+ }
2144
+ parts.push(coloredLevel);
2145
+ }
2146
+ parts.push(message);
2147
+ return parts.join(" ");
2148
+ }
2149
+ /**
2150
+ * Log message using appropriate method
2151
+ */
2152
+ logMessage(level, message, ...args) {
2153
+ if (!this.shouldLog(level)) return;
2154
+ if (this.config.formatter) {
2155
+ this.config.formatter(level, message, ...args);
2156
+ return;
2157
+ }
2158
+ if (isBrowser()) this.logToBrowser(level, message, ...args);
2159
+ else if (isNode()) this.logToNode(level, message, ...args);
2160
+ else console.log(message, ...args);
2161
+ }
2162
+ /**
2163
+ * Log to browser console with styling
2164
+ */
2165
+ logToBrowser(level, message, ...args) {
2166
+ const parts = [];
2167
+ const styles = [];
2168
+ if (this.config.timestamps) {
2169
+ parts.push(`%c[${Logger.getTimestamp()}]`);
2170
+ styles.push(BROWSER_STYLES.timestamp);
2171
+ }
2172
+ if (this.config.prefix) {
2173
+ parts.push(`%c${this.config.prefix}`);
2174
+ styles.push(BROWSER_STYLES.prefix);
2175
+ }
2176
+ if (this.config.showLevel) {
2177
+ const levelStr = Logger.getLevelString(level);
2178
+ parts.push(`%c[${levelStr}]`);
2179
+ switch (level) {
2180
+ case "debug":
2181
+ styles.push(BROWSER_STYLES.debug);
2182
+ break;
2183
+ case "info":
2184
+ styles.push(BROWSER_STYLES.info);
2185
+ break;
2186
+ case "warn":
2187
+ styles.push(BROWSER_STYLES.warn);
2188
+ break;
2189
+ case "error":
2190
+ styles.push(BROWSER_STYLES.error);
2191
+ break;
2192
+ default: styles.push("");
2193
+ }
2194
+ }
2195
+ parts.push(`%c${message}`);
2196
+ styles.push("color: inherit; font-weight: normal;");
2197
+ const formattedMessage = parts.join(" ");
2198
+ switch (level) {
2199
+ case "debug":
2200
+ console.debug(formattedMessage, ...styles, ...args);
2201
+ break;
2202
+ case "info":
2203
+ console.info(formattedMessage, ...styles, ...args);
2204
+ break;
2205
+ case "warn":
2206
+ console.warn(formattedMessage, ...styles, ...args);
2207
+ break;
2208
+ case "error":
2209
+ console.error(formattedMessage, ...styles, ...args);
2210
+ break;
2211
+ default: console.log(formattedMessage, ...styles, ...args);
2212
+ }
2213
+ }
2214
+ /**
2215
+ * Log to Node.js console
2216
+ */
2217
+ logToNode(level, message, ...args) {
2218
+ const formattedMessage = this.formatForNode(level, message);
2219
+ switch (level) {
2220
+ case "debug":
2221
+ console.debug(formattedMessage, ...args);
2222
+ break;
2223
+ case "info":
2224
+ console.info(formattedMessage, ...args);
2225
+ break;
2226
+ case "warn":
2227
+ console.warn(formattedMessage, ...args);
2228
+ break;
2229
+ case "error":
2230
+ console.error(formattedMessage, ...args);
2231
+ break;
2232
+ default: console.log(formattedMessage, ...args);
2233
+ }
2234
+ }
2235
+ /**
2236
+ * Log debug message
2237
+ */
2238
+ debug(message, ...args) {
2239
+ this.logMessage("debug", message, ...args);
2240
+ }
3282
2241
  /**
3283
- * Store for configuration data that defines the application's behavior and settings.
2242
+ * Log info message
3284
2243
  */
3285
- Stores$1["ConfigData"] = "config_data";
2244
+ info(message, ...args) {
2245
+ this.logMessage("info", message, ...args);
2246
+ }
3286
2247
  /**
3287
- * Store for OpenID Connect provider metadata, including endpoints and configuration.
2248
+ * Log warning message
3288
2249
  */
3289
- Stores$1["OIDCProviderMetaData"] = "oidc_provider_meta_data";
2250
+ warn(message, ...args) {
2251
+ this.logMessage("warn", message, ...args);
2252
+ }
3290
2253
  /**
3291
- * Store for persisted data that needs to be retained across sessions and application restarts.
2254
+ * Log error message
3292
2255
  */
3293
- Stores$1["PersistedData"] = "persisted_data";
2256
+ error(message, ...args) {
2257
+ this.logMessage("error", message, ...args);
2258
+ }
3294
2259
  /**
3295
- * Store for user session-related data like tokens and authentication state.
2260
+ * Create a child logger with additional prefix
3296
2261
  */
3297
- Stores$1["SessionData"] = "session_data";
2262
+ child(prefix) {
2263
+ const childPrefix = this.config.prefix ? `${this.config.prefix} - ${prefix}` : prefix;
2264
+ return new Logger({
2265
+ ...this.config,
2266
+ prefix: childPrefix
2267
+ });
2268
+ }
3298
2269
  /**
3299
- * Store for temporary data that needs to persist only for a short duration.
2270
+ * Set log level
3300
2271
  */
3301
- Stores$1["TemporaryData"] = "temporary_data";
2272
+ setLevel(level) {
2273
+ this.config.level = level;
2274
+ }
3302
2275
  /**
3303
- * Store for data that leverages local storage if available, falling back to the configured storage.
2276
+ * Get current log level
3304
2277
  */
3305
- Stores$1["HybridData"] = "hybrid_data";
3306
- return Stores$1;
3307
- }({});
2278
+ getLevel() {
2279
+ return this.config.level;
2280
+ }
2281
+ };
2282
+ /**
2283
+ * Default logger instance
2284
+ */
2285
+ const logger = new Logger();
2286
+ /**
2287
+ * Create a new logger instance with custom configuration
2288
+ */
2289
+ const createLogger = (config) => new Logger(config);
2290
+ /**
2291
+ * Default export - global logger instance
2292
+ */
2293
+ var logger_default = logger;
2294
+ /**
2295
+ * Named exports for convenience
2296
+ */
2297
+ const debug = (message, ...args) => logger.debug(message, ...args);
2298
+ const info = (message, ...args) => logger.info(message, ...args);
2299
+ const warn = (message, ...args) => logger.warn(message, ...args);
2300
+ const error = (message, ...args) => logger.error(message, ...args);
2301
+ /**
2302
+ * Configure the default logger
2303
+ */
2304
+ const configure = (config) => logger.configure(config);
2305
+ /**
2306
+ * Create component-specific loggers
2307
+ */
2308
+ const createComponentLogger = (component) => logger.child(component);
2309
+ /**
2310
+ * Create package-specific logger
2311
+ */
2312
+ const createPackageLogger = (packageName) => createLogger({
2313
+ level: "info",
2314
+ prefix: `${PREFIX} - ${packageName}`,
2315
+ showLevel: true,
2316
+ timestamps: true
2317
+ });
2318
+ /**
2319
+ * Create package component logger (package + component)
2320
+ */
2321
+ const createPackageComponentLogger = (packageName, component) => {
2322
+ return createPackageLogger(packageName).child(component);
2323
+ };
3308
2324
 
3309
2325
  //#endregion
3310
2326
  //#region src/StorageManager.ts
@@ -4244,22 +3260,10 @@ var ThunderIDJavaScriptClient = class {
4244
3260
  signInSilently(_options) {
4245
3261
  throw new Error("Method not implemented.");
4246
3262
  }
4247
- signUp(_optionsOrPayload) {
3263
+ signUp(_options) {
4248
3264
  throw new Error("Method not implemented.");
4249
3265
  }
4250
- recover(_payload) {
4251
- throw new Error("Method not implemented.");
4252
- }
4253
- switchOrganization(_organization, _sessionId) {
4254
- throw new Error("Method not implemented.");
4255
- }
4256
- getCurrentOrganization(_sessionId) {
4257
- throw new Error("Method not implemented.");
4258
- }
4259
- getAllOrganizations(_options, _sessionId) {
4260
- throw new Error("Method not implemented.");
4261
- }
4262
- getMyOrganizations(_options, _sessionId) {
3266
+ recover() {
4263
3267
  throw new Error("Method not implemented.");
4264
3268
  }
4265
3269
  getUserProfile(_options) {
@@ -4617,40 +3621,11 @@ var ThunderIDJavaScriptClient = class {
4617
3621
  const error$1 = Boolean(url.searchParams.get("error"));
4618
3622
  return stateParam ? stateParam === OIDCRequestConstants_default.Params.SIGN_OUT_SUCCESS && error$1 : false;
4619
3623
  }
4620
- async getAgentToken(agentConfig) {
4621
- const authorizeURL = new URL(await this.getSignInUrl({ response_mode: "direct" }));
4622
- const authorizeResponse = await initializeEmbeddedSignInFlow_default({
4623
- payload: Object.fromEntries(authorizeURL.searchParams.entries()),
4624
- url: `${authorizeURL.origin}${authorizeURL.pathname}`
4625
- });
4626
- const authenticatorName = agentConfig.authenticatorName ?? AgentConfig.DEFAULT_AUTHENTICATOR_NAME;
4627
- const targetAuthenticator = authorizeResponse.nextStep.authenticators.find((auth) => auth.authenticator === authenticatorName);
4628
- if (!targetAuthenticator) throw new Error(`Authenticator '${authenticatorName}' not found among authentication steps.`);
4629
- const authnResponse = await executeEmbeddedSignInFlow_default({
4630
- baseUrl: this.baseURL,
4631
- payload: {
4632
- flowId: authorizeResponse.flowId,
4633
- selectedAuthenticator: {
4634
- authenticatorId: targetAuthenticator.authenticatorId,
4635
- params: {
4636
- password: agentConfig.agentSecret,
4637
- username: agentConfig.agentID
4638
- }
4639
- }
4640
- }
4641
- });
4642
- if (authnResponse.flowStatus !== EmbeddedSignInFlowStatus.SuccessCompleted) throw new Error("Agent authentication failed.");
4643
- return this.requestAccessToken(authnResponse.authData["code"], authnResponse.authData["session_state"], authnResponse.authData["state"]);
4644
- }
4645
3624
  async getOBOSignInURL(agentConfig) {
4646
3625
  const authURL = await this.getSignInUrl({ requested_actor: agentConfig.agentID });
4647
3626
  if (authURL) return authURL.toString();
4648
3627
  throw new Error("Could not build Authorize URL");
4649
3628
  }
4650
- async getOBOToken(agentConfig, authCodeResponse) {
4651
- const agentToken = await this.getAgentToken(agentConfig);
4652
- return this.requestAccessToken(authCodeResponse.code, authCodeResponse.session_state, authCodeResponse.state, void 0, { params: { actor_token: agentToken.accessToken } });
4653
- }
4654
3629
  };
4655
3630
  var ThunderIDJavaScriptClient_default = ThunderIDJavaScriptClient;
4656
3631
 
@@ -5326,48 +4301,36 @@ const formatDate = (dateString) => {
5326
4301
  var formatDate_default = formatDate;
5327
4302
 
5328
4303
  //#endregion
5329
- //#region src/utils/deriveOrganizationHandleFromBaseUrl.ts
4304
+ //#region src/utils/isRecognizedBaseUrlPattern.ts
5330
4305
  /**
5331
- * Extracts the organization handle from a ThunderID base URL.
4306
+ * Utility to determine if sensible ThunderID fallbacks can be used based on the given base URL.
5332
4307
  *
5333
- * Parses URLs following the `/t/{orgHandle}` pattern.
4308
+ * This checks if the URL follows the standard ThunderID pattern: /t/{orgHandle}
4309
+ * Returns true if sensible fallbacks (like deriving organization handle, tenant, etc.) can be used, false otherwise.
5334
4310
  *
5335
- * @param baseUrl - The base URL of the ThunderID identity server
5336
- * @returns The extracted organization handle
5337
- * @throws {ThunderIDRuntimeError} When the URL doesn't match the expected ThunderID pattern,
5338
- * indicating a custom domain is configured and organizationHandle must be provided explicitly
4311
+ * @param baseUrl - The base URL of the ThunderID identity server (string or undefined)
4312
+ * @returns boolean - true if sensible fallbacks can be used, false otherwise
5339
4313
  *
5340
4314
  * @example
5341
- * ```typescript
5342
- * const handle = deriveOrganizationHandleFromBaseUrl('https://localhost:8090/t/dxlab');
5343
- * // Returns: 'dxlab'
5344
- *
5345
- * // Custom domain - returns empty string with a warning
5346
- * const handle2 = deriveOrganizationHandleFromBaseUrl('https://custom.example.com/auth');
5347
- * // Returns: '' and logs a warning
5348
- * ```
4315
+ * isRecognizedBaseUrlPattern('https://localhost:8090/t/dxlab'); // true
4316
+ * isRecognizedBaseUrlPattern('https://custom.example.com/auth'); // false
5349
4317
  */
5350
- const deriveOrganizationHandleFromBaseUrl = (baseUrl) => {
5351
- if (!baseUrl) throw new ThunderIDRuntimeError("Base URL is required to derive organization handle.", "javascript-deriveOrganizationHandleFromBaseUrl-ValidationError-001", "javascript", "A valid base URL must be provided to extract the organization handle.");
4318
+ const isRecognizedBaseUrlPattern = (baseUrl) => {
4319
+ if (!baseUrl) throw new ThunderIDRuntimeError("Base URL is required to derive if the `baseUrl` is recognized.", "isRecognizedBaseUrlPattern-ValidationError-001", "javascript", "A valid base URL must be provided to derive if the `baseUrl` is recognized to use the sensible fallbacks.");
5352
4320
  let parsedUrl;
5353
4321
  try {
5354
4322
  parsedUrl = new URL(baseUrl);
5355
4323
  } catch (error$1) {
5356
- throw new ThunderIDRuntimeError(`Invalid base URL format: ${baseUrl}`, "javascript-deriveOrganizationHandleFromBaseUrl-ValidationError-002", "javascript", "The provided base URL does not conform to valid URL syntax.");
4324
+ throw new ThunderIDRuntimeError(`Invalid base URL format: ${baseUrl}`, "isRecognizedBaseUrlPattern-ValidationError-002", "javascript", "The provided base URL does not conform to valid URL syntax.");
5357
4325
  }
5358
4326
  const pathSegments = parsedUrl.pathname?.split("/")?.filter((segment) => segment?.length > 0);
5359
4327
  if (pathSegments.length < 2 || pathSegments[0] !== "t") {
5360
- logger_default.warn(new ThunderIDRuntimeError("Organization handle is required since a custom domain is configured.", "javascript-deriveOrganizationHandleFromBaseUrl-CustomDomainError-002", "javascript", "The provided base URL does not follow the expected URL pattern (/t/{orgHandle}). Please provide the organizationHandle explicitly in the configuration.").toString());
5361
- return "";
5362
- }
5363
- const organizationHandle = pathSegments[1];
5364
- if (!organizationHandle || organizationHandle.trim().length === 0) {
5365
- logger_default.warn(new ThunderIDRuntimeError("Organization handle is required since a custom domain is configured.", "javascript-deriveOrganizationHandleFromBaseUrl-CustomDomainError-003", "javascript", "The organization handle could not be extracted from the base URL. Please provide the organizationHandle explicitly in the configuration.").toString());
5366
- return "";
4328
+ logger_default.warn("[isRecognizedBaseUrlPattern] The provided base URL does not follow the expected URL pattern (/t/{orgHandle}).");
4329
+ return false;
5367
4330
  }
5368
- return organizationHandle;
4331
+ return true;
5369
4332
  };
5370
- var deriveOrganizationHandleFromBaseUrl_default = deriveOrganizationHandleFromBaseUrl;
4333
+ var isRecognizedBaseUrlPattern_default = isRecognizedBaseUrlPattern;
5371
4334
 
5372
4335
  //#endregion
5373
4336
  //#region src/utils/flattenUserSchema.ts
@@ -5717,14 +4680,14 @@ var generateFlattenedUserProfile_default = generateFlattenedUserProfile;
5717
4680
  * If the baseUrl is recognized (standard ThunderID pattern), constructs the sign-up URL.
5718
4681
  * Otherwise, returns an empty string.
5719
4682
  *
5720
- * @param baseUrl - The base URL of the ThunderID identity server (string or undefined)
4683
+ * @param config - The ThunderID client configuration
5721
4684
  * @returns The sign-up URL if baseUrl is recognized, otherwise an empty string
5722
4685
  */
5723
4686
  const getRedirectBasedSignUpUrl = (config) => {
5724
4687
  const { baseUrl } = config;
5725
4688
  if (!isRecognizedBaseUrlPattern_default(baseUrl)) return "";
5726
4689
  let signUpBaseUrl = baseUrl;
5727
- if (identifyPlatform_default(config) === Platform.ThunderID) try {
4690
+ try {
5728
4691
  const url$1 = new URL(baseUrl);
5729
4692
  if (/([a-z0-9-]+\.)*api\.thunderid\.io$/i.test(url$1.hostname)) {
5730
4693
  url$1.hostname = url$1.hostname.replace("api.", "accounts.");
@@ -5742,7 +4705,64 @@ const getRedirectBasedSignUpUrl = (config) => {
5742
4705
  var getRedirectBasedSignUpUrl_default = getRedirectBasedSignUpUrl;
5743
4706
 
5744
4707
  //#endregion
5745
- //#region src/utils/v2/isEmojiUri.ts
4708
+ //#region src/utils/isEmpty.ts
4709
+ /**
4710
+ * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
4711
+ *
4712
+ * WSO2 LLC. licenses this file to you under the Apache License,
4713
+ * Version 2.0 (the "License"); you may not use this file except
4714
+ * in compliance with the License.
4715
+ * You may obtain a copy of the License at
4716
+ *
4717
+ * http://www.apache.org/licenses/LICENSE-2.0
4718
+ *
4719
+ * Unless required by applicable law or agreed to in writing,
4720
+ * software distributed under the License is distributed on an
4721
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
4722
+ * KIND, either express or implied. See the License for the
4723
+ * specific language governing permissions and limitations
4724
+ * under the License.
4725
+ */
4726
+ /**
4727
+ * Checks if a value is considered empty.
4728
+ *
4729
+ * A value is considered empty if it is:
4730
+ * - null
4731
+ * - undefined
4732
+ * - empty string ("")
4733
+ * - string containing only whitespace characters
4734
+ * - empty array ([])
4735
+ * - empty object ({})
4736
+ *
4737
+ * @param value - The value to check
4738
+ * @returns true if the value is empty, false otherwise
4739
+ *
4740
+ * @example
4741
+ * ```typescript
4742
+ * isEmpty(null); // true
4743
+ * isEmpty(undefined); // true
4744
+ * isEmpty(""); // true
4745
+ * isEmpty(" "); // true
4746
+ * isEmpty("hello"); // false
4747
+ * isEmpty([]); // true
4748
+ * isEmpty([1, 2, 3]); // false
4749
+ * isEmpty({}); // true
4750
+ * isEmpty({ name: "John" }); // false
4751
+ * isEmpty(0); // false
4752
+ * isEmpty(false); // false
4753
+ * ```
4754
+ */
4755
+ const isEmpty = (value) => {
4756
+ if (value === null || value === void 0) return true;
4757
+ if (typeof value === "string") return value.trim() === "";
4758
+ if (Array.isArray(value)) return value.length === 0;
4759
+ if (typeof value === "object" && value.constructor === Object) return Object.keys(value).length === 0;
4760
+ return false;
4761
+ };
4762
+ var isEmpty_default = isEmpty;
4763
+
4764
+ //#endregion
4765
+ //#region src/utils/isEmojiUri.ts
5746
4766
  /**
5747
4767
  * Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
5748
4768
  *
@@ -5778,7 +4798,7 @@ const isEmojiUri = (uri) => typeof uri === "string" && uri.startsWith(EMOJI_URI_
5778
4798
  var isEmojiUri_default = isEmojiUri;
5779
4799
 
5780
4800
  //#endregion
5781
- //#region src/utils/v2/extractEmojiFromUri.ts
4801
+ //#region src/utils/extractEmojiFromUri.ts
5782
4802
  /**
5783
4803
  * Extracts the emoji character from an `emoji:` URI.
5784
4804
  *
@@ -5831,18 +4851,6 @@ var extractEmojiFromUri_default = extractEmojiFromUri;
5831
4851
  const removeTrailingSlash = (path) => path.endsWith("/") ? path.slice(0, -1) : path;
5832
4852
  var removeTrailingSlash_default = removeTrailingSlash;
5833
4853
 
5834
- //#endregion
5835
- //#region src/utils/resolveFieldType.ts
5836
- const resolveFieldType = (field) => {
5837
- if (field.type === EmbeddedSignInFlowAuthenticatorParamType.String) {
5838
- if (field.param === EmbeddedSignInFlowAuthenticatorExtendedParamType.Otp) return FieldType.Otp;
5839
- if (field?.confidential) return FieldType.Password;
5840
- return FieldType.Text;
5841
- }
5842
- throw new ThunderIDRuntimeError(`Field type is not supported: ${field.type}`, "resolveFieldType-Invalid-001", "javascript", "The provided field type is not supported. Please check the field configuration.");
5843
- };
5844
- var resolveFieldType_default = resolveFieldType;
5845
-
5846
4854
  //#endregion
5847
4855
  //#region src/utils/resolveFieldName.ts
5848
4856
  const resolveFieldName = (field) => {
@@ -5852,7 +4860,7 @@ const resolveFieldName = (field) => {
5852
4860
  var resolveFieldName_default = resolveFieldName;
5853
4861
 
5854
4862
  //#endregion
5855
- //#region src/utils/v2/resolveMeta.ts
4863
+ //#region src/utils/resolveMeta.ts
5856
4864
  /**
5857
4865
  * Resolves a dot-path expression against a FlowMetadataResponse object.
5858
4866
  *
@@ -5879,7 +4887,7 @@ function resolveMeta(path, meta) {
5879
4887
  }
5880
4888
 
5881
4889
  //#endregion
5882
- //#region src/utils/v2/parseFlowTemplateLiteral.ts
4890
+ //#region src/utils/parseFlowTemplateLiteral.ts
5883
4891
  /**
5884
4892
  * Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
5885
4893
  *
@@ -5975,7 +4983,7 @@ function parseFlowTemplateLiteral(content) {
5975
4983
  }
5976
4984
 
5977
4985
  //#endregion
5978
- //#region src/utils/v2/resolveFlowTemplateLiterals.ts
4986
+ //#region src/utils/resolveFlowTemplateLiterals.ts
5979
4987
  /**
5980
4988
  * Global version of {@link FLOW_TEMPLATE_LITERAL_REGEX} for use with `String.prototype.replace`.
5981
4989
  */
@@ -6012,7 +5020,7 @@ function resolveFlowTemplateLiterals(text, { t, meta }) {
6012
5020
  }
6013
5021
 
6014
5022
  //#endregion
6015
- //#region src/utils/v2/countryCodeToFlagEmoji.ts
5023
+ //#region src/utils/countryCodeToFlagEmoji.ts
6016
5024
  /**
6017
5025
  * Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
6018
5026
  *
@@ -6042,7 +5050,7 @@ function countryCodeToFlagEmoji(countryCode) {
6042
5050
  }
6043
5051
 
6044
5052
  //#endregion
6045
- //#region src/utils/v2/resolveLocaleDisplayName.ts
5053
+ //#region src/utils/resolveLocaleDisplayName.ts
6046
5054
  /**
6047
5055
  * Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
6048
5056
  *
@@ -6080,7 +5088,7 @@ function resolveLocaleDisplayName(locale, displayLocale) {
6080
5088
  }
6081
5089
 
6082
5090
  //#endregion
6083
- //#region src/utils/v2/resolveLocaleEmoji.ts
5091
+ //#region src/utils/resolveLocaleEmoji.ts
6084
5092
  /**
6085
5093
  * Maps BCP 47 language subtags to ISO 3166-1 alpha-2 country codes used for
6086
5094
  * flag emoji resolution when no country subtag is present in the locale.
@@ -6146,165 +5154,97 @@ function resolveLocaleEmoji(locale) {
6146
5154
  var resolveLocaleEmoji_default = resolveLocaleEmoji;
6147
5155
 
6148
5156
  //#endregion
6149
- //#region src/utils/withVendorCSSClassPrefix.ts
5157
+ //#region src/utils/evaluateValidationRule.ts
6150
5158
  /**
6151
- * Adds a vendor-specific prefix to a CSS class name.
6152
- *
6153
- * @param className - The original CSS class name to be prefixed
6154
- * @returns A new string with the vendor prefix added to the class name
6155
- *
6156
- * @example
6157
- * ```typescript
6158
- * // Usage with clsx
6159
- * clsx(withVendorCSSClassPrefix('sign-in-button'), className)
6160
- * // Result: "wso2-sign-in-button"
6161
- * ```
5159
+ * Default i18n fallback keys returned when a `ValidationRule.message` is not provided.
5160
+ * Match the server-side defaults so a flow author who omits `message` sees the same
5161
+ * string regardless of whether the rule was evaluated client-side or server-side.
6162
5162
  */
6163
- const withVendorCSSClassPrefix = (className) => `${VendorConstants_default.VENDOR_PREFIX}-${className}`;
6164
- var withVendorCSSClassPrefix_default = withVendorCSSClassPrefix;
6165
-
6166
- //#endregion
6167
- //#region src/utils/transformBrandingPreferenceToTheme.ts
6168
- const extractColorValue = (colorVariant, preferDark = false) => {
6169
- if (preferDark && colorVariant?.dark?.trim()) return colorVariant.dark;
6170
- return colorVariant?.main;
5163
+ const DEFAULT_VALIDATION_MESSAGE_KEYS = {
5164
+ regex: "validation.pattern.invalid",
5165
+ minLength: "validation.minLength.invalid",
5166
+ maxLength: "validation.maxLength.invalid"
6171
5167
  };
6172
5168
  /**
6173
- * Safely extracts contrast text color from the branding preference structure
6174
- */
6175
- const extractContrastText = (colorVariant) => colorVariant?.contrastText;
5169
+ * Evaluates a single validation rule against the given input value.
5170
+ *
5171
+ * Returns `null` when the rule passes, or the rule's `message` (or the default
5172
+ * fallback key if `message` is absent) when it fails.
5173
+ *
5174
+ * Behavior notes:
5175
+ * - **regex**: an invalid regex pattern (one that cannot be compiled) is treated as
5176
+ * **passing** on the client. This is lenient — the server is authoritative and
5177
+ * will still enforce the rule if it can compile the pattern. Failing closed in the
5178
+ * SDK risks denial-of-service for misconfigured flows.
5179
+ * - **minLength / maxLength**: compared against `value.length`. A non-numeric `value`
5180
+ * on the rule is treated as the rule passing.
5181
+ * - Unknown rule types are treated as passing (forward compatibility with future types).
5182
+ */
5183
+ const evaluateValidationRule = (rule, value) => {
5184
+ const fail = () => rule.message ?? DEFAULT_VALIDATION_MESSAGE_KEYS[rule.type];
5185
+ switch (rule.type) {
5186
+ case "regex": {
5187
+ if (typeof rule.value !== "string" || rule.value === "") return null;
5188
+ let re;
5189
+ try {
5190
+ re = new RegExp(rule.value);
5191
+ } catch {
5192
+ return null;
5193
+ }
5194
+ return re.test(value) ? null : fail();
5195
+ }
5196
+ case "minLength":
5197
+ if (typeof rule.value !== "number" || Number.isNaN(rule.value)) return null;
5198
+ return value.length >= rule.value ? null : fail();
5199
+ case "maxLength":
5200
+ if (typeof rule.value !== "number" || Number.isNaN(rule.value)) return null;
5201
+ return value.length <= rule.value ? null : fail();
5202
+ default: return null;
5203
+ }
5204
+ };
5205
+ var evaluateValidationRule_default = evaluateValidationRule;
5206
+
5207
+ //#endregion
5208
+ //#region src/utils/buildValidatorFromRules.ts
6176
5209
  /**
6177
- * Transforms a ThemeVariant from branding preference to ThemeConfig
5210
+ * Composes an array of `ValidationRule`s into a single validator function suitable for
5211
+ * `useForm`'s `FormField.validator` slot.
5212
+ *
5213
+ * The composed validator evaluates rules in declaration order and returns the **first**
5214
+ * failing rule's message — matching the SDK's render-prop shape of a single string per
5215
+ * field. When all rules pass it returns `null`.
5216
+ *
5217
+ * Returns `null` when no rules are supplied so callers can compose conditionally.
6178
5218
  */
6179
- const transformThemeVariant = (themeVariant, isDark = false) => {
6180
- const { buttons } = themeVariant;
6181
- const { colors } = themeVariant;
6182
- const { images } = themeVariant;
6183
- const { inputs } = themeVariant;
6184
- const config = {
6185
- colors: {
6186
- action: {
6187
- activatedOpacity: .12,
6188
- active: isDark ? "rgba(255, 255, 255, 0.70)" : "rgba(0, 0, 0, 0.54)",
6189
- disabled: isDark ? "rgba(255, 255, 255, 0.26)" : "rgba(0, 0, 0, 0.26)",
6190
- disabledBackground: isDark ? "rgba(255, 255, 255, 0.12)" : "rgba(0, 0, 0, 0.12)",
6191
- disabledOpacity: .38,
6192
- focus: isDark ? "rgba(255, 255, 255, 0.12)" : "rgba(0, 0, 0, 0.12)",
6193
- focusOpacity: .12,
6194
- hover: isDark ? "rgba(255, 255, 255, 0.04)" : "rgba(0, 0, 0, 0.04)",
6195
- hoverOpacity: .04,
6196
- selected: isDark ? "rgba(255, 255, 255, 0.08)" : "rgba(0, 0, 0, 0.08)",
6197
- selectedOpacity: .08
6198
- },
6199
- background: {
6200
- body: {
6201
- dark: (colors?.background?.body)?.dark || (colors?.background?.body)?.main,
6202
- main: extractColorValue(colors?.background?.body, isDark) ?? ""
6203
- },
6204
- dark: (colors?.background?.surface)?.dark || (colors?.background?.surface)?.main,
6205
- disabled: extractColorValue(colors?.background?.surface, isDark) ?? "",
6206
- surface: extractColorValue(colors?.background?.surface, isDark) ?? ""
6207
- },
6208
- border: colors?.outlined?.default ?? "",
6209
- error: {
6210
- contrastText: extractContrastText(colors?.alerts?.error) ?? "",
6211
- dark: (colors?.alerts?.error)?.dark || (colors?.alerts?.error)?.main,
6212
- main: extractColorValue(colors?.alerts?.error, isDark) ?? ""
6213
- },
6214
- info: {
6215
- contrastText: extractContrastText(colors?.alerts?.info) ?? "",
6216
- dark: (colors?.alerts?.info)?.dark || (colors?.alerts?.info)?.main,
6217
- main: extractColorValue(colors?.alerts?.info, isDark) ?? ""
6218
- },
6219
- primary: {
6220
- contrastText: extractContrastText(colors?.primary) ?? "",
6221
- dark: colors?.primary?.dark || (colors?.primary)?.main,
6222
- main: extractColorValue(colors?.primary, isDark) ?? ""
6223
- },
6224
- secondary: {
6225
- contrastText: extractContrastText(colors?.secondary) ?? "",
6226
- dark: colors?.secondary?.dark || (colors?.secondary)?.main,
6227
- main: extractColorValue(colors?.secondary, isDark) ?? ""
6228
- },
6229
- success: {
6230
- contrastText: extractContrastText(colors?.alerts?.neutral) ?? "",
6231
- dark: (colors?.alerts?.neutral)?.dark || (colors?.alerts?.neutral)?.main,
6232
- main: extractColorValue(colors?.alerts?.neutral, isDark) ?? ""
6233
- },
6234
- text: {
6235
- dark: (colors?.text)?.dark || (colors?.text)?.primary,
6236
- primary: (colors?.text)?.primary ?? "",
6237
- secondary: (colors?.text)?.secondary ?? ""
6238
- },
6239
- warning: {
6240
- contrastText: extractContrastText(colors?.alerts?.warning) ?? "",
6241
- dark: (colors?.alerts?.warning)?.dark || (colors?.alerts?.warning)?.main,
6242
- main: extractColorValue(colors?.alerts?.warning, isDark) ?? ""
6243
- }
6244
- },
6245
- images: {
6246
- favicon: images?.favicon ? {
6247
- alt: images.favicon.altText,
6248
- title: images.favicon.title,
6249
- url: images.favicon.imgURL
6250
- } : void 0,
6251
- logo: images?.logo ? {
6252
- alt: images.logo.altText,
6253
- title: images.logo.title,
6254
- url: images.logo.imgURL
6255
- } : void 0
5219
+ const buildValidatorFromRules = (rules) => {
5220
+ if (!rules || rules.length === 0) return null;
5221
+ return (value) => {
5222
+ for (const rule of rules) {
5223
+ const message = evaluateValidationRule_default(rule, value);
5224
+ if (message !== null) return message;
6256
5225
  }
5226
+ return null;
6257
5227
  };
6258
- const buttonBorderRadius = buttons?.primary?.base?.border?.borderRadius;
6259
- const fieldBorderRadius = inputs?.base?.border?.borderRadius;
6260
- if (buttonBorderRadius || fieldBorderRadius) config.components = {
6261
- ...buttonBorderRadius && { Button: { styleOverrides: { root: { borderRadius: buttonBorderRadius } } } },
6262
- ...fieldBorderRadius && { Field: { styleOverrides: { root: { borderRadius: fieldBorderRadius } } } }
6263
- };
6264
- return config;
6265
5228
  };
5229
+ var buildValidatorFromRules_default = buildValidatorFromRules;
5230
+
5231
+ //#endregion
5232
+ //#region src/utils/withVendorCSSClassPrefix.ts
6266
5233
  /**
6267
- * Transforms branding preference response to Theme object
6268
- *
6269
- * @param brandingPreference - The branding preference response from getBrandingPreference
6270
- * @param forceTheme - Optional parameter to force a specific theme ('light' or 'dark'),
6271
- * if not provided, will use the activeTheme from branding preference
6272
- * @returns Theme object that can be used with the theme system
5234
+ * Adds a vendor-specific prefix to a CSS class name.
6273
5235
  *
6274
- * The function extracts the following from branding preference:
6275
- * - Colors (primary, secondary, background, text, alerts, etc.)
6276
- * - Border radius from buttons and inputs
6277
- * - Images (logo and favicon with their URLs, titles, and alt text)
6278
- * - Typography settings
5236
+ * @param className - The original CSS class name to be prefixed
5237
+ * @returns A new string with the vendor prefix added to the class name
6279
5238
  *
6280
5239
  * @example
6281
5240
  * ```typescript
6282
- * const brandingPreference = await getBrandingPreference({ baseUrl: "..." });
6283
- * const theme = transformBrandingPreferenceToTheme(brandingPreference);
6284
- *
6285
- * // Access image URLs via CSS variables
6286
- * // Logo: var(--wso2-image-logo-url)
6287
- * // Favicon: var(--wso2-image-favicon-url)
6288
- *
6289
- * // Force light theme regardless of branding preference activeTheme
6290
- * const lightTheme = transformBrandingPreferenceToTheme(brandingPreference, 'light');
5241
+ * // Usage with clsx
5242
+ * clsx(withVendorCSSClassPrefix('sign-in-button'), className)
5243
+ * // Result: "wso2-sign-in-button"
6291
5244
  * ```
6292
5245
  */
6293
- const transformBrandingPreferenceToTheme = (brandingPreference, forceTheme) => {
6294
- const themeConfig = brandingPreference?.preference?.theme;
6295
- if (!themeConfig) return createTheme_default({}, false);
6296
- let activeThemeKey;
6297
- if (forceTheme) activeThemeKey = forceTheme.toUpperCase();
6298
- else activeThemeKey = themeConfig.activeTheme || "LIGHT";
6299
- const themeVariant = themeConfig[activeThemeKey];
6300
- if (!themeVariant) {
6301
- const fallbackVariant = themeConfig.LIGHT || themeConfig.DARK;
6302
- if (fallbackVariant) return createTheme_default(transformThemeVariant(fallbackVariant, activeThemeKey === "DARK"), activeThemeKey === "DARK");
6303
- return createTheme_default({}, activeThemeKey === "DARK");
6304
- }
6305
- return createTheme_default(transformThemeVariant(themeVariant, activeThemeKey === "DARK"), activeThemeKey === "DARK");
6306
- };
6307
- var transformBrandingPreferenceToTheme_default = transformBrandingPreferenceToTheme;
5246
+ const withVendorCSSClassPrefix = (className) => `${VendorConstants_default.VENDOR_PREFIX}-${className}`;
5247
+ var withVendorCSSClassPrefix_default = withVendorCSSClassPrefix;
6308
5248
 
6309
5249
  //#endregion
6310
5250
  //#region src/HttpClient.ts
@@ -6446,6 +5386,9 @@ const en_US = {
6446
5386
  "elements.fields.organization.select.label": "Select Organization",
6447
5387
  "elements.fields.organization.select.placeholder": "Choose an organization",
6448
5388
  "validations.required.field.error": "This field is required",
5389
+ "validation.pattern.invalid": "This value does not match the required format.",
5390
+ "validation.minLength.invalid": "This value is too short.",
5391
+ "validation.maxLength.invalid": "This value is too long.",
6449
5392
  "signin.heading": "Sign In",
6450
5393
  "signin.subheading": "Welcome back! Please sign in to continue.",
6451
5394
  "signup.heading": "Sign Up",
@@ -6556,6 +5499,9 @@ const fr_FR = {
6556
5499
  "elements.fields.organization.select.label": "Sélectionner l'organisation",
6557
5500
  "elements.fields.organization.select.placeholder": "Choisissez une organisation",
6558
5501
  "validations.required.field.error": "Ce champ est obligatoire",
5502
+ "validation.pattern.invalid": "Cette valeur ne correspond pas au format requis.",
5503
+ "validation.minLength.invalid": "Cette valeur est trop courte.",
5504
+ "validation.maxLength.invalid": "Cette valeur est trop longue.",
6559
5505
  "signin.heading": "Se connecter",
6560
5506
  "signin.subheading": "Entrez vos identifiants pour continuer.",
6561
5507
  "signup.heading": "S'inscrire",
@@ -6666,6 +5612,9 @@ const te_IN = {
6666
5612
  "elements.fields.organization.select.label": "ఆర్గనైజేషన్‌ను ఎంచుకోండి",
6667
5613
  "elements.fields.organization.select.placeholder": "సంస్థను ఎంచుకోండి",
6668
5614
  "validations.required.field.error": "ఈ ఫీల్డ్ అవసరం",
5615
+ "validation.pattern.invalid": "ఈ విలువ అవసరమైన ఆకృతికి సరిపోలడం లేదు.",
5616
+ "validation.minLength.invalid": "ఈ విలువ చాలా చిన్నది.",
5617
+ "validation.maxLength.invalid": "ఈ విలువ చాలా పెద్దది.",
6669
5618
  "signin.heading": "సైన్ ఇన్ చేయండి",
6670
5619
  "signin.subheading": "కొనసాగించడానికి మీ వివరాలు ఇవ్వండి.",
6671
5620
  "signup.heading": "సైన్ అప్ చేయండి",
@@ -6776,6 +5725,9 @@ const hi_IN = {
6776
5725
  "elements.fields.organization.select.label": "संगठन चुनें",
6777
5726
  "elements.fields.organization.select.placeholder": "एक संगठन चुनें",
6778
5727
  "validations.required.field.error": "यह फील्ड आवश्यक है",
5728
+ "validation.pattern.invalid": "यह मान आवश्यक प्रारूप से मेल नहीं खाता।",
5729
+ "validation.minLength.invalid": "यह मान बहुत छोटा है।",
5730
+ "validation.maxLength.invalid": "यह मान बहुत लंबा है।",
6779
5731
  "signin.heading": "साइन इन",
6780
5732
  "signin.subheading": "जारी रखने के लिए अपनी प्रमाणिक जानकारी दर्ज करें।",
6781
5733
  "signup.heading": "साइन अप",
@@ -6886,6 +5838,9 @@ const pt_BR = {
6886
5838
  "elements.fields.organization.select.label": "Selecionar Organização",
6887
5839
  "elements.fields.organization.select.placeholder": "Selecione uma organização",
6888
5840
  "validations.required.field.error": "Este campo é obrigatório",
5841
+ "validation.pattern.invalid": "Este valor não corresponde ao formato necessário.",
5842
+ "validation.minLength.invalid": "Este valor é muito curto.",
5843
+ "validation.maxLength.invalid": "Este valor é muito longo.",
6889
5844
  "signin.heading": "Entrar",
6890
5845
  "signin.subheading": "Digite suas credencias para continuar.",
6891
5846
  "signup.heading": "Cadastra-se",
@@ -6996,6 +5951,9 @@ const pt_PT = {
6996
5951
  "elements.fields.organization.select.label": "Selecionar Organização",
6997
5952
  "elements.fields.organization.select.placeholder": "Selecione uma organização",
6998
5953
  "validations.required.field.error": "Este campo é obrigatório",
5954
+ "validation.pattern.invalid": "Este valor não corresponde ao formato necessário.",
5955
+ "validation.minLength.invalid": "Este valor é demasiado curto.",
5956
+ "validation.maxLength.invalid": "Este valor é demasiado longo.",
6999
5957
  "signin.heading": "Iniciar Sessão",
7000
5958
  "signin.subheading": "Introduza as suas credenciais para continuar.",
7001
5959
  "signup.heading": "Registar-se",
@@ -7106,6 +6064,9 @@ const ta_IN = {
7106
6064
  "elements.fields.organization.select.label": "அமைப்பை தேர்ந்தெடு",
7107
6065
  "elements.fields.organization.select.placeholder": "அமைப்பை தெரிந்தெடுக்கவும்",
7108
6066
  "validations.required.field.error": "இந்த புலம் தேவை",
6067
+ "validation.pattern.invalid": "இந்த மதிப்பு தேவையான வடிவத்துடன் பொருந்தவில்லை.",
6068
+ "validation.minLength.invalid": "இந்த மதிப்பு மிகவும் குறுகியது.",
6069
+ "validation.maxLength.invalid": "இந்த மதிப்பு மிகவும் நீளமானது.",
7109
6070
  "signin.heading": "உள்நுழை",
7110
6071
  "signin.subheading": "தொடர உங்கள் சான்றுகளை உள்ளிடவும்.",
7111
6072
  "signup.heading": "பதிவு செய்",
@@ -7216,6 +6177,9 @@ const si_LK = {
7216
6177
  "elements.fields.organization.select.label": "සංවිධානය තෝරන්න",
7217
6178
  "elements.fields.organization.select.placeholder": "සංවිධානයක් සැළුම් කරන්න",
7218
6179
  "validations.required.field.error": "මෙම ක්ෂේත්‍රය අවශ්‍යයි",
6180
+ "validation.pattern.invalid": "මෙම අගය අවශ්‍ය ආකෘතියට නොගැලපේ.",
6181
+ "validation.minLength.invalid": "මෙම අගය ඉතා කෙටියි.",
6182
+ "validation.maxLength.invalid": "මෙම අගය ඉතා දිගයි.",
7219
6183
  "signin.heading": "ලොග් වෙන්න",
7220
6184
  "signin.subheading": "ඉදිරියට යාමට ඔබේ සත්‍යාපන තොරතුරු ඇතුළත් කරන්න.",
7221
6185
  "signup.heading": "ලියාපදිංචි වන්න",
@@ -7374,34 +6338,26 @@ var normalizeTranslations_default = normalizeTranslations;
7374
6338
  exports.ApplicationNativeAuthenticationConstants = ApplicationNativeAuthenticationConstants_default;
7375
6339
  exports.AuthenticationHelper = AuthenticationHelper_default;
7376
6340
  exports.DEFAULT_THEME = DEFAULT_THEME;
6341
+ exports.DEFAULT_VALIDATION_MESSAGE_KEYS = DEFAULT_VALIDATION_MESSAGE_KEYS;
7377
6342
  exports.EMOJI_URI_SCHEME = EMOJI_URI_SCHEME;
7378
- exports.EmbeddedFlowActionVariantV2 = EmbeddedFlowActionVariant;
6343
+ exports.EmbeddedFlowActionVariant = EmbeddedFlowActionVariant;
7379
6344
  exports.EmbeddedFlowComponentType = EmbeddedFlowComponentType;
7380
- exports.EmbeddedFlowComponentTypeV2 = EmbeddedFlowComponentType$1;
7381
- exports.EmbeddedFlowEventTypeV2 = EmbeddedFlowEventType;
6345
+ exports.EmbeddedFlowEventType = EmbeddedFlowEventType;
7382
6346
  exports.EmbeddedFlowResponseType = EmbeddedFlowResponseType;
7383
- exports.EmbeddedFlowStatus = EmbeddedFlowStatus;
7384
- exports.EmbeddedFlowTextVariantV2 = EmbeddedFlowTextVariant;
6347
+ exports.EmbeddedFlowTextVariant = EmbeddedFlowTextVariant;
7385
6348
  exports.EmbeddedFlowType = EmbeddedFlowType;
7386
- exports.EmbeddedRecoveryFlowStatusV2 = EmbeddedRecoveryFlowStatus;
7387
- exports.EmbeddedRecoveryFlowTypeV2 = EmbeddedRecoveryFlowType;
7388
- exports.EmbeddedSignInFlowAuthenticatorKnownIdPType = EmbeddedSignInFlowAuthenticatorKnownIdPType;
7389
- exports.EmbeddedSignInFlowAuthenticatorParamType = EmbeddedSignInFlowAuthenticatorParamType;
7390
- exports.EmbeddedSignInFlowAuthenticatorPromptType = EmbeddedSignInFlowAuthenticatorPromptType;
6349
+ exports.EmbeddedRecoveryFlowStatus = EmbeddedRecoveryFlowStatus;
6350
+ exports.EmbeddedRecoveryFlowType = EmbeddedRecoveryFlowType;
7391
6351
  exports.EmbeddedSignInFlowStatus = EmbeddedSignInFlowStatus;
7392
- exports.EmbeddedSignInFlowStatusV2 = EmbeddedSignInFlowStatus$1;
7393
- exports.EmbeddedSignInFlowStepType = EmbeddedSignInFlowStepType;
7394
6352
  exports.EmbeddedSignInFlowType = EmbeddedSignInFlowType;
7395
- exports.EmbeddedSignInFlowTypeV2 = EmbeddedSignInFlowType$1;
7396
- exports.EmbeddedSignUpFlowStatusV2 = EmbeddedSignUpFlowStatus;
7397
- exports.EmbeddedSignUpFlowTypeV2 = EmbeddedSignUpFlowType;
6353
+ exports.EmbeddedSignUpFlowStatus = EmbeddedSignUpFlowStatus;
6354
+ exports.EmbeddedSignUpFlowType = EmbeddedSignUpFlowType;
7398
6355
  exports.FieldType = FieldType;
7399
6356
  exports.FlowMetaType = FlowMetaType;
7400
6357
  exports.FlowMode = FlowMode;
7401
6358
  exports.HttpClient = HttpClient;
7402
6359
  exports.IsomorphicCrypto = IsomorphicCrypto;
7403
6360
  exports.OIDCRequestConstants = OIDCRequestConstants_default;
7404
- exports.Platform = Platform;
7405
6361
  exports.StorageManager = StorageManager_default;
7406
6362
  exports.ThunderIDAPIError = ThunderIDAPIError;
7407
6363
  exports.ThunderIDAuthException = ThunderIDAuthException;
@@ -7415,25 +6371,22 @@ exports.WellKnownSchemaIds = WellKnownSchemaIds;
7415
6371
  exports.arrayBufferToBase64url = arrayBufferToBase64url_default;
7416
6372
  exports.base64urlToArrayBuffer = base64urlToArrayBuffer_default;
7417
6373
  exports.bem = bem_default;
6374
+ exports.buildValidatorFromRules = buildValidatorFromRules_default;
7418
6375
  exports.configureLogger = configure;
7419
6376
  exports.countryCodeToFlagEmoji = countryCodeToFlagEmoji;
7420
6377
  exports.createComponentLogger = createComponentLogger;
7421
6378
  exports.createLogger = createLogger;
7422
- exports.createOrganization = createOrganization_default;
7423
6379
  exports.createPackageComponentLogger = createPackageComponentLogger;
7424
6380
  exports.createPackageLogger = createPackageLogger;
7425
- exports.createPatchOperations = createPatchOperations;
7426
6381
  exports.createTheme = createTheme_default;
7427
6382
  exports.debug = debug;
7428
6383
  exports.deepMerge = deepMerge_default;
7429
- exports.deriveOrganizationHandleFromBaseUrl = deriveOrganizationHandleFromBaseUrl_default;
7430
6384
  exports.error = error;
7431
- exports.executeEmbeddedRecoveryFlowV2 = executeEmbeddedRecoveryFlowV2_default;
6385
+ exports.evaluateValidationRule = evaluateValidationRule_default;
6386
+ exports.executeEmbeddedRecoveryFlow = executeEmbeddedRecoveryFlow_default;
7432
6387
  exports.executeEmbeddedSignInFlow = executeEmbeddedSignInFlow_default;
7433
- exports.executeEmbeddedSignInFlowV2 = executeEmbeddedSignInFlowV2_default;
7434
6388
  exports.executeEmbeddedSignUpFlow = executeEmbeddedSignUpFlow_default;
7435
- exports.executeEmbeddedSignUpFlowV2 = executeEmbeddedSignUpFlowV2_default;
7436
- exports.executeEmbeddedUserOnboardingFlowV2 = executeEmbeddedUserOnboardingFlowV2_default;
6389
+ exports.executeEmbeddedUserOnboardingFlow = executeEmbeddedUserOnboardingFlow_default;
7437
6390
  exports.extractEmojiFromUri = extractEmojiFromUri_default;
7438
6391
  exports.extractPkceStorageKeyFromState = extractPkceStorageKeyFromState_default;
7439
6392
  exports.extractUserClaimsFromIdToken = extractUserClaimsFromIdToken_default;
@@ -7442,21 +6395,15 @@ exports.formatDate = formatDate_default;
7442
6395
  exports.generateFlattenedUserProfile = generateFlattenedUserProfile_default;
7443
6396
  exports.generateUserProfile = generateUserProfile_default;
7444
6397
  exports.get = get_default;
7445
- exports.getAllOrganizations = getAllOrganizations_default;
7446
- exports.getBrandingPreference = getBrandingPreference_default;
7447
6398
  exports.getDefaultI18nBundles = getDefaultI18nBundles_default;
7448
- exports.getFlowMetaV2 = getFlowMetaV2_default;
6399
+ exports.getFlowMeta = getFlowMeta_default;
7449
6400
  exports.getLatestStateParam = getLatestStateParam_default;
7450
- exports.getMeOrganizations = getMeOrganizations_default;
7451
- exports.getOrganization = getOrganization_default;
7452
6401
  exports.getOrganizationUnitChildren = getOrganizationUnitChildren_default;
7453
6402
  exports.getRedirectBasedSignUpUrl = getRedirectBasedSignUpUrl_default;
7454
6403
  exports.getSchemas = getSchemas_default;
7455
6404
  exports.getScim2Me = getScim2Me_default;
7456
6405
  exports.getUserInfo = getUserInfo_default;
7457
- exports.identifyPlatform = identifyPlatform_default;
7458
6406
  exports.info = info;
7459
- exports.initializeEmbeddedSignInFlow = initializeEmbeddedSignInFlow_default;
7460
6407
  exports.isEmojiUri = isEmojiUri_default;
7461
6408
  exports.isEmpty = isEmpty_default;
7462
6409
  exports.isRecognizedBaseUrlPattern = isRecognizedBaseUrlPattern_default;
@@ -7466,14 +6413,11 @@ exports.processOpenIDScopes = processOpenIDScopes_default;
7466
6413
  exports.processUsername = processUsername_default;
7467
6414
  exports.removeTrailingSlash = removeTrailingSlash_default;
7468
6415
  exports.resolveFieldName = resolveFieldName_default;
7469
- exports.resolveFieldType = resolveFieldType_default;
7470
6416
  exports.resolveFlowTemplateLiterals = resolveFlowTemplateLiterals;
7471
6417
  exports.resolveLocaleDisplayName = resolveLocaleDisplayName;
7472
6418
  exports.resolveLocaleEmoji = resolveLocaleEmoji_default;
7473
6419
  exports.resolveMeta = resolveMeta;
7474
6420
  exports.set = set_default;
7475
- exports.transformBrandingPreferenceToTheme = transformBrandingPreferenceToTheme_default;
7476
6421
  exports.updateMeProfile = updateMeProfile_default;
7477
- exports.updateOrganization = updateOrganization_default;
7478
6422
  exports.warn = warn;
7479
6423
  exports.withVendorCSSClassPrefix = withVendorCSSClassPrefix_default;