npm - @tidecloak/js - Versions diffs - 0.12.33 → 0.12.40 - Mend

@tidecloak/js 0.12.33 → 0.12.40

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (528) hide show

package/dist/types/lib/tidecloak.d.ts CHANGED Viewed

@@ -1,37 +1,326 @@
-export function getHumanReadableObject(modelId: any, data: any, expiry: any): void;
-export default TideCloak;
-declare function TideCloak(config: any): void;
-declare class TideCloak {
-    constructor(config: any);
+export default class TideCloak {
+    /**
+     * @param {KeycloakConfig} config
+     */
+    constructor(config: KeycloakConfig);
     didInitialize: boolean;
-    init: (initOptions?: {}) => any;
-    login: (options: any) => any;
-    ensureTokenReady: () => Promise<void>;
-    encrypt: (toEncrypt: any) => Promise<any>;
-    initEnclave: () => void;
-    decrypt: (toDecrypt: any) => Promise<any>;
-    createLoginUrl: (options: any) => Promise<string>;
-    logout: (options: any) => any;
-    createLogoutUrl: (options: any) => any;
-    register: (options: any) => any;
-    createRegisterUrl: (options: any) => Promise<string>;
-    createAccountUrl: (options: any) => string | undefined;
-    accountManagement: () => any;
-    hasRealmRole: (role: any) => boolean;
-    hasResourceRole: (role: any, resource: any) => boolean;
-    loadUserProfile: () => any;
-    loadUserInfo: () => any;
-    isTokenExpired: (minValidity: any) => boolean;
-    updateToken: (minValidity: any) => any;
-    clearToken: () => void;
-    checkThresholdRule: (key: any, idSubstring: any, ruleSettings: any, draftJson: any) => {
-        roles: string[];
-        threshold: number;
-    };
-    createCardanoTxDraft: (txBody: any) => string;
-    sign: (signModel: any, authFlow: any, draft: any, authorizers: any, ruleSetting: any, expiry: any) => Promise<Uint8Array<ArrayBuffer>[]>;
-    signCardanoTx: (txBody: any, authorizers: any, ruleSettings: any, expiry: any) => Promise<string>;
-    createRuleSettingsDraft: (ruleSettings: any, previousRuleSetting: any, previousRuleSettingCert: any) => string;
+    authenticated: boolean;
+    loginRequired: boolean;
+    /** @type {KeycloakResponseMode} */
+    responseMode: KeycloakResponseMode;
+    /** @type {KeycloakResponseType} */
+    responseType: KeycloakResponseType;
+    /** @type {KeycloakFlow} */
+    flow: KeycloakFlow;
+    /**
+     * Matches Keycloak: number | undefined (unset when skew unknown)
+     * @type {number | undefined}
+     */
+    timeSkew: number | undefined;
+    /** @type {string=} */
+    redirectUri: string | undefined;
+    /** @type {string=} */
+    silentCheckSsoRedirectUri: string | undefined;
+    /** @type {boolean} */
+    silentCheckSsoFallback: boolean;
+    /** @type {KeycloakPkceMethod} */
+    pkceMethod: KeycloakPkceMethod;
+    enableLogging: boolean;
+    /** @type {'GET' | 'POST'} */
+    logoutMethod: "GET" | "POST";
+    /** @type {string=} */
+    scope: string | undefined;
+    /** @type {string | undefined} */
+    acrValues: string | undefined;
+    messageReceiveTimeout: number;
+    /** @type {string=} */
+    idToken: string | undefined;
+    /** @type {KeycloakTokenParsed=} */
+    idTokenParsed: KeycloakTokenParsed | undefined;
+    /** @type {string=} */
+    token: string | undefined;
+    /** @type {KeycloakTokenParsed=} */
+    tokenParsed: KeycloakTokenParsed | undefined;
+    /** @type {string=} */
+    refreshToken: string | undefined;
+    /** @type {KeycloakTokenParsed=} */
+    refreshTokenParsed: KeycloakTokenParsed | undefined;
+    /** @type {string | undefined} */
+    doken: string | undefined;
+    /** @type {KeycloakTokenParsed | undefined} */
+    dokenParsed: KeycloakTokenParsed | undefined;
+    /** @type {any} */
+    requestEnclave: any;
+    /** @type {any} */
+    approvalEnclave: any;
+    /** @type {string=} */
+    clientId: string | undefined;
+    /** @type {string=} */
+    sessionId: string | undefined;
+    /** @type {string=} */
+    subject: string | undefined;
+    /** @type {string=} */
+    authServerUrl: string | undefined;
+    /** @type {string=} */
+    realm: string | undefined;
+    /** @type {KeycloakRoles=} */
+    realmAccess: KeycloakRoles | undefined;
+    /** @type {KeycloakResourceAccess=} */
+    resourceAccess: KeycloakResourceAccess | undefined;
+    /** @type {KeycloakProfile=} */
+    profile: KeycloakProfile | undefined;
+    /** @type {KeycloakUserInfo | undefined} */
+    userInfo: KeycloakUserInfo | undefined;
+    /** @type {Endpoints} */
+    endpoints: Endpoints;
+    /** @type {number=} */
+    tokenTimeoutHandle: number | undefined;
+    /** @type {() => void=} */
+    onAuthSuccess: (() => void) | undefined;
+    /** @type {(errorData?: KeycloakError) => void=} */
+    onAuthError: ((errorData?: KeycloakError) => void) | undefined;
+    /** @type {() => void=} */
+    onAuthRefreshSuccess: (() => void) | undefined;
+    /** @type {() => void=} */
+    onAuthRefreshError: (() => void) | undefined;
+    /** @type {() => void=} */
+    onTokenExpired: (() => void) | undefined;
+    /** @type {() => void=} */
+    onAuthLogout: (() => void) | undefined;
+    /** @type {(authenticated: boolean) => void=} */
+    onReady: ((authenticated: boolean) => void) | undefined;
+    /** @type {(status: 'success' | 'cancelled' | 'error', action: string) => void=} */
+    onActionUpdate: ((status: "success" | "cancelled" | "error", action: string) => void) | undefined;
+    /**
+     * @param {KeycloakInitOptions} initOptions
+     * @returns {Promise<boolean>}
+     */
+    init(initOptions?: KeycloakInitOptions): Promise<boolean>;
+    /**
+     * @param {KeycloakLoginOptions} [options]
+     * @returns {Promise<void>}
+     */
+    login(options?: KeycloakLoginOptions): Promise<void>;
+    /**
+     * Ensure the access token is valid, refreshing if needed.
+     * @returns {Promise<void>}
+     */
+    ensureTokenReady(): Promise<void>;
+    /**
+     * @param {KeycloakLoginOptions} [options]
+     * @returns {Promise<string>}
+     */
+    createLoginUrl(options?: KeycloakLoginOptions): Promise<string>;
+    /**
+     * @param {KeycloakLogoutOptions} [options]
+     * @returns {Promise<void>}
+     */
+    logout(options?: KeycloakLogoutOptions): Promise<void>;
+    /**
+     * @param {KeycloakLogoutOptions} [options]
+     * @returns {string}
+     */
+    createLogoutUrl(options?: KeycloakLogoutOptions): string;
+    /**
+     * @param {KeycloakRegisterOptions} [options]
+     * @returns {Promise<void>}
+     */
+    register(options?: KeycloakRegisterOptions): Promise<void>;
+    /**
+     * @param {KeycloakRegisterOptions} [options]
+     * @returns {Promise<string>}
+     */
+    createRegisterUrl(options?: KeycloakRegisterOptions): Promise<string>;
+    /**
+     * @param {KeycloakAccountOptions} [options]
+     * @returns {string}
+     */
+    createAccountUrl(options?: KeycloakAccountOptions): string;
+    /**
+     * @returns {Promise<void>}
+     */
+    accountManagement(): Promise<void>;
+    /**
+     * @param {string} role
+     * @returns {boolean}
+     */
+    hasRealmRole(role: string): boolean;
+    /**
+     * @param {string} role
+     * @param {string} [resource]
+     * @returns {boolean}
+     */
+    hasResourceRole(role: string, resource?: string): boolean;
+    /**
+     * @returns {Promise<KeycloakProfile>}
+     */
+    loadUserProfile(): Promise<KeycloakProfile>;
+    /**
+     * @returns {Promise<KeycloakUserInfo>}
+     */
+    loadUserInfo(): Promise<KeycloakUserInfo>;
+    /**
+     * @param {number} [minValidity]
+     * @returns {boolean}
+     */
+    isTokenExpired(minValidity?: number): boolean;
+    /**
+     * Matches Keycloak: minValidity is optional.
+     * @param {number} [minValidity]
+     * @returns {Promise<boolean>}
+     */
+    updateToken(minValidity?: number): Promise<boolean>;
+    clearToken(): void;
+    /**
+     * Initialize Tide RequestEnclave.
+     */
+    initRequestEnclave(): void;
+    /**
+     * Initialize Tide ApprovalEnclave.
+     */
+    initApprovalEnclave(): void;
+    /**
+     * Role-based encryption via Tide RequestEnclave.
+     * @param {{ data: string | Uint8Array, tags: string[] }[]} toEncrypt
+     * @returns {Promise<(string | Uint8Array)[]>}
+     */
+    encrypt(toEncrypt: {
+        data: string | Uint8Array;
+        tags: string[];
+    }[]): Promise<(string | Uint8Array)[]>;
+    /**
+     * Initialize a Tide request that requires operator approvals.
+     * @param {Uint8Array} encodedRequest
+     * @returns {Promise<Uint8Array>}
+     */
+    createTideRequest(encodedRequest: Uint8Array): Promise<Uint8Array>;
+    /**
+     * Request Tide operator approval.
+     * @param {{id: string, request: Uint8Array}[]} requests
+     * @returns {Promise<{approved: {id: string, request: Uint8Array}[], denied: {id: string}[], pending: {id: string}[]}>}
+     */
+    requestTideOperatorApproval(requests: {
+        id: string;
+        request: Uint8Array;
+    }[]): Promise<{
+        approved: {
+            id: string;
+            request: Uint8Array;
+        }[];
+        denied: {
+            id: string;
+        }[];
+        pending: {
+            id: string;
+        }[];
+    }>;
+    /**
+     * Execute a Tide Sign Request
+     * @param {Uint8Array} request
+     * @returns Array of signatures
+     */
+    executeSignRequest(request: Uint8Array): Promise<any>;
+    /**
+     * Role-based decryption via Tide RequestEnclave.
+     * @param {{ encrypted: string | Uint8Array, tags: string[] }[]} toDecrypt
+     * @returns {Promise<(string | Uint8Array)[]>}
+     */
+    decrypt(toDecrypt: {
+        encrypted: string | Uint8Array;
+        tags: string[];
+    }[]): Promise<(string | Uint8Array)[]>;
+    #private;
 }
-export { RequestEnclave, ApprovalEnclave } from "heimdall-tide";
-export { bytesToBase64, base64ToBytes } from "../modules/tide-js/Cryptide/Serialization.js";
+/**
+ * @typedef {Object} NetworkErrorOptionsProperties
+ * @property {Response} response
+ * @typedef {ErrorOptions & NetworkErrorOptionsProperties} NetworkErrorOptions
+ */
+export class NetworkError extends Error {
+    /**
+     * @param {string} message
+     * @param {NetworkErrorOptions} options
+     */
+    constructor(message: string, options: NetworkErrorOptions);
+    /** @type {Response} */
+    response: Response;
+}
+/**
+ * The JSON version of the adapter configuration.
+ */
+export type JsonConfig = {
+    /**
+     * The URL of the authentication server.
+     */
+    "auth-server-url": string;
+    /**
+     * The name of the realm.
+     */
+    realm: string;
+    /**
+     * The name of the resource, usually the client ID.
+     */
+    resource: string;
+};
+/**
+ * The successful token response from the authorization server, based on the {@link https://datatracker.ietf.org/doc/html/rfc6749#section-5.1 OAuth 2.0 Authorization Framework specification}.
+ */
+export type AccessTokenResponse = {
+    /**
+     * The access token issued by the authorization server.
+     */
+    access_token: string;
+    /**
+     * The type of the token issued by the authorization server.
+     */
+    token_type: string;
+    /**
+     * The lifetime in seconds of the access token.
+     */
+    expires_in?: number | undefined;
+    /**
+     * The refresh token issued by the authorization server.
+     */
+    refresh_token?: string | undefined;
+    /**
+     * The ID token issued by the authorization server, if requested.
+     */
+    id_token?: string | undefined;
+    /**
+     * The scope of the access token.
+     */
+    scope?: string | undefined;
+};
+export type Endpoints = {
+    authorize: () => string;
+    token: () => string;
+    logout: () => string;
+    checkSessionIframe: () => string;
+    thirdPartyCookiesIframe?: (() => string) | undefined;
+    register: () => string;
+    userinfo: () => string;
+};
+export type LoginIframe = {
+    enable: boolean;
+    callbackList: ((error: Error | null, value?: boolean) => void)[];
+    interval: number;
+    iframe?: HTMLIFrameElement | undefined;
+    iframeOrigin?: string | undefined;
+};
+export type CallbackState = {
+    state: string;
+    nonce: string;
+    redirectUri: string;
+    loginOptions?: KeycloakLoginOptions;
+    prompt?: KeycloakLoginOptions["prompt"];
+    pkceCodeVerifier?: string | undefined;
+};
+export type CallbackStorage = {
+    get: (state?: string) => CallbackState | null;
+    add: (state: CallbackState) => void;
+};
+export type NetworkErrorOptionsProperties = {
+    response: Response;
+};
+export type NetworkErrorOptions = ErrorOptions & NetworkErrorOptionsProperties;
+export { RequestEnclave, ApprovalEnclave, ApprovalEnclaveNew, TideMemory, BaseTideRequest, PolicySignRequest, Policy, PolicyParameters } from "heimdall-tide";

package/dist/types/src/IAMService.d.ts CHANGED Viewed

@@ -24,7 +24,7 @@ declare const IAMServiceInstance: IAMService;
  * ```
  */
 declare class IAMService {
-    _tc: TideCloak | null;
+    _tc: any;
     _config: Object | null;
     _listeners: {};
     /**
@@ -103,4 +103,3 @@ declare class IAMService {
     /** Base URL for Tidecloak realm (no trailing slash) */
     getBaseUrl(): any;
 }
-import TideCloak from "../lib/tidecloak";

package/dist/types/src/index.d.ts CHANGED Viewed

@@ -1,4 +1,3 @@
-export function getHumanReadableObject(modelId: any, data: any, expiry: any): void;
 export { default as IAMService } from "./IAMService.js";
-export { default as TideCloak, RequestEnclave, ApprovalEnclave } from "../lib/tidecloak.js";
-export { bytesToBase64, base64ToBytes } from "../modules/tide-js/Cryptide/Serialization.js";
+export { default as TideCloak, RequestEnclave, ApprovalEnclaveNew } from "../lib/tidecloak.js";
+export { TideMemory, BaseTideRequest } from "heimdall-tide";

package/dist/types/src/policy-react.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/package.json CHANGED Viewed

@@ -1,48 +1,37 @@
 {
   "name": "@tidecloak/js",
-  "version": "0.12.33",
-  "description": "TideCloak client side JS SDK",
+  "version": "0.12.40",
+  "type": "module",
   "main": "dist/cjs/src/index.js",
   "module": "dist/esm/src/index.js",
   "types": "dist/types/src/index.d.ts",
   "exports": {
     ".": {
-      "import": "./dist/esm/src/index.js",
       "types": "./dist/types/src/index.d.ts",
+      "import": "./dist/esm/src/index.js",
       "require": "./dist/cjs/src/index.js"
-    }
+    },
+    "./policy-react": {
+      "import": "./dist/esm/src/policy-react.js",
+      "require": "./dist/cjs/src/policy-react.js"
+    },
+    "./policy.css": "./dist/esm/src/policy.css"
   },
-  "files": [
-    "dist",
-    "scripts/postinstall.js"
-  ],
   "scripts": {
-    "postinstall": "node ./scripts/postinstall.js",
+    "postinstall": "node ./scripts/postinstall.cjs",
     "build:cjs": "tsc -p tsconfig.cjs.json",
     "build:esm": "tsc -p tsconfig.esm.json",
-    "build": "npm run build:cjs && npm run build:esm && cp ./silent-check-sso.html dist/",
+    "build:types": "tsc -p tsconfig.types.json",
+    "build:copy-css": "node scripts/copy-css.cjs",
+    "build": "npm run build:cjs && npm run build:esm && npm run build:types && npm run build:copy-css && cp ./silent-check-sso.html dist/",
     "prepare": "npm run build"
   },
-  "publishConfig": {
-    "access": "public"
-  },
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/tide-foundation/tidecloak-js.git"
-  },
-  "author": "Tide",
-  "homepage": "https://tide.org",
-  "license": "https://tide.org/licenses_tcoc2-0-0-en",
-  "keywords": [
-    "security",
-    "tidecloak",
-    "tide",
-    "authentication",
-    "oidc",
-    "oauth2",
-    "authorization"
+  "files": [
+    "dist",
+    "scripts/postinstall.cjs",
+    "silent-check-sso.html"
   ],
   "dependencies": {
-    "heimdall-tide": "^0.12.33"
+    "heimdall-tide": "^0.12.40"
   }
 }

package/scripts/postinstall.cjs ADDED Viewed

@@ -0,0 +1,36 @@
+// scripts/postinstall.cjs (CommonJS)
+const { copyFileSync, existsSync, mkdirSync } = require('node:fs');
+const path = require('node:path');
+// npm sets INIT_CWD to the *consumer* project root that ran `npm i`
+const initCwd = process.env.INIT_CWD || process.cwd();
+const pkgRoot = __dirname ? path.resolve(__dirname, '..') : process.cwd();
+// where the file should end up in the *consumer* app
+const targetDir = path.join(initCwd, 'public');
+const targetFile = path.join(targetDir, 'silent-check-sso.html');
+// possible sources inside this package
+const distSrc = path.join(pkgRoot, 'dist', 'silent-check-sso.html');
+const srcSrc  = path.join(pkgRoot, 'silent-check-sso.html');
+// no-op if the consumer doesn't have a public/ folder
+if (!existsSync(targetDir)) {
+  console.log('[tidecloak-js] No public/ directory in consumer, skipping copy.');
+  process.exit(0);
+}
+// find a source file to copy
+let source = null;
+if (existsSync(distSrc)) source = distSrc;
+else if (existsSync(srcSrc)) source = srcSrc;
+if (!source) {
+  console.log('[tidecloak-js] silent-check-sso.html not found in package, skipping copy.');
+  process.exit(0);
+}
+// ensure target dir exists and copy
+mkdirSync(targetDir, { recursive: true });
+copyFileSync(source, targetFile);
+console.log(`[tidecloak-js] Copied ${path.basename(source)} → ${targetFile}`);

package/silent-check-sso.html ADDED Viewed

	@@ -0,0 +1 @@
1	+ <html><body><script>parent.postMessage(location.href, location.origin)</script></body></html>