auth0-deploy-cli 7.7.1 → 7.8.0

package/lib/tools/auth0/handlers/triggers.d.ts

@@ -0,0 +1,35 @@
+import DefaultHandler from './default';
+import { Assets } from '../../../types';
+export declare const schema: {
+    type: string;
+    items: {
+        type: string;
+        additionalProperties: boolean;
+        properties: {
+            trigger_id: {
+                type: string;
+                properties: {
+                    action_name: {
+                        type: string;
+                        enum: string[];
+                    };
+                    display_name: {
+                        type: string;
+                        default: string;
+                    };
+                };
+            };
+        };
+    };
+};
+export default class TriggersHandler extends DefaultHandler {
+    existing: {
+        [key: string]: {
+            action_name: string;
+            display_name: string;
+        };
+    };
+    constructor(options: DefaultHandler);
+    getType(): Promise<DefaultHandler['existing']>;
+    processChanges(assets: Assets): Promise<void>;
+}

package/lib/tools/auth0/handlers/triggers.js

@@ -45,7 +45,7 @@ exports.schema = void 0;
 const lodash_1 = __importDefault(require("lodash"));
 const default_1 = __importStar(require("./default"));
 const constants_1 = __importDefault(require("../../constants"));
-const logger_1 = __importDefault(require("../../logger"));
+const logger_1 = __importDefault(require("../../../logger"));
 exports.schema = {
     type: 'object',
     items: {

package/lib/tools/auth0/index.d.ts

@@ -0,0 +1,15 @@
+import { Assets, Auth0APIClient, BaseAuth0APIClient } from '../../types';
+import APIHandler from './handlers/default';
+import { ConfigFunction } from '../../configFactory';
+export declare type Stage = 'load' | 'validate' | 'processChanges';
+export default class Auth0 {
+    client: Auth0APIClient;
+    config: ConfigFunction;
+    assets: Assets;
+    handlers: APIHandler[];
+    constructor(client: BaseAuth0APIClient, assets: Assets, config: ConfigFunction);
+    runStage(stage: Stage): Promise<void>;
+    validate(): Promise<void>;
+    loadAll(): Promise<void>;
+    processChanges(): Promise<void>;
+}

package/lib/tools/auth0/schema.d.ts

@@ -0,0 +1,15 @@
+declare const _default: {
+    type: string;
+    $schema: string;
+    properties: {
+        exclude: {
+            type: string;
+            properties: {
+                [x: string]: Object;
+            };
+            default: {};
+        };
+    };
+    additionalProperties: boolean;
+};
+export default _default;

package/lib/tools/calculateChanges.d.ts

@@ -0,0 +1,26 @@
+import APIHandler from '../tools/auth0/handlers/default';
+import { Asset, CalculatedChanges } from '../types';
+/**
+ * @template T
+ * @param {typeof import('./auth0/handlers/default').default} handler
+ * @param {T} desiredAssetState
+ * @param {T} currentAssetState
+ * @param {string[]} [objectFields=[]]
+ * @param {boolean} [allowDelete=false]
+ * @returns T
+ */
+export declare function processChangedObjectFields({ handler, desiredAssetState, currentAssetState, allowDelete, }: {
+    handler: APIHandler;
+    desiredAssetState: Asset;
+    currentAssetState: Asset;
+    allowDelete?: boolean;
+}): {
+    [x: string]: any;
+};
+export declare function calculateChanges({ handler, assets, existing, identifiers, allowDelete, }: {
+    handler: APIHandler;
+    assets: Asset[];
+    existing: Asset[];
+    identifiers: string[];
+    allowDelete: boolean;
+}): CalculatedChanges;

package/lib/tools/calculateChanges.js

@@ -4,7 +4,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.calculateChanges = exports.processChangedObjectFields = void 0;
-const logger_1 = __importDefault(require("./logger"));
+const logger_1 = __importDefault(require("../logger"));
 /**
  * @template T
  * @param {typeof import('./auth0/handlers/default').default} handler

package/lib/tools/constants.d.ts

@@ -0,0 +1,71 @@
+declare const constants: {
+    CONCURRENT_CALLS: number;
+    RULES_DIRECTORY: string;
+    RULES_STAGES: string[];
+    DEFAULT_RULE_STAGE: string;
+    HOOKS_HIDDEN_SECRET_VALUE: string;
+    OBFUSCATED_SECRET_VALUE: string;
+    HOOKS_DIRECTORY: string;
+    ACTIONS_DIRECTORY: string;
+    TRIGGERS_DIRECTORY: string;
+    RULES_CONFIGS_DIRECTORY: string;
+    PAGES_DIRECTORY: string;
+    PAGE_LOGIN: string;
+    PAGE_GUARDIAN_MULTIFACTOR: string;
+    PAGE_PASSWORD_RESET: string;
+    PAGE_ERROR: string;
+    DATABASE_CONNECTIONS_DIRECTORY: string;
+    DATABASE_SCRIPTS_CHANGE_EMAIL: string;
+    DATABASE_SCRIPTS_GET_USER: string;
+    EMAIL_TEMPLATES_TYPES: string[];
+    ACTIONS_TRIGGERS: string[];
+    EMAIL_TEMPLATES_DIRECTORY: string;
+    EMAIL_VERIFY: string;
+    EMAIL_VERIFY_BY_CODE: string;
+    EMAIL_RESET: string;
+    EMAIL_WELCOME: string;
+    EMAIL_BLOCKED: string;
+    EMAIL_STOLEN_CREDENTIALS: string;
+    EMAIL_ENROLLMENT: string;
+    EMAIL_CHANGE_PASSWORD: string;
+    EMAIL_PASSWORD_RESET: string;
+    EMAIL_MFA_OOB_CODE: string;
+    EMAIL_USER_INVITATION: string;
+    GUARDIAN_DIRECTORY: string;
+    GUARDIAN_FACTORS_DIRECTORY: string;
+    GUARDIAN_PROVIDERS_DIRECTORY: string;
+    GUARDIAN_TEMPLATES_DIRECTORY: string;
+    UNIVERSAL_LOGIN_TEMPLATE: string;
+    RESOURCE_SERVERS_DIRECTORY: string;
+    RESOURCE_SERVERS_CLIENT_NAME: string;
+    RESOURCE_SERVERS_MANAGEMENT_API_NAME: string;
+    RESOURCE_SERVERS_ID_NAME: string;
+    CLIENTS_DIRECTORY: string;
+    CLIENTS_GRANTS_DIRECTORY: string;
+    BRANDING_DIRECTORY: string;
+    BRANDING_TEMPLATES_DIRECTORY: string;
+    BRANDING_TEMPLATES_YAML_DIRECTORY: string;
+    CLIENTS_CLIENT_NAME: string;
+    CLIENTS_CLIENT_ID_NAME: string;
+    CONNECTIONS_DIRECTORY: string;
+    CONNECTIONS_CLIENT_NAME: string;
+    CONNECTIONS_ID_NAME: string;
+    ROLES_DIRECTORY: string;
+    ATTACK_PROTECTION_DIRECTORY: string;
+    GUARDIAN_FACTORS: string[];
+    GUARDIAN_POLICIES: string[];
+    GUARDIAN_PHONE_PROVIDERS: string[];
+    GUARDIAN_PHONE_MESSAGE_TYPES: string[];
+    GUARDIAN_FACTOR_TEMPLATES: string[];
+    GUARDIAN_FACTOR_PROVIDERS: {
+        sms: string[];
+        'push-notification': string[];
+    };
+    PAGE_NAMES: string[];
+    DATABASE_SCRIPTS: string[];
+    DATABASE_SCRIPTS_NO_IMPORT: string[];
+    DATABASE_SCRIPTS_IMPORT: string[];
+    EMAIL_TEMPLATES_NAMES: string[];
+    SUPPORTED_BRANDING_TEMPLATES: string[];
+};
+export default constants;

package/lib/tools/constants.js

@@ -19,12 +19,14 @@ const EMAIL_PASSWORD_RESET = 'password_reset';
 const EMAIL_MFA_OOB_CODE = 'mfa_oob_code';
 const EMAIL_USER_INVITATION = 'user_invitation';
 const UNIVERSAL_LOGIN_TEMPLATE = 'universal_login';
+const OBFUSCATED_SECRET_VALUE = '_VALUE_NOT_SHOWN_';
 const constants = {
     CONCURRENT_CALLS: 5,
     RULES_DIRECTORY: 'rules',
     RULES_STAGES,
     DEFAULT_RULE_STAGE: RULES_STAGES[0],
-    HOOKS_HIDDEN_SECRET_VALUE: '_VALUE_NOT_SHOWN_',
+    HOOKS_HIDDEN_SECRET_VALUE: OBFUSCATED_SECRET_VALUE,
+    OBFUSCATED_SECRET_VALUE,
     HOOKS_DIRECTORY: 'hooks',
     ACTIONS_DIRECTORY: 'actions',
     TRIGGERS_DIRECTORY: 'triggers',

package/lib/tools/deploy.d.ts

@@ -0,0 +1,3 @@
+import { ConfigFunction } from '../configFactory';
+import { Assets, Auth0APIClient } from '../types';
+export default function deploy(assets: Assets, client: Auth0APIClient, config: ConfigFunction): Promise<{}>;

package/lib/tools/deploy.js

@@ -13,11 +13,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const auth0_1 = __importDefault(require("./auth0"));
-const logger_1 = __importDefault(require("./logger"));
+const logger_1 = __importDefault(require("../logger"));
 function deploy(assets, client, config) {
     return __awaiter(this, void 0, void 0, function* () {
         // Setup log level
-        logger_1.default.transports.console.level = process.env.AUTH0_DEBUG === 'true' ? 'debug' : 'info';
+        logger_1.default.level = process.env.AUTH0_DEBUG === 'true' ? 'debug' : 'info';
         logger_1.default.info('Getting access token for ' + config('AUTH0_CLIENT_ID') + '/' + config('AUTH0_DOMAIN'));
         const auth0 = new auth0_1.default(client, assets, config);
         // Validate Assets

package/lib/tools/index.d.ts

@@ -0,0 +1,82 @@
+import constants from './constants';
+import deploy from './deploy';
+import Auth0 from './auth0';
+import { keywordReplace, loadFileAndReplaceKeywords } from './utils';
+declare const _default: {
+    constants: {
+        CONCURRENT_CALLS: number;
+        RULES_DIRECTORY: string;
+        RULES_STAGES: string[];
+        DEFAULT_RULE_STAGE: string;
+        HOOKS_HIDDEN_SECRET_VALUE: string;
+        OBFUSCATED_SECRET_VALUE: string;
+        HOOKS_DIRECTORY: string;
+        ACTIONS_DIRECTORY: string;
+        TRIGGERS_DIRECTORY: string;
+        RULES_CONFIGS_DIRECTORY: string;
+        PAGES_DIRECTORY: string;
+        PAGE_LOGIN: string;
+        PAGE_GUARDIAN_MULTIFACTOR: string;
+        PAGE_PASSWORD_RESET: string;
+        PAGE_ERROR: string;
+        DATABASE_CONNECTIONS_DIRECTORY: string;
+        DATABASE_SCRIPTS_CHANGE_EMAIL: string;
+        DATABASE_SCRIPTS_GET_USER: string;
+        EMAIL_TEMPLATES_TYPES: string[];
+        ACTIONS_TRIGGERS: string[];
+        EMAIL_TEMPLATES_DIRECTORY: string;
+        EMAIL_VERIFY: string;
+        EMAIL_VERIFY_BY_CODE: string;
+        EMAIL_RESET: string;
+        EMAIL_WELCOME: string;
+        EMAIL_BLOCKED: string;
+        EMAIL_STOLEN_CREDENTIALS: string;
+        EMAIL_ENROLLMENT: string;
+        EMAIL_CHANGE_PASSWORD: string;
+        EMAIL_PASSWORD_RESET: string;
+        EMAIL_MFA_OOB_CODE: string;
+        EMAIL_USER_INVITATION: string;
+        GUARDIAN_DIRECTORY: string;
+        GUARDIAN_FACTORS_DIRECTORY: string;
+        GUARDIAN_PROVIDERS_DIRECTORY: string;
+        GUARDIAN_TEMPLATES_DIRECTORY: string;
+        UNIVERSAL_LOGIN_TEMPLATE: string;
+        RESOURCE_SERVERS_DIRECTORY: string;
+        RESOURCE_SERVERS_CLIENT_NAME: string;
+        RESOURCE_SERVERS_MANAGEMENT_API_NAME: string;
+        RESOURCE_SERVERS_ID_NAME: string;
+        CLIENTS_DIRECTORY: string;
+        CLIENTS_GRANTS_DIRECTORY: string;
+        BRANDING_DIRECTORY: string;
+        BRANDING_TEMPLATES_DIRECTORY: string;
+        BRANDING_TEMPLATES_YAML_DIRECTORY: string;
+        CLIENTS_CLIENT_NAME: string;
+        CLIENTS_CLIENT_ID_NAME: string;
+        CONNECTIONS_DIRECTORY: string;
+        CONNECTIONS_CLIENT_NAME: string;
+        CONNECTIONS_ID_NAME: string;
+        ROLES_DIRECTORY: string;
+        ATTACK_PROTECTION_DIRECTORY: string;
+        GUARDIAN_FACTORS: string[];
+        GUARDIAN_POLICIES: string[];
+        GUARDIAN_PHONE_PROVIDERS: string[];
+        GUARDIAN_PHONE_MESSAGE_TYPES: string[];
+        GUARDIAN_FACTOR_TEMPLATES: string[];
+        GUARDIAN_FACTOR_PROVIDERS: {
+            sms: string[];
+            'push-notification': string[];
+        };
+        PAGE_NAMES: string[];
+        DATABASE_SCRIPTS: string[];
+        DATABASE_SCRIPTS_NO_IMPORT: string[];
+        DATABASE_SCRIPTS_IMPORT: string[];
+        EMAIL_TEMPLATES_NAMES: string[];
+        SUPPORTED_BRANDING_TEMPLATES: string[];
+    };
+    deploy: typeof deploy;
+    keywordReplace: typeof keywordReplace;
+    loadFileAndReplaceKeywords: typeof loadFileAndReplaceKeywords;
+    Auth0: typeof Auth0;
+};
+export default _default;
+export { constants, deploy, keywordReplace, loadFileAndReplaceKeywords, Auth0 };

package/lib/tools/utils.d.ts

@@ -0,0 +1,18 @@
+import { Asset, Assets, CalculatedChanges, KeywordMappings } from '../types';
+export declare function keywordArrayReplace(input: string, mappings: KeywordMappings): string;
+export declare function keywordStringReplace(input: string, mappings: KeywordMappings): string;
+export declare function keywordReplace(input: string, mappings: KeywordMappings): string;
+export declare function convertClientNameToId(name: string, clients: Asset[]): string;
+export declare function convertClientNamesToIds(names: string[], clients: Asset[]): string[];
+export declare function loadFileAndReplaceKeywords(file: string, mappings: KeywordMappings): string;
+export declare function flatten(list: any[]): any[];
+export declare function convertJsonToString(obj: {
+    [key: string]: any;
+}, spacing?: number): string;
+export declare function stripFields(obj: Asset, fields: string[]): Asset;
+export declare function getEnabledClients(assets: Assets, connection: Asset, existing: Asset[], clients: Asset[]): string[];
+export declare function duplicateItems(arr: Asset[], key: string): Asset[];
+export declare function filterExcluded(changes: CalculatedChanges, exclude: string[]): CalculatedChanges;
+export declare function areArraysEquals(x: any[], y: any[]): boolean;
+export declare const obfuscateSensitiveValues: (data: Asset | Asset[] | null, sensitiveFieldsToObfuscate: string[]) => Asset | Asset[] | null;
+export declare const stripObfuscatedFieldsFromPayload: (data: Asset | Asset[] | null, obfuscatedFields: string[]) => Asset | Asset[] | null;

package/lib/tools/utils.js

@@ -26,12 +26,13 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.areArraysEquals = exports.filterExcluded = exports.duplicateItems = exports.getEnabledClients = exports.stripFields = exports.convertJsonToString = exports.flatten = exports.loadFileAndReplaceKeywords = exports.convertClientNamesToIds = exports.convertClientNameToId = exports.keywordReplace = exports.keywordStringReplace = exports.keywordArrayReplace = void 0;
+exports.stripObfuscatedFieldsFromPayload = exports.obfuscateSensitiveValues = exports.areArraysEquals = exports.filterExcluded = exports.duplicateItems = exports.getEnabledClients = exports.stripFields = exports.convertJsonToString = exports.flatten = exports.loadFileAndReplaceKeywords = exports.convertClientNamesToIds = exports.convertClientNameToId = exports.keywordReplace = exports.keywordStringReplace = exports.keywordArrayReplace = void 0;
 const path_1 = __importDefault(require("path"));
 const fs_1 = __importStar(require("fs"));
 const dot_prop_1 = __importDefault(require("dot-prop"));
 const lodash_1 = __importDefault(require("lodash"));
-const logger_1 = __importDefault(require("./logger"));
+const logger_1 = __importDefault(require("../logger"));
+const constants_1 = __importDefault(require("./constants"));
 function keywordArrayReplace(input, mappings) {
     Object.keys(mappings).forEach(function (key) {
         // Matching against two sets of patterns because a developer may provide their array replacement keyword with or without wrapping quotes. It is not obvious to the developer which to do depending if they're operating in YAML or JSON.
@@ -175,3 +176,35 @@ function areArraysEquals(x, y) {
     return lodash_1.default.isEqual(x && x.sort(), y && y.sort());
 }
 exports.areArraysEquals = areArraysEquals;
+const obfuscateSensitiveValues = (data, sensitiveFieldsToObfuscate) => {
+    if (data === null)
+        return data;
+    if (Array.isArray(data)) {
+        return data.map((asset) => (0, exports.obfuscateSensitiveValues)(asset, sensitiveFieldsToObfuscate));
+    }
+    const newAsset = Object.assign({}, data);
+    sensitiveFieldsToObfuscate.forEach((sensitiveField) => {
+        if (dot_prop_1.default.get(newAsset, sensitiveField) !== undefined) {
+            dot_prop_1.default.set(newAsset, sensitiveField, constants_1.default.OBFUSCATED_SECRET_VALUE);
+        }
+    });
+    return newAsset;
+};
+exports.obfuscateSensitiveValues = obfuscateSensitiveValues;
+// The reverse of `obfuscateSensitiveValues()`, preventing an obfuscated value from being passed to the API
+const stripObfuscatedFieldsFromPayload = (data, obfuscatedFields) => {
+    if (data === null)
+        return data;
+    if (Array.isArray(data)) {
+        return data.map((asset) => (0, exports.stripObfuscatedFieldsFromPayload)(asset, obfuscatedFields));
+    }
+    const newAsset = Object.assign({}, data);
+    obfuscatedFields.forEach((sensitiveField) => {
+        const obfuscatedFieldValue = dot_prop_1.default.get(newAsset, sensitiveField);
+        if (obfuscatedFieldValue === constants_1.default.OBFUSCATED_SECRET_VALUE) {
+            dot_prop_1.default.delete(newAsset, sensitiveField);
+        }
+    });
+    return newAsset;
+};
+exports.stripObfuscatedFieldsFromPayload = stripObfuscatedFieldsFromPayload;

package/lib/tools/validationError.d.ts

@@ -0,0 +1,5 @@
+declare function ValidationError(message: string): void;
+declare namespace ValidationError {
+    var prototype: any;
+}
+export default ValidationError;

package/lib/types.d.ts

@@ -0,0 +1,255 @@
+declare type SharedPaginationParams = {
+    checkpoint?: boolean;
+    paginate?: boolean;
+    is_global?: boolean;
+    include_totals?: boolean;
+    id?: string;
+    strategy?: 'auth0';
+};
+export declare type CheckpointPaginationParams = SharedPaginationParams & {
+    from: string;
+    take: number;
+};
+export declare type PagePaginationParams = SharedPaginationParams & {
+    page: number;
+    per_page: number;
+};
+declare type APIClientBaseFunctions = {
+    getAll: (arg0: SharedPaginationParams) => Promise<Asset[]>;
+    create: (arg0: {
+        id: string;
+    }) => Promise<Asset>;
+    update: (arg0: {}, arg1: Asset) => Promise<Asset>;
+    delete: (arg0: Asset) => Promise<void>;
+};
+export declare type ApiResponse = {
+    start: number;
+    limit: number;
+    total: number;
+    next?: string;
+} & {
+    [key in AssetTypes]: Asset[];
+};
+export declare type BaseAuth0APIClient = {
+    actions: APIClientBaseFunctions & {
+        deploy: ({ id: string }: {
+            id: any;
+        }) => Promise<void>;
+        getAllTriggers: () => Promise<{
+            triggers: Asset[];
+        }>;
+        getTriggerBindings: ({ trigger_id: string }: {
+            trigger_id: any;
+        }) => Promise<{
+            bindings: Asset[];
+        }>;
+        updateTriggerBindings: ({ trigger_id: string }: {
+            trigger_id: any;
+        }, { bindings: Object }: {
+            bindings: any;
+        }) => Promise<{
+            bindings: Asset[];
+        }>;
+    };
+    attackProtection: APIClientBaseFunctions & {
+        getBreachedPasswordDetectionConfig: () => Promise<Asset>;
+        getBruteForceConfig: () => Promise<Asset>;
+        getSuspiciousIpThrottlingConfig: () => Promise<Asset>;
+        updateBreachedPasswordDetectionConfig: ({}: {}, arg1: Asset) => Promise<void>;
+        updateSuspiciousIpThrottlingConfig: ({}: {}, arg1: Asset) => Promise<void>;
+        updateBruteForceConfig: ({}: {}, arg1: Asset) => Promise<void>;
+    };
+    branding: APIClientBaseFunctions & {
+        getSettings: () => Promise<Asset>;
+        getUniversalLoginTemplate: () => Promise<Asset>;
+        updateSettings: ({}: {}, Asset: any) => Promise<void>;
+        setUniversalLoginTemplate: ({}: {}, Asset: any) => Promise<void>;
+    };
+    clients: APIClientBaseFunctions;
+    clientGrants: APIClientBaseFunctions;
+    connections: APIClientBaseFunctions & {
+        get: (arg0: Asset) => Promise<Asset>;
+        getAll: (arg0: PagePaginationParams | CheckpointPaginationParams) => Promise<Asset[]>;
+    };
+    customDomains: APIClientBaseFunctions & {
+        getAll: () => Promise<Asset[]>;
+    };
+    emailProvider: APIClientBaseFunctions & {
+        delete: () => Promise<void>;
+        get: (arg0: Asset) => Promise<Asset>;
+        configure: (arg0: Object, arg1: Object) => Promise<Asset>;
+    };
+    emailTemplates: APIClientBaseFunctions & {
+        get: (arg0: Asset) => Promise<Asset>;
+    };
+    guardian: APIClientBaseFunctions & {
+        getFactorProvider: (arg0: Asset) => Promise<Asset>;
+        updateFactorProvider: (arg0: {}, arg1: Asset) => Promise<void>;
+        getFactors: () => Promise<Asset[]>;
+        updateFactor: (arg0: {}, arg1: Asset) => Promise<void>;
+        getPolicies: () => Promise<Asset[]>;
+        updatePolicies: (arg0: {}, arg1: Asset) => Promise<void>;
+        getFactorTemplates: (arg0: {
+            name: string;
+        }) => Promise<Asset[]>;
+        updateFactorTemplates: (arg0: {}, arg1: Asset) => Promise<void>;
+        updatePhoneFactorMessageTypes: (arg0: {}, arg1: Asset) => Promise<void>;
+        getPhoneFactorSelectedProvider: () => Promise<Asset[]>;
+        getPhoneFactorMessageTypes: () => Promise<Asset[]>;
+        updatePhoneFactorSelectedProvider: (arg0: {}, arg1: Asset) => Promise<void>;
+    };
+    hooks: APIClientBaseFunctions & {
+        get: ({ id: string }: {
+            id: any;
+        }) => Promise<Asset>;
+        removeSecrets: (arg0: {}, arg1: Asset) => Promise<void>;
+        updateSecrets: (arg0: {}, arg1: Asset) => Promise<void>;
+        getSecrets: ({ id: string }: {
+            id: any;
+        }) => Promise<Promise<Asset[]>>;
+        addSecrets: (arg0: {}, arg1: Asset) => Promise<void>;
+    };
+    migrations: APIClientBaseFunctions & {
+        getMigrations: () => Promise<{
+            flags: Asset[];
+        }>;
+        updateMigrations: (arg0: {
+            flags: Asset[];
+        }) => Promise<void>;
+    };
+    organizations: APIClientBaseFunctions & {
+        updateEnabledConnection: (arg0: {}, arg1: Asset) => Promise<void>;
+        addEnabledConnection: (arg0: {}, arg1: Asset) => Promise<void>;
+        removeEnabledConnection: (arg0: Asset) => Promise<void>;
+        connections: {
+            get: (arg0: Asset) => Promise<Asset>;
+        };
+    };
+    prompts: APIClientBaseFunctions & {
+        getSettings: () => Promise<Asset[]>;
+        updateSettings: (arg0: {}, arg1: Asset) => Promise<void>;
+    };
+    resourceServers: APIClientBaseFunctions;
+    roles: APIClientBaseFunctions & {
+        permissions: APIClientBaseFunctions & {
+            delete: (arg0: {
+                id: string;
+            }, arg1: {
+                permissions: Asset[];
+            }) => Promise<void>;
+            create: (arg0: {
+                id: string;
+            }, arg1: {
+                permissions: Asset[];
+            }) => Promise<Asset>;
+        };
+    };
+    rules: APIClientBaseFunctions;
+    rulesConfigs: APIClientBaseFunctions & {
+        getAll: () => Promise<Asset[]>;
+    };
+    tenant: APIClientBaseFunctions & {
+        getSettings: () => Promise<Asset>;
+        updateSettings: (arg0: Asset) => Promise<void>;
+    };
+    triggers: APIClientBaseFunctions & {
+        getTriggerBindings: () => Promise<Asset>;
+    };
+    updateRule: (arg0: {
+        id: string;
+    }, arg1: Asset) => Promise<Asset>;
+};
+export declare type Auth0APIClient = BaseAuth0APIClient & {
+    pool: {
+        addSingleTask: (arg0: {
+            data: Object;
+            generator: any;
+        }) => {
+            promise: () => Promise<ApiResponse>;
+        };
+        addEachTask: (arg0: {
+            data: Object;
+            generator: any;
+        }) => {
+            promise: () => Promise<Asset[][]>;
+        };
+    };
+};
+export declare type Config = {
+    AUTH0_DOMAIN: string;
+    AUTH0_CLIENT_ID: string;
+    AUTH0_CLIENT_SECRET: string;
+    AUTH0_INPUT_FILE: string;
+    AUTH0_ALLOW_DELETE: boolean;
+    AUTH0_EXCLUDED: AssetTypes[];
+    EXTENSION_SECRET: string;
+    AUTH0_ACCESS_TOKEN?: string;
+    AUTH0_BASE_PATH?: string;
+    AUTH0_AUDIENCE?: string;
+    AUTH0_API_MAX_RETRIES?: number;
+    AUTH0_KEYWORD_REPLACE_MAPPINGS?: KeywordMappings;
+    AUTH0_EXPORT_IDENTIFIERS?: boolean;
+    AUTH0_CONNECTIONS_DIRECTORY?: string;
+    EXCLUDED_PROPS?: {
+        [key: string]: string[];
+    };
+    INCLUDED_PROPS?: {
+        [key: string]: string[];
+    };
+    AUTH0_IGNORE_UNAVAILABLE_MIGRATIONS?: boolean;
+    AUTH0_EXCLUDED_RULES?: string[];
+    AUTH0_EXCLUDED_CLIENTS?: string[];
+    AUTH0_EXCLUDED_DATABASES?: string[];
+    AUTH0_EXCLUDED_CONNECTIONS?: string[];
+    AUTH0_EXCLUDED_RESOURCE_SERVERS?: string[];
+    AUTH0_EXCLUDED_DEFAULTS?: string[];
+};
+export declare type Asset = {
+    [key: string]: any;
+};
+export declare type Assets = {
+    actions: Asset[];
+    attackProtection: Asset;
+    branding: Asset;
+    clients: Asset[];
+    clientGrants: Asset[];
+    connections: Asset[];
+    databases: Asset[];
+    emailProvider: Asset;
+    emailTemplates: Asset[];
+    guardianFactorProviders: Asset[];
+    guardianFactors: Asset[];
+    guardianFactorTemplates: Asset[];
+    guardianPhoneFactorMessageTypes: {
+        message_types: Asset[];
+    };
+    guardianPhoneFactorSelectedProvider: Asset;
+    guardianPolicies: {
+        policies: Asset[];
+    };
+    hooks: Asset[];
+    migrations: Asset[];
+    organizations: Asset[];
+    pages: Asset[];
+    resourceServers: Asset[];
+    roles: Asset[];
+    rules: Asset[];
+    rulesConfigs: Asset[];
+    tenant: Asset;
+    triggers: Asset[];
+    exclude?: {
+        [key: string]: string[];
+    };
+    clientsOrig: Asset[];
+};
+export declare type CalculatedChanges = {
+    del: Asset[];
+    update: Asset[];
+    conflicts: Asset[];
+    create: Asset[];
+};
+export declare type AssetTypes = 'rules' | 'rulesConfigs' | 'hooks' | 'pages' | 'databases' | 'clientGrants' | 'resourceServers' | 'clients' | 'connections' | 'tenant' | 'emailProvider' | 'emailTemplates' | 'guardianFactors' | 'guardianFactorProviders' | 'guardianFactorTemplates' | 'migrations' | 'guardianPhoneFactorMessageTypes' | 'guardianPhoneFactorSelectedProvider' | 'guardianPolicies' | 'roles' | 'actions' | 'organizations' | 'triggers' | 'attackProtection' | 'branding';
+export declare type KeywordMappings = {
+    [key: string]: (string | number)[] | string | number;
+};
+export {};