authmi 1.1.0 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-EAK7C6YO.mjs → chunk-DMNUO422.mjs} +38 -20
- package/dist/index.js +37 -36
- package/dist/index.mjs +2 -17
- package/dist/next.js +37 -20
- package/dist/next.mjs +1 -1
- package/dist/react.js +37 -20
- package/dist/react.mjs +1 -1
- package/package.json +1 -1
|
@@ -81,6 +81,22 @@ var LocalStorageTokenStorage = class {
|
|
|
81
81
|
}
|
|
82
82
|
};
|
|
83
83
|
|
|
84
|
+
// src/storage/memory.ts
|
|
85
|
+
var MemoryTokenStorage = class {
|
|
86
|
+
constructor() {
|
|
87
|
+
this.token = null;
|
|
88
|
+
}
|
|
89
|
+
getToken() {
|
|
90
|
+
return this.token;
|
|
91
|
+
}
|
|
92
|
+
setToken(token) {
|
|
93
|
+
this.token = token;
|
|
94
|
+
}
|
|
95
|
+
removeToken() {
|
|
96
|
+
this.token = null;
|
|
97
|
+
}
|
|
98
|
+
};
|
|
99
|
+
|
|
84
100
|
// src/types.ts
|
|
85
101
|
var AuthMiError = class extends Error {
|
|
86
102
|
constructor(message, code, statusCode) {
|
|
@@ -103,7 +119,7 @@ var ScopeError = class extends AuthMiError {
|
|
|
103
119
|
var AuthMiClient = class {
|
|
104
120
|
constructor(config, options) {
|
|
105
121
|
this.configProvider = config;
|
|
106
|
-
this.storage = options?.storage ?? new LocalStorageTokenStorage();
|
|
122
|
+
this.storage = options?.storage ?? (typeof window !== "undefined" ? new LocalStorageTokenStorage() : new MemoryTokenStorage());
|
|
107
123
|
this.cache = options?.cache || null;
|
|
108
124
|
}
|
|
109
125
|
/** Resolve current config (supports lazy evaluation) */
|
|
@@ -111,7 +127,7 @@ var AuthMiClient = class {
|
|
|
111
127
|
return resolveConfig(this.configProvider);
|
|
112
128
|
}
|
|
113
129
|
// ============ HTTP plumbing ============
|
|
114
|
-
async request(endpoint, options = {}, requireUserToken = false) {
|
|
130
|
+
async request(endpoint, options = {}, requireUserToken = false, requireServiceAuth = true) {
|
|
115
131
|
const cfg = this.config;
|
|
116
132
|
const url = `${cfg.baseUrl}${endpoint}`;
|
|
117
133
|
const headers = {
|
|
@@ -122,9 +138,10 @@ var AuthMiClient = class {
|
|
|
122
138
|
if (requireUserToken) {
|
|
123
139
|
const token = await this.storage.getToken();
|
|
124
140
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
125
|
-
} else if (cfg.clientId && cfg.clientSecret) {
|
|
141
|
+
} else if (requireServiceAuth && cfg.clientId && cfg.clientSecret) {
|
|
126
142
|
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
127
|
-
|
|
143
|
+
headers["X-Service-ID"] = cfg.serviceId || cfg.clientId;
|
|
144
|
+
} else if (requireServiceAuth && cfg.apiKey) {
|
|
128
145
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
129
146
|
}
|
|
130
147
|
}
|
|
@@ -182,7 +199,7 @@ var AuthMiClient = class {
|
|
|
182
199
|
const response = await this.request("/api/v1/auth/signup", {
|
|
183
200
|
method: "POST",
|
|
184
201
|
body: JSON.stringify(credentials)
|
|
185
|
-
});
|
|
202
|
+
}, false, false);
|
|
186
203
|
return this.mapAuthToken(response);
|
|
187
204
|
}
|
|
188
205
|
async login(credentials) {
|
|
@@ -196,7 +213,7 @@ var AuthMiClient = class {
|
|
|
196
213
|
expires_in_hours: credentials.expiresInHours || cfg.defaultTokenExpiry,
|
|
197
214
|
scopes: credentials.scopes
|
|
198
215
|
})
|
|
199
|
-
});
|
|
216
|
+
}, false, false);
|
|
200
217
|
const token = this.mapAuthToken(response);
|
|
201
218
|
this.setAccessToken(token.accessToken);
|
|
202
219
|
return token;
|
|
@@ -225,38 +242,38 @@ var AuthMiClient = class {
|
|
|
225
242
|
return token;
|
|
226
243
|
}
|
|
227
244
|
async getMe() {
|
|
228
|
-
const response = await this.request("/api/v1/auth/me");
|
|
245
|
+
const response = await this.request("/api/v1/auth/me", {}, true);
|
|
229
246
|
return { userId: response.user_id, email: response.email, name: response.name, createdAt: response.created_at };
|
|
230
247
|
}
|
|
231
248
|
async forgotPassword(request) {
|
|
232
249
|
return this.request("/api/v1/auth/forgot-password", {
|
|
233
250
|
method: "POST",
|
|
234
251
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
235
|
-
});
|
|
252
|
+
}, false, false);
|
|
236
253
|
}
|
|
237
254
|
async resetPassword(request) {
|
|
238
255
|
return this.request("/api/v1/auth/reset-password", {
|
|
239
256
|
method: "POST",
|
|
240
257
|
body: JSON.stringify({ token: request.token, new_password: request.newPassword })
|
|
241
|
-
});
|
|
258
|
+
}, false, false);
|
|
242
259
|
}
|
|
243
260
|
async verifyEmail(request) {
|
|
244
261
|
return this.request("/api/v1/auth/verify-email", {
|
|
245
262
|
method: "POST",
|
|
246
263
|
body: JSON.stringify({ token: request.token })
|
|
247
|
-
});
|
|
264
|
+
}, false, false);
|
|
248
265
|
}
|
|
249
266
|
async resendVerification(request) {
|
|
250
267
|
return this.request("/api/v1/auth/resend-verification", {
|
|
251
268
|
method: "POST",
|
|
252
269
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
253
|
-
});
|
|
270
|
+
}, false, false);
|
|
254
271
|
}
|
|
255
272
|
async deactivateAccount(password) {
|
|
256
273
|
await this.request("/api/v1/auth/deactivate", {
|
|
257
274
|
method: "POST",
|
|
258
275
|
body: JSON.stringify({ password })
|
|
259
|
-
});
|
|
276
|
+
}, true, false);
|
|
260
277
|
}
|
|
261
278
|
mapAuthToken(raw) {
|
|
262
279
|
return {
|
|
@@ -279,7 +296,7 @@ var AuthMiClient = class {
|
|
|
279
296
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
280
297
|
method: "POST",
|
|
281
298
|
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId || cfg.clientId })
|
|
282
|
-
});
|
|
299
|
+
}, false, false);
|
|
283
300
|
return response.url;
|
|
284
301
|
}
|
|
285
302
|
handleOAuthCallback(url) {
|
|
@@ -300,13 +317,13 @@ var AuthMiClient = class {
|
|
|
300
317
|
return this.request("/api/v1/auth/saml/initiate", {
|
|
301
318
|
method: "POST",
|
|
302
319
|
body: JSON.stringify({ email: request.email, redirect_uri: request.redirectUri })
|
|
303
|
-
});
|
|
320
|
+
}, false, false);
|
|
304
321
|
}
|
|
305
322
|
async parseSamlMetadata(xml) {
|
|
306
323
|
return this.request("/api/v1/auth/saml/parse-metadata", {
|
|
307
324
|
method: "POST",
|
|
308
325
|
body: JSON.stringify({ metadata_xml: xml })
|
|
309
|
-
});
|
|
326
|
+
}, false, false);
|
|
310
327
|
}
|
|
311
328
|
async listSamlConnections() {
|
|
312
329
|
const response = await this.request("/api/v1/auth/saml/connections");
|
|
@@ -325,28 +342,28 @@ var AuthMiClient = class {
|
|
|
325
342
|
}
|
|
326
343
|
// ============ 2FA ============
|
|
327
344
|
async setup2fa() {
|
|
328
|
-
return this.request("/api/v1/auth/2fa/setup", { method: "POST" });
|
|
345
|
+
return this.request("/api/v1/auth/2fa/setup", { method: "POST" }, true, false);
|
|
329
346
|
}
|
|
330
347
|
async enable2fa(code) {
|
|
331
348
|
return this.request("/api/v1/auth/2fa/enable", {
|
|
332
349
|
method: "POST",
|
|
333
350
|
body: JSON.stringify({ code })
|
|
334
|
-
});
|
|
351
|
+
}, true, false);
|
|
335
352
|
}
|
|
336
353
|
async disable2fa(password) {
|
|
337
354
|
await this.request("/api/v1/auth/2fa/disable", {
|
|
338
355
|
method: "POST",
|
|
339
356
|
body: JSON.stringify({ password })
|
|
340
|
-
});
|
|
357
|
+
}, true, false);
|
|
341
358
|
}
|
|
342
359
|
async regenerateBackupCodes() {
|
|
343
|
-
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" });
|
|
360
|
+
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" }, true, false);
|
|
344
361
|
}
|
|
345
362
|
async challenge2fa(request) {
|
|
346
363
|
return this.request("/api/v1/auth/2fa/challenge", {
|
|
347
364
|
method: "POST",
|
|
348
365
|
body: JSON.stringify(request)
|
|
349
|
-
});
|
|
366
|
+
}, false, false);
|
|
350
367
|
}
|
|
351
368
|
// ============ Users ============
|
|
352
369
|
async createUser(request) {
|
|
@@ -682,6 +699,7 @@ export {
|
|
|
682
699
|
__commonJS,
|
|
683
700
|
__toESM,
|
|
684
701
|
LocalStorageTokenStorage,
|
|
702
|
+
MemoryTokenStorage,
|
|
685
703
|
AuthMiError,
|
|
686
704
|
ScopeError,
|
|
687
705
|
AuthMiClient
|
package/dist/index.js
CHANGED
|
@@ -82,6 +82,22 @@ var LocalStorageTokenStorage = class {
|
|
|
82
82
|
}
|
|
83
83
|
};
|
|
84
84
|
|
|
85
|
+
// src/storage/memory.ts
|
|
86
|
+
var MemoryTokenStorage = class {
|
|
87
|
+
constructor() {
|
|
88
|
+
this.token = null;
|
|
89
|
+
}
|
|
90
|
+
getToken() {
|
|
91
|
+
return this.token;
|
|
92
|
+
}
|
|
93
|
+
setToken(token) {
|
|
94
|
+
this.token = token;
|
|
95
|
+
}
|
|
96
|
+
removeToken() {
|
|
97
|
+
this.token = null;
|
|
98
|
+
}
|
|
99
|
+
};
|
|
100
|
+
|
|
85
101
|
// src/types.ts
|
|
86
102
|
var AuthMiError = class extends Error {
|
|
87
103
|
constructor(message, code, statusCode) {
|
|
@@ -104,7 +120,7 @@ var ScopeError = class extends AuthMiError {
|
|
|
104
120
|
var AuthMiClient = class {
|
|
105
121
|
constructor(config, options) {
|
|
106
122
|
this.configProvider = config;
|
|
107
|
-
this.storage = options?.storage ?? new LocalStorageTokenStorage();
|
|
123
|
+
this.storage = options?.storage ?? (typeof window !== "undefined" ? new LocalStorageTokenStorage() : new MemoryTokenStorage());
|
|
108
124
|
this.cache = options?.cache || null;
|
|
109
125
|
}
|
|
110
126
|
/** Resolve current config (supports lazy evaluation) */
|
|
@@ -112,7 +128,7 @@ var AuthMiClient = class {
|
|
|
112
128
|
return resolveConfig(this.configProvider);
|
|
113
129
|
}
|
|
114
130
|
// ============ HTTP plumbing ============
|
|
115
|
-
async request(endpoint, options = {}, requireUserToken = false) {
|
|
131
|
+
async request(endpoint, options = {}, requireUserToken = false, requireServiceAuth = true) {
|
|
116
132
|
const cfg = this.config;
|
|
117
133
|
const url = `${cfg.baseUrl}${endpoint}`;
|
|
118
134
|
const headers = {
|
|
@@ -123,9 +139,10 @@ var AuthMiClient = class {
|
|
|
123
139
|
if (requireUserToken) {
|
|
124
140
|
const token = await this.storage.getToken();
|
|
125
141
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
126
|
-
} else if (cfg.clientId && cfg.clientSecret) {
|
|
142
|
+
} else if (requireServiceAuth && cfg.clientId && cfg.clientSecret) {
|
|
127
143
|
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
128
|
-
|
|
144
|
+
headers["X-Service-ID"] = cfg.serviceId || cfg.clientId;
|
|
145
|
+
} else if (requireServiceAuth && cfg.apiKey) {
|
|
129
146
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
130
147
|
}
|
|
131
148
|
}
|
|
@@ -183,7 +200,7 @@ var AuthMiClient = class {
|
|
|
183
200
|
const response = await this.request("/api/v1/auth/signup", {
|
|
184
201
|
method: "POST",
|
|
185
202
|
body: JSON.stringify(credentials)
|
|
186
|
-
});
|
|
203
|
+
}, false, false);
|
|
187
204
|
return this.mapAuthToken(response);
|
|
188
205
|
}
|
|
189
206
|
async login(credentials) {
|
|
@@ -197,7 +214,7 @@ var AuthMiClient = class {
|
|
|
197
214
|
expires_in_hours: credentials.expiresInHours || cfg.defaultTokenExpiry,
|
|
198
215
|
scopes: credentials.scopes
|
|
199
216
|
})
|
|
200
|
-
});
|
|
217
|
+
}, false, false);
|
|
201
218
|
const token = this.mapAuthToken(response);
|
|
202
219
|
this.setAccessToken(token.accessToken);
|
|
203
220
|
return token;
|
|
@@ -226,38 +243,38 @@ var AuthMiClient = class {
|
|
|
226
243
|
return token;
|
|
227
244
|
}
|
|
228
245
|
async getMe() {
|
|
229
|
-
const response = await this.request("/api/v1/auth/me");
|
|
246
|
+
const response = await this.request("/api/v1/auth/me", {}, true);
|
|
230
247
|
return { userId: response.user_id, email: response.email, name: response.name, createdAt: response.created_at };
|
|
231
248
|
}
|
|
232
249
|
async forgotPassword(request) {
|
|
233
250
|
return this.request("/api/v1/auth/forgot-password", {
|
|
234
251
|
method: "POST",
|
|
235
252
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
236
|
-
});
|
|
253
|
+
}, false, false);
|
|
237
254
|
}
|
|
238
255
|
async resetPassword(request) {
|
|
239
256
|
return this.request("/api/v1/auth/reset-password", {
|
|
240
257
|
method: "POST",
|
|
241
258
|
body: JSON.stringify({ token: request.token, new_password: request.newPassword })
|
|
242
|
-
});
|
|
259
|
+
}, false, false);
|
|
243
260
|
}
|
|
244
261
|
async verifyEmail(request) {
|
|
245
262
|
return this.request("/api/v1/auth/verify-email", {
|
|
246
263
|
method: "POST",
|
|
247
264
|
body: JSON.stringify({ token: request.token })
|
|
248
|
-
});
|
|
265
|
+
}, false, false);
|
|
249
266
|
}
|
|
250
267
|
async resendVerification(request) {
|
|
251
268
|
return this.request("/api/v1/auth/resend-verification", {
|
|
252
269
|
method: "POST",
|
|
253
270
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
254
|
-
});
|
|
271
|
+
}, false, false);
|
|
255
272
|
}
|
|
256
273
|
async deactivateAccount(password) {
|
|
257
274
|
await this.request("/api/v1/auth/deactivate", {
|
|
258
275
|
method: "POST",
|
|
259
276
|
body: JSON.stringify({ password })
|
|
260
|
-
});
|
|
277
|
+
}, true, false);
|
|
261
278
|
}
|
|
262
279
|
mapAuthToken(raw) {
|
|
263
280
|
return {
|
|
@@ -280,7 +297,7 @@ var AuthMiClient = class {
|
|
|
280
297
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
281
298
|
method: "POST",
|
|
282
299
|
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId || cfg.clientId })
|
|
283
|
-
});
|
|
300
|
+
}, false, false);
|
|
284
301
|
return response.url;
|
|
285
302
|
}
|
|
286
303
|
handleOAuthCallback(url) {
|
|
@@ -301,13 +318,13 @@ var AuthMiClient = class {
|
|
|
301
318
|
return this.request("/api/v1/auth/saml/initiate", {
|
|
302
319
|
method: "POST",
|
|
303
320
|
body: JSON.stringify({ email: request.email, redirect_uri: request.redirectUri })
|
|
304
|
-
});
|
|
321
|
+
}, false, false);
|
|
305
322
|
}
|
|
306
323
|
async parseSamlMetadata(xml) {
|
|
307
324
|
return this.request("/api/v1/auth/saml/parse-metadata", {
|
|
308
325
|
method: "POST",
|
|
309
326
|
body: JSON.stringify({ metadata_xml: xml })
|
|
310
|
-
});
|
|
327
|
+
}, false, false);
|
|
311
328
|
}
|
|
312
329
|
async listSamlConnections() {
|
|
313
330
|
const response = await this.request("/api/v1/auth/saml/connections");
|
|
@@ -326,28 +343,28 @@ var AuthMiClient = class {
|
|
|
326
343
|
}
|
|
327
344
|
// ============ 2FA ============
|
|
328
345
|
async setup2fa() {
|
|
329
|
-
return this.request("/api/v1/auth/2fa/setup", { method: "POST" });
|
|
346
|
+
return this.request("/api/v1/auth/2fa/setup", { method: "POST" }, true, false);
|
|
330
347
|
}
|
|
331
348
|
async enable2fa(code) {
|
|
332
349
|
return this.request("/api/v1/auth/2fa/enable", {
|
|
333
350
|
method: "POST",
|
|
334
351
|
body: JSON.stringify({ code })
|
|
335
|
-
});
|
|
352
|
+
}, true, false);
|
|
336
353
|
}
|
|
337
354
|
async disable2fa(password) {
|
|
338
355
|
await this.request("/api/v1/auth/2fa/disable", {
|
|
339
356
|
method: "POST",
|
|
340
357
|
body: JSON.stringify({ password })
|
|
341
|
-
});
|
|
358
|
+
}, true, false);
|
|
342
359
|
}
|
|
343
360
|
async regenerateBackupCodes() {
|
|
344
|
-
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" });
|
|
361
|
+
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" }, true, false);
|
|
345
362
|
}
|
|
346
363
|
async challenge2fa(request) {
|
|
347
364
|
return this.request("/api/v1/auth/2fa/challenge", {
|
|
348
365
|
method: "POST",
|
|
349
366
|
body: JSON.stringify(request)
|
|
350
|
-
});
|
|
367
|
+
}, false, false);
|
|
351
368
|
}
|
|
352
369
|
// ============ Users ============
|
|
353
370
|
async createUser(request) {
|
|
@@ -735,22 +752,6 @@ var CookieTokenStorage = class _CookieTokenStorage {
|
|
|
735
752
|
}
|
|
736
753
|
};
|
|
737
754
|
|
|
738
|
-
// src/storage/memory.ts
|
|
739
|
-
var MemoryTokenStorage = class {
|
|
740
|
-
constructor() {
|
|
741
|
-
this.token = null;
|
|
742
|
-
}
|
|
743
|
-
getToken() {
|
|
744
|
-
return this.token;
|
|
745
|
-
}
|
|
746
|
-
setToken(token) {
|
|
747
|
-
this.token = token;
|
|
748
|
-
}
|
|
749
|
-
removeToken() {
|
|
750
|
-
this.token = null;
|
|
751
|
-
}
|
|
752
|
-
};
|
|
753
|
-
|
|
754
755
|
// src/cache.ts
|
|
755
756
|
var IntrospectCache = class {
|
|
756
757
|
constructor(ttlMs = 6e4) {
|
package/dist/index.mjs
CHANGED
|
@@ -2,8 +2,9 @@ import {
|
|
|
2
2
|
AuthMiClient,
|
|
3
3
|
AuthMiError,
|
|
4
4
|
LocalStorageTokenStorage,
|
|
5
|
+
MemoryTokenStorage,
|
|
5
6
|
ScopeError
|
|
6
|
-
} from "./chunk-
|
|
7
|
+
} from "./chunk-DMNUO422.mjs";
|
|
7
8
|
|
|
8
9
|
// src/storage/cookie.ts
|
|
9
10
|
var CookieTokenStorage = class _CookieTokenStorage {
|
|
@@ -62,22 +63,6 @@ var CookieTokenStorage = class _CookieTokenStorage {
|
|
|
62
63
|
}
|
|
63
64
|
};
|
|
64
65
|
|
|
65
|
-
// src/storage/memory.ts
|
|
66
|
-
var MemoryTokenStorage = class {
|
|
67
|
-
constructor() {
|
|
68
|
-
this.token = null;
|
|
69
|
-
}
|
|
70
|
-
getToken() {
|
|
71
|
-
return this.token;
|
|
72
|
-
}
|
|
73
|
-
setToken(token) {
|
|
74
|
-
this.token = token;
|
|
75
|
-
}
|
|
76
|
-
removeToken() {
|
|
77
|
-
this.token = null;
|
|
78
|
-
}
|
|
79
|
-
};
|
|
80
|
-
|
|
81
66
|
// src/cache.ts
|
|
82
67
|
var IntrospectCache = class {
|
|
83
68
|
constructor(ttlMs = 6e4) {
|
package/dist/next.js
CHANGED
|
@@ -4510,6 +4510,22 @@ var LocalStorageTokenStorage = class {
|
|
|
4510
4510
|
}
|
|
4511
4511
|
};
|
|
4512
4512
|
|
|
4513
|
+
// src/storage/memory.ts
|
|
4514
|
+
var MemoryTokenStorage = class {
|
|
4515
|
+
constructor() {
|
|
4516
|
+
this.token = null;
|
|
4517
|
+
}
|
|
4518
|
+
getToken() {
|
|
4519
|
+
return this.token;
|
|
4520
|
+
}
|
|
4521
|
+
setToken(token) {
|
|
4522
|
+
this.token = token;
|
|
4523
|
+
}
|
|
4524
|
+
removeToken() {
|
|
4525
|
+
this.token = null;
|
|
4526
|
+
}
|
|
4527
|
+
};
|
|
4528
|
+
|
|
4513
4529
|
// src/types.ts
|
|
4514
4530
|
var AuthMiError = class extends Error {
|
|
4515
4531
|
constructor(message, code, statusCode) {
|
|
@@ -4532,7 +4548,7 @@ var ScopeError = class extends AuthMiError {
|
|
|
4532
4548
|
var AuthMiClient = class {
|
|
4533
4549
|
constructor(config, options) {
|
|
4534
4550
|
this.configProvider = config;
|
|
4535
|
-
this.storage = options?.storage ?? new LocalStorageTokenStorage();
|
|
4551
|
+
this.storage = options?.storage ?? (typeof window !== "undefined" ? new LocalStorageTokenStorage() : new MemoryTokenStorage());
|
|
4536
4552
|
this.cache = options?.cache || null;
|
|
4537
4553
|
}
|
|
4538
4554
|
/** Resolve current config (supports lazy evaluation) */
|
|
@@ -4540,7 +4556,7 @@ var AuthMiClient = class {
|
|
|
4540
4556
|
return resolveConfig(this.configProvider);
|
|
4541
4557
|
}
|
|
4542
4558
|
// ============ HTTP plumbing ============
|
|
4543
|
-
async request(endpoint, options = {}, requireUserToken = false) {
|
|
4559
|
+
async request(endpoint, options = {}, requireUserToken = false, requireServiceAuth = true) {
|
|
4544
4560
|
const cfg = this.config;
|
|
4545
4561
|
const url = `${cfg.baseUrl}${endpoint}`;
|
|
4546
4562
|
const headers = {
|
|
@@ -4551,9 +4567,10 @@ var AuthMiClient = class {
|
|
|
4551
4567
|
if (requireUserToken) {
|
|
4552
4568
|
const token = await this.storage.getToken();
|
|
4553
4569
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
4554
|
-
} else if (cfg.clientId && cfg.clientSecret) {
|
|
4570
|
+
} else if (requireServiceAuth && cfg.clientId && cfg.clientSecret) {
|
|
4555
4571
|
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
4556
|
-
|
|
4572
|
+
headers["X-Service-ID"] = cfg.serviceId || cfg.clientId;
|
|
4573
|
+
} else if (requireServiceAuth && cfg.apiKey) {
|
|
4557
4574
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
4558
4575
|
}
|
|
4559
4576
|
}
|
|
@@ -4611,7 +4628,7 @@ var AuthMiClient = class {
|
|
|
4611
4628
|
const response = await this.request("/api/v1/auth/signup", {
|
|
4612
4629
|
method: "POST",
|
|
4613
4630
|
body: JSON.stringify(credentials)
|
|
4614
|
-
});
|
|
4631
|
+
}, false, false);
|
|
4615
4632
|
return this.mapAuthToken(response);
|
|
4616
4633
|
}
|
|
4617
4634
|
async login(credentials) {
|
|
@@ -4625,7 +4642,7 @@ var AuthMiClient = class {
|
|
|
4625
4642
|
expires_in_hours: credentials.expiresInHours || cfg.defaultTokenExpiry,
|
|
4626
4643
|
scopes: credentials.scopes
|
|
4627
4644
|
})
|
|
4628
|
-
});
|
|
4645
|
+
}, false, false);
|
|
4629
4646
|
const token = this.mapAuthToken(response);
|
|
4630
4647
|
this.setAccessToken(token.accessToken);
|
|
4631
4648
|
return token;
|
|
@@ -4654,38 +4671,38 @@ var AuthMiClient = class {
|
|
|
4654
4671
|
return token;
|
|
4655
4672
|
}
|
|
4656
4673
|
async getMe() {
|
|
4657
|
-
const response = await this.request("/api/v1/auth/me");
|
|
4674
|
+
const response = await this.request("/api/v1/auth/me", {}, true);
|
|
4658
4675
|
return { userId: response.user_id, email: response.email, name: response.name, createdAt: response.created_at };
|
|
4659
4676
|
}
|
|
4660
4677
|
async forgotPassword(request) {
|
|
4661
4678
|
return this.request("/api/v1/auth/forgot-password", {
|
|
4662
4679
|
method: "POST",
|
|
4663
4680
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
4664
|
-
});
|
|
4681
|
+
}, false, false);
|
|
4665
4682
|
}
|
|
4666
4683
|
async resetPassword(request) {
|
|
4667
4684
|
return this.request("/api/v1/auth/reset-password", {
|
|
4668
4685
|
method: "POST",
|
|
4669
4686
|
body: JSON.stringify({ token: request.token, new_password: request.newPassword })
|
|
4670
|
-
});
|
|
4687
|
+
}, false, false);
|
|
4671
4688
|
}
|
|
4672
4689
|
async verifyEmail(request) {
|
|
4673
4690
|
return this.request("/api/v1/auth/verify-email", {
|
|
4674
4691
|
method: "POST",
|
|
4675
4692
|
body: JSON.stringify({ token: request.token })
|
|
4676
|
-
});
|
|
4693
|
+
}, false, false);
|
|
4677
4694
|
}
|
|
4678
4695
|
async resendVerification(request) {
|
|
4679
4696
|
return this.request("/api/v1/auth/resend-verification", {
|
|
4680
4697
|
method: "POST",
|
|
4681
4698
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
4682
|
-
});
|
|
4699
|
+
}, false, false);
|
|
4683
4700
|
}
|
|
4684
4701
|
async deactivateAccount(password) {
|
|
4685
4702
|
await this.request("/api/v1/auth/deactivate", {
|
|
4686
4703
|
method: "POST",
|
|
4687
4704
|
body: JSON.stringify({ password })
|
|
4688
|
-
});
|
|
4705
|
+
}, true, false);
|
|
4689
4706
|
}
|
|
4690
4707
|
mapAuthToken(raw) {
|
|
4691
4708
|
return {
|
|
@@ -4708,7 +4725,7 @@ var AuthMiClient = class {
|
|
|
4708
4725
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
4709
4726
|
method: "POST",
|
|
4710
4727
|
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId || cfg.clientId })
|
|
4711
|
-
});
|
|
4728
|
+
}, false, false);
|
|
4712
4729
|
return response.url;
|
|
4713
4730
|
}
|
|
4714
4731
|
handleOAuthCallback(url) {
|
|
@@ -4729,13 +4746,13 @@ var AuthMiClient = class {
|
|
|
4729
4746
|
return this.request("/api/v1/auth/saml/initiate", {
|
|
4730
4747
|
method: "POST",
|
|
4731
4748
|
body: JSON.stringify({ email: request.email, redirect_uri: request.redirectUri })
|
|
4732
|
-
});
|
|
4749
|
+
}, false, false);
|
|
4733
4750
|
}
|
|
4734
4751
|
async parseSamlMetadata(xml) {
|
|
4735
4752
|
return this.request("/api/v1/auth/saml/parse-metadata", {
|
|
4736
4753
|
method: "POST",
|
|
4737
4754
|
body: JSON.stringify({ metadata_xml: xml })
|
|
4738
|
-
});
|
|
4755
|
+
}, false, false);
|
|
4739
4756
|
}
|
|
4740
4757
|
async listSamlConnections() {
|
|
4741
4758
|
const response = await this.request("/api/v1/auth/saml/connections");
|
|
@@ -4754,28 +4771,28 @@ var AuthMiClient = class {
|
|
|
4754
4771
|
}
|
|
4755
4772
|
// ============ 2FA ============
|
|
4756
4773
|
async setup2fa() {
|
|
4757
|
-
return this.request("/api/v1/auth/2fa/setup", { method: "POST" });
|
|
4774
|
+
return this.request("/api/v1/auth/2fa/setup", { method: "POST" }, true, false);
|
|
4758
4775
|
}
|
|
4759
4776
|
async enable2fa(code) {
|
|
4760
4777
|
return this.request("/api/v1/auth/2fa/enable", {
|
|
4761
4778
|
method: "POST",
|
|
4762
4779
|
body: JSON.stringify({ code })
|
|
4763
|
-
});
|
|
4780
|
+
}, true, false);
|
|
4764
4781
|
}
|
|
4765
4782
|
async disable2fa(password) {
|
|
4766
4783
|
await this.request("/api/v1/auth/2fa/disable", {
|
|
4767
4784
|
method: "POST",
|
|
4768
4785
|
body: JSON.stringify({ password })
|
|
4769
|
-
});
|
|
4786
|
+
}, true, false);
|
|
4770
4787
|
}
|
|
4771
4788
|
async regenerateBackupCodes() {
|
|
4772
|
-
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" });
|
|
4789
|
+
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" }, true, false);
|
|
4773
4790
|
}
|
|
4774
4791
|
async challenge2fa(request) {
|
|
4775
4792
|
return this.request("/api/v1/auth/2fa/challenge", {
|
|
4776
4793
|
method: "POST",
|
|
4777
4794
|
body: JSON.stringify(request)
|
|
4778
|
-
});
|
|
4795
|
+
}, false, false);
|
|
4779
4796
|
}
|
|
4780
4797
|
// ============ Users ============
|
|
4781
4798
|
async createUser(request) {
|
package/dist/next.mjs
CHANGED
package/dist/react.js
CHANGED
|
@@ -86,6 +86,22 @@ var LocalStorageTokenStorage = class {
|
|
|
86
86
|
}
|
|
87
87
|
};
|
|
88
88
|
|
|
89
|
+
// src/storage/memory.ts
|
|
90
|
+
var MemoryTokenStorage = class {
|
|
91
|
+
constructor() {
|
|
92
|
+
this.token = null;
|
|
93
|
+
}
|
|
94
|
+
getToken() {
|
|
95
|
+
return this.token;
|
|
96
|
+
}
|
|
97
|
+
setToken(token) {
|
|
98
|
+
this.token = token;
|
|
99
|
+
}
|
|
100
|
+
removeToken() {
|
|
101
|
+
this.token = null;
|
|
102
|
+
}
|
|
103
|
+
};
|
|
104
|
+
|
|
89
105
|
// src/types.ts
|
|
90
106
|
var AuthMiError = class extends Error {
|
|
91
107
|
constructor(message, code, statusCode) {
|
|
@@ -108,7 +124,7 @@ var ScopeError = class extends AuthMiError {
|
|
|
108
124
|
var AuthMiClient = class {
|
|
109
125
|
constructor(config, options) {
|
|
110
126
|
this.configProvider = config;
|
|
111
|
-
this.storage = options?.storage ?? new LocalStorageTokenStorage();
|
|
127
|
+
this.storage = options?.storage ?? (typeof window !== "undefined" ? new LocalStorageTokenStorage() : new MemoryTokenStorage());
|
|
112
128
|
this.cache = options?.cache || null;
|
|
113
129
|
}
|
|
114
130
|
/** Resolve current config (supports lazy evaluation) */
|
|
@@ -116,7 +132,7 @@ var AuthMiClient = class {
|
|
|
116
132
|
return resolveConfig(this.configProvider);
|
|
117
133
|
}
|
|
118
134
|
// ============ HTTP plumbing ============
|
|
119
|
-
async request(endpoint, options = {}, requireUserToken = false) {
|
|
135
|
+
async request(endpoint, options = {}, requireUserToken = false, requireServiceAuth = true) {
|
|
120
136
|
const cfg = this.config;
|
|
121
137
|
const url = `${cfg.baseUrl}${endpoint}`;
|
|
122
138
|
const headers = {
|
|
@@ -127,9 +143,10 @@ var AuthMiClient = class {
|
|
|
127
143
|
if (requireUserToken) {
|
|
128
144
|
const token = await this.storage.getToken();
|
|
129
145
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
130
|
-
} else if (cfg.clientId && cfg.clientSecret) {
|
|
146
|
+
} else if (requireServiceAuth && cfg.clientId && cfg.clientSecret) {
|
|
131
147
|
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
132
|
-
|
|
148
|
+
headers["X-Service-ID"] = cfg.serviceId || cfg.clientId;
|
|
149
|
+
} else if (requireServiceAuth && cfg.apiKey) {
|
|
133
150
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
134
151
|
}
|
|
135
152
|
}
|
|
@@ -187,7 +204,7 @@ var AuthMiClient = class {
|
|
|
187
204
|
const response = await this.request("/api/v1/auth/signup", {
|
|
188
205
|
method: "POST",
|
|
189
206
|
body: JSON.stringify(credentials)
|
|
190
|
-
});
|
|
207
|
+
}, false, false);
|
|
191
208
|
return this.mapAuthToken(response);
|
|
192
209
|
}
|
|
193
210
|
async login(credentials) {
|
|
@@ -201,7 +218,7 @@ var AuthMiClient = class {
|
|
|
201
218
|
expires_in_hours: credentials.expiresInHours || cfg.defaultTokenExpiry,
|
|
202
219
|
scopes: credentials.scopes
|
|
203
220
|
})
|
|
204
|
-
});
|
|
221
|
+
}, false, false);
|
|
205
222
|
const token = this.mapAuthToken(response);
|
|
206
223
|
this.setAccessToken(token.accessToken);
|
|
207
224
|
return token;
|
|
@@ -230,38 +247,38 @@ var AuthMiClient = class {
|
|
|
230
247
|
return token;
|
|
231
248
|
}
|
|
232
249
|
async getMe() {
|
|
233
|
-
const response = await this.request("/api/v1/auth/me");
|
|
250
|
+
const response = await this.request("/api/v1/auth/me", {}, true);
|
|
234
251
|
return { userId: response.user_id, email: response.email, name: response.name, createdAt: response.created_at };
|
|
235
252
|
}
|
|
236
253
|
async forgotPassword(request) {
|
|
237
254
|
return this.request("/api/v1/auth/forgot-password", {
|
|
238
255
|
method: "POST",
|
|
239
256
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
240
|
-
});
|
|
257
|
+
}, false, false);
|
|
241
258
|
}
|
|
242
259
|
async resetPassword(request) {
|
|
243
260
|
return this.request("/api/v1/auth/reset-password", {
|
|
244
261
|
method: "POST",
|
|
245
262
|
body: JSON.stringify({ token: request.token, new_password: request.newPassword })
|
|
246
|
-
});
|
|
263
|
+
}, false, false);
|
|
247
264
|
}
|
|
248
265
|
async verifyEmail(request) {
|
|
249
266
|
return this.request("/api/v1/auth/verify-email", {
|
|
250
267
|
method: "POST",
|
|
251
268
|
body: JSON.stringify({ token: request.token })
|
|
252
|
-
});
|
|
269
|
+
}, false, false);
|
|
253
270
|
}
|
|
254
271
|
async resendVerification(request) {
|
|
255
272
|
return this.request("/api/v1/auth/resend-verification", {
|
|
256
273
|
method: "POST",
|
|
257
274
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
258
|
-
});
|
|
275
|
+
}, false, false);
|
|
259
276
|
}
|
|
260
277
|
async deactivateAccount(password) {
|
|
261
278
|
await this.request("/api/v1/auth/deactivate", {
|
|
262
279
|
method: "POST",
|
|
263
280
|
body: JSON.stringify({ password })
|
|
264
|
-
});
|
|
281
|
+
}, true, false);
|
|
265
282
|
}
|
|
266
283
|
mapAuthToken(raw) {
|
|
267
284
|
return {
|
|
@@ -284,7 +301,7 @@ var AuthMiClient = class {
|
|
|
284
301
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
285
302
|
method: "POST",
|
|
286
303
|
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId || cfg.clientId })
|
|
287
|
-
});
|
|
304
|
+
}, false, false);
|
|
288
305
|
return response.url;
|
|
289
306
|
}
|
|
290
307
|
handleOAuthCallback(url) {
|
|
@@ -305,13 +322,13 @@ var AuthMiClient = class {
|
|
|
305
322
|
return this.request("/api/v1/auth/saml/initiate", {
|
|
306
323
|
method: "POST",
|
|
307
324
|
body: JSON.stringify({ email: request.email, redirect_uri: request.redirectUri })
|
|
308
|
-
});
|
|
325
|
+
}, false, false);
|
|
309
326
|
}
|
|
310
327
|
async parseSamlMetadata(xml) {
|
|
311
328
|
return this.request("/api/v1/auth/saml/parse-metadata", {
|
|
312
329
|
method: "POST",
|
|
313
330
|
body: JSON.stringify({ metadata_xml: xml })
|
|
314
|
-
});
|
|
331
|
+
}, false, false);
|
|
315
332
|
}
|
|
316
333
|
async listSamlConnections() {
|
|
317
334
|
const response = await this.request("/api/v1/auth/saml/connections");
|
|
@@ -330,28 +347,28 @@ var AuthMiClient = class {
|
|
|
330
347
|
}
|
|
331
348
|
// ============ 2FA ============
|
|
332
349
|
async setup2fa() {
|
|
333
|
-
return this.request("/api/v1/auth/2fa/setup", { method: "POST" });
|
|
350
|
+
return this.request("/api/v1/auth/2fa/setup", { method: "POST" }, true, false);
|
|
334
351
|
}
|
|
335
352
|
async enable2fa(code) {
|
|
336
353
|
return this.request("/api/v1/auth/2fa/enable", {
|
|
337
354
|
method: "POST",
|
|
338
355
|
body: JSON.stringify({ code })
|
|
339
|
-
});
|
|
356
|
+
}, true, false);
|
|
340
357
|
}
|
|
341
358
|
async disable2fa(password) {
|
|
342
359
|
await this.request("/api/v1/auth/2fa/disable", {
|
|
343
360
|
method: "POST",
|
|
344
361
|
body: JSON.stringify({ password })
|
|
345
|
-
});
|
|
362
|
+
}, true, false);
|
|
346
363
|
}
|
|
347
364
|
async regenerateBackupCodes() {
|
|
348
|
-
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" });
|
|
365
|
+
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" }, true, false);
|
|
349
366
|
}
|
|
350
367
|
async challenge2fa(request) {
|
|
351
368
|
return this.request("/api/v1/auth/2fa/challenge", {
|
|
352
369
|
method: "POST",
|
|
353
370
|
body: JSON.stringify(request)
|
|
354
|
-
});
|
|
371
|
+
}, false, false);
|
|
355
372
|
}
|
|
356
373
|
// ============ Users ============
|
|
357
374
|
async createUser(request) {
|
package/dist/react.mjs
CHANGED