authmi 1.1.0 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-EAK7C6YO.mjs → chunk-LBMBSWSF.mjs} +52 -6
- package/dist/{client-DmZsG2xs.d.mts → client-ClqDnphI.d.mts} +23 -1
- package/dist/{client-DmZsG2xs.d.ts → client-ClqDnphI.d.ts} +23 -1
- package/dist/index.d.mts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +51 -22
- package/dist/index.mjs +2 -17
- package/dist/next.d.mts +1 -1
- package/dist/next.d.ts +1 -1
- package/dist/next.js +51 -6
- package/dist/next.mjs +1 -1
- package/dist/react.d.mts +2 -2
- package/dist/react.d.ts +2 -2
- package/dist/react.js +51 -6
- package/dist/react.mjs +1 -1
- package/package.json +1 -1
|
@@ -33,12 +33,29 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
|
|
|
33
33
|
// src/config.ts
|
|
34
34
|
function resolveConfig(provider) {
|
|
35
35
|
const raw = typeof provider === "function" ? provider() : provider;
|
|
36
|
+
let clientId = raw.clientId ?? "";
|
|
37
|
+
let clientSecret = raw.clientSecret ?? "";
|
|
38
|
+
let serviceId = raw.serviceId ?? "";
|
|
39
|
+
const token = raw.token ?? "";
|
|
40
|
+
if (raw.token) {
|
|
41
|
+
const dot = raw.token.indexOf(".");
|
|
42
|
+
if (dot > 0) {
|
|
43
|
+
const sid = raw.token.slice(0, dot);
|
|
44
|
+
const secret = raw.token.slice(dot + 1);
|
|
45
|
+
if (sid && secret) {
|
|
46
|
+
clientId = sid;
|
|
47
|
+
clientSecret = secret;
|
|
48
|
+
if (!serviceId) serviceId = sid;
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
}
|
|
36
52
|
return {
|
|
37
53
|
baseUrl: raw.baseUrl,
|
|
38
54
|
apiKey: raw.apiKey ?? "",
|
|
39
|
-
serviceId
|
|
40
|
-
clientId
|
|
41
|
-
clientSecret
|
|
55
|
+
serviceId,
|
|
56
|
+
clientId,
|
|
57
|
+
clientSecret,
|
|
58
|
+
token,
|
|
42
59
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
43
60
|
};
|
|
44
61
|
}
|
|
@@ -81,6 +98,22 @@ var LocalStorageTokenStorage = class {
|
|
|
81
98
|
}
|
|
82
99
|
};
|
|
83
100
|
|
|
101
|
+
// src/storage/memory.ts
|
|
102
|
+
var MemoryTokenStorage = class {
|
|
103
|
+
constructor() {
|
|
104
|
+
this.token = null;
|
|
105
|
+
}
|
|
106
|
+
getToken() {
|
|
107
|
+
return this.token;
|
|
108
|
+
}
|
|
109
|
+
setToken(token) {
|
|
110
|
+
this.token = token;
|
|
111
|
+
}
|
|
112
|
+
removeToken() {
|
|
113
|
+
this.token = null;
|
|
114
|
+
}
|
|
115
|
+
};
|
|
116
|
+
|
|
84
117
|
// src/types.ts
|
|
85
118
|
var AuthMiError = class extends Error {
|
|
86
119
|
constructor(message, code, statusCode) {
|
|
@@ -103,7 +136,7 @@ var ScopeError = class extends AuthMiError {
|
|
|
103
136
|
var AuthMiClient = class {
|
|
104
137
|
constructor(config, options) {
|
|
105
138
|
this.configProvider = config;
|
|
106
|
-
this.storage = options?.storage ?? new LocalStorageTokenStorage();
|
|
139
|
+
this.storage = options?.storage ?? (typeof window !== "undefined" ? new LocalStorageTokenStorage() : new MemoryTokenStorage());
|
|
107
140
|
this.cache = options?.cache || null;
|
|
108
141
|
}
|
|
109
142
|
/** Resolve current config (supports lazy evaluation) */
|
|
@@ -160,7 +193,7 @@ var AuthMiClient = class {
|
|
|
160
193
|
this.configProvider = { ...current, ...config };
|
|
161
194
|
}
|
|
162
195
|
getConfig() {
|
|
163
|
-
const { apiKey: _, clientSecret: __, ...rest } = resolveConfig(this.configProvider);
|
|
196
|
+
const { apiKey: _, clientSecret: __, token: ___, ...rest } = resolveConfig(this.configProvider);
|
|
164
197
|
return rest;
|
|
165
198
|
}
|
|
166
199
|
// ============ Token Management ============
|
|
@@ -225,7 +258,7 @@ var AuthMiClient = class {
|
|
|
225
258
|
return token;
|
|
226
259
|
}
|
|
227
260
|
async getMe() {
|
|
228
|
-
const response = await this.request("/api/v1/auth/me");
|
|
261
|
+
const response = await this.request("/api/v1/auth/me", {}, true);
|
|
229
262
|
return { userId: response.user_id, email: response.email, name: response.name, createdAt: response.created_at };
|
|
230
263
|
}
|
|
231
264
|
async forgotPassword(request) {
|
|
@@ -641,6 +674,18 @@ var AuthMiClient = class {
|
|
|
641
674
|
{ method: "POST" }
|
|
642
675
|
);
|
|
643
676
|
}
|
|
677
|
+
/** Get the combined service token — a single string combining serviceId and
|
|
678
|
+
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
679
|
+
* instead of providing serviceId and clientSecret separately.
|
|
680
|
+
*
|
|
681
|
+
* Format returned: "{serviceId}.{clientSecret}"
|
|
682
|
+
*/
|
|
683
|
+
async getServiceToken(serviceId) {
|
|
684
|
+
return this.request(
|
|
685
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/token`,
|
|
686
|
+
{ method: "POST" }
|
|
687
|
+
).then((r) => ({ token: r.token, serviceId: r.service_id, serviceName: r.service_name }));
|
|
688
|
+
}
|
|
644
689
|
// ============ JWKS ============
|
|
645
690
|
async getJwks(serviceId) {
|
|
646
691
|
return this.request(`/.well-known/jwks.json?service_id=${encodeURIComponent(serviceId)}`);
|
|
@@ -682,6 +727,7 @@ export {
|
|
|
682
727
|
__commonJS,
|
|
683
728
|
__toESM,
|
|
684
729
|
LocalStorageTokenStorage,
|
|
730
|
+
MemoryTokenStorage,
|
|
685
731
|
AuthMiError,
|
|
686
732
|
ScopeError,
|
|
687
733
|
AuthMiClient
|
|
@@ -9,6 +9,17 @@ interface AuthMiConfig {
|
|
|
9
9
|
clientId?: string;
|
|
10
10
|
/** Client Secret for Basic auth */
|
|
11
11
|
clientSecret?: string;
|
|
12
|
+
/**
|
|
13
|
+
* Combined service token — alternative to providing serviceId+clientSecret
|
|
14
|
+
* (or clientId+clientSecret) separately.
|
|
15
|
+
*
|
|
16
|
+
* Format: "{serviceId}.{clientSecret}"
|
|
17
|
+
* Example: "svc-lightssl.cs-a1b2c3d4e5f6..."
|
|
18
|
+
*
|
|
19
|
+
* The SDK splits the token on the first '.' to extract the service ID
|
|
20
|
+
* and the client secret, then uses Basic auth as usual.
|
|
21
|
+
*/
|
|
22
|
+
token?: string;
|
|
12
23
|
/** Default token expiration in hours (default: 24) */
|
|
13
24
|
defaultTokenExpiry?: number;
|
|
14
25
|
}
|
|
@@ -318,7 +329,7 @@ declare class AuthMiClient {
|
|
|
318
329
|
private get config();
|
|
319
330
|
private request;
|
|
320
331
|
configure(config: Partial<AuthMiConfig>): void;
|
|
321
|
-
getConfig(): Omit<AuthMiConfig, "apiKey" | "clientSecret">;
|
|
332
|
+
getConfig(): Omit<AuthMiConfig, "apiKey" | "clientSecret" | "token">;
|
|
322
333
|
getAccessToken(): Promise<string | null>;
|
|
323
334
|
setAccessToken(token: string): void;
|
|
324
335
|
clearAccessToken(): void;
|
|
@@ -398,6 +409,17 @@ declare class AuthMiClient {
|
|
|
398
409
|
rotateClientSecret(serviceId: string): Promise<{
|
|
399
410
|
clientSecret: string;
|
|
400
411
|
}>;
|
|
412
|
+
/** Get the combined service token — a single string combining serviceId and
|
|
413
|
+
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
414
|
+
* instead of providing serviceId and clientSecret separately.
|
|
415
|
+
*
|
|
416
|
+
* Format returned: "{serviceId}.{clientSecret}"
|
|
417
|
+
*/
|
|
418
|
+
getServiceToken(serviceId: string): Promise<{
|
|
419
|
+
token: string;
|
|
420
|
+
serviceId: string;
|
|
421
|
+
serviceName: string;
|
|
422
|
+
}>;
|
|
401
423
|
getJwks(serviceId: string): Promise<JwksResponse>;
|
|
402
424
|
onboardService(request: OnboardRequest, masterAdminKey: string): Promise<OnboardResponse>;
|
|
403
425
|
deleteService(serviceId: string, masterAdminKey: string): Promise<void>;
|
|
@@ -9,6 +9,17 @@ interface AuthMiConfig {
|
|
|
9
9
|
clientId?: string;
|
|
10
10
|
/** Client Secret for Basic auth */
|
|
11
11
|
clientSecret?: string;
|
|
12
|
+
/**
|
|
13
|
+
* Combined service token — alternative to providing serviceId+clientSecret
|
|
14
|
+
* (or clientId+clientSecret) separately.
|
|
15
|
+
*
|
|
16
|
+
* Format: "{serviceId}.{clientSecret}"
|
|
17
|
+
* Example: "svc-lightssl.cs-a1b2c3d4e5f6..."
|
|
18
|
+
*
|
|
19
|
+
* The SDK splits the token on the first '.' to extract the service ID
|
|
20
|
+
* and the client secret, then uses Basic auth as usual.
|
|
21
|
+
*/
|
|
22
|
+
token?: string;
|
|
12
23
|
/** Default token expiration in hours (default: 24) */
|
|
13
24
|
defaultTokenExpiry?: number;
|
|
14
25
|
}
|
|
@@ -318,7 +329,7 @@ declare class AuthMiClient {
|
|
|
318
329
|
private get config();
|
|
319
330
|
private request;
|
|
320
331
|
configure(config: Partial<AuthMiConfig>): void;
|
|
321
|
-
getConfig(): Omit<AuthMiConfig, "apiKey" | "clientSecret">;
|
|
332
|
+
getConfig(): Omit<AuthMiConfig, "apiKey" | "clientSecret" | "token">;
|
|
322
333
|
getAccessToken(): Promise<string | null>;
|
|
323
334
|
setAccessToken(token: string): void;
|
|
324
335
|
clearAccessToken(): void;
|
|
@@ -398,6 +409,17 @@ declare class AuthMiClient {
|
|
|
398
409
|
rotateClientSecret(serviceId: string): Promise<{
|
|
399
410
|
clientSecret: string;
|
|
400
411
|
}>;
|
|
412
|
+
/** Get the combined service token — a single string combining serviceId and
|
|
413
|
+
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
414
|
+
* instead of providing serviceId and clientSecret separately.
|
|
415
|
+
*
|
|
416
|
+
* Format returned: "{serviceId}.{clientSecret}"
|
|
417
|
+
*/
|
|
418
|
+
getServiceToken(serviceId: string): Promise<{
|
|
419
|
+
token: string;
|
|
420
|
+
serviceId: string;
|
|
421
|
+
serviceName: string;
|
|
422
|
+
}>;
|
|
401
423
|
getJwks(serviceId: string): Promise<JwksResponse>;
|
|
402
424
|
onboardService(request: OnboardRequest, masterAdminKey: string): Promise<OnboardResponse>;
|
|
403
425
|
deleteService(serviceId: string, masterAdminKey: string): Promise<void>;
|
package/dist/index.d.mts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { T as TokenStorage } from './client-
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
1
|
+
import { T as TokenStorage } from './client-ClqDnphI.mjs';
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-ClqDnphI.mjs';
|
|
3
3
|
|
|
4
4
|
declare class LocalStorageTokenStorage implements TokenStorage {
|
|
5
5
|
private canAccess;
|
package/dist/index.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { T as TokenStorage } from './client-
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
1
|
+
import { T as TokenStorage } from './client-ClqDnphI.js';
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-ClqDnphI.js';
|
|
3
3
|
|
|
4
4
|
declare class LocalStorageTokenStorage implements TokenStorage {
|
|
5
5
|
private canAccess;
|
package/dist/index.js
CHANGED
|
@@ -34,12 +34,29 @@ module.exports = __toCommonJS(index_exports);
|
|
|
34
34
|
// src/config.ts
|
|
35
35
|
function resolveConfig(provider) {
|
|
36
36
|
const raw = typeof provider === "function" ? provider() : provider;
|
|
37
|
+
let clientId = raw.clientId ?? "";
|
|
38
|
+
let clientSecret = raw.clientSecret ?? "";
|
|
39
|
+
let serviceId = raw.serviceId ?? "";
|
|
40
|
+
const token = raw.token ?? "";
|
|
41
|
+
if (raw.token) {
|
|
42
|
+
const dot = raw.token.indexOf(".");
|
|
43
|
+
if (dot > 0) {
|
|
44
|
+
const sid = raw.token.slice(0, dot);
|
|
45
|
+
const secret = raw.token.slice(dot + 1);
|
|
46
|
+
if (sid && secret) {
|
|
47
|
+
clientId = sid;
|
|
48
|
+
clientSecret = secret;
|
|
49
|
+
if (!serviceId) serviceId = sid;
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
}
|
|
37
53
|
return {
|
|
38
54
|
baseUrl: raw.baseUrl,
|
|
39
55
|
apiKey: raw.apiKey ?? "",
|
|
40
|
-
serviceId
|
|
41
|
-
clientId
|
|
42
|
-
clientSecret
|
|
56
|
+
serviceId,
|
|
57
|
+
clientId,
|
|
58
|
+
clientSecret,
|
|
59
|
+
token,
|
|
43
60
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
44
61
|
};
|
|
45
62
|
}
|
|
@@ -82,6 +99,22 @@ var LocalStorageTokenStorage = class {
|
|
|
82
99
|
}
|
|
83
100
|
};
|
|
84
101
|
|
|
102
|
+
// src/storage/memory.ts
|
|
103
|
+
var MemoryTokenStorage = class {
|
|
104
|
+
constructor() {
|
|
105
|
+
this.token = null;
|
|
106
|
+
}
|
|
107
|
+
getToken() {
|
|
108
|
+
return this.token;
|
|
109
|
+
}
|
|
110
|
+
setToken(token) {
|
|
111
|
+
this.token = token;
|
|
112
|
+
}
|
|
113
|
+
removeToken() {
|
|
114
|
+
this.token = null;
|
|
115
|
+
}
|
|
116
|
+
};
|
|
117
|
+
|
|
85
118
|
// src/types.ts
|
|
86
119
|
var AuthMiError = class extends Error {
|
|
87
120
|
constructor(message, code, statusCode) {
|
|
@@ -104,7 +137,7 @@ var ScopeError = class extends AuthMiError {
|
|
|
104
137
|
var AuthMiClient = class {
|
|
105
138
|
constructor(config, options) {
|
|
106
139
|
this.configProvider = config;
|
|
107
|
-
this.storage = options?.storage ?? new LocalStorageTokenStorage();
|
|
140
|
+
this.storage = options?.storage ?? (typeof window !== "undefined" ? new LocalStorageTokenStorage() : new MemoryTokenStorage());
|
|
108
141
|
this.cache = options?.cache || null;
|
|
109
142
|
}
|
|
110
143
|
/** Resolve current config (supports lazy evaluation) */
|
|
@@ -161,7 +194,7 @@ var AuthMiClient = class {
|
|
|
161
194
|
this.configProvider = { ...current, ...config };
|
|
162
195
|
}
|
|
163
196
|
getConfig() {
|
|
164
|
-
const { apiKey: _, clientSecret: __, ...rest } = resolveConfig(this.configProvider);
|
|
197
|
+
const { apiKey: _, clientSecret: __, token: ___, ...rest } = resolveConfig(this.configProvider);
|
|
165
198
|
return rest;
|
|
166
199
|
}
|
|
167
200
|
// ============ Token Management ============
|
|
@@ -226,7 +259,7 @@ var AuthMiClient = class {
|
|
|
226
259
|
return token;
|
|
227
260
|
}
|
|
228
261
|
async getMe() {
|
|
229
|
-
const response = await this.request("/api/v1/auth/me");
|
|
262
|
+
const response = await this.request("/api/v1/auth/me", {}, true);
|
|
230
263
|
return { userId: response.user_id, email: response.email, name: response.name, createdAt: response.created_at };
|
|
231
264
|
}
|
|
232
265
|
async forgotPassword(request) {
|
|
@@ -642,6 +675,18 @@ var AuthMiClient = class {
|
|
|
642
675
|
{ method: "POST" }
|
|
643
676
|
);
|
|
644
677
|
}
|
|
678
|
+
/** Get the combined service token — a single string combining serviceId and
|
|
679
|
+
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
680
|
+
* instead of providing serviceId and clientSecret separately.
|
|
681
|
+
*
|
|
682
|
+
* Format returned: "{serviceId}.{clientSecret}"
|
|
683
|
+
*/
|
|
684
|
+
async getServiceToken(serviceId) {
|
|
685
|
+
return this.request(
|
|
686
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/token`,
|
|
687
|
+
{ method: "POST" }
|
|
688
|
+
).then((r) => ({ token: r.token, serviceId: r.service_id, serviceName: r.service_name }));
|
|
689
|
+
}
|
|
645
690
|
// ============ JWKS ============
|
|
646
691
|
async getJwks(serviceId) {
|
|
647
692
|
return this.request(`/.well-known/jwks.json?service_id=${encodeURIComponent(serviceId)}`);
|
|
@@ -735,22 +780,6 @@ var CookieTokenStorage = class _CookieTokenStorage {
|
|
|
735
780
|
}
|
|
736
781
|
};
|
|
737
782
|
|
|
738
|
-
// src/storage/memory.ts
|
|
739
|
-
var MemoryTokenStorage = class {
|
|
740
|
-
constructor() {
|
|
741
|
-
this.token = null;
|
|
742
|
-
}
|
|
743
|
-
getToken() {
|
|
744
|
-
return this.token;
|
|
745
|
-
}
|
|
746
|
-
setToken(token) {
|
|
747
|
-
this.token = token;
|
|
748
|
-
}
|
|
749
|
-
removeToken() {
|
|
750
|
-
this.token = null;
|
|
751
|
-
}
|
|
752
|
-
};
|
|
753
|
-
|
|
754
783
|
// src/cache.ts
|
|
755
784
|
var IntrospectCache = class {
|
|
756
785
|
constructor(ttlMs = 6e4) {
|
package/dist/index.mjs
CHANGED
|
@@ -2,8 +2,9 @@ import {
|
|
|
2
2
|
AuthMiClient,
|
|
3
3
|
AuthMiError,
|
|
4
4
|
LocalStorageTokenStorage,
|
|
5
|
+
MemoryTokenStorage,
|
|
5
6
|
ScopeError
|
|
6
|
-
} from "./chunk-
|
|
7
|
+
} from "./chunk-LBMBSWSF.mjs";
|
|
7
8
|
|
|
8
9
|
// src/storage/cookie.ts
|
|
9
10
|
var CookieTokenStorage = class _CookieTokenStorage {
|
|
@@ -62,22 +63,6 @@ var CookieTokenStorage = class _CookieTokenStorage {
|
|
|
62
63
|
}
|
|
63
64
|
};
|
|
64
65
|
|
|
65
|
-
// src/storage/memory.ts
|
|
66
|
-
var MemoryTokenStorage = class {
|
|
67
|
-
constructor() {
|
|
68
|
-
this.token = null;
|
|
69
|
-
}
|
|
70
|
-
getToken() {
|
|
71
|
-
return this.token;
|
|
72
|
-
}
|
|
73
|
-
setToken(token) {
|
|
74
|
-
this.token = token;
|
|
75
|
-
}
|
|
76
|
-
removeToken() {
|
|
77
|
-
this.token = null;
|
|
78
|
-
}
|
|
79
|
-
};
|
|
80
|
-
|
|
81
66
|
// src/cache.ts
|
|
82
67
|
var IntrospectCache = class {
|
|
83
68
|
constructor(ttlMs = 6e4) {
|
package/dist/next.d.mts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-ClqDnphI.mjs';
|
|
3
3
|
|
|
4
4
|
interface MiddlewareOptions {
|
|
5
5
|
/** Base URL of Auth Mi service */
|
package/dist/next.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-ClqDnphI.js';
|
|
3
3
|
|
|
4
4
|
interface MiddlewareOptions {
|
|
5
5
|
/** Base URL of Auth Mi service */
|
package/dist/next.js
CHANGED
|
@@ -4462,12 +4462,29 @@ var import_server = __toESM(require_server());
|
|
|
4462
4462
|
// src/config.ts
|
|
4463
4463
|
function resolveConfig(provider) {
|
|
4464
4464
|
const raw = typeof provider === "function" ? provider() : provider;
|
|
4465
|
+
let clientId = raw.clientId ?? "";
|
|
4466
|
+
let clientSecret = raw.clientSecret ?? "";
|
|
4467
|
+
let serviceId = raw.serviceId ?? "";
|
|
4468
|
+
const token = raw.token ?? "";
|
|
4469
|
+
if (raw.token) {
|
|
4470
|
+
const dot = raw.token.indexOf(".");
|
|
4471
|
+
if (dot > 0) {
|
|
4472
|
+
const sid = raw.token.slice(0, dot);
|
|
4473
|
+
const secret = raw.token.slice(dot + 1);
|
|
4474
|
+
if (sid && secret) {
|
|
4475
|
+
clientId = sid;
|
|
4476
|
+
clientSecret = secret;
|
|
4477
|
+
if (!serviceId) serviceId = sid;
|
|
4478
|
+
}
|
|
4479
|
+
}
|
|
4480
|
+
}
|
|
4465
4481
|
return {
|
|
4466
4482
|
baseUrl: raw.baseUrl,
|
|
4467
4483
|
apiKey: raw.apiKey ?? "",
|
|
4468
|
-
serviceId
|
|
4469
|
-
clientId
|
|
4470
|
-
clientSecret
|
|
4484
|
+
serviceId,
|
|
4485
|
+
clientId,
|
|
4486
|
+
clientSecret,
|
|
4487
|
+
token,
|
|
4471
4488
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
4472
4489
|
};
|
|
4473
4490
|
}
|
|
@@ -4510,6 +4527,22 @@ var LocalStorageTokenStorage = class {
|
|
|
4510
4527
|
}
|
|
4511
4528
|
};
|
|
4512
4529
|
|
|
4530
|
+
// src/storage/memory.ts
|
|
4531
|
+
var MemoryTokenStorage = class {
|
|
4532
|
+
constructor() {
|
|
4533
|
+
this.token = null;
|
|
4534
|
+
}
|
|
4535
|
+
getToken() {
|
|
4536
|
+
return this.token;
|
|
4537
|
+
}
|
|
4538
|
+
setToken(token) {
|
|
4539
|
+
this.token = token;
|
|
4540
|
+
}
|
|
4541
|
+
removeToken() {
|
|
4542
|
+
this.token = null;
|
|
4543
|
+
}
|
|
4544
|
+
};
|
|
4545
|
+
|
|
4513
4546
|
// src/types.ts
|
|
4514
4547
|
var AuthMiError = class extends Error {
|
|
4515
4548
|
constructor(message, code, statusCode) {
|
|
@@ -4532,7 +4565,7 @@ var ScopeError = class extends AuthMiError {
|
|
|
4532
4565
|
var AuthMiClient = class {
|
|
4533
4566
|
constructor(config, options) {
|
|
4534
4567
|
this.configProvider = config;
|
|
4535
|
-
this.storage = options?.storage ?? new LocalStorageTokenStorage();
|
|
4568
|
+
this.storage = options?.storage ?? (typeof window !== "undefined" ? new LocalStorageTokenStorage() : new MemoryTokenStorage());
|
|
4536
4569
|
this.cache = options?.cache || null;
|
|
4537
4570
|
}
|
|
4538
4571
|
/** Resolve current config (supports lazy evaluation) */
|
|
@@ -4589,7 +4622,7 @@ var AuthMiClient = class {
|
|
|
4589
4622
|
this.configProvider = { ...current, ...config };
|
|
4590
4623
|
}
|
|
4591
4624
|
getConfig() {
|
|
4592
|
-
const { apiKey: _, clientSecret: __, ...rest } = resolveConfig(this.configProvider);
|
|
4625
|
+
const { apiKey: _, clientSecret: __, token: ___, ...rest } = resolveConfig(this.configProvider);
|
|
4593
4626
|
return rest;
|
|
4594
4627
|
}
|
|
4595
4628
|
// ============ Token Management ============
|
|
@@ -4654,7 +4687,7 @@ var AuthMiClient = class {
|
|
|
4654
4687
|
return token;
|
|
4655
4688
|
}
|
|
4656
4689
|
async getMe() {
|
|
4657
|
-
const response = await this.request("/api/v1/auth/me");
|
|
4690
|
+
const response = await this.request("/api/v1/auth/me", {}, true);
|
|
4658
4691
|
return { userId: response.user_id, email: response.email, name: response.name, createdAt: response.created_at };
|
|
4659
4692
|
}
|
|
4660
4693
|
async forgotPassword(request) {
|
|
@@ -5070,6 +5103,18 @@ var AuthMiClient = class {
|
|
|
5070
5103
|
{ method: "POST" }
|
|
5071
5104
|
);
|
|
5072
5105
|
}
|
|
5106
|
+
/** Get the combined service token — a single string combining serviceId and
|
|
5107
|
+
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
5108
|
+
* instead of providing serviceId and clientSecret separately.
|
|
5109
|
+
*
|
|
5110
|
+
* Format returned: "{serviceId}.{clientSecret}"
|
|
5111
|
+
*/
|
|
5112
|
+
async getServiceToken(serviceId) {
|
|
5113
|
+
return this.request(
|
|
5114
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/token`,
|
|
5115
|
+
{ method: "POST" }
|
|
5116
|
+
).then((r) => ({ token: r.token, serviceId: r.service_id, serviceName: r.service_name }));
|
|
5117
|
+
}
|
|
5073
5118
|
// ============ JWKS ============
|
|
5074
5119
|
async getJwks(serviceId) {
|
|
5075
5120
|
return this.request(`/.well-known/jwks.json?service_id=${encodeURIComponent(serviceId)}`);
|
package/dist/next.mjs
CHANGED
package/dist/react.d.mts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
2
|
import { ReactNode } from 'react';
|
|
3
|
-
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-
|
|
4
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
3
|
+
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-ClqDnphI.mjs';
|
|
4
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-ClqDnphI.mjs';
|
|
5
5
|
|
|
6
6
|
interface AuthMiContextValue {
|
|
7
7
|
client: AuthMiClient;
|
package/dist/react.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
2
|
import { ReactNode } from 'react';
|
|
3
|
-
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-
|
|
4
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
3
|
+
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-ClqDnphI.js';
|
|
4
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-ClqDnphI.js';
|
|
5
5
|
|
|
6
6
|
interface AuthMiContextValue {
|
|
7
7
|
client: AuthMiClient;
|
package/dist/react.js
CHANGED
|
@@ -38,12 +38,29 @@ var import_react = require("react");
|
|
|
38
38
|
// src/config.ts
|
|
39
39
|
function resolveConfig(provider) {
|
|
40
40
|
const raw = typeof provider === "function" ? provider() : provider;
|
|
41
|
+
let clientId = raw.clientId ?? "";
|
|
42
|
+
let clientSecret = raw.clientSecret ?? "";
|
|
43
|
+
let serviceId = raw.serviceId ?? "";
|
|
44
|
+
const token = raw.token ?? "";
|
|
45
|
+
if (raw.token) {
|
|
46
|
+
const dot = raw.token.indexOf(".");
|
|
47
|
+
if (dot > 0) {
|
|
48
|
+
const sid = raw.token.slice(0, dot);
|
|
49
|
+
const secret = raw.token.slice(dot + 1);
|
|
50
|
+
if (sid && secret) {
|
|
51
|
+
clientId = sid;
|
|
52
|
+
clientSecret = secret;
|
|
53
|
+
if (!serviceId) serviceId = sid;
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
}
|
|
41
57
|
return {
|
|
42
58
|
baseUrl: raw.baseUrl,
|
|
43
59
|
apiKey: raw.apiKey ?? "",
|
|
44
|
-
serviceId
|
|
45
|
-
clientId
|
|
46
|
-
clientSecret
|
|
60
|
+
serviceId,
|
|
61
|
+
clientId,
|
|
62
|
+
clientSecret,
|
|
63
|
+
token,
|
|
47
64
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
48
65
|
};
|
|
49
66
|
}
|
|
@@ -86,6 +103,22 @@ var LocalStorageTokenStorage = class {
|
|
|
86
103
|
}
|
|
87
104
|
};
|
|
88
105
|
|
|
106
|
+
// src/storage/memory.ts
|
|
107
|
+
var MemoryTokenStorage = class {
|
|
108
|
+
constructor() {
|
|
109
|
+
this.token = null;
|
|
110
|
+
}
|
|
111
|
+
getToken() {
|
|
112
|
+
return this.token;
|
|
113
|
+
}
|
|
114
|
+
setToken(token) {
|
|
115
|
+
this.token = token;
|
|
116
|
+
}
|
|
117
|
+
removeToken() {
|
|
118
|
+
this.token = null;
|
|
119
|
+
}
|
|
120
|
+
};
|
|
121
|
+
|
|
89
122
|
// src/types.ts
|
|
90
123
|
var AuthMiError = class extends Error {
|
|
91
124
|
constructor(message, code, statusCode) {
|
|
@@ -108,7 +141,7 @@ var ScopeError = class extends AuthMiError {
|
|
|
108
141
|
var AuthMiClient = class {
|
|
109
142
|
constructor(config, options) {
|
|
110
143
|
this.configProvider = config;
|
|
111
|
-
this.storage = options?.storage ?? new LocalStorageTokenStorage();
|
|
144
|
+
this.storage = options?.storage ?? (typeof window !== "undefined" ? new LocalStorageTokenStorage() : new MemoryTokenStorage());
|
|
112
145
|
this.cache = options?.cache || null;
|
|
113
146
|
}
|
|
114
147
|
/** Resolve current config (supports lazy evaluation) */
|
|
@@ -165,7 +198,7 @@ var AuthMiClient = class {
|
|
|
165
198
|
this.configProvider = { ...current, ...config };
|
|
166
199
|
}
|
|
167
200
|
getConfig() {
|
|
168
|
-
const { apiKey: _, clientSecret: __, ...rest } = resolveConfig(this.configProvider);
|
|
201
|
+
const { apiKey: _, clientSecret: __, token: ___, ...rest } = resolveConfig(this.configProvider);
|
|
169
202
|
return rest;
|
|
170
203
|
}
|
|
171
204
|
// ============ Token Management ============
|
|
@@ -230,7 +263,7 @@ var AuthMiClient = class {
|
|
|
230
263
|
return token;
|
|
231
264
|
}
|
|
232
265
|
async getMe() {
|
|
233
|
-
const response = await this.request("/api/v1/auth/me");
|
|
266
|
+
const response = await this.request("/api/v1/auth/me", {}, true);
|
|
234
267
|
return { userId: response.user_id, email: response.email, name: response.name, createdAt: response.created_at };
|
|
235
268
|
}
|
|
236
269
|
async forgotPassword(request) {
|
|
@@ -646,6 +679,18 @@ var AuthMiClient = class {
|
|
|
646
679
|
{ method: "POST" }
|
|
647
680
|
);
|
|
648
681
|
}
|
|
682
|
+
/** Get the combined service token — a single string combining serviceId and
|
|
683
|
+
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
684
|
+
* instead of providing serviceId and clientSecret separately.
|
|
685
|
+
*
|
|
686
|
+
* Format returned: "{serviceId}.{clientSecret}"
|
|
687
|
+
*/
|
|
688
|
+
async getServiceToken(serviceId) {
|
|
689
|
+
return this.request(
|
|
690
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/token`,
|
|
691
|
+
{ method: "POST" }
|
|
692
|
+
).then((r) => ({ token: r.token, serviceId: r.service_id, serviceName: r.service_name }));
|
|
693
|
+
}
|
|
649
694
|
// ============ JWKS ============
|
|
650
695
|
async getJwks(serviceId) {
|
|
651
696
|
return this.request(`/.well-known/jwks.json?service_id=${encodeURIComponent(serviceId)}`);
|
package/dist/react.mjs
CHANGED