authmi 1.2.0 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-DMNUO422.mjs → chunk-5NJCXFBV.mjs} +25 -30
- package/dist/{client-DmZsG2xs.d.mts → client-Cj-AA4V9.d.mts} +3 -7
- package/dist/{client-DmZsG2xs.d.ts → client-Cj-AA4V9.d.ts} +3 -7
- package/dist/index.d.mts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +25 -30
- package/dist/index.mjs +1 -1
- package/dist/next.d.mts +1 -1
- package/dist/next.d.ts +1 -1
- package/dist/next.js +25 -30
- package/dist/next.mjs +1 -1
- package/dist/react.d.mts +2 -2
- package/dist/react.d.ts +2 -2
- package/dist/react.js +26 -31
- package/dist/react.mjs +2 -2
- package/package.json +1 -1
|
@@ -37,8 +37,6 @@ function resolveConfig(provider) {
|
|
|
37
37
|
baseUrl: raw.baseUrl,
|
|
38
38
|
apiKey: raw.apiKey ?? "",
|
|
39
39
|
serviceId: raw.serviceId ?? "",
|
|
40
|
-
clientId: raw.clientId ?? "",
|
|
41
|
-
clientSecret: raw.clientSecret ?? "",
|
|
42
40
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
43
41
|
};
|
|
44
42
|
}
|
|
@@ -127,7 +125,7 @@ var AuthMiClient = class {
|
|
|
127
125
|
return resolveConfig(this.configProvider);
|
|
128
126
|
}
|
|
129
127
|
// ============ HTTP plumbing ============
|
|
130
|
-
async request(endpoint, options = {}, requireUserToken = false
|
|
128
|
+
async request(endpoint, options = {}, requireUserToken = false) {
|
|
131
129
|
const cfg = this.config;
|
|
132
130
|
const url = `${cfg.baseUrl}${endpoint}`;
|
|
133
131
|
const headers = {
|
|
@@ -138,10 +136,7 @@ var AuthMiClient = class {
|
|
|
138
136
|
if (requireUserToken) {
|
|
139
137
|
const token = await this.storage.getToken();
|
|
140
138
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
141
|
-
} else if (
|
|
142
|
-
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
143
|
-
headers["X-Service-ID"] = cfg.serviceId || cfg.clientId;
|
|
144
|
-
} else if (requireServiceAuth && cfg.apiKey) {
|
|
139
|
+
} else if (cfg.apiKey) {
|
|
145
140
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
146
141
|
}
|
|
147
142
|
}
|
|
@@ -177,7 +172,7 @@ var AuthMiClient = class {
|
|
|
177
172
|
this.configProvider = { ...current, ...config };
|
|
178
173
|
}
|
|
179
174
|
getConfig() {
|
|
180
|
-
const { apiKey: _,
|
|
175
|
+
const { apiKey: _, ...rest } = resolveConfig(this.configProvider);
|
|
181
176
|
return rest;
|
|
182
177
|
}
|
|
183
178
|
// ============ Token Management ============
|
|
@@ -199,7 +194,7 @@ var AuthMiClient = class {
|
|
|
199
194
|
const response = await this.request("/api/v1/auth/signup", {
|
|
200
195
|
method: "POST",
|
|
201
196
|
body: JSON.stringify(credentials)
|
|
202
|
-
}
|
|
197
|
+
});
|
|
203
198
|
return this.mapAuthToken(response);
|
|
204
199
|
}
|
|
205
200
|
async login(credentials) {
|
|
@@ -213,7 +208,7 @@ var AuthMiClient = class {
|
|
|
213
208
|
expires_in_hours: credentials.expiresInHours || cfg.defaultTokenExpiry,
|
|
214
209
|
scopes: credentials.scopes
|
|
215
210
|
})
|
|
216
|
-
}
|
|
211
|
+
});
|
|
217
212
|
const token = this.mapAuthToken(response);
|
|
218
213
|
this.setAccessToken(token.accessToken);
|
|
219
214
|
return token;
|
|
@@ -249,31 +244,31 @@ var AuthMiClient = class {
|
|
|
249
244
|
return this.request("/api/v1/auth/forgot-password", {
|
|
250
245
|
method: "POST",
|
|
251
246
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
252
|
-
}
|
|
247
|
+
});
|
|
253
248
|
}
|
|
254
249
|
async resetPassword(request) {
|
|
255
250
|
return this.request("/api/v1/auth/reset-password", {
|
|
256
251
|
method: "POST",
|
|
257
252
|
body: JSON.stringify({ token: request.token, new_password: request.newPassword })
|
|
258
|
-
}
|
|
253
|
+
});
|
|
259
254
|
}
|
|
260
255
|
async verifyEmail(request) {
|
|
261
256
|
return this.request("/api/v1/auth/verify-email", {
|
|
262
257
|
method: "POST",
|
|
263
258
|
body: JSON.stringify({ token: request.token })
|
|
264
|
-
}
|
|
259
|
+
});
|
|
265
260
|
}
|
|
266
261
|
async resendVerification(request) {
|
|
267
262
|
return this.request("/api/v1/auth/resend-verification", {
|
|
268
263
|
method: "POST",
|
|
269
264
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
270
|
-
}
|
|
265
|
+
});
|
|
271
266
|
}
|
|
272
267
|
async deactivateAccount(password) {
|
|
273
268
|
await this.request("/api/v1/auth/deactivate", {
|
|
274
269
|
method: "POST",
|
|
275
270
|
body: JSON.stringify({ password })
|
|
276
|
-
}
|
|
271
|
+
});
|
|
277
272
|
}
|
|
278
273
|
mapAuthToken(raw) {
|
|
279
274
|
return {
|
|
@@ -290,13 +285,13 @@ var AuthMiClient = class {
|
|
|
290
285
|
// ============ OAuth ============
|
|
291
286
|
async initiateOAuth(provider, redirectUri) {
|
|
292
287
|
const cfg = this.config;
|
|
293
|
-
if (!cfg.
|
|
288
|
+
if (!cfg.apiKey) {
|
|
294
289
|
throw new AuthMiError("Credentials required for OAuth", "MISSING_CREDENTIALS");
|
|
295
290
|
}
|
|
296
291
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
297
292
|
method: "POST",
|
|
298
|
-
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId
|
|
299
|
-
}
|
|
293
|
+
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId })
|
|
294
|
+
});
|
|
300
295
|
return response.url;
|
|
301
296
|
}
|
|
302
297
|
handleOAuthCallback(url) {
|
|
@@ -317,13 +312,13 @@ var AuthMiClient = class {
|
|
|
317
312
|
return this.request("/api/v1/auth/saml/initiate", {
|
|
318
313
|
method: "POST",
|
|
319
314
|
body: JSON.stringify({ email: request.email, redirect_uri: request.redirectUri })
|
|
320
|
-
}
|
|
315
|
+
});
|
|
321
316
|
}
|
|
322
317
|
async parseSamlMetadata(xml) {
|
|
323
318
|
return this.request("/api/v1/auth/saml/parse-metadata", {
|
|
324
319
|
method: "POST",
|
|
325
320
|
body: JSON.stringify({ metadata_xml: xml })
|
|
326
|
-
}
|
|
321
|
+
});
|
|
327
322
|
}
|
|
328
323
|
async listSamlConnections() {
|
|
329
324
|
const response = await this.request("/api/v1/auth/saml/connections");
|
|
@@ -342,28 +337,28 @@ var AuthMiClient = class {
|
|
|
342
337
|
}
|
|
343
338
|
// ============ 2FA ============
|
|
344
339
|
async setup2fa() {
|
|
345
|
-
return this.request("/api/v1/auth/2fa/setup", { method: "POST" }
|
|
340
|
+
return this.request("/api/v1/auth/2fa/setup", { method: "POST" });
|
|
346
341
|
}
|
|
347
342
|
async enable2fa(code) {
|
|
348
343
|
return this.request("/api/v1/auth/2fa/enable", {
|
|
349
344
|
method: "POST",
|
|
350
345
|
body: JSON.stringify({ code })
|
|
351
|
-
}
|
|
346
|
+
});
|
|
352
347
|
}
|
|
353
348
|
async disable2fa(password) {
|
|
354
349
|
await this.request("/api/v1/auth/2fa/disable", {
|
|
355
350
|
method: "POST",
|
|
356
351
|
body: JSON.stringify({ password })
|
|
357
|
-
}
|
|
352
|
+
});
|
|
358
353
|
}
|
|
359
354
|
async regenerateBackupCodes() {
|
|
360
|
-
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" }
|
|
355
|
+
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" });
|
|
361
356
|
}
|
|
362
357
|
async challenge2fa(request) {
|
|
363
358
|
return this.request("/api/v1/auth/2fa/challenge", {
|
|
364
359
|
method: "POST",
|
|
365
360
|
body: JSON.stringify(request)
|
|
366
|
-
}
|
|
361
|
+
});
|
|
367
362
|
}
|
|
368
363
|
// ============ Users ============
|
|
369
364
|
async createUser(request) {
|
|
@@ -529,7 +524,7 @@ var AuthMiClient = class {
|
|
|
529
524
|
const token = await this.storage.getToken();
|
|
530
525
|
if (!token) return { valid: false, error: "No token stored" };
|
|
531
526
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
532
|
-
if (!cfg.apiKey
|
|
527
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
533
528
|
try {
|
|
534
529
|
const result = await this.introspect({ serviceId: cfg.serviceId, token });
|
|
535
530
|
return {
|
|
@@ -554,7 +549,7 @@ var AuthMiClient = class {
|
|
|
554
549
|
const cfg = this.config;
|
|
555
550
|
const token = await this.storage.getToken();
|
|
556
551
|
if (!token) return { valid: false, error: "No token provided" };
|
|
557
|
-
if (!cfg.apiKey
|
|
552
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
558
553
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
559
554
|
try {
|
|
560
555
|
const result = await this.introspect({ serviceId: cfg.serviceId, token, requiredScopes });
|
|
@@ -652,11 +647,11 @@ var AuthMiClient = class {
|
|
|
652
647
|
body: JSON.stringify(data)
|
|
653
648
|
});
|
|
654
649
|
}
|
|
655
|
-
async
|
|
650
|
+
async rotateServiceKey(serviceId) {
|
|
656
651
|
return this.request(
|
|
657
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-
|
|
652
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-key`,
|
|
658
653
|
{ method: "POST" }
|
|
659
|
-
);
|
|
654
|
+
).then((r) => ({ serviceKey: r.service_key }));
|
|
660
655
|
}
|
|
661
656
|
// ============ JWKS ============
|
|
662
657
|
async getJwks(serviceId) {
|
|
@@ -5,10 +5,6 @@ interface AuthMiConfig {
|
|
|
5
5
|
apiKey?: string;
|
|
6
6
|
/** Service ID (svc-xxx) — required for token introspection */
|
|
7
7
|
serviceId?: string;
|
|
8
|
-
/** Client ID for Basic auth — alternative to apiKey for service-level auth */
|
|
9
|
-
clientId?: string;
|
|
10
|
-
/** Client Secret for Basic auth */
|
|
11
|
-
clientSecret?: string;
|
|
12
8
|
/** Default token expiration in hours (default: 24) */
|
|
13
9
|
defaultTokenExpiry?: number;
|
|
14
10
|
}
|
|
@@ -318,7 +314,7 @@ declare class AuthMiClient {
|
|
|
318
314
|
private get config();
|
|
319
315
|
private request;
|
|
320
316
|
configure(config: Partial<AuthMiConfig>): void;
|
|
321
|
-
getConfig(): Omit<AuthMiConfig, "apiKey"
|
|
317
|
+
getConfig(): Omit<AuthMiConfig, "apiKey">;
|
|
322
318
|
getAccessToken(): Promise<string | null>;
|
|
323
319
|
setAccessToken(token: string): void;
|
|
324
320
|
clearAccessToken(): void;
|
|
@@ -395,8 +391,8 @@ declare class AuthMiClient {
|
|
|
395
391
|
getAuditLogs(query?: AuditLogQuery): Promise<AuditLog[]>;
|
|
396
392
|
getService(serviceId: string): Promise<ServiceDetail>;
|
|
397
393
|
updateService(serviceId: string, data: UpdateServiceRequest): Promise<ServiceDetail>;
|
|
398
|
-
|
|
399
|
-
|
|
394
|
+
rotateServiceKey(serviceId: string): Promise<{
|
|
395
|
+
serviceKey: string;
|
|
400
396
|
}>;
|
|
401
397
|
getJwks(serviceId: string): Promise<JwksResponse>;
|
|
402
398
|
onboardService(request: OnboardRequest, masterAdminKey: string): Promise<OnboardResponse>;
|
|
@@ -5,10 +5,6 @@ interface AuthMiConfig {
|
|
|
5
5
|
apiKey?: string;
|
|
6
6
|
/** Service ID (svc-xxx) — required for token introspection */
|
|
7
7
|
serviceId?: string;
|
|
8
|
-
/** Client ID for Basic auth — alternative to apiKey for service-level auth */
|
|
9
|
-
clientId?: string;
|
|
10
|
-
/** Client Secret for Basic auth */
|
|
11
|
-
clientSecret?: string;
|
|
12
8
|
/** Default token expiration in hours (default: 24) */
|
|
13
9
|
defaultTokenExpiry?: number;
|
|
14
10
|
}
|
|
@@ -318,7 +314,7 @@ declare class AuthMiClient {
|
|
|
318
314
|
private get config();
|
|
319
315
|
private request;
|
|
320
316
|
configure(config: Partial<AuthMiConfig>): void;
|
|
321
|
-
getConfig(): Omit<AuthMiConfig, "apiKey"
|
|
317
|
+
getConfig(): Omit<AuthMiConfig, "apiKey">;
|
|
322
318
|
getAccessToken(): Promise<string | null>;
|
|
323
319
|
setAccessToken(token: string): void;
|
|
324
320
|
clearAccessToken(): void;
|
|
@@ -395,8 +391,8 @@ declare class AuthMiClient {
|
|
|
395
391
|
getAuditLogs(query?: AuditLogQuery): Promise<AuditLog[]>;
|
|
396
392
|
getService(serviceId: string): Promise<ServiceDetail>;
|
|
397
393
|
updateService(serviceId: string, data: UpdateServiceRequest): Promise<ServiceDetail>;
|
|
398
|
-
|
|
399
|
-
|
|
394
|
+
rotateServiceKey(serviceId: string): Promise<{
|
|
395
|
+
serviceKey: string;
|
|
400
396
|
}>;
|
|
401
397
|
getJwks(serviceId: string): Promise<JwksResponse>;
|
|
402
398
|
onboardService(request: OnboardRequest, masterAdminKey: string): Promise<OnboardResponse>;
|
package/dist/index.d.mts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { T as TokenStorage } from './client-
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
1
|
+
import { T as TokenStorage } from './client-Cj-AA4V9.mjs';
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.mjs';
|
|
3
3
|
|
|
4
4
|
declare class LocalStorageTokenStorage implements TokenStorage {
|
|
5
5
|
private canAccess;
|
package/dist/index.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { T as TokenStorage } from './client-
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
1
|
+
import { T as TokenStorage } from './client-Cj-AA4V9.js';
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.js';
|
|
3
3
|
|
|
4
4
|
declare class LocalStorageTokenStorage implements TokenStorage {
|
|
5
5
|
private canAccess;
|
package/dist/index.js
CHANGED
|
@@ -38,8 +38,6 @@ function resolveConfig(provider) {
|
|
|
38
38
|
baseUrl: raw.baseUrl,
|
|
39
39
|
apiKey: raw.apiKey ?? "",
|
|
40
40
|
serviceId: raw.serviceId ?? "",
|
|
41
|
-
clientId: raw.clientId ?? "",
|
|
42
|
-
clientSecret: raw.clientSecret ?? "",
|
|
43
41
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
44
42
|
};
|
|
45
43
|
}
|
|
@@ -128,7 +126,7 @@ var AuthMiClient = class {
|
|
|
128
126
|
return resolveConfig(this.configProvider);
|
|
129
127
|
}
|
|
130
128
|
// ============ HTTP plumbing ============
|
|
131
|
-
async request(endpoint, options = {}, requireUserToken = false
|
|
129
|
+
async request(endpoint, options = {}, requireUserToken = false) {
|
|
132
130
|
const cfg = this.config;
|
|
133
131
|
const url = `${cfg.baseUrl}${endpoint}`;
|
|
134
132
|
const headers = {
|
|
@@ -139,10 +137,7 @@ var AuthMiClient = class {
|
|
|
139
137
|
if (requireUserToken) {
|
|
140
138
|
const token = await this.storage.getToken();
|
|
141
139
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
142
|
-
} else if (
|
|
143
|
-
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
144
|
-
headers["X-Service-ID"] = cfg.serviceId || cfg.clientId;
|
|
145
|
-
} else if (requireServiceAuth && cfg.apiKey) {
|
|
140
|
+
} else if (cfg.apiKey) {
|
|
146
141
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
147
142
|
}
|
|
148
143
|
}
|
|
@@ -178,7 +173,7 @@ var AuthMiClient = class {
|
|
|
178
173
|
this.configProvider = { ...current, ...config };
|
|
179
174
|
}
|
|
180
175
|
getConfig() {
|
|
181
|
-
const { apiKey: _,
|
|
176
|
+
const { apiKey: _, ...rest } = resolveConfig(this.configProvider);
|
|
182
177
|
return rest;
|
|
183
178
|
}
|
|
184
179
|
// ============ Token Management ============
|
|
@@ -200,7 +195,7 @@ var AuthMiClient = class {
|
|
|
200
195
|
const response = await this.request("/api/v1/auth/signup", {
|
|
201
196
|
method: "POST",
|
|
202
197
|
body: JSON.stringify(credentials)
|
|
203
|
-
}
|
|
198
|
+
});
|
|
204
199
|
return this.mapAuthToken(response);
|
|
205
200
|
}
|
|
206
201
|
async login(credentials) {
|
|
@@ -214,7 +209,7 @@ var AuthMiClient = class {
|
|
|
214
209
|
expires_in_hours: credentials.expiresInHours || cfg.defaultTokenExpiry,
|
|
215
210
|
scopes: credentials.scopes
|
|
216
211
|
})
|
|
217
|
-
}
|
|
212
|
+
});
|
|
218
213
|
const token = this.mapAuthToken(response);
|
|
219
214
|
this.setAccessToken(token.accessToken);
|
|
220
215
|
return token;
|
|
@@ -250,31 +245,31 @@ var AuthMiClient = class {
|
|
|
250
245
|
return this.request("/api/v1/auth/forgot-password", {
|
|
251
246
|
method: "POST",
|
|
252
247
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
253
|
-
}
|
|
248
|
+
});
|
|
254
249
|
}
|
|
255
250
|
async resetPassword(request) {
|
|
256
251
|
return this.request("/api/v1/auth/reset-password", {
|
|
257
252
|
method: "POST",
|
|
258
253
|
body: JSON.stringify({ token: request.token, new_password: request.newPassword })
|
|
259
|
-
}
|
|
254
|
+
});
|
|
260
255
|
}
|
|
261
256
|
async verifyEmail(request) {
|
|
262
257
|
return this.request("/api/v1/auth/verify-email", {
|
|
263
258
|
method: "POST",
|
|
264
259
|
body: JSON.stringify({ token: request.token })
|
|
265
|
-
}
|
|
260
|
+
});
|
|
266
261
|
}
|
|
267
262
|
async resendVerification(request) {
|
|
268
263
|
return this.request("/api/v1/auth/resend-verification", {
|
|
269
264
|
method: "POST",
|
|
270
265
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
271
|
-
}
|
|
266
|
+
});
|
|
272
267
|
}
|
|
273
268
|
async deactivateAccount(password) {
|
|
274
269
|
await this.request("/api/v1/auth/deactivate", {
|
|
275
270
|
method: "POST",
|
|
276
271
|
body: JSON.stringify({ password })
|
|
277
|
-
}
|
|
272
|
+
});
|
|
278
273
|
}
|
|
279
274
|
mapAuthToken(raw) {
|
|
280
275
|
return {
|
|
@@ -291,13 +286,13 @@ var AuthMiClient = class {
|
|
|
291
286
|
// ============ OAuth ============
|
|
292
287
|
async initiateOAuth(provider, redirectUri) {
|
|
293
288
|
const cfg = this.config;
|
|
294
|
-
if (!cfg.
|
|
289
|
+
if (!cfg.apiKey) {
|
|
295
290
|
throw new AuthMiError("Credentials required for OAuth", "MISSING_CREDENTIALS");
|
|
296
291
|
}
|
|
297
292
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
298
293
|
method: "POST",
|
|
299
|
-
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId
|
|
300
|
-
}
|
|
294
|
+
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId })
|
|
295
|
+
});
|
|
301
296
|
return response.url;
|
|
302
297
|
}
|
|
303
298
|
handleOAuthCallback(url) {
|
|
@@ -318,13 +313,13 @@ var AuthMiClient = class {
|
|
|
318
313
|
return this.request("/api/v1/auth/saml/initiate", {
|
|
319
314
|
method: "POST",
|
|
320
315
|
body: JSON.stringify({ email: request.email, redirect_uri: request.redirectUri })
|
|
321
|
-
}
|
|
316
|
+
});
|
|
322
317
|
}
|
|
323
318
|
async parseSamlMetadata(xml) {
|
|
324
319
|
return this.request("/api/v1/auth/saml/parse-metadata", {
|
|
325
320
|
method: "POST",
|
|
326
321
|
body: JSON.stringify({ metadata_xml: xml })
|
|
327
|
-
}
|
|
322
|
+
});
|
|
328
323
|
}
|
|
329
324
|
async listSamlConnections() {
|
|
330
325
|
const response = await this.request("/api/v1/auth/saml/connections");
|
|
@@ -343,28 +338,28 @@ var AuthMiClient = class {
|
|
|
343
338
|
}
|
|
344
339
|
// ============ 2FA ============
|
|
345
340
|
async setup2fa() {
|
|
346
|
-
return this.request("/api/v1/auth/2fa/setup", { method: "POST" }
|
|
341
|
+
return this.request("/api/v1/auth/2fa/setup", { method: "POST" });
|
|
347
342
|
}
|
|
348
343
|
async enable2fa(code) {
|
|
349
344
|
return this.request("/api/v1/auth/2fa/enable", {
|
|
350
345
|
method: "POST",
|
|
351
346
|
body: JSON.stringify({ code })
|
|
352
|
-
}
|
|
347
|
+
});
|
|
353
348
|
}
|
|
354
349
|
async disable2fa(password) {
|
|
355
350
|
await this.request("/api/v1/auth/2fa/disable", {
|
|
356
351
|
method: "POST",
|
|
357
352
|
body: JSON.stringify({ password })
|
|
358
|
-
}
|
|
353
|
+
});
|
|
359
354
|
}
|
|
360
355
|
async regenerateBackupCodes() {
|
|
361
|
-
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" }
|
|
356
|
+
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" });
|
|
362
357
|
}
|
|
363
358
|
async challenge2fa(request) {
|
|
364
359
|
return this.request("/api/v1/auth/2fa/challenge", {
|
|
365
360
|
method: "POST",
|
|
366
361
|
body: JSON.stringify(request)
|
|
367
|
-
}
|
|
362
|
+
});
|
|
368
363
|
}
|
|
369
364
|
// ============ Users ============
|
|
370
365
|
async createUser(request) {
|
|
@@ -530,7 +525,7 @@ var AuthMiClient = class {
|
|
|
530
525
|
const token = await this.storage.getToken();
|
|
531
526
|
if (!token) return { valid: false, error: "No token stored" };
|
|
532
527
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
533
|
-
if (!cfg.apiKey
|
|
528
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
534
529
|
try {
|
|
535
530
|
const result = await this.introspect({ serviceId: cfg.serviceId, token });
|
|
536
531
|
return {
|
|
@@ -555,7 +550,7 @@ var AuthMiClient = class {
|
|
|
555
550
|
const cfg = this.config;
|
|
556
551
|
const token = await this.storage.getToken();
|
|
557
552
|
if (!token) return { valid: false, error: "No token provided" };
|
|
558
|
-
if (!cfg.apiKey
|
|
553
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
559
554
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
560
555
|
try {
|
|
561
556
|
const result = await this.introspect({ serviceId: cfg.serviceId, token, requiredScopes });
|
|
@@ -653,11 +648,11 @@ var AuthMiClient = class {
|
|
|
653
648
|
body: JSON.stringify(data)
|
|
654
649
|
});
|
|
655
650
|
}
|
|
656
|
-
async
|
|
651
|
+
async rotateServiceKey(serviceId) {
|
|
657
652
|
return this.request(
|
|
658
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-
|
|
653
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-key`,
|
|
659
654
|
{ method: "POST" }
|
|
660
|
-
);
|
|
655
|
+
).then((r) => ({ serviceKey: r.service_key }));
|
|
661
656
|
}
|
|
662
657
|
// ============ JWKS ============
|
|
663
658
|
async getJwks(serviceId) {
|
package/dist/index.mjs
CHANGED
package/dist/next.d.mts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.mjs';
|
|
3
3
|
|
|
4
4
|
interface MiddlewareOptions {
|
|
5
5
|
/** Base URL of Auth Mi service */
|
package/dist/next.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.js';
|
|
3
3
|
|
|
4
4
|
interface MiddlewareOptions {
|
|
5
5
|
/** Base URL of Auth Mi service */
|
package/dist/next.js
CHANGED
|
@@ -4466,8 +4466,6 @@ function resolveConfig(provider) {
|
|
|
4466
4466
|
baseUrl: raw.baseUrl,
|
|
4467
4467
|
apiKey: raw.apiKey ?? "",
|
|
4468
4468
|
serviceId: raw.serviceId ?? "",
|
|
4469
|
-
clientId: raw.clientId ?? "",
|
|
4470
|
-
clientSecret: raw.clientSecret ?? "",
|
|
4471
4469
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
4472
4470
|
};
|
|
4473
4471
|
}
|
|
@@ -4556,7 +4554,7 @@ var AuthMiClient = class {
|
|
|
4556
4554
|
return resolveConfig(this.configProvider);
|
|
4557
4555
|
}
|
|
4558
4556
|
// ============ HTTP plumbing ============
|
|
4559
|
-
async request(endpoint, options = {}, requireUserToken = false
|
|
4557
|
+
async request(endpoint, options = {}, requireUserToken = false) {
|
|
4560
4558
|
const cfg = this.config;
|
|
4561
4559
|
const url = `${cfg.baseUrl}${endpoint}`;
|
|
4562
4560
|
const headers = {
|
|
@@ -4567,10 +4565,7 @@ var AuthMiClient = class {
|
|
|
4567
4565
|
if (requireUserToken) {
|
|
4568
4566
|
const token = await this.storage.getToken();
|
|
4569
4567
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
4570
|
-
} else if (
|
|
4571
|
-
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
4572
|
-
headers["X-Service-ID"] = cfg.serviceId || cfg.clientId;
|
|
4573
|
-
} else if (requireServiceAuth && cfg.apiKey) {
|
|
4568
|
+
} else if (cfg.apiKey) {
|
|
4574
4569
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
4575
4570
|
}
|
|
4576
4571
|
}
|
|
@@ -4606,7 +4601,7 @@ var AuthMiClient = class {
|
|
|
4606
4601
|
this.configProvider = { ...current, ...config };
|
|
4607
4602
|
}
|
|
4608
4603
|
getConfig() {
|
|
4609
|
-
const { apiKey: _,
|
|
4604
|
+
const { apiKey: _, ...rest } = resolveConfig(this.configProvider);
|
|
4610
4605
|
return rest;
|
|
4611
4606
|
}
|
|
4612
4607
|
// ============ Token Management ============
|
|
@@ -4628,7 +4623,7 @@ var AuthMiClient = class {
|
|
|
4628
4623
|
const response = await this.request("/api/v1/auth/signup", {
|
|
4629
4624
|
method: "POST",
|
|
4630
4625
|
body: JSON.stringify(credentials)
|
|
4631
|
-
}
|
|
4626
|
+
});
|
|
4632
4627
|
return this.mapAuthToken(response);
|
|
4633
4628
|
}
|
|
4634
4629
|
async login(credentials) {
|
|
@@ -4642,7 +4637,7 @@ var AuthMiClient = class {
|
|
|
4642
4637
|
expires_in_hours: credentials.expiresInHours || cfg.defaultTokenExpiry,
|
|
4643
4638
|
scopes: credentials.scopes
|
|
4644
4639
|
})
|
|
4645
|
-
}
|
|
4640
|
+
});
|
|
4646
4641
|
const token = this.mapAuthToken(response);
|
|
4647
4642
|
this.setAccessToken(token.accessToken);
|
|
4648
4643
|
return token;
|
|
@@ -4678,31 +4673,31 @@ var AuthMiClient = class {
|
|
|
4678
4673
|
return this.request("/api/v1/auth/forgot-password", {
|
|
4679
4674
|
method: "POST",
|
|
4680
4675
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
4681
|
-
}
|
|
4676
|
+
});
|
|
4682
4677
|
}
|
|
4683
4678
|
async resetPassword(request) {
|
|
4684
4679
|
return this.request("/api/v1/auth/reset-password", {
|
|
4685
4680
|
method: "POST",
|
|
4686
4681
|
body: JSON.stringify({ token: request.token, new_password: request.newPassword })
|
|
4687
|
-
}
|
|
4682
|
+
});
|
|
4688
4683
|
}
|
|
4689
4684
|
async verifyEmail(request) {
|
|
4690
4685
|
return this.request("/api/v1/auth/verify-email", {
|
|
4691
4686
|
method: "POST",
|
|
4692
4687
|
body: JSON.stringify({ token: request.token })
|
|
4693
|
-
}
|
|
4688
|
+
});
|
|
4694
4689
|
}
|
|
4695
4690
|
async resendVerification(request) {
|
|
4696
4691
|
return this.request("/api/v1/auth/resend-verification", {
|
|
4697
4692
|
method: "POST",
|
|
4698
4693
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
4699
|
-
}
|
|
4694
|
+
});
|
|
4700
4695
|
}
|
|
4701
4696
|
async deactivateAccount(password) {
|
|
4702
4697
|
await this.request("/api/v1/auth/deactivate", {
|
|
4703
4698
|
method: "POST",
|
|
4704
4699
|
body: JSON.stringify({ password })
|
|
4705
|
-
}
|
|
4700
|
+
});
|
|
4706
4701
|
}
|
|
4707
4702
|
mapAuthToken(raw) {
|
|
4708
4703
|
return {
|
|
@@ -4719,13 +4714,13 @@ var AuthMiClient = class {
|
|
|
4719
4714
|
// ============ OAuth ============
|
|
4720
4715
|
async initiateOAuth(provider, redirectUri) {
|
|
4721
4716
|
const cfg = this.config;
|
|
4722
|
-
if (!cfg.
|
|
4717
|
+
if (!cfg.apiKey) {
|
|
4723
4718
|
throw new AuthMiError("Credentials required for OAuth", "MISSING_CREDENTIALS");
|
|
4724
4719
|
}
|
|
4725
4720
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
4726
4721
|
method: "POST",
|
|
4727
|
-
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId
|
|
4728
|
-
}
|
|
4722
|
+
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId })
|
|
4723
|
+
});
|
|
4729
4724
|
return response.url;
|
|
4730
4725
|
}
|
|
4731
4726
|
handleOAuthCallback(url) {
|
|
@@ -4746,13 +4741,13 @@ var AuthMiClient = class {
|
|
|
4746
4741
|
return this.request("/api/v1/auth/saml/initiate", {
|
|
4747
4742
|
method: "POST",
|
|
4748
4743
|
body: JSON.stringify({ email: request.email, redirect_uri: request.redirectUri })
|
|
4749
|
-
}
|
|
4744
|
+
});
|
|
4750
4745
|
}
|
|
4751
4746
|
async parseSamlMetadata(xml) {
|
|
4752
4747
|
return this.request("/api/v1/auth/saml/parse-metadata", {
|
|
4753
4748
|
method: "POST",
|
|
4754
4749
|
body: JSON.stringify({ metadata_xml: xml })
|
|
4755
|
-
}
|
|
4750
|
+
});
|
|
4756
4751
|
}
|
|
4757
4752
|
async listSamlConnections() {
|
|
4758
4753
|
const response = await this.request("/api/v1/auth/saml/connections");
|
|
@@ -4771,28 +4766,28 @@ var AuthMiClient = class {
|
|
|
4771
4766
|
}
|
|
4772
4767
|
// ============ 2FA ============
|
|
4773
4768
|
async setup2fa() {
|
|
4774
|
-
return this.request("/api/v1/auth/2fa/setup", { method: "POST" }
|
|
4769
|
+
return this.request("/api/v1/auth/2fa/setup", { method: "POST" });
|
|
4775
4770
|
}
|
|
4776
4771
|
async enable2fa(code) {
|
|
4777
4772
|
return this.request("/api/v1/auth/2fa/enable", {
|
|
4778
4773
|
method: "POST",
|
|
4779
4774
|
body: JSON.stringify({ code })
|
|
4780
|
-
}
|
|
4775
|
+
});
|
|
4781
4776
|
}
|
|
4782
4777
|
async disable2fa(password) {
|
|
4783
4778
|
await this.request("/api/v1/auth/2fa/disable", {
|
|
4784
4779
|
method: "POST",
|
|
4785
4780
|
body: JSON.stringify({ password })
|
|
4786
|
-
}
|
|
4781
|
+
});
|
|
4787
4782
|
}
|
|
4788
4783
|
async regenerateBackupCodes() {
|
|
4789
|
-
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" }
|
|
4784
|
+
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" });
|
|
4790
4785
|
}
|
|
4791
4786
|
async challenge2fa(request) {
|
|
4792
4787
|
return this.request("/api/v1/auth/2fa/challenge", {
|
|
4793
4788
|
method: "POST",
|
|
4794
4789
|
body: JSON.stringify(request)
|
|
4795
|
-
}
|
|
4790
|
+
});
|
|
4796
4791
|
}
|
|
4797
4792
|
// ============ Users ============
|
|
4798
4793
|
async createUser(request) {
|
|
@@ -4958,7 +4953,7 @@ var AuthMiClient = class {
|
|
|
4958
4953
|
const token = await this.storage.getToken();
|
|
4959
4954
|
if (!token) return { valid: false, error: "No token stored" };
|
|
4960
4955
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
4961
|
-
if (!cfg.apiKey
|
|
4956
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
4962
4957
|
try {
|
|
4963
4958
|
const result = await this.introspect({ serviceId: cfg.serviceId, token });
|
|
4964
4959
|
return {
|
|
@@ -4983,7 +4978,7 @@ var AuthMiClient = class {
|
|
|
4983
4978
|
const cfg = this.config;
|
|
4984
4979
|
const token = await this.storage.getToken();
|
|
4985
4980
|
if (!token) return { valid: false, error: "No token provided" };
|
|
4986
|
-
if (!cfg.apiKey
|
|
4981
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
4987
4982
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
4988
4983
|
try {
|
|
4989
4984
|
const result = await this.introspect({ serviceId: cfg.serviceId, token, requiredScopes });
|
|
@@ -5081,11 +5076,11 @@ var AuthMiClient = class {
|
|
|
5081
5076
|
body: JSON.stringify(data)
|
|
5082
5077
|
});
|
|
5083
5078
|
}
|
|
5084
|
-
async
|
|
5079
|
+
async rotateServiceKey(serviceId) {
|
|
5085
5080
|
return this.request(
|
|
5086
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-
|
|
5081
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-key`,
|
|
5087
5082
|
{ method: "POST" }
|
|
5088
|
-
);
|
|
5083
|
+
).then((r) => ({ serviceKey: r.service_key }));
|
|
5089
5084
|
}
|
|
5090
5085
|
// ============ JWKS ============
|
|
5091
5086
|
async getJwks(serviceId) {
|
package/dist/next.mjs
CHANGED
package/dist/react.d.mts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
2
|
import { ReactNode } from 'react';
|
|
3
|
-
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-
|
|
4
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
3
|
+
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-Cj-AA4V9.mjs';
|
|
4
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.mjs';
|
|
5
5
|
|
|
6
6
|
interface AuthMiContextValue {
|
|
7
7
|
client: AuthMiClient;
|
package/dist/react.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
2
|
import { ReactNode } from 'react';
|
|
3
|
-
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-
|
|
4
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
3
|
+
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-Cj-AA4V9.js';
|
|
4
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.js';
|
|
5
5
|
|
|
6
6
|
interface AuthMiContextValue {
|
|
7
7
|
client: AuthMiClient;
|
package/dist/react.js
CHANGED
|
@@ -42,8 +42,6 @@ function resolveConfig(provider) {
|
|
|
42
42
|
baseUrl: raw.baseUrl,
|
|
43
43
|
apiKey: raw.apiKey ?? "",
|
|
44
44
|
serviceId: raw.serviceId ?? "",
|
|
45
|
-
clientId: raw.clientId ?? "",
|
|
46
|
-
clientSecret: raw.clientSecret ?? "",
|
|
47
45
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
48
46
|
};
|
|
49
47
|
}
|
|
@@ -132,7 +130,7 @@ var AuthMiClient = class {
|
|
|
132
130
|
return resolveConfig(this.configProvider);
|
|
133
131
|
}
|
|
134
132
|
// ============ HTTP plumbing ============
|
|
135
|
-
async request(endpoint, options = {}, requireUserToken = false
|
|
133
|
+
async request(endpoint, options = {}, requireUserToken = false) {
|
|
136
134
|
const cfg = this.config;
|
|
137
135
|
const url = `${cfg.baseUrl}${endpoint}`;
|
|
138
136
|
const headers = {
|
|
@@ -143,10 +141,7 @@ var AuthMiClient = class {
|
|
|
143
141
|
if (requireUserToken) {
|
|
144
142
|
const token = await this.storage.getToken();
|
|
145
143
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
146
|
-
} else if (
|
|
147
|
-
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
148
|
-
headers["X-Service-ID"] = cfg.serviceId || cfg.clientId;
|
|
149
|
-
} else if (requireServiceAuth && cfg.apiKey) {
|
|
144
|
+
} else if (cfg.apiKey) {
|
|
150
145
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
151
146
|
}
|
|
152
147
|
}
|
|
@@ -182,7 +177,7 @@ var AuthMiClient = class {
|
|
|
182
177
|
this.configProvider = { ...current, ...config };
|
|
183
178
|
}
|
|
184
179
|
getConfig() {
|
|
185
|
-
const { apiKey: _,
|
|
180
|
+
const { apiKey: _, ...rest } = resolveConfig(this.configProvider);
|
|
186
181
|
return rest;
|
|
187
182
|
}
|
|
188
183
|
// ============ Token Management ============
|
|
@@ -204,7 +199,7 @@ var AuthMiClient = class {
|
|
|
204
199
|
const response = await this.request("/api/v1/auth/signup", {
|
|
205
200
|
method: "POST",
|
|
206
201
|
body: JSON.stringify(credentials)
|
|
207
|
-
}
|
|
202
|
+
});
|
|
208
203
|
return this.mapAuthToken(response);
|
|
209
204
|
}
|
|
210
205
|
async login(credentials) {
|
|
@@ -218,7 +213,7 @@ var AuthMiClient = class {
|
|
|
218
213
|
expires_in_hours: credentials.expiresInHours || cfg.defaultTokenExpiry,
|
|
219
214
|
scopes: credentials.scopes
|
|
220
215
|
})
|
|
221
|
-
}
|
|
216
|
+
});
|
|
222
217
|
const token = this.mapAuthToken(response);
|
|
223
218
|
this.setAccessToken(token.accessToken);
|
|
224
219
|
return token;
|
|
@@ -254,31 +249,31 @@ var AuthMiClient = class {
|
|
|
254
249
|
return this.request("/api/v1/auth/forgot-password", {
|
|
255
250
|
method: "POST",
|
|
256
251
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
257
|
-
}
|
|
252
|
+
});
|
|
258
253
|
}
|
|
259
254
|
async resetPassword(request) {
|
|
260
255
|
return this.request("/api/v1/auth/reset-password", {
|
|
261
256
|
method: "POST",
|
|
262
257
|
body: JSON.stringify({ token: request.token, new_password: request.newPassword })
|
|
263
|
-
}
|
|
258
|
+
});
|
|
264
259
|
}
|
|
265
260
|
async verifyEmail(request) {
|
|
266
261
|
return this.request("/api/v1/auth/verify-email", {
|
|
267
262
|
method: "POST",
|
|
268
263
|
body: JSON.stringify({ token: request.token })
|
|
269
|
-
}
|
|
264
|
+
});
|
|
270
265
|
}
|
|
271
266
|
async resendVerification(request) {
|
|
272
267
|
return this.request("/api/v1/auth/resend-verification", {
|
|
273
268
|
method: "POST",
|
|
274
269
|
body: JSON.stringify({ email: request.email, client_id: this.config.serviceId })
|
|
275
|
-
}
|
|
270
|
+
});
|
|
276
271
|
}
|
|
277
272
|
async deactivateAccount(password) {
|
|
278
273
|
await this.request("/api/v1/auth/deactivate", {
|
|
279
274
|
method: "POST",
|
|
280
275
|
body: JSON.stringify({ password })
|
|
281
|
-
}
|
|
276
|
+
});
|
|
282
277
|
}
|
|
283
278
|
mapAuthToken(raw) {
|
|
284
279
|
return {
|
|
@@ -295,13 +290,13 @@ var AuthMiClient = class {
|
|
|
295
290
|
// ============ OAuth ============
|
|
296
291
|
async initiateOAuth(provider, redirectUri) {
|
|
297
292
|
const cfg = this.config;
|
|
298
|
-
if (!cfg.
|
|
293
|
+
if (!cfg.apiKey) {
|
|
299
294
|
throw new AuthMiError("Credentials required for OAuth", "MISSING_CREDENTIALS");
|
|
300
295
|
}
|
|
301
296
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
302
297
|
method: "POST",
|
|
303
|
-
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId
|
|
304
|
-
}
|
|
298
|
+
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId })
|
|
299
|
+
});
|
|
305
300
|
return response.url;
|
|
306
301
|
}
|
|
307
302
|
handleOAuthCallback(url) {
|
|
@@ -322,13 +317,13 @@ var AuthMiClient = class {
|
|
|
322
317
|
return this.request("/api/v1/auth/saml/initiate", {
|
|
323
318
|
method: "POST",
|
|
324
319
|
body: JSON.stringify({ email: request.email, redirect_uri: request.redirectUri })
|
|
325
|
-
}
|
|
320
|
+
});
|
|
326
321
|
}
|
|
327
322
|
async parseSamlMetadata(xml) {
|
|
328
323
|
return this.request("/api/v1/auth/saml/parse-metadata", {
|
|
329
324
|
method: "POST",
|
|
330
325
|
body: JSON.stringify({ metadata_xml: xml })
|
|
331
|
-
}
|
|
326
|
+
});
|
|
332
327
|
}
|
|
333
328
|
async listSamlConnections() {
|
|
334
329
|
const response = await this.request("/api/v1/auth/saml/connections");
|
|
@@ -347,28 +342,28 @@ var AuthMiClient = class {
|
|
|
347
342
|
}
|
|
348
343
|
// ============ 2FA ============
|
|
349
344
|
async setup2fa() {
|
|
350
|
-
return this.request("/api/v1/auth/2fa/setup", { method: "POST" }
|
|
345
|
+
return this.request("/api/v1/auth/2fa/setup", { method: "POST" });
|
|
351
346
|
}
|
|
352
347
|
async enable2fa(code) {
|
|
353
348
|
return this.request("/api/v1/auth/2fa/enable", {
|
|
354
349
|
method: "POST",
|
|
355
350
|
body: JSON.stringify({ code })
|
|
356
|
-
}
|
|
351
|
+
});
|
|
357
352
|
}
|
|
358
353
|
async disable2fa(password) {
|
|
359
354
|
await this.request("/api/v1/auth/2fa/disable", {
|
|
360
355
|
method: "POST",
|
|
361
356
|
body: JSON.stringify({ password })
|
|
362
|
-
}
|
|
357
|
+
});
|
|
363
358
|
}
|
|
364
359
|
async regenerateBackupCodes() {
|
|
365
|
-
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" }
|
|
360
|
+
return this.request("/api/v1/auth/2fa/backup-codes", { method: "POST" });
|
|
366
361
|
}
|
|
367
362
|
async challenge2fa(request) {
|
|
368
363
|
return this.request("/api/v1/auth/2fa/challenge", {
|
|
369
364
|
method: "POST",
|
|
370
365
|
body: JSON.stringify(request)
|
|
371
|
-
}
|
|
366
|
+
});
|
|
372
367
|
}
|
|
373
368
|
// ============ Users ============
|
|
374
369
|
async createUser(request) {
|
|
@@ -534,7 +529,7 @@ var AuthMiClient = class {
|
|
|
534
529
|
const token = await this.storage.getToken();
|
|
535
530
|
if (!token) return { valid: false, error: "No token stored" };
|
|
536
531
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
537
|
-
if (!cfg.apiKey
|
|
532
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
538
533
|
try {
|
|
539
534
|
const result = await this.introspect({ serviceId: cfg.serviceId, token });
|
|
540
535
|
return {
|
|
@@ -559,7 +554,7 @@ var AuthMiClient = class {
|
|
|
559
554
|
const cfg = this.config;
|
|
560
555
|
const token = await this.storage.getToken();
|
|
561
556
|
if (!token) return { valid: false, error: "No token provided" };
|
|
562
|
-
if (!cfg.apiKey
|
|
557
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
563
558
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
564
559
|
try {
|
|
565
560
|
const result = await this.introspect({ serviceId: cfg.serviceId, token, requiredScopes });
|
|
@@ -657,11 +652,11 @@ var AuthMiClient = class {
|
|
|
657
652
|
body: JSON.stringify(data)
|
|
658
653
|
});
|
|
659
654
|
}
|
|
660
|
-
async
|
|
655
|
+
async rotateServiceKey(serviceId) {
|
|
661
656
|
return this.request(
|
|
662
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-
|
|
657
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-key`,
|
|
663
658
|
{ method: "POST" }
|
|
664
|
-
);
|
|
659
|
+
).then((r) => ({ serviceKey: r.service_key }));
|
|
665
660
|
}
|
|
666
661
|
// ============ JWKS ============
|
|
667
662
|
async getJwks(serviceId) {
|
|
@@ -765,7 +760,7 @@ function AuthMiProvider({
|
|
|
765
760
|
setIsLoading(true);
|
|
766
761
|
try {
|
|
767
762
|
const cfg = client["config"];
|
|
768
|
-
const token = await client.signup({ email, password, name, client_id: cfg.serviceId
|
|
763
|
+
const token = await client.signup({ email, password, name, client_id: cfg.serviceId });
|
|
769
764
|
setIsAuthenticated(true);
|
|
770
765
|
setUser({ userId: token.userId, email: token.email, createdAt: (/* @__PURE__ */ new Date()).toISOString() });
|
|
771
766
|
} finally {
|
package/dist/react.mjs
CHANGED
|
@@ -2,7 +2,7 @@ import {
|
|
|
2
2
|
AuthMiClient,
|
|
3
3
|
AuthMiError,
|
|
4
4
|
ScopeError
|
|
5
|
-
} from "./chunk-
|
|
5
|
+
} from "./chunk-5NJCXFBV.mjs";
|
|
6
6
|
|
|
7
7
|
// src/react.tsx
|
|
8
8
|
import {
|
|
@@ -77,7 +77,7 @@ function AuthMiProvider({
|
|
|
77
77
|
setIsLoading(true);
|
|
78
78
|
try {
|
|
79
79
|
const cfg = client["config"];
|
|
80
|
-
const token = await client.signup({ email, password, name, client_id: cfg.serviceId
|
|
80
|
+
const token = await client.signup({ email, password, name, client_id: cfg.serviceId });
|
|
81
81
|
setIsAuthenticated(true);
|
|
82
82
|
setUser({ userId: token.userId, email: token.email, createdAt: (/* @__PURE__ */ new Date()).toISOString() });
|
|
83
83
|
} finally {
|