authmi 1.3.0 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-LBMBSWSF.mjs → chunk-5NJCXFBV.mjs} +9 -42
- package/dist/{client-ClqDnphI.d.mts → client-Cj-AA4V9.d.mts} +3 -29
- package/dist/{client-ClqDnphI.d.ts → client-Cj-AA4V9.d.ts} +3 -29
- package/dist/index.d.mts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +9 -42
- package/dist/index.mjs +1 -1
- package/dist/next.d.mts +1 -1
- package/dist/next.d.ts +1 -1
- package/dist/next.js +9 -42
- package/dist/next.mjs +1 -1
- package/dist/react.d.mts +2 -2
- package/dist/react.d.ts +2 -2
- package/dist/react.js +10 -43
- package/dist/react.mjs +2 -2
- package/package.json +1 -1
|
@@ -33,29 +33,10 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
|
|
|
33
33
|
// src/config.ts
|
|
34
34
|
function resolveConfig(provider) {
|
|
35
35
|
const raw = typeof provider === "function" ? provider() : provider;
|
|
36
|
-
let clientId = raw.clientId ?? "";
|
|
37
|
-
let clientSecret = raw.clientSecret ?? "";
|
|
38
|
-
let serviceId = raw.serviceId ?? "";
|
|
39
|
-
const token = raw.token ?? "";
|
|
40
|
-
if (raw.token) {
|
|
41
|
-
const dot = raw.token.indexOf(".");
|
|
42
|
-
if (dot > 0) {
|
|
43
|
-
const sid = raw.token.slice(0, dot);
|
|
44
|
-
const secret = raw.token.slice(dot + 1);
|
|
45
|
-
if (sid && secret) {
|
|
46
|
-
clientId = sid;
|
|
47
|
-
clientSecret = secret;
|
|
48
|
-
if (!serviceId) serviceId = sid;
|
|
49
|
-
}
|
|
50
|
-
}
|
|
51
|
-
}
|
|
52
36
|
return {
|
|
53
37
|
baseUrl: raw.baseUrl,
|
|
54
38
|
apiKey: raw.apiKey ?? "",
|
|
55
|
-
serviceId,
|
|
56
|
-
clientId,
|
|
57
|
-
clientSecret,
|
|
58
|
-
token,
|
|
39
|
+
serviceId: raw.serviceId ?? "",
|
|
59
40
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
60
41
|
};
|
|
61
42
|
}
|
|
@@ -155,8 +136,6 @@ var AuthMiClient = class {
|
|
|
155
136
|
if (requireUserToken) {
|
|
156
137
|
const token = await this.storage.getToken();
|
|
157
138
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
158
|
-
} else if (cfg.clientId && cfg.clientSecret) {
|
|
159
|
-
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
160
139
|
} else if (cfg.apiKey) {
|
|
161
140
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
162
141
|
}
|
|
@@ -193,7 +172,7 @@ var AuthMiClient = class {
|
|
|
193
172
|
this.configProvider = { ...current, ...config };
|
|
194
173
|
}
|
|
195
174
|
getConfig() {
|
|
196
|
-
const { apiKey: _,
|
|
175
|
+
const { apiKey: _, ...rest } = resolveConfig(this.configProvider);
|
|
197
176
|
return rest;
|
|
198
177
|
}
|
|
199
178
|
// ============ Token Management ============
|
|
@@ -306,12 +285,12 @@ var AuthMiClient = class {
|
|
|
306
285
|
// ============ OAuth ============
|
|
307
286
|
async initiateOAuth(provider, redirectUri) {
|
|
308
287
|
const cfg = this.config;
|
|
309
|
-
if (!cfg.
|
|
288
|
+
if (!cfg.apiKey) {
|
|
310
289
|
throw new AuthMiError("Credentials required for OAuth", "MISSING_CREDENTIALS");
|
|
311
290
|
}
|
|
312
291
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
313
292
|
method: "POST",
|
|
314
|
-
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId
|
|
293
|
+
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId })
|
|
315
294
|
});
|
|
316
295
|
return response.url;
|
|
317
296
|
}
|
|
@@ -545,7 +524,7 @@ var AuthMiClient = class {
|
|
|
545
524
|
const token = await this.storage.getToken();
|
|
546
525
|
if (!token) return { valid: false, error: "No token stored" };
|
|
547
526
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
548
|
-
if (!cfg.apiKey
|
|
527
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
549
528
|
try {
|
|
550
529
|
const result = await this.introspect({ serviceId: cfg.serviceId, token });
|
|
551
530
|
return {
|
|
@@ -570,7 +549,7 @@ var AuthMiClient = class {
|
|
|
570
549
|
const cfg = this.config;
|
|
571
550
|
const token = await this.storage.getToken();
|
|
572
551
|
if (!token) return { valid: false, error: "No token provided" };
|
|
573
|
-
if (!cfg.apiKey
|
|
552
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
574
553
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
575
554
|
try {
|
|
576
555
|
const result = await this.introspect({ serviceId: cfg.serviceId, token, requiredScopes });
|
|
@@ -668,23 +647,11 @@ var AuthMiClient = class {
|
|
|
668
647
|
body: JSON.stringify(data)
|
|
669
648
|
});
|
|
670
649
|
}
|
|
671
|
-
async
|
|
672
|
-
return this.request(
|
|
673
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-secret`,
|
|
674
|
-
{ method: "POST" }
|
|
675
|
-
);
|
|
676
|
-
}
|
|
677
|
-
/** Get the combined service token — a single string combining serviceId and
|
|
678
|
-
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
679
|
-
* instead of providing serviceId and clientSecret separately.
|
|
680
|
-
*
|
|
681
|
-
* Format returned: "{serviceId}.{clientSecret}"
|
|
682
|
-
*/
|
|
683
|
-
async getServiceToken(serviceId) {
|
|
650
|
+
async rotateServiceKey(serviceId) {
|
|
684
651
|
return this.request(
|
|
685
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/
|
|
652
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-key`,
|
|
686
653
|
{ method: "POST" }
|
|
687
|
-
).then((r) => ({
|
|
654
|
+
).then((r) => ({ serviceKey: r.service_key }));
|
|
688
655
|
}
|
|
689
656
|
// ============ JWKS ============
|
|
690
657
|
async getJwks(serviceId) {
|
|
@@ -5,21 +5,6 @@ interface AuthMiConfig {
|
|
|
5
5
|
apiKey?: string;
|
|
6
6
|
/** Service ID (svc-xxx) — required for token introspection */
|
|
7
7
|
serviceId?: string;
|
|
8
|
-
/** Client ID for Basic auth — alternative to apiKey for service-level auth */
|
|
9
|
-
clientId?: string;
|
|
10
|
-
/** Client Secret for Basic auth */
|
|
11
|
-
clientSecret?: string;
|
|
12
|
-
/**
|
|
13
|
-
* Combined service token — alternative to providing serviceId+clientSecret
|
|
14
|
-
* (or clientId+clientSecret) separately.
|
|
15
|
-
*
|
|
16
|
-
* Format: "{serviceId}.{clientSecret}"
|
|
17
|
-
* Example: "svc-lightssl.cs-a1b2c3d4e5f6..."
|
|
18
|
-
*
|
|
19
|
-
* The SDK splits the token on the first '.' to extract the service ID
|
|
20
|
-
* and the client secret, then uses Basic auth as usual.
|
|
21
|
-
*/
|
|
22
|
-
token?: string;
|
|
23
8
|
/** Default token expiration in hours (default: 24) */
|
|
24
9
|
defaultTokenExpiry?: number;
|
|
25
10
|
}
|
|
@@ -329,7 +314,7 @@ declare class AuthMiClient {
|
|
|
329
314
|
private get config();
|
|
330
315
|
private request;
|
|
331
316
|
configure(config: Partial<AuthMiConfig>): void;
|
|
332
|
-
getConfig(): Omit<AuthMiConfig, "apiKey"
|
|
317
|
+
getConfig(): Omit<AuthMiConfig, "apiKey">;
|
|
333
318
|
getAccessToken(): Promise<string | null>;
|
|
334
319
|
setAccessToken(token: string): void;
|
|
335
320
|
clearAccessToken(): void;
|
|
@@ -406,19 +391,8 @@ declare class AuthMiClient {
|
|
|
406
391
|
getAuditLogs(query?: AuditLogQuery): Promise<AuditLog[]>;
|
|
407
392
|
getService(serviceId: string): Promise<ServiceDetail>;
|
|
408
393
|
updateService(serviceId: string, data: UpdateServiceRequest): Promise<ServiceDetail>;
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
}>;
|
|
412
|
-
/** Get the combined service token — a single string combining serviceId and
|
|
413
|
-
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
414
|
-
* instead of providing serviceId and clientSecret separately.
|
|
415
|
-
*
|
|
416
|
-
* Format returned: "{serviceId}.{clientSecret}"
|
|
417
|
-
*/
|
|
418
|
-
getServiceToken(serviceId: string): Promise<{
|
|
419
|
-
token: string;
|
|
420
|
-
serviceId: string;
|
|
421
|
-
serviceName: string;
|
|
394
|
+
rotateServiceKey(serviceId: string): Promise<{
|
|
395
|
+
serviceKey: string;
|
|
422
396
|
}>;
|
|
423
397
|
getJwks(serviceId: string): Promise<JwksResponse>;
|
|
424
398
|
onboardService(request: OnboardRequest, masterAdminKey: string): Promise<OnboardResponse>;
|
|
@@ -5,21 +5,6 @@ interface AuthMiConfig {
|
|
|
5
5
|
apiKey?: string;
|
|
6
6
|
/** Service ID (svc-xxx) — required for token introspection */
|
|
7
7
|
serviceId?: string;
|
|
8
|
-
/** Client ID for Basic auth — alternative to apiKey for service-level auth */
|
|
9
|
-
clientId?: string;
|
|
10
|
-
/** Client Secret for Basic auth */
|
|
11
|
-
clientSecret?: string;
|
|
12
|
-
/**
|
|
13
|
-
* Combined service token — alternative to providing serviceId+clientSecret
|
|
14
|
-
* (or clientId+clientSecret) separately.
|
|
15
|
-
*
|
|
16
|
-
* Format: "{serviceId}.{clientSecret}"
|
|
17
|
-
* Example: "svc-lightssl.cs-a1b2c3d4e5f6..."
|
|
18
|
-
*
|
|
19
|
-
* The SDK splits the token on the first '.' to extract the service ID
|
|
20
|
-
* and the client secret, then uses Basic auth as usual.
|
|
21
|
-
*/
|
|
22
|
-
token?: string;
|
|
23
8
|
/** Default token expiration in hours (default: 24) */
|
|
24
9
|
defaultTokenExpiry?: number;
|
|
25
10
|
}
|
|
@@ -329,7 +314,7 @@ declare class AuthMiClient {
|
|
|
329
314
|
private get config();
|
|
330
315
|
private request;
|
|
331
316
|
configure(config: Partial<AuthMiConfig>): void;
|
|
332
|
-
getConfig(): Omit<AuthMiConfig, "apiKey"
|
|
317
|
+
getConfig(): Omit<AuthMiConfig, "apiKey">;
|
|
333
318
|
getAccessToken(): Promise<string | null>;
|
|
334
319
|
setAccessToken(token: string): void;
|
|
335
320
|
clearAccessToken(): void;
|
|
@@ -406,19 +391,8 @@ declare class AuthMiClient {
|
|
|
406
391
|
getAuditLogs(query?: AuditLogQuery): Promise<AuditLog[]>;
|
|
407
392
|
getService(serviceId: string): Promise<ServiceDetail>;
|
|
408
393
|
updateService(serviceId: string, data: UpdateServiceRequest): Promise<ServiceDetail>;
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
}>;
|
|
412
|
-
/** Get the combined service token — a single string combining serviceId and
|
|
413
|
-
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
414
|
-
* instead of providing serviceId and clientSecret separately.
|
|
415
|
-
*
|
|
416
|
-
* Format returned: "{serviceId}.{clientSecret}"
|
|
417
|
-
*/
|
|
418
|
-
getServiceToken(serviceId: string): Promise<{
|
|
419
|
-
token: string;
|
|
420
|
-
serviceId: string;
|
|
421
|
-
serviceName: string;
|
|
394
|
+
rotateServiceKey(serviceId: string): Promise<{
|
|
395
|
+
serviceKey: string;
|
|
422
396
|
}>;
|
|
423
397
|
getJwks(serviceId: string): Promise<JwksResponse>;
|
|
424
398
|
onboardService(request: OnboardRequest, masterAdminKey: string): Promise<OnboardResponse>;
|
package/dist/index.d.mts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { T as TokenStorage } from './client-
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
1
|
+
import { T as TokenStorage } from './client-Cj-AA4V9.mjs';
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.mjs';
|
|
3
3
|
|
|
4
4
|
declare class LocalStorageTokenStorage implements TokenStorage {
|
|
5
5
|
private canAccess;
|
package/dist/index.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { T as TokenStorage } from './client-
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
1
|
+
import { T as TokenStorage } from './client-Cj-AA4V9.js';
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, d as AuthMiConfig, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, i as ConfigProvider, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, I as IntrospectCache, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.js';
|
|
3
3
|
|
|
4
4
|
declare class LocalStorageTokenStorage implements TokenStorage {
|
|
5
5
|
private canAccess;
|
package/dist/index.js
CHANGED
|
@@ -34,29 +34,10 @@ module.exports = __toCommonJS(index_exports);
|
|
|
34
34
|
// src/config.ts
|
|
35
35
|
function resolveConfig(provider) {
|
|
36
36
|
const raw = typeof provider === "function" ? provider() : provider;
|
|
37
|
-
let clientId = raw.clientId ?? "";
|
|
38
|
-
let clientSecret = raw.clientSecret ?? "";
|
|
39
|
-
let serviceId = raw.serviceId ?? "";
|
|
40
|
-
const token = raw.token ?? "";
|
|
41
|
-
if (raw.token) {
|
|
42
|
-
const dot = raw.token.indexOf(".");
|
|
43
|
-
if (dot > 0) {
|
|
44
|
-
const sid = raw.token.slice(0, dot);
|
|
45
|
-
const secret = raw.token.slice(dot + 1);
|
|
46
|
-
if (sid && secret) {
|
|
47
|
-
clientId = sid;
|
|
48
|
-
clientSecret = secret;
|
|
49
|
-
if (!serviceId) serviceId = sid;
|
|
50
|
-
}
|
|
51
|
-
}
|
|
52
|
-
}
|
|
53
37
|
return {
|
|
54
38
|
baseUrl: raw.baseUrl,
|
|
55
39
|
apiKey: raw.apiKey ?? "",
|
|
56
|
-
serviceId,
|
|
57
|
-
clientId,
|
|
58
|
-
clientSecret,
|
|
59
|
-
token,
|
|
40
|
+
serviceId: raw.serviceId ?? "",
|
|
60
41
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
61
42
|
};
|
|
62
43
|
}
|
|
@@ -156,8 +137,6 @@ var AuthMiClient = class {
|
|
|
156
137
|
if (requireUserToken) {
|
|
157
138
|
const token = await this.storage.getToken();
|
|
158
139
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
159
|
-
} else if (cfg.clientId && cfg.clientSecret) {
|
|
160
|
-
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
161
140
|
} else if (cfg.apiKey) {
|
|
162
141
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
163
142
|
}
|
|
@@ -194,7 +173,7 @@ var AuthMiClient = class {
|
|
|
194
173
|
this.configProvider = { ...current, ...config };
|
|
195
174
|
}
|
|
196
175
|
getConfig() {
|
|
197
|
-
const { apiKey: _,
|
|
176
|
+
const { apiKey: _, ...rest } = resolveConfig(this.configProvider);
|
|
198
177
|
return rest;
|
|
199
178
|
}
|
|
200
179
|
// ============ Token Management ============
|
|
@@ -307,12 +286,12 @@ var AuthMiClient = class {
|
|
|
307
286
|
// ============ OAuth ============
|
|
308
287
|
async initiateOAuth(provider, redirectUri) {
|
|
309
288
|
const cfg = this.config;
|
|
310
|
-
if (!cfg.
|
|
289
|
+
if (!cfg.apiKey) {
|
|
311
290
|
throw new AuthMiError("Credentials required for OAuth", "MISSING_CREDENTIALS");
|
|
312
291
|
}
|
|
313
292
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
314
293
|
method: "POST",
|
|
315
|
-
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId
|
|
294
|
+
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId })
|
|
316
295
|
});
|
|
317
296
|
return response.url;
|
|
318
297
|
}
|
|
@@ -546,7 +525,7 @@ var AuthMiClient = class {
|
|
|
546
525
|
const token = await this.storage.getToken();
|
|
547
526
|
if (!token) return { valid: false, error: "No token stored" };
|
|
548
527
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
549
|
-
if (!cfg.apiKey
|
|
528
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
550
529
|
try {
|
|
551
530
|
const result = await this.introspect({ serviceId: cfg.serviceId, token });
|
|
552
531
|
return {
|
|
@@ -571,7 +550,7 @@ var AuthMiClient = class {
|
|
|
571
550
|
const cfg = this.config;
|
|
572
551
|
const token = await this.storage.getToken();
|
|
573
552
|
if (!token) return { valid: false, error: "No token provided" };
|
|
574
|
-
if (!cfg.apiKey
|
|
553
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
575
554
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
576
555
|
try {
|
|
577
556
|
const result = await this.introspect({ serviceId: cfg.serviceId, token, requiredScopes });
|
|
@@ -669,23 +648,11 @@ var AuthMiClient = class {
|
|
|
669
648
|
body: JSON.stringify(data)
|
|
670
649
|
});
|
|
671
650
|
}
|
|
672
|
-
async
|
|
673
|
-
return this.request(
|
|
674
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-secret`,
|
|
675
|
-
{ method: "POST" }
|
|
676
|
-
);
|
|
677
|
-
}
|
|
678
|
-
/** Get the combined service token — a single string combining serviceId and
|
|
679
|
-
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
680
|
-
* instead of providing serviceId and clientSecret separately.
|
|
681
|
-
*
|
|
682
|
-
* Format returned: "{serviceId}.{clientSecret}"
|
|
683
|
-
*/
|
|
684
|
-
async getServiceToken(serviceId) {
|
|
651
|
+
async rotateServiceKey(serviceId) {
|
|
685
652
|
return this.request(
|
|
686
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/
|
|
653
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-key`,
|
|
687
654
|
{ method: "POST" }
|
|
688
|
-
).then((r) => ({
|
|
655
|
+
).then((r) => ({ serviceKey: r.service_key }));
|
|
689
656
|
}
|
|
690
657
|
// ============ JWKS ============
|
|
691
658
|
async getJwks(serviceId) {
|
package/dist/index.mjs
CHANGED
package/dist/next.d.mts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.mjs';
|
|
3
3
|
|
|
4
4
|
interface MiddlewareOptions {
|
|
5
5
|
/** Base URL of Auth Mi service */
|
package/dist/next.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { NextRequest, NextResponse } from 'next/server';
|
|
2
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
2
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, c as AuthMiClient, e as AuthMiError, f as AuthToken, B as BackupCodesResult, C as Challenge2FARequest, g as CheckoutResponse, h as ClientOptions, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, E as Enable2FAResult, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, O as OAuthCallbackResult, r as OAuthInitiateResponse, s as OAuthProvider, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, G as Setup2FAResult, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, M as User, V as ValidationResult, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.js';
|
|
3
3
|
|
|
4
4
|
interface MiddlewareOptions {
|
|
5
5
|
/** Base URL of Auth Mi service */
|
package/dist/next.js
CHANGED
|
@@ -4462,29 +4462,10 @@ var import_server = __toESM(require_server());
|
|
|
4462
4462
|
// src/config.ts
|
|
4463
4463
|
function resolveConfig(provider) {
|
|
4464
4464
|
const raw = typeof provider === "function" ? provider() : provider;
|
|
4465
|
-
let clientId = raw.clientId ?? "";
|
|
4466
|
-
let clientSecret = raw.clientSecret ?? "";
|
|
4467
|
-
let serviceId = raw.serviceId ?? "";
|
|
4468
|
-
const token = raw.token ?? "";
|
|
4469
|
-
if (raw.token) {
|
|
4470
|
-
const dot = raw.token.indexOf(".");
|
|
4471
|
-
if (dot > 0) {
|
|
4472
|
-
const sid = raw.token.slice(0, dot);
|
|
4473
|
-
const secret = raw.token.slice(dot + 1);
|
|
4474
|
-
if (sid && secret) {
|
|
4475
|
-
clientId = sid;
|
|
4476
|
-
clientSecret = secret;
|
|
4477
|
-
if (!serviceId) serviceId = sid;
|
|
4478
|
-
}
|
|
4479
|
-
}
|
|
4480
|
-
}
|
|
4481
4465
|
return {
|
|
4482
4466
|
baseUrl: raw.baseUrl,
|
|
4483
4467
|
apiKey: raw.apiKey ?? "",
|
|
4484
|
-
serviceId,
|
|
4485
|
-
clientId,
|
|
4486
|
-
clientSecret,
|
|
4487
|
-
token,
|
|
4468
|
+
serviceId: raw.serviceId ?? "",
|
|
4488
4469
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
4489
4470
|
};
|
|
4490
4471
|
}
|
|
@@ -4584,8 +4565,6 @@ var AuthMiClient = class {
|
|
|
4584
4565
|
if (requireUserToken) {
|
|
4585
4566
|
const token = await this.storage.getToken();
|
|
4586
4567
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
4587
|
-
} else if (cfg.clientId && cfg.clientSecret) {
|
|
4588
|
-
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
4589
4568
|
} else if (cfg.apiKey) {
|
|
4590
4569
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
4591
4570
|
}
|
|
@@ -4622,7 +4601,7 @@ var AuthMiClient = class {
|
|
|
4622
4601
|
this.configProvider = { ...current, ...config };
|
|
4623
4602
|
}
|
|
4624
4603
|
getConfig() {
|
|
4625
|
-
const { apiKey: _,
|
|
4604
|
+
const { apiKey: _, ...rest } = resolveConfig(this.configProvider);
|
|
4626
4605
|
return rest;
|
|
4627
4606
|
}
|
|
4628
4607
|
// ============ Token Management ============
|
|
@@ -4735,12 +4714,12 @@ var AuthMiClient = class {
|
|
|
4735
4714
|
// ============ OAuth ============
|
|
4736
4715
|
async initiateOAuth(provider, redirectUri) {
|
|
4737
4716
|
const cfg = this.config;
|
|
4738
|
-
if (!cfg.
|
|
4717
|
+
if (!cfg.apiKey) {
|
|
4739
4718
|
throw new AuthMiError("Credentials required for OAuth", "MISSING_CREDENTIALS");
|
|
4740
4719
|
}
|
|
4741
4720
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
4742
4721
|
method: "POST",
|
|
4743
|
-
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId
|
|
4722
|
+
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId })
|
|
4744
4723
|
});
|
|
4745
4724
|
return response.url;
|
|
4746
4725
|
}
|
|
@@ -4974,7 +4953,7 @@ var AuthMiClient = class {
|
|
|
4974
4953
|
const token = await this.storage.getToken();
|
|
4975
4954
|
if (!token) return { valid: false, error: "No token stored" };
|
|
4976
4955
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
4977
|
-
if (!cfg.apiKey
|
|
4956
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
4978
4957
|
try {
|
|
4979
4958
|
const result = await this.introspect({ serviceId: cfg.serviceId, token });
|
|
4980
4959
|
return {
|
|
@@ -4999,7 +4978,7 @@ var AuthMiClient = class {
|
|
|
4999
4978
|
const cfg = this.config;
|
|
5000
4979
|
const token = await this.storage.getToken();
|
|
5001
4980
|
if (!token) return { valid: false, error: "No token provided" };
|
|
5002
|
-
if (!cfg.apiKey
|
|
4981
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
5003
4982
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
5004
4983
|
try {
|
|
5005
4984
|
const result = await this.introspect({ serviceId: cfg.serviceId, token, requiredScopes });
|
|
@@ -5097,23 +5076,11 @@ var AuthMiClient = class {
|
|
|
5097
5076
|
body: JSON.stringify(data)
|
|
5098
5077
|
});
|
|
5099
5078
|
}
|
|
5100
|
-
async
|
|
5101
|
-
return this.request(
|
|
5102
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-secret`,
|
|
5103
|
-
{ method: "POST" }
|
|
5104
|
-
);
|
|
5105
|
-
}
|
|
5106
|
-
/** Get the combined service token — a single string combining serviceId and
|
|
5107
|
-
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
5108
|
-
* instead of providing serviceId and clientSecret separately.
|
|
5109
|
-
*
|
|
5110
|
-
* Format returned: "{serviceId}.{clientSecret}"
|
|
5111
|
-
*/
|
|
5112
|
-
async getServiceToken(serviceId) {
|
|
5079
|
+
async rotateServiceKey(serviceId) {
|
|
5113
5080
|
return this.request(
|
|
5114
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/
|
|
5081
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-key`,
|
|
5115
5082
|
{ method: "POST" }
|
|
5116
|
-
).then((r) => ({
|
|
5083
|
+
).then((r) => ({ serviceKey: r.service_key }));
|
|
5117
5084
|
}
|
|
5118
5085
|
// ============ JWKS ============
|
|
5119
5086
|
async getJwks(serviceId) {
|
package/dist/next.mjs
CHANGED
package/dist/react.d.mts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
2
|
import { ReactNode } from 'react';
|
|
3
|
-
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-
|
|
4
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
3
|
+
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-Cj-AA4V9.mjs';
|
|
4
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.mjs';
|
|
5
5
|
|
|
6
6
|
interface AuthMiContextValue {
|
|
7
7
|
client: AuthMiClient;
|
package/dist/react.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
2
|
import { ReactNode } from 'react';
|
|
3
|
-
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-
|
|
4
|
-
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-
|
|
3
|
+
import { i as ConfigProvider, h as ClientOptions, G as Setup2FAResult, E as Enable2FAResult, B as BackupCodesResult, C as Challenge2FARequest, f as AuthToken, s as OAuthProvider, c as AuthMiClient, M as User, V as ValidationResult, O as OAuthCallbackResult } from './client-Cj-AA4V9.js';
|
|
4
|
+
export { A as ApiKey, a as AuditLog, b as AuditLogQuery, d as AuthMiConfig, e as AuthMiError, g as CheckoutResponse, j as CreateApiKeyRequest, k as CreateApiKeyResponse, l as CreateRoleRequest, m as CreateSamlConnectionRequest, n as CreateScopeRequest, o as CreateUserRequest, F as ForgotPasswordRequest, p as IntrospectRequest, q as IntrospectResponse, J as JwksResponse, L as LoginCredentials, r as OAuthInitiateResponse, P as Plan, t as PortalResponse, R as RegisterWebhookRequest, u as ResendVerificationRequest, v as ResetPasswordRequest, w as Role, S as SamlConnection, x as SamlInitiateRequest, y as Scope, z as ScopeError, D as ServiceDetail, H as SignupCredentials, K as Subscription, U as UpdateServiceRequest, N as VerifyEmailRequest, W as Webhook } from './client-Cj-AA4V9.js';
|
|
5
5
|
|
|
6
6
|
interface AuthMiContextValue {
|
|
7
7
|
client: AuthMiClient;
|
package/dist/react.js
CHANGED
|
@@ -38,29 +38,10 @@ var import_react = require("react");
|
|
|
38
38
|
// src/config.ts
|
|
39
39
|
function resolveConfig(provider) {
|
|
40
40
|
const raw = typeof provider === "function" ? provider() : provider;
|
|
41
|
-
let clientId = raw.clientId ?? "";
|
|
42
|
-
let clientSecret = raw.clientSecret ?? "";
|
|
43
|
-
let serviceId = raw.serviceId ?? "";
|
|
44
|
-
const token = raw.token ?? "";
|
|
45
|
-
if (raw.token) {
|
|
46
|
-
const dot = raw.token.indexOf(".");
|
|
47
|
-
if (dot > 0) {
|
|
48
|
-
const sid = raw.token.slice(0, dot);
|
|
49
|
-
const secret = raw.token.slice(dot + 1);
|
|
50
|
-
if (sid && secret) {
|
|
51
|
-
clientId = sid;
|
|
52
|
-
clientSecret = secret;
|
|
53
|
-
if (!serviceId) serviceId = sid;
|
|
54
|
-
}
|
|
55
|
-
}
|
|
56
|
-
}
|
|
57
41
|
return {
|
|
58
42
|
baseUrl: raw.baseUrl,
|
|
59
43
|
apiKey: raw.apiKey ?? "",
|
|
60
|
-
serviceId,
|
|
61
|
-
clientId,
|
|
62
|
-
clientSecret,
|
|
63
|
-
token,
|
|
44
|
+
serviceId: raw.serviceId ?? "",
|
|
64
45
|
defaultTokenExpiry: raw.defaultTokenExpiry ?? 24
|
|
65
46
|
};
|
|
66
47
|
}
|
|
@@ -160,8 +141,6 @@ var AuthMiClient = class {
|
|
|
160
141
|
if (requireUserToken) {
|
|
161
142
|
const token = await this.storage.getToken();
|
|
162
143
|
if (token) headers["Authorization"] = `Bearer ${token}`;
|
|
163
|
-
} else if (cfg.clientId && cfg.clientSecret) {
|
|
164
|
-
headers["Authorization"] = `Basic ${btoa(`${cfg.clientId}:${cfg.clientSecret}`)}`;
|
|
165
144
|
} else if (cfg.apiKey) {
|
|
166
145
|
headers["Authorization"] = `Bearer ${cfg.apiKey}`;
|
|
167
146
|
}
|
|
@@ -198,7 +177,7 @@ var AuthMiClient = class {
|
|
|
198
177
|
this.configProvider = { ...current, ...config };
|
|
199
178
|
}
|
|
200
179
|
getConfig() {
|
|
201
|
-
const { apiKey: _,
|
|
180
|
+
const { apiKey: _, ...rest } = resolveConfig(this.configProvider);
|
|
202
181
|
return rest;
|
|
203
182
|
}
|
|
204
183
|
// ============ Token Management ============
|
|
@@ -311,12 +290,12 @@ var AuthMiClient = class {
|
|
|
311
290
|
// ============ OAuth ============
|
|
312
291
|
async initiateOAuth(provider, redirectUri) {
|
|
313
292
|
const cfg = this.config;
|
|
314
|
-
if (!cfg.
|
|
293
|
+
if (!cfg.apiKey) {
|
|
315
294
|
throw new AuthMiError("Credentials required for OAuth", "MISSING_CREDENTIALS");
|
|
316
295
|
}
|
|
317
296
|
const response = await this.request("/api/v1/auth/oauth/initiate", {
|
|
318
297
|
method: "POST",
|
|
319
|
-
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId
|
|
298
|
+
body: JSON.stringify({ provider, redirectUri, client_id: cfg.serviceId })
|
|
320
299
|
});
|
|
321
300
|
return response.url;
|
|
322
301
|
}
|
|
@@ -550,7 +529,7 @@ var AuthMiClient = class {
|
|
|
550
529
|
const token = await this.storage.getToken();
|
|
551
530
|
if (!token) return { valid: false, error: "No token stored" };
|
|
552
531
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
553
|
-
if (!cfg.apiKey
|
|
532
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
554
533
|
try {
|
|
555
534
|
const result = await this.introspect({ serviceId: cfg.serviceId, token });
|
|
556
535
|
return {
|
|
@@ -575,7 +554,7 @@ var AuthMiClient = class {
|
|
|
575
554
|
const cfg = this.config;
|
|
576
555
|
const token = await this.storage.getToken();
|
|
577
556
|
if (!token) return { valid: false, error: "No token provided" };
|
|
578
|
-
if (!cfg.apiKey
|
|
557
|
+
if (!cfg.apiKey) return { valid: false, error: "Service credentials not configured" };
|
|
579
558
|
if (!cfg.serviceId) return { valid: false, error: "Service ID not configured" };
|
|
580
559
|
try {
|
|
581
560
|
const result = await this.introspect({ serviceId: cfg.serviceId, token, requiredScopes });
|
|
@@ -673,23 +652,11 @@ var AuthMiClient = class {
|
|
|
673
652
|
body: JSON.stringify(data)
|
|
674
653
|
});
|
|
675
654
|
}
|
|
676
|
-
async
|
|
677
|
-
return this.request(
|
|
678
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-secret`,
|
|
679
|
-
{ method: "POST" }
|
|
680
|
-
);
|
|
681
|
-
}
|
|
682
|
-
/** Get the combined service token — a single string combining serviceId and
|
|
683
|
-
* clientSecret. Can be passed to `AuthMiClient` as the `token` config option
|
|
684
|
-
* instead of providing serviceId and clientSecret separately.
|
|
685
|
-
*
|
|
686
|
-
* Format returned: "{serviceId}.{clientSecret}"
|
|
687
|
-
*/
|
|
688
|
-
async getServiceToken(serviceId) {
|
|
655
|
+
async rotateServiceKey(serviceId) {
|
|
689
656
|
return this.request(
|
|
690
|
-
`/api/v1/services/${encodeURIComponent(serviceId)}/
|
|
657
|
+
`/api/v1/services/${encodeURIComponent(serviceId)}/rotate-key`,
|
|
691
658
|
{ method: "POST" }
|
|
692
|
-
).then((r) => ({
|
|
659
|
+
).then((r) => ({ serviceKey: r.service_key }));
|
|
693
660
|
}
|
|
694
661
|
// ============ JWKS ============
|
|
695
662
|
async getJwks(serviceId) {
|
|
@@ -793,7 +760,7 @@ function AuthMiProvider({
|
|
|
793
760
|
setIsLoading(true);
|
|
794
761
|
try {
|
|
795
762
|
const cfg = client["config"];
|
|
796
|
-
const token = await client.signup({ email, password, name, client_id: cfg.serviceId
|
|
763
|
+
const token = await client.signup({ email, password, name, client_id: cfg.serviceId });
|
|
797
764
|
setIsAuthenticated(true);
|
|
798
765
|
setUser({ userId: token.userId, email: token.email, createdAt: (/* @__PURE__ */ new Date()).toISOString() });
|
|
799
766
|
} finally {
|
package/dist/react.mjs
CHANGED
|
@@ -2,7 +2,7 @@ import {
|
|
|
2
2
|
AuthMiClient,
|
|
3
3
|
AuthMiError,
|
|
4
4
|
ScopeError
|
|
5
|
-
} from "./chunk-
|
|
5
|
+
} from "./chunk-5NJCXFBV.mjs";
|
|
6
6
|
|
|
7
7
|
// src/react.tsx
|
|
8
8
|
import {
|
|
@@ -77,7 +77,7 @@ function AuthMiProvider({
|
|
|
77
77
|
setIsLoading(true);
|
|
78
78
|
try {
|
|
79
79
|
const cfg = client["config"];
|
|
80
|
-
const token = await client.signup({ email, password, name, client_id: cfg.serviceId
|
|
80
|
+
const token = await client.signup({ email, password, name, client_id: cfg.serviceId });
|
|
81
81
|
setIsAuthenticated(true);
|
|
82
82
|
setUser({ userId: token.userId, email: token.email, createdAt: (/* @__PURE__ */ new Date()).toISOString() });
|
|
83
83
|
} finally {
|