cidaas-javascript-sdk 4.2.4 → 4.3.0

package/CHANGELOG.md

@@ -1,12 +1,27 @@
-## [4.2.4](https://gitlab.widas.de/cidaas-public-devkits/cidaas-public-sdks/cidaas-javascript-sdk/compare/v4.2.3...v4.2.4) (2024-04-16)
+# [4.3.0](https://gitlab.widas.de/cidaas-public-devkits/cidaas-public-sdks/cidaas-javascript-sdk/compare/v4.2.4...v4.3.0) (2024-10-21)
 
 
-### Bug Fixes
+### Features
 
-* Fix unable to import into bundler module ([adf4984](https://gitlab.widas.de/cidaas-public-devkits/cidaas-public-sdks/cidaas-javascript-sdk/commit/adf4984abbef2d28a2073abf0352fe9e3db66095))
+* update docs ([ab57459](https://gitlab.widas.de/cidaas-public-devkits/cidaas-public-sdks/cidaas-javascript-sdk/commit/ab5745918f80f5c76f7b529b66dc8a8bae10369e))
 
 # Changelog
 
+## V4.3.0
+
+### Added
+- add initiateVerification(), configureVerification() & configureFriendlyName() functions to verification service
+- add actionGuestLogin() functions to login service
+- add userActionOnEnrollment() functions to general sdk functions
+
+### Changed
+- Update project structure
+- Update data model to mirror current cidaas api call
+- Improve documentation
+
+### Fix
+- Fix vulnerabilities from `npm audit`
+
 ## V4.2.4
 
 ### Fix

package/README.md

@@ -132,6 +132,7 @@ The login functions could be found [here](https://github.com/Cidaas/cidaas-javas
 | loginPrecheck, consentContinue, firstTimeChangePassword, mfaContinue    | Depending on the missing information from loginPrecheck, user will be redirected to another page after login to either  accepting consent, changing password, continuing MFA process, or do progressive registration  |
 | getMissingFields, progressiveRegistration                                  | In case a new required field is added in registration settings, it is possible to use the sdk to inform user of the changes and asked them to fill in the missing required fields by the next login |
 | loginAfterRegister                                  | By calling this sdk function, user could directly login to the app after successful registration |
+| actionGuestLogin                                  | If user has guestLoginForm prepared, it could be called using this function |
 
 #### User Management
 
@@ -171,6 +172,7 @@ The verification functions could be found [here](https://github.com/Cidaas/cidaa
 | cancelMFA                                                           | MFA process could be aborted in case something go the wrong way                     |
 | getAllVerificationList, getMFAList, checkVerificationTypeConfigured | Information about every supported MFA Verification types, List of configured MFA, and details about particular configured verification type are provided by the SDK        |
 | initiateEnrollment, enrollVerification, getEnrollmentStatus         | Additional MFA verification type could be enrolled using the sdk                                   |
+| initiateVerification, configureVerification, configureFriendlyName         | The SDK support configuring verification request as well as friendly name |
 
 #### Consent Management
 
@@ -193,6 +195,7 @@ general SDK functions could be found [here](https://github.com/Cidaas/cidaas-jav
 | setAcceptLanguageHeader                        | The SDK could be used to change response language                                           |
 | createDeviceInfo, getDevicesInfo, deleteDevice | Creating, getting, and removing device information is supported by the SDK                          |
 | logoutUser                                     | The SDK could be used to end user session by using cidaas internal api                      |
+| userActionOnEnrollment                                     | The SDK could be used to run predefined action after enrollment |
 
 ## Possible Error
 

package/dist/authentication/{index.d.ts → Authentication.d.ts}

@@ -1,5 +1,5 @@
-import { OidcManager, OidcSettings, LoginRedirectOptions, LogoutRedirectOptions, PopupSignInOptions, PopupSignOutOptions, SilentSignInOptions, LogoutResponse } from './authentication.model';
-export * from './authentication.model';
+import { OidcManager, OidcSettings, LoginRedirectOptions, LogoutRedirectOptions, PopupSignInOptions, PopupSignOutOptions, SilentSignInOptions, LogoutResponse } from './Authentication.model';
+export * from './Authentication.model';
 export declare class Authentication {
     webAuthSettings: OidcSettings;
     userManager: OidcManager;

package/dist/authentication/{index.js → Authentication.js}

@@ -15,7 +15,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Authentication = void 0;
-__exportStar(require("./authentication.model"), exports);
+__exportStar(require("./Authentication.model"), exports);
 class Authentication {
     constructor(webAuthSettings, userManager) {
         this.webAuthSettings = webAuthSettings;
@@ -49,7 +49,6 @@ class Authentication {
         }
         return this.userManager.signinRedirect(Object.assign({ extraQueryParams: this.webAuthSettings.extraQueryParams, redirect_uri: this.webAuthSettings.redirect_uri }, (options && Object.assign({}, options) || {})));
     }
-    ;
     /**
      * Once login successful, it will automatically redirects you to the redirect url whatever you mentioned in the options.
      * To complete the login process, call **loginCallback()**. This will parses the access_token, id_token and whatever in hash in the redirect url.
@@ -92,7 +91,6 @@ class Authentication {
     logoutCallback(url) {
         return this.userManager.signoutRedirectCallback(url);
     }
-    ;
     /**
      * **popupSignIn()** will open the hosted login page in pop up window.
      * @example
@@ -108,7 +106,6 @@ class Authentication {
     popupSignIn(options) {
         return this.userManager.signinPopup(options);
     }
-    ;
     /**
      * To complete the popup login process, call **popupSignInCallback()** from the popup login window.
      * Popup window will be closed after doing callback
@@ -122,7 +119,6 @@ class Authentication {
     popupSignInCallback(url, keepOpen) {
         return this.userManager.signinPopupCallback(url, keepOpen);
     }
-    ;
     /**
      * **popupSignOut()** will open the hosted logout page in pop up window.
      * @example
@@ -139,7 +135,6 @@ class Authentication {
     popupSignOut(options) {
         return this.userManager.signoutPopup(options);
     }
-    ;
     /**
      * calling **popupSignOutCallback()** from the popup window complete popup logout process.
      * Popup window won't be closed after doing callback
@@ -156,9 +151,9 @@ class Authentication {
      * @param {boolean} keepOpen true to keep the popup open even after sign out, else false
      */
     popupSignOutCallback(url, keepOpen = true) {
+        url = url !== null && url !== void 0 ? url : this.webAuthSettings.post_logout_redirect_uri;
         return this.userManager.signoutPopupCallback(url, keepOpen);
     }
-    ;
     /**
      * **silentSignIn()** will open the hosted login page in an iframe.
      * this function could only be called from the same domain. Cross Domain is not supported for security purpose.
@@ -175,7 +170,6 @@ class Authentication {
     silentSignIn(options) {
         return this.userManager.signinSilent(Object.assign({ silentRequestTimeoutInSeconds: 60 }, (options && Object.assign({}, options) || {})));
     }
-    ;
     /**
      * To complete the silent login process, call **silentSignInCallback()** from the iframe. This will complete the login process in iframe.
      * @example
@@ -188,6 +182,5 @@ class Authentication {
     silentSignInCallback(url) {
         return this.userManager.signinSilentCallback(url);
     }
-    ;
 }
 exports.Authentication = Authentication;

package/dist/common/Common.model.d.ts

@@ -0,0 +1,37 @@
+export interface LoginPrecheckRequest {
+    /** Track id returned from login call */
+    track_id: string;
+}
+/** Type of verification to be used to authenticate user */
+export declare enum VerificationType {
+    'PASSWORD' = 0,
+    'TOUCHID' = 1,
+    'FIDO2' = 2,
+    'SECURITY_QUESTION' = 3,
+    'SMS' = 4,
+    'IVR' = 5,
+    'FACE' = 6,
+    'TOTP' = 7,
+    'EMAIL' = 8,
+    'BACKUPCODE' = 9,
+    'PATTERN' = 10,
+    'PUSH' = 11,
+    'VOICE' = 12
+}
+export interface HTTPRequestHeader {
+    /** Request id returned from the authorization call */
+    requestId: string;
+    /** DEPRECATED: Captcha string for captcha check */
+    captcha?: string;
+    /** Response language, which is configured in cidaas admin ui */
+    acceptlanguage?: string;
+    /** DEPRECATED: Needed in case bot captcha check is activated */
+    bot_captcha_response?: string;
+    /** Identifier generated after successful authentication but unfulfilled prechecks */
+    trackId?: string;
+}
+/** defines whether the the process will be done via email link or whether the user needs to enter a code to complete the process. */
+export declare enum ProcessingType {
+    'CODE' = 0,
+    'LINK' = 1
+}

package/dist/common/Common.model.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ProcessingType = exports.VerificationType = void 0;
+/** Type of verification to be used to authenticate user */
+var VerificationType;
+(function (VerificationType) {
+    VerificationType[VerificationType["PASSWORD"] = 0] = "PASSWORD";
+    VerificationType[VerificationType["TOUCHID"] = 1] = "TOUCHID";
+    VerificationType[VerificationType["FIDO2"] = 2] = "FIDO2";
+    VerificationType[VerificationType["SECURITY_QUESTION"] = 3] = "SECURITY_QUESTION";
+    VerificationType[VerificationType["SMS"] = 4] = "SMS";
+    VerificationType[VerificationType["IVR"] = 5] = "IVR";
+    VerificationType[VerificationType["FACE"] = 6] = "FACE";
+    VerificationType[VerificationType["TOTP"] = 7] = "TOTP";
+    VerificationType[VerificationType["EMAIL"] = 8] = "EMAIL";
+    VerificationType[VerificationType["BACKUPCODE"] = 9] = "BACKUPCODE";
+    VerificationType[VerificationType["PATTERN"] = 10] = "PATTERN";
+    VerificationType[VerificationType["PUSH"] = 11] = "PUSH";
+    VerificationType[VerificationType["VOICE"] = 12] = "VOICE";
+})(VerificationType = exports.VerificationType || (exports.VerificationType = {}));
+/** defines whether the the process will be done via email link or whether the user needs to enter a code to complete the process. */
+var ProcessingType;
+(function (ProcessingType) {
+    ProcessingType[ProcessingType["CODE"] = 0] = "CODE";
+    ProcessingType[ProcessingType["LINK"] = 1] = "LINK";
+})(ProcessingType = exports.ProcessingType || (exports.ProcessingType = {}));

package/dist/{web-auth → common}/Helper.d.ts

@@ -1,10 +1,10 @@
 export declare class Helper {
     /**
-   * create form
-   * @param form
-   * @param options
-   * @returns
-   */
+     * create form
+     * @param form
+     * @param options
+     * @returns
+     */
     static createForm(url: string, options: any, method?: string): HTMLFormElement;
     /**
     * utility function to create and make post request
@@ -15,7 +15,7 @@ export declare class Helper {
     * @param headers??
     * @returns
     */
-    static createHttpPromise(options: any, serviceurl: string, errorResolver: boolean, method: string, access_token?: string, headers?: any, formPayload?: FormData): Promise<unknown>;
+    static createHttpPromise(options: any, serviceurl: string, errorResolver: boolean, method: string, access_token?: string, headers?: any, formPayload?: FormData): Promise<any>;
 }
 export declare class CustomException {
     errorMessage: string;

package/dist/{web-auth → common}/Helper.js

@@ -3,18 +3,18 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.CustomException = exports.Helper = void 0;
 class Helper {
     /**
-   * create form
-   * @param form
-   * @param options
-   * @returns
-   */
+     * create form
+     * @param form
+     * @param options
+     * @returns
+     */
     static createForm(url, options, method = 'POST') {
-        var form = document.createElement('form');
+        const form = document.createElement('form');
         form.action = url;
         form.method = method;
-        for (var key in options) {
+        for (const key in options) {
             if (options.hasOwnProperty(key)) {
-                var hiddenField = document.createElement("input");
+                const hiddenField = document.createElement("input");
                 hiddenField.setAttribute("type", "hidden");
                 hiddenField.setAttribute("name", key);
                 hiddenField.setAttribute("value", options[key]);
@@ -35,7 +35,7 @@ class Helper {
     static createHttpPromise(options, serviceurl, errorResolver, method, access_token, headers, formPayload) {
         return new Promise((resolve, reject) => {
             try {
-                var http = new XMLHttpRequest();
+                const http = new XMLHttpRequest();
                 http.onreadystatechange = function () {
                     if (http.readyState == 4) {
                         if (http.responseText) {
@@ -51,7 +51,7 @@ class Helper {
                     http.setRequestHeader("Content-type", "application/json");
                 }
                 if (headers) {
-                    for (var key in headers) {
+                    for (const key in headers) {
                         if (headers.hasOwnProperty(key)) {
                             http.setRequestHeader(key, headers[key]);
                         }

package/dist/common/JwtHelper.d.ts

@@ -0,0 +1,8 @@
+import { TokenClaim, TokenHeader } from "../token-service/TokenService.model";
+export declare class JwtHelper {
+    static decodeTokenHeader(token: string): TokenHeader;
+    static decodeToken(token: string): TokenClaim;
+    static urlBase64Decode(str: string): string;
+    static b64DecodeUnicode(str: string): string;
+    static b64decode(str: string): string;
+}

package/dist/{web-auth → common}/JwtHelper.js

@@ -20,11 +20,11 @@ class JwtHelper {
         if (token === null) {
             return null;
         }
-        let parts = token.split('.');
+        const parts = token.split('.');
         if (parts.length !== 3) {
             throw new Error('The inspected token doesn\'t appear to be a JWT. Check to make sure it has three parts and see https://jwt.io for more.');
         }
-        let decoded = this.urlBase64Decode(parts[1]);
+        const decoded = this.urlBase64Decode(parts[1]);
         if (!decoded) {
             throw new Error('Cannot decode the token.');
         }
@@ -59,7 +59,7 @@ class JwtHelper {
     }
     // credits for decoder goes to https://github.com/atk
     static b64decode(str) {
-        let chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
+        const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
         let output = '';
         str = String(str).replace(/=+$/, '');
         if (str.length % 4 === 1) {
@@ -67,19 +67,19 @@ class JwtHelper {
         }
         for (
         // initialize result and counters
-        let bc = 0, bs, buffer, idx = 0; 
+        let bc = 0, bs, bufferAsNumber, bufferAsString, idx = 0; 
         // get next character
-        (buffer = str.charAt(idx++)); 
+        (bufferAsString = str.charAt(idx++)); 
         // character found in table? initialize bit storage and add its ascii value;
-        ~buffer &&
-            ((bs = bc % 4 ? bs * 64 + buffer : buffer),
+        ~bufferAsNumber &&
+            ((bs = bc % 4 ? bs * 64 + bufferAsNumber : bufferAsNumber),
                 // and if not first of each 4 characters,
                 // convert the first 8 bits to one ascii character
                 bc++ % 4)
             ? (output += String.fromCharCode(255 & (bs >> ((-2 * bc) & 6))))
             : 0) {
             // try to find character in table (0-63, not found => -1)
-            buffer = chars.indexOf(buffer);
+            bufferAsNumber = chars.indexOf(bufferAsString);
         }
         return output;
     }

package/dist/common/User.model.d.ts

@@ -0,0 +1,134 @@
+export interface CidaasUser {
+    /** Status of User */
+    userStatus?: string;
+    /** DEPRECATED: use userStatus variable instead */
+    user_status?: string;
+    /** Reason for user status */
+    user_status_reason?: string;
+    /** Username of the user */
+    username?: string;
+    /** Subject (User) identifier */
+    sub?: string;
+    /** UserId from original provider. The value comes from custom/social provider to be referenced */
+    originalProviderUserId?: string[];
+    /** Given/first name of the user */
+    given_name?: string;
+    /** Surname or last name of the user */
+    family_name?: string;
+    /** Middle name of the user */
+    middle_name?: string;
+    /** Casual name of the user */
+    nickname?: string;
+    /** Email of the user in string */
+    email?: string;
+    /** Described whether user email has been verified */
+    email_verified?: boolean;
+    /** Mobile number of the user in string format */
+    mobile_number?: string;
+    /** Mobile number of the user as object */
+    mobile_number_obj?: UserMobile;
+    /** Described whether user mobile number has been verified */
+    mobile_number_verified?: boolean;
+    /** Phone number of the user in string format */
+    phone_number?: string;
+    /** Phone number of the user as object */
+    phone_number_obj?: UserMobile;
+    /** Described whether user phone number has been verified */
+    phone_number_verified?: boolean;
+    /** URL of the user's profile page */
+    profile?: string;
+    /** URL of the user's profile picture */
+    picture?: string;
+    /** URL of the user's web page or blog */
+    website?: string;
+    /** User's gender */
+    gender?: string;
+    /** Represents the user's time zone */
+    zoneinfo?: string;
+    /** Preferred locale of the user */
+    locale?: string;
+    /** User's birthdate in the format 'YYYY-MM-DD' */
+    birthdate?: Date | string;
+    /** Address of the user */
+    address?: UserAddress;
+    /** Represents custom-specific fields that need to be configured in the system */
+    customFields?: any;
+    /** Custom fileds for identity */
+    identityCustomFields?: any;
+    /** Password of a user */
+    password?: string;
+    /** Password confirm of a user */
+    password_echo?: string;
+    /** Hash info of the password */
+    password_hash_info?: any | null;
+    /** Described wheter new password needs to be generated by the next login */
+    generate_password?: boolean;
+    /** Provider name indicating the origin of the social identity */
+    provider?: string;
+    /** the identityId identifying the useraccount and identity uniquely */
+    identityId?: string;
+    /** User Id of provider. The value comes from custom/social provider to be referenced */
+    providerUserId?: string;
+    /** List of BusinessId of provider. The value comes from custom/social provider to be referenced */
+    providerBusinessIds?: string[];
+    /** Street Address of a user */
+    street_address?: string;
+    /** Described whether multi factor authentication is enabled for the user */
+    mfa_enabled?: boolean;
+    /** List of roles of a user */
+    roles?: string[];
+    /** List of groups of a user */
+    groups?: UserGroupMap[];
+    /** DEPRECATED: use groups instead */
+    userGroups?: UserGroupMap[];
+    /** Identifier generated after successful authentication but unfulfilled prechecks */
+    trackId?: string;
+    /** User information Json Object in String format */
+    rawJSON?: string;
+    /** Described whether password reset is needed */
+    need_reset_password?: boolean;
+    /** required if it's present in data for update. */
+    _id?: string;
+}
+export interface UserAddress {
+    /** Address in custom format */
+    formatted?: string;
+    /** Street name and house number part of user address */
+    street_address?: string;
+    /** City part of user address */
+    locality?: string;
+    /** State part of user address */
+    region?: string;
+    /** Postcode part of user address */
+    postal_code?: string;
+    /** Country part of user address */
+    country?: string;
+}
+export interface UserMobile {
+    /** Phone number as provided by caller or user */
+    given_phone?: string;
+    /** Phone number */
+    phone?: string;
+    /** country where phone number is registered */
+    country?: string;
+    /** International pre dial code */
+    dail_code?: string;
+    /** Type of carrier */
+    carrier_type?: string;
+    /** Name of carrier */
+    carrier_name?: string;
+    /** National phone number format */
+    national_format?: string;
+    /** International phone number format e.g. + dial number + phone number without leading 0 but with spaces */
+    international_format?: string;
+    /** E164 is a compact international format without any spaces */
+    E164_format?: string;
+}
+export interface UserGroupMap {
+    /** Subject identifier */
+    sub: string;
+    /** Id of user group */
+    groupId: string;
+    /** List of user roles inside the user group */
+    roles: string[];
+}

package/dist/common/User.model.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/consent-service/ConsentService.d.ts

@@ -0,0 +1,96 @@
+import { AcceptClaimConsentRequest, AcceptConsentRequest, AcceptScopeConsentRequest, GetConsentDetailsRequest, GetConsentVersionDetailsRequest, RevokeClaimConsentRequest } from "./ConsentService.model";
+/**
+ * To get consent details , call **getConsentDetails()**.
+ * Please refer to the api document https://docs.cidaas.com/docs/cidaas-iam/858fbeb51c62b-find-consent-info for more details.
+ * @example
+ * ```js
+ * this.cidaas.getConsentDetails({
+ *   consent_id: 'consent id',
+ *   consent_version_id: 'consent version id',
+ *   sub: 'masked sub'
+ * })
+ * .then(function (response) {
+ *  // type your code here
+ * })
+ * .catch(function (ex) {
+ *  // your failure code here
+ * });
+ * ```
+ */
+export declare function getConsentDetails(options: GetConsentDetailsRequest): Promise<any>;
+/**
+ * To accept consent, call **acceptConsent()**.
+ * @example
+ * ```js
+ * this.cidaas.acceptConsent({
+ *   client_id: 'your client id',
+ *   consent_id: 'consent id',
+ *   consent_version: 'consent version id',
+ *   sub: 'masked sub'
+ * }).then((response) => {
+ *   // the response will give you details of accepted consent.
+ * }).catch((err) => {
+ *   // your failure code here
+ * });
+ * ```
+ */
+export declare function acceptConsent(options: AcceptConsentRequest): Promise<any>;
+/**
+ * To get version details of consent, call **getConsentVersionDetails()**.
+ * Please refer to the api document https://docs.cidaas.com/docs/cidaas-iam/7e24ac2113315-get-consent-version-details for more details.
+ * @example
+ * ```js
+ * this.cidaas.getConsentVersionDetails({
+ *   consentid: 'your consent id',
+ *   locale: 'browser accept language or custom language',
+ *   access_token: 'your access token',
+ * }).then((response) => {
+ *   // type your code here
+ * }).catch((err) => {
+ *   // your failure code here
+ * });
+ * ```
+ */
+export declare function getConsentVersionDetails(options: GetConsentVersionDetailsRequest): Promise<any>;
+/**
+ * To accept scope consent, call **acceptScopeConsent()**.
+ * @example
+ * ```js
+ * this.cidaas.acceptScopeConsent({
+ *   client_id: 'your client id',
+ *   sub: 'masked sub',
+ *   scopes: [your scope consents]
+ *  });
+ * ```
+ */
+export declare function acceptScopeConsent(options: AcceptScopeConsentRequest): Promise<any>;
+/**
+ * To accept claim consent, call **acceptClaimConsent()**.
+ * @example
+ * ```js
+ * this.cidaas.acceptClaimConsent({
+ *   client_id: 'your client id',
+ *   sub: 'masked sub',
+ *   accepted_claims: [your claim consents]
+ *  });
+ * ```
+ */
+export declare function acceptClaimConsent(options: AcceptClaimConsentRequest): Promise<any>;
+/**
+ * To revoke claim consent, call **revokeClaimConsent()**.
+ * Please refer to the api document https://docs.cidaas.com/docs/cidaas-iam/9ae62e98842fe-revoke-user-consent-claim for more details.
+ * @example
+ * ```js
+ * this.cidaas.revokeClaimConsent({
+ *    access_token: 'your access token',
+ *    client_id: 'your client id',
+ *    sub: 'masked sub'
+ *    revoked_claims: [your claim consents]
+ *  }).then((response) => {
+ *    // the response will give you revoked claim consent.
+ *  }).catch((err) => {
+ *    // your failure code here
+ *  });
+ * ```
+ */
+export declare function revokeClaimConsent(options: RevokeClaimConsentRequest): Promise<any>;