ibm-cloud-sdk-core 5.0.2 → 5.1.1

package/es/auth/authenticators/authenticator.d.ts

@@ -25,6 +25,7 @@ export declare class Authenticator implements AuthenticatorInterface {
     static AUTHTYPE_BASIC: string;
     static AUTHTYPE_BEARERTOKEN: string;
     static AUTHTYPE_IAM: string;
+    static AUTHTYPE_IAM_ASSUME: string;
     static AUTHTYPE_CONTAINER: string;
     static AUTHTYPE_CP4D: string;
     static AUTHTYPE_NOAUTH: string;

package/es/auth/authenticators/authenticator.js

@@ -45,6 +45,7 @@ export class Authenticator {
 Authenticator.AUTHTYPE_BASIC = 'basic';
 Authenticator.AUTHTYPE_BEARERTOKEN = 'bearerToken';
 Authenticator.AUTHTYPE_IAM = 'iam';
+Authenticator.AUTHTYPE_IAM_ASSUME = 'iamAssume';
 Authenticator.AUTHTYPE_CONTAINER = 'container';
 Authenticator.AUTHTYPE_CP4D = 'cp4d';
 Authenticator.AUTHTYPE_NOAUTH = 'noAuth';

package/es/auth/authenticators/container-authenticator.d.ts

@@ -81,4 +81,10 @@ export declare class ContainerAuthenticator extends IamRequestBasedAuthenticator
      * @returns a string that indicates the authenticator's type
      */
     authenticationType(): string;
+    /**
+     * Return the most recently stored refresh token.
+     *
+     * @returns the refresh token string
+     */
+    getRefreshToken(): string;
 }

package/es/auth/authenticators/container-authenticator.js

@@ -93,4 +93,12 @@ export class ContainerAuthenticator extends IamRequestBasedAuthenticator {
     authenticationType() {
         return Authenticator.AUTHTYPE_CONTAINER;
     }
+    /**
+     * Return the most recently stored refresh token.
+     *
+     * @returns the refresh token string
+     */
+    getRefreshToken() {
+        return this.tokenManager.getRefreshToken();
+    }
 }

package/es/auth/authenticators/iam-assume-authenticator.d.ts

@@ -0,0 +1,82 @@
+/**
+ * (C) Copyright IBM Corp. 2024.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import { IamAssumeTokenManager } from '../token-managers';
+import { IamRequestOptions, IamRequestBasedAuthenticatorImmutable } from './iam-request-based-authenticator-immutable';
+/** Configuration options for IAM Assume authentication. */
+export interface Options extends IamRequestOptions {
+    /** The IAM api key */
+    apikey: string;
+    /**
+     * Specify exactly one of [iamProfileId, iamProfileCrn, or iamProfileName] to
+     * identify the trusted profile whose identity should be used. If iamProfileId
+     * or iamProfileCrn is used, the trusted profile must exist in the same account.
+     * If and only if iamProfileName is used, then iamAccountId must also be
+     * specified to indicate the account that contains the trusted profile.
+     */
+    iamProfileId?: string;
+    iamProfileCrn?: string;
+    iamProfileName?: string;
+    /**
+     * If and only if iamProfileName is used to specify the trusted profile, then
+     * iamAccountId must also be specified to indicate the account that contains
+     * the trusted profile.
+     */
+    iamAccountId?: string;
+}
+/**
+ * The IamAssumeAuthenticator obtains an IAM access token using the IAM "get-token"
+ * operation's "assume" grant type. The authenticator obtains an initial IAM access
+ * token from a user-supplied apikey, then exchanges this initial IAM access token
+ * for another IAM access token that has "assumed the identity" of the specified
+ * trusted profile.
+ *
+ * The bearer token will be sent as an Authorization header in the form:
+ *
+ *      Authorization: Bearer \<bearer-token\>
+ */
+export declare class IamAssumeAuthenticator extends IamRequestBasedAuthenticatorImmutable {
+    protected tokenManager: IamAssumeTokenManager;
+    /**
+     *
+     * Create a new IamAssumeAuthenticator instance.
+     *
+     * @param options - Configuration options for IAM authentication.
+     * This should be an object containing these fields:
+     * - apikey: (required) the IAM api key for initial token request
+     * - iamProfileId: (optional) the ID of the trusted profile to use
+     * - iamProfileCrn: (optional) the CRN of the trusted profile to use
+     * - iamProfileName: (optional) the name of the trusted profile to use (must be specified with iamAccountId)
+     * - iamAccountId: (optional) the ID of the account the trusted profile is in (must be specified with iamProfileName)
+     * - url: (optional) the endpoint URL for the token service
+     * - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
+     * should be disabled or not
+     * - headers: (optional) a set of HTTP headers to be sent with each request to the token service
+     * - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
+     * Authorization header to be included in each request to the token service
+     * - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
+     * Authorization header to be included in each request to the token service
+     * - scope: (optional) the "scope" parameter to use when fetching the bearer token from the token service
+     *
+     * @throws Error: the configuration options are not valid.
+     */
+    constructor(options: Options);
+    /**
+     * Returns the authenticator's type ('iamAssume').
+     *
+     * @returns a string that indicates the authenticator's type
+     */
+    authenticationType(): string;
+}

package/es/auth/authenticators/iam-assume-authenticator.js

@@ -0,0 +1,70 @@
+/**
+ * (C) Copyright IBM Corp. 2024.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import { Authenticator } from './authenticator';
+import { IamAssumeTokenManager } from '../token-managers';
+import { IamRequestBasedAuthenticatorImmutable, } from './iam-request-based-authenticator-immutable';
+/**
+ * The IamAssumeAuthenticator obtains an IAM access token using the IAM "get-token"
+ * operation's "assume" grant type. The authenticator obtains an initial IAM access
+ * token from a user-supplied apikey, then exchanges this initial IAM access token
+ * for another IAM access token that has "assumed the identity" of the specified
+ * trusted profile.
+ *
+ * The bearer token will be sent as an Authorization header in the form:
+ *
+ *      Authorization: Bearer \<bearer-token\>
+ */
+export class IamAssumeAuthenticator extends IamRequestBasedAuthenticatorImmutable {
+    /**
+     *
+     * Create a new IamAssumeAuthenticator instance.
+     *
+     * @param options - Configuration options for IAM authentication.
+     * This should be an object containing these fields:
+     * - apikey: (required) the IAM api key for initial token request
+     * - iamProfileId: (optional) the ID of the trusted profile to use
+     * - iamProfileCrn: (optional) the CRN of the trusted profile to use
+     * - iamProfileName: (optional) the name of the trusted profile to use (must be specified with iamAccountId)
+     * - iamAccountId: (optional) the ID of the account the trusted profile is in (must be specified with iamProfileName)
+     * - url: (optional) the endpoint URL for the token service
+     * - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
+     * should be disabled or not
+     * - headers: (optional) a set of HTTP headers to be sent with each request to the token service
+     * - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
+     * Authorization header to be included in each request to the token service
+     * - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
+     * Authorization header to be included in each request to the token service
+     * - scope: (optional) the "scope" parameter to use when fetching the bearer token from the token service
+     *
+     * @throws Error: the configuration options are not valid.
+     */
+    constructor(options) {
+        super(options);
+        // The param names are shared between the authenticator and the token
+        // manager so we can just pass along the options object. This will
+        // also perform input validation on the options.
+        this.tokenManager = new IamAssumeTokenManager(options);
+    }
+    /**
+     * Returns the authenticator's type ('iamAssume').
+     *
+     * @returns a string that indicates the authenticator's type
+     */
+    // eslint-disable-next-line class-methods-use-this
+    authenticationType() {
+        return Authenticator.AUTHTYPE_IAM_ASSUME;
+    }
+}

package/es/auth/authenticators/iam-authenticator.d.ts

@@ -61,4 +61,10 @@ export declare class IamAuthenticator extends IamRequestBasedAuthenticator {
      * @returns a string that indicates the authenticator's type
      */
     authenticationType(): string;
+    /**
+     * Return the most recently stored refresh token.
+     *
+     * @returns the refresh token string
+     */
+    getRefreshToken(): string;
 }

package/es/auth/authenticators/iam-authenticator.js

@@ -66,4 +66,12 @@ export class IamAuthenticator extends IamRequestBasedAuthenticator {
     authenticationType() {
         return Authenticator.AUTHTYPE_IAM;
     }
+    /**
+     * Return the most recently stored refresh token.
+     *
+     * @returns the refresh token string
+     */
+    getRefreshToken() {
+        return this.tokenManager.getRefreshToken();
+    }
 }

package/es/auth/authenticators/iam-request-based-authenticator-immutable.d.ts

@@ -0,0 +1,64 @@
+/**
+ * (C) Copyright IBM Corp. 2024.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import { IamRequestBasedTokenManager } from '../token-managers/iam-request-based-token-manager';
+import { BaseOptions, TokenRequestBasedAuthenticatorImmutable } from './token-request-based-authenticator-immutable';
+/** Configuration options for IAM Request based authentication. */
+export interface IamRequestOptions extends BaseOptions {
+    /**
+     * The `clientId` and `clientSecret` fields are used to form a "basic"
+     * authorization header for IAM token requests.
+     */
+    clientId?: string;
+    /**
+     * The `clientId` and `clientSecret` fields are used to form a "basic"
+     * authorization header for IAM token requests.
+     */
+    clientSecret?: string;
+    /**
+     * The "scope" parameter to use when fetching the bearer token from the IAM token server.
+     */
+    scope?: string;
+}
+/**
+ * The IamRequestBasedAuthenticatorImmutable provides shared configuration and functionality
+ * for authenticators that interact with the IAM token service. This authenticator
+ * is not meant for use on its own.
+ */
+export declare class IamRequestBasedAuthenticatorImmutable extends TokenRequestBasedAuthenticatorImmutable {
+    protected tokenManager: IamRequestBasedTokenManager;
+    protected clientId: string;
+    protected clientSecret: string;
+    protected scope: string;
+    /**
+     *
+     * Create a new IamRequestBasedAuthenticatorImmutable instance.
+     *
+     * @param options - Configuration options for IAM authentication.
+     * This should be an object containing these fields:
+     * - url: (optional) the endpoint URL for the token service
+     * - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
+     * should be disabled or not
+     * - headers: (optional) a set of HTTP headers to be sent with each request to the token service
+     * - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
+     * Authorization header to be included in each request to the token service
+     * - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
+     * Authorization header to be included in each request to the token service
+     * - scope: (optional) the "scope" parameter to use when fetching the bearer token from the token service
+     *
+     * @throws Error: the configuration options are not valid.
+     */
+    constructor(options: IamRequestOptions);
+}

package/es/auth/authenticators/iam-request-based-authenticator-immutable.js

@@ -0,0 +1,51 @@
+/**
+ * (C) Copyright IBM Corp. 2024.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import { IamRequestBasedTokenManager } from '../token-managers/iam-request-based-token-manager';
+import { TokenRequestBasedAuthenticatorImmutable, } from './token-request-based-authenticator-immutable';
+/**
+ * The IamRequestBasedAuthenticatorImmutable provides shared configuration and functionality
+ * for authenticators that interact with the IAM token service. This authenticator
+ * is not meant for use on its own.
+ */
+export class IamRequestBasedAuthenticatorImmutable extends TokenRequestBasedAuthenticatorImmutable {
+    /**
+     *
+     * Create a new IamRequestBasedAuthenticatorImmutable instance.
+     *
+     * @param options - Configuration options for IAM authentication.
+     * This should be an object containing these fields:
+     * - url: (optional) the endpoint URL for the token service
+     * - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
+     * should be disabled or not
+     * - headers: (optional) a set of HTTP headers to be sent with each request to the token service
+     * - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
+     * Authorization header to be included in each request to the token service
+     * - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
+     * Authorization header to be included in each request to the token service
+     * - scope: (optional) the "scope" parameter to use when fetching the bearer token from the token service
+     *
+     * @throws Error: the configuration options are not valid.
+     */
+    constructor(options) {
+        // all parameters are optional
+        options = options || {};
+        super(options);
+        this.clientId = options.clientId;
+        this.clientSecret = options.clientSecret;
+        this.scope = options.scope;
+        this.tokenManager = new IamRequestBasedTokenManager(options);
+    }
+}

package/es/auth/authenticators/iam-request-based-authenticator.d.ts

@@ -1,5 +1,5 @@
 /**
- * (C) Copyright IBM Corp. 2019, 202e.
+ * (C) Copyright IBM Corp. 2019, 2024.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -13,54 +13,17 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { IamRequestBasedTokenManager } from '../token-managers/iam-request-based-token-manager';
-import { BaseOptions, TokenRequestBasedAuthenticator } from './token-request-based-authenticator';
-/** Configuration options for IAM Request based authentication. */
-export interface IamRequestOptions extends BaseOptions {
-    /**
-     * The `clientId` and `clientSecret` fields are used to form a "basic"
-     * authorization header for IAM token requests.
-     */
-    clientId?: string;
-    /**
-     * The `clientId` and `clientSecret` fields are used to form a "basic"
-     * authorization header for IAM token requests.
-     */
-    clientSecret?: string;
-    /**
-     * The "scope" parameter to use when fetching the bearer token from the IAM token server.
-     */
-    scope?: string;
-}
+/// <reference types="node" />
+import { OutgoingHttpHeaders } from 'http';
+import { IamRequestBasedAuthenticatorImmutable } from './iam-request-based-authenticator-immutable';
+/** Shared configuration options for IAM Request based authentication. */
+export { IamRequestOptions } from './iam-request-based-authenticator-immutable';
 /**
  * The IamRequestBasedAuthenticator provides shared configuration and functionality
  * for authenticators that interact with the IAM token service. This authenticator
  * is not meant for use on its own.
  */
-export declare class IamRequestBasedAuthenticator extends TokenRequestBasedAuthenticator {
-    protected tokenManager: IamRequestBasedTokenManager;
-    protected clientId: string;
-    protected clientSecret: string;
-    protected scope: string;
-    /**
-     *
-     * Create a new IamRequestBasedAuthenticator instance.
-     *
-     * @param options - Configuration options for IAM authentication.
-     * This should be an object containing these fields:
-     * - url: (optional) the endpoint URL for the token service
-     * - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
-     * should be disabled or not
-     * - headers: (optional) a set of HTTP headers to be sent with each request to the token service
-     * - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
-     * Authorization header to be included in each request to the token service
-     * - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
-     * Authorization header to be included in each request to the token service
-     * - scope: (optional) the "scope" parameter to use when fetching the bearer token from the token service
-     *
-     * @throws Error: the configuration options are not valid.
-     */
-    constructor(options: IamRequestOptions);
+export declare class IamRequestBasedAuthenticator extends IamRequestBasedAuthenticatorImmutable {
     /**
      * Setter for the mutually inclusive "clientId" and the "clientSecret" fields.
      * @param clientId - the "clientId" value used to form a Basic Authorization header for IAM token requests
@@ -74,9 +37,18 @@ export declare class IamRequestBasedAuthenticator extends TokenRequestBasedAuthe
      */
     setScope(scope: string): void;
     /**
-     * Return the most recently stored refresh token.
+     * Set the flag that indicates whether verification of the server's SSL
+     * certificate should be disabled or not.
+     *
+     * @param value - a flag that indicates whether verification of the
+     *   token server's SSL certificate should be disabled or not.
+     */
+    setDisableSslVerification(value: boolean): void;
+    /**
+     * Set headers.
      *
-     * @returns the refresh token string
+     * @param headers - a set of HTTP headers to be sent with each outbound token server request.
+     * Overwrites previous default headers.
      */
-    getRefreshToken(): string;
+    setHeaders(headers: OutgoingHttpHeaders): void;
 }

package/es/auth/authenticators/iam-request-based-authenticator.js

@@ -1,5 +1,5 @@
 /**
- * (C) Copyright IBM Corp. 2019, 202e.
+ * (C) Copyright IBM Corp. 2019, 2024.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -13,41 +13,13 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { IamRequestBasedTokenManager } from '../token-managers/iam-request-based-token-manager';
-import { TokenRequestBasedAuthenticator } from './token-request-based-authenticator';
+import { IamRequestBasedAuthenticatorImmutable } from './iam-request-based-authenticator-immutable';
 /**
  * The IamRequestBasedAuthenticator provides shared configuration and functionality
  * for authenticators that interact with the IAM token service. This authenticator
  * is not meant for use on its own.
  */
-export class IamRequestBasedAuthenticator extends TokenRequestBasedAuthenticator {
-    /**
-     *
-     * Create a new IamRequestBasedAuthenticator instance.
-     *
-     * @param options - Configuration options for IAM authentication.
-     * This should be an object containing these fields:
-     * - url: (optional) the endpoint URL for the token service
-     * - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
-     * should be disabled or not
-     * - headers: (optional) a set of HTTP headers to be sent with each request to the token service
-     * - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
-     * Authorization header to be included in each request to the token service
-     * - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
-     * Authorization header to be included in each request to the token service
-     * - scope: (optional) the "scope" parameter to use when fetching the bearer token from the token service
-     *
-     * @throws Error: the configuration options are not valid.
-     */
-    constructor(options) {
-        // all parameters are optional
-        options = options || {};
-        super(options);
-        this.clientId = options.clientId;
-        this.clientSecret = options.clientSecret;
-        this.scope = options.scope;
-        this.tokenManager = new IamRequestBasedTokenManager(options);
-    }
+export class IamRequestBasedAuthenticator extends IamRequestBasedAuthenticatorImmutable {
     /**
      * Setter for the mutually inclusive "clientId" and the "clientSecret" fields.
      * @param clientId - the "clientId" value used to form a Basic Authorization header for IAM token requests
@@ -70,11 +42,30 @@ export class IamRequestBasedAuthenticator extends TokenRequestBasedAuthenticator
         this.tokenManager.setScope(scope);
     }
     /**
-     * Return the most recently stored refresh token.
+     * Set the flag that indicates whether verification of the server's SSL
+     * certificate should be disabled or not.
+     *
+     * @param value - a flag that indicates whether verification of the
+     *   token server's SSL certificate should be disabled or not.
+     */
+    setDisableSslVerification(value) {
+        // if they try to pass in a non-boolean value,
+        // use the "truthy-ness" of the value
+        this.disableSslVerification = Boolean(value);
+        this.tokenManager.setDisableSslVerification(this.disableSslVerification);
+    }
+    /**
+     * Set headers.
      *
-     * @returns the refresh token string
+     * @param headers - a set of HTTP headers to be sent with each outbound token server request.
+     * Overwrites previous default headers.
      */
-    getRefreshToken() {
-        return this.tokenManager.getRefreshToken();
+    setHeaders(headers) {
+        if (typeof headers !== 'object') {
+            // do nothing, for now
+            return;
+        }
+        this.headers = headers;
+        this.tokenManager.setHeaders(this.headers);
     }
 }

package/es/auth/authenticators/index.d.ts

@@ -19,7 +19,8 @@
  *
  * Basic Authentication
  * Bearer Token
- * Identity and Access Management (IAM)
+ * Identity and Access Management (IAM, grant type: apikey)
+ * Identity and Access Management (IAM, grant type: assume)
  * Container (IKS, etc)
  * VPC Instance
  * Cloud Pak for Data
@@ -35,6 +36,7 @@
  *   BearerTokenAuthenticator: Authenticator for passing supplied bearer token to service endpoint.
  *   CloudPakForDataAuthenticator: Authenticator for passing CP4D authentication information to service endpoint.
  *   IAMAuthenticator: Authenticator for passing IAM authentication information to service endpoint.
+ *   IAMAssumeAuthenticator: Authenticator for passing IAM authentication information to service endpoint, assuming a trusted profile.
  *   ContainerAuthenticator: Authenticator for passing IAM authentication to a service, based on a token living on the container.
  *   VpcInstanceAuthenticator: Authenticator that uses the VPC Instance Metadata Service API to retrieve an IAM token.
  *   McspAuthenticator: Authenticator for passing MCSP authentication to a service endpoint.
@@ -52,3 +54,4 @@ export { IamRequestBasedAuthenticator } from './iam-request-based-authenticator'
 export { TokenRequestBasedAuthenticator } from './token-request-based-authenticator';
 export { VpcInstanceAuthenticator } from './vpc-instance-authenticator';
 export { McspAuthenticator } from './mcsp-authenticator';
+export { IamAssumeAuthenticator } from './iam-assume-authenticator';

package/es/auth/authenticators/index.js

@@ -24,3 +24,4 @@ export { IamRequestBasedAuthenticator } from './iam-request-based-authenticator'
 export { TokenRequestBasedAuthenticator } from './token-request-based-authenticator';
 export { VpcInstanceAuthenticator } from './vpc-instance-authenticator';
 export { McspAuthenticator } from './mcsp-authenticator';
+export { IamAssumeAuthenticator } from './iam-assume-authenticator';

package/es/auth/authenticators/token-request-based-authenticator-immutable.d.ts

@@ -0,0 +1,71 @@
+/**
+ * (C) Copyright IBM Corp. 2024.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/// <reference types="node" />
+import { OutgoingHttpHeaders } from 'http';
+import { JwtTokenManager } from '../token-managers/jwt-token-manager';
+import { Authenticator } from './authenticator';
+import { AuthenticateOptions } from './authenticator-interface';
+/** Configuration options for token-based authentication. */
+export type BaseOptions = {
+    /** Headers to be sent with every outbound HTTP requests to token services. */
+    headers?: OutgoingHttpHeaders;
+    /**
+     * A flag that indicates whether verification of the token server's SSL
+     * certificate should be disabled or not.
+     */
+    disableSslVerification?: boolean;
+    /** Endpoint for HTTP token requests. */
+    url?: string;
+    /** Allow additional request config parameters */
+    [propName: string]: any;
+};
+/**
+ * Class for common functionality shared by token-request authenticators.
+ * Token-request authenticators use token managers to retrieve, store,
+ * and refresh tokens. Not intended to be used as stand-alone authenticator,
+ * but as base class to authenticators that have their own token manager
+ * implementations.
+ *
+ * The token will be added as an Authorization header in the form:
+ *
+ *      Authorization: Bearer \<bearer-token\>
+ */
+export declare class TokenRequestBasedAuthenticatorImmutable extends Authenticator {
+    protected tokenManager: JwtTokenManager;
+    protected url: string;
+    protected headers: OutgoingHttpHeaders;
+    protected disableSslVerification: boolean;
+    /**
+     * Create a new TokenRequestBasedAuthenticatorImmutable instance with an internal JwtTokenManager.
+     *
+     * @param options - Configuration options.
+     * This should be an object containing these fields:
+     * - url: (optional) the endpoint URL for the token service
+     * - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
+     * should be disabled or not
+     * - headers: (optional) a set of HTTP headers to be sent with each request to the token service
+     */
+    constructor(options: BaseOptions);
+    /**
+     * Adds bearer token information to "requestOptions". The bearer token information
+     * will be set in the Authorization property of "requestOptions.headers" in the form:
+     *
+     *     Authorization: Bearer \<bearer-token\>
+     *
+     * @param requestOptions - The request to augment with authentication information.
+     */
+    authenticate(requestOptions: AuthenticateOptions): Promise<void>;
+}