oro-sdk 2.1.4 → 2.3.0

package/src/services/guard.ts

@@ -1,228 +0,0 @@
-import { APIService } from './api'
-import type { AxiosAuthRefreshRequestConfig } from 'axios-auth-refresh'
-import {
-    AuthTokenRequest,
-    AuthTokenResponse,
-    AuthRecoverRequest,
-    IdentityCreateRequest,
-    IdentityUpdateRequest,
-    IdentityResponse,
-    QRCodeRequest,
-    QRCodeResponse,
-    Uuid,
-    WhoAmIResponse,
-    Base64String,
-    AuthenticationFailed,
-    IdentityCreationFailed,
-    AuthenticationBadRequest,
-    AuthenticationServerError,
-    IdentityCreationBadRequest,
-    IdentityCreationConflict,
-    Tokens
-} from '../models'
-import { AxiosError } from 'axios'
-
-export interface GuardRequestConfig extends AxiosAuthRefreshRequestConfig {
-    useRefreshToken : boolean
-}
-export class GuardService {
-    private identityCache: Record<string, IdentityResponse>
-    private whoAmICache: Record<string, WhoAmIResponse>
-
-    constructor(private api: APIService, private baseURL: string) {
-        this.api.setAuthRefreshFn(this.authRefresh.bind(this))
-        this.identityCache = {}
-        this.whoAmICache = {}
-    }
-
-    /**
-     * Will replace access and refresh tokens with `tokens`
-     * 
-     * Note: 
-     * ```typescript
-     * setTokens({accessToken: undefined, refreshToken: 'aTokenValue'}) // will erase accessToken and set refreshToken with 'aTokenValue'
-     * setTokens({refreshToken: 'aTokenValue'}) // will keep actual value of accessToken and set refreshToken with 'aTokenValue'
-     * 
-     * ```
-     * @param tokens
-     */
-    public setTokens(tokens: Tokens) {
-        this.api.setTokens({...this.api.getTokens() , ...tokens })
-    }
-
-    /**
-     * Allow to retrieve an access token and a refresh token in order
-     * to do authenticated request afterward
-     *
-     * @param req The credentials required to get an access token
-     * @returns AuthTokenResponse
-     */
-    public async authToken(req: AuthTokenRequest): Promise<AuthTokenResponse> {
-        let resp : AuthTokenResponse
-
-        try {
-            let config: AxiosAuthRefreshRequestConfig = {
-                skipAuthRefresh: true
-            }
-
-            resp = await this.api.post<AuthTokenResponse>(`${this.baseURL}/v1/auth/token`, req, config)
-
-            this.api.setTokens({
-                accessToken: resp.accessToken,
-                refreshToken: resp.refreshToken
-            })
-        } catch(e) {
-            if((e as any).isAxiosError){
-                const code = (e as AxiosError).response?.status
-                switch (code) {
-                    case 400:
-                        throw new AuthenticationBadRequest()
-                    case 500:
-                        throw new AuthenticationServerError()
-                    case 401:
-                    default:
-                        throw new AuthenticationFailed()
-                }
-            }
-            throw new AuthenticationFailed()
-
-        }
-        return resp
-    }
-
-    /**
-     * Get new access and refresh token
-     *
-     * @returns AuthTokenResponse
-     */
-    public async authRefresh(refreshToken?: string): Promise<AuthTokenResponse> {
-        let config: GuardRequestConfig = {
-            skipAuthRefresh: true,
-            useRefreshToken: true
-        }
-        return this.api.put<AuthTokenResponse>(`${this.baseURL}/v1/auth/token`, null, config)
-    }
-
-
-    /**
-     * Call guard to overwrite existing refresh token cookie
-     *
-     * @returns void
-     */
-    public async authLogout(): Promise<void> {
-        return this.api.get<void>(`${this.baseURL}/v1/auth/logout`)
-    }
-
-
-    /**
-     * Call guard to attempt account recovery
-     *
-     * @param req The email address / practice of the account to recover
-     * @returns void
-     */
-    public async authRecover(req: AuthRecoverRequest): Promise<void> {
-        return this.api.post<void>(`${this.baseURL}/v1/auth/recover`, req)
-    }
-
-
-    /**
-     * Allow to create a new identity. The identity will then need to be confirmed
-     * via an email link
-     *
-     * @param req the information about the new identity to create
-     * @returns IdentityResponse
-     */
-    public async identityCreate(req: IdentityCreateRequest): Promise<IdentityResponse> {
-        let resp : IdentityResponse
-
-        try {
-            resp = await this.api.post<IdentityResponse>(`${this.baseURL}/v1/identities`, req)
-            this.api.setTokens({
-                refreshToken: resp.refreshToken
-            })
-        } catch (e) {
-            if((e as any).isAxiosError){
-                const code = (e as AxiosError).response?.status
-                switch (code) {
-                    case 400:
-                        throw new IdentityCreationBadRequest()
-                    case 409:
-                        throw new IdentityCreationConflict()
-                    case 500:
-                    default:
-                        throw new IdentityCreationFailed()
-                }
-            }
-            throw new IdentityCreationFailed()
-        }
-        return resp
-    }
-
-
-    /**
-     * Retrieve an identity. Will return public fields only when requested
-     * without authentication
-     *
-     * @param identityID Unique id of the identity to retrieve
-     * @returns IdentityResponse
-     */
-    public async identityGet(
-        identityID: Uuid
-    ): Promise<IdentityResponse> {
-        const tokens = this.api.getTokens()
-        const cacheKey = (tokens.accessToken ?? '') + (tokens.refreshToken ?? '') + identityID
-
-        if (!tokens.accessToken || !this.identityCache[cacheKey]) {
-            this.identityCache[cacheKey] = await this.api.get<IdentityResponse>(
-                `${this.baseURL}/v1/identities/${identityID}`
-            )
-        }
-        return this.identityCache[cacheKey]
-    }
-
-
-    /**
-     * Get information about the current authenticated user
-     *
-     * @param refreshCache if true it will refresh the whoAmI cache (default: false)
-     * @returns WhoAmIResponse
-     */
-    public async whoAmI(refreshCache: boolean = false): Promise<WhoAmIResponse> {
-        const cacheKey = this.api.getTokens().accessToken ?? ''
-        if (!this.whoAmICache[cacheKey] || refreshCache) {
-            this.whoAmICache[cacheKey] = await this.api.get<WhoAmIResponse>(`${this.baseURL}/v1/auth/whoami`)
-        }
-        return this.whoAmICache[cacheKey]
-    }
-
-    /**
-     * Update an existing identity
-     *
-     * @param identityID unique id of identity to update
-     * @param req update request
-     * @returns IdentityResponse
-     */
-    public async identityUpdate(
-        identityID: Uuid,
-        req: IdentityUpdateRequest
-    ): Promise<IdentityResponse> {
-        return this.api.put<IdentityResponse>(`${this.baseURL}/v1/identities/${identityID}`, req)
-    }
-
-    /**
-     * Return base64 data representing a QR code that the
-     * current identity need in order to use MFA
-     *
-     * @param identityID unique id of the identity
-     * @param password the identity password (already hashed and in base64)
-     * @returns QRCodeResponse
-     */
-    public async identityMFAQRCode(
-        identityID: Uuid,
-        password: Base64String
-    ): Promise<QRCodeResponse> {
-        const req: QRCodeRequest = { password }
-        return this.api.post<QRCodeResponse>(`${this.baseURL}/v1/identities/${identityID}/mfa`, req, { headers: { 'Accept': 'application/json' } })
-    }
-}
-