whio-api-sdk 1.1.29 → 1.1.34

package/dist/src/sdk/modules/auth.module.d.ts

@@ -25,6 +25,30 @@ export declare class AuthModule extends BaseClient {
      * @returns The login response including access/refresh tokens and the user.
      */
     loginWithCode(email: string, code: string): Promise<LoginResponse>;
+    /**
+     * Authenticate with a Microsoft (Entra ID) token and persist the session.
+     *
+     * The client runs the Microsoft sign-in itself and passes the resulting Entra
+     * ID token here; the backend verifies it and mints the normal app session. The
+     * Microsoft identity must already be linked to a local account (see
+     * {@link connectEntra}) - an unlinked customer-app token is rejected.
+     *
+     * @param idToken - The Entra ID token obtained from the Microsoft sign-in.
+     * @returns The login response including access/refresh tokens and the user.
+     */
+    loginWithEntra(idToken: string): Promise<LoginResponse>;
+    /**
+     * Link the authenticated user's account to their Microsoft (Entra ID) identity
+     * so future {@link loginWithEntra} calls resolve them by their Microsoft oid.
+     *
+     * Requires an active session - the bearer token is attached automatically.
+     *
+     * @param idToken - The Entra ID token obtained from the Microsoft sign-in.
+     * @returns A confirmation message.
+     */
+    connectEntra(idToken: string): Promise<{
+        message: string;
+    }>;
     /**
      * Clear the current session and any persisted authentication state.
      *

package/dist/src/sdk/modules/auth.module.js

@@ -60,6 +60,44 @@ export class AuthModule extends BaseClient {
             }
         });
     }
+    /**
+     * Authenticate with a Microsoft (Entra ID) token and persist the session.
+     *
+     * The client runs the Microsoft sign-in itself and passes the resulting Entra
+     * ID token here; the backend verifies it and mints the normal app session. The
+     * Microsoft identity must already be linked to a local account (see
+     * {@link connectEntra}) - an unlinked customer-app token is rejected.
+     *
+     * @param idToken - The Entra ID token obtained from the Microsoft sign-in.
+     * @returns The login response including access/refresh tokens and the user.
+     */
+    loginWithEntra(idToken) {
+        return __awaiter(this, void 0, void 0, function* () {
+            try {
+                const response = yield this.request(urls.entra, 'POST', { idToken }, {}, true);
+                yield this.updateAuthState(response);
+                return response;
+            }
+            catch (error) {
+                yield this.clearAuth();
+                throw error;
+            }
+        });
+    }
+    /**
+     * Link the authenticated user's account to their Microsoft (Entra ID) identity
+     * so future {@link loginWithEntra} calls resolve them by their Microsoft oid.
+     *
+     * Requires an active session - the bearer token is attached automatically.
+     *
+     * @param idToken - The Entra ID token obtained from the Microsoft sign-in.
+     * @returns A confirmation message.
+     */
+    connectEntra(idToken) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.request(urls.entraConnect, 'POST', { idToken });
+        });
+    }
     /**
      * Clear the current session and any persisted authentication state.
      *

package/dist/src/sdk/modules/base-client.js

@@ -67,6 +67,7 @@ export class BaseClient {
         });
     }
     request(endpoint, method = 'GET', body, headers = {}, noToken = false) {
+        var _a;
         return __awaiter(this, void 0, void 0, function* () {
             const url = `${this.baseUrl}${endpoint}`;
             const defaultHeaders = {
@@ -79,14 +80,34 @@ export class BaseClient {
                     defaultHeaders['Authorization'] = `Bearer ${token}`;
                 }
             }
-            const response = yield axios({
-                url,
-                method,
-                headers: Object.assign(Object.assign({}, defaultHeaders), headers),
-                data: body,
-                timeout: 5000,
-            });
-            return response.data;
+            try {
+                const response = yield axios({
+                    url,
+                    method,
+                    headers: Object.assign(Object.assign({}, defaultHeaders), headers),
+                    data: body,
+                    timeout: 5000,
+                });
+                return response.data;
+            }
+            catch (error) {
+                // Surface the server-provided error message (NestJS sends `{ message }`)
+                // instead of axios's generic "Request failed with status code 4xx", so the
+                // reason reaches the UI. The AxiosError is kept intact (response/status/
+                // isAxiosError) so callers can still branch on the type of failure.
+                if (axios.isAxiosError(error)) {
+                    const data = (_a = error.response) === null || _a === void 0 ? void 0 : _a.data;
+                    const serverMessage = Array.isArray(data === null || data === void 0 ? void 0 : data.message)
+                        ? data === null || data === void 0 ? void 0 : data.message.join(', ')
+                        : typeof (data === null || data === void 0 ? void 0 : data.message) === 'string'
+                            ? data.message
+                            : undefined;
+                    if (serverMessage) {
+                        error.message = serverMessage;
+                    }
+                }
+                throw error;
+            }
         });
     }
     fileUploadRequest(endpoint, body, headers = {}, onProgress) {

package/dist/src/sdk/modules/user.module.d.ts

@@ -102,6 +102,27 @@ export declare class UserModule extends BaseClient {
      * @returns The updated user.
      */
     updateUser(id: string, data: UpdateUserDto): Promise<User>;
+    /**
+     * Activate (enable) a user by ID.
+     *
+     * Requires superuser or organization-admin privileges; an organization admin
+     * may only activate users within their own organization.
+     *
+     * @param id - UUID of the user to activate.
+     * @returns The updated user with `isActive` set to `true`.
+     */
+    activateUser(id: string): Promise<User>;
+    /**
+     * Deactivate (disable) a user by ID.
+     *
+     * Requires superuser or organization-admin privileges; an organization admin
+     * may only deactivate users within their own organization. Deactivation takes
+     * effect immediately: the user can no longer authenticate.
+     *
+     * @param id - UUID of the user to deactivate.
+     * @returns The updated user with `isActive` set to `false`.
+     */
+    deactivateUser(id: string): Promise<User>;
     /**
      * Delete a user by ID.
      *

package/dist/src/sdk/modules/user.module.js

@@ -192,6 +192,35 @@ export class UserModule extends BaseClient {
             return this.request(`${urls.users}/${id}`, 'PATCH', data);
         });
     }
+    /**
+     * Activate (enable) a user by ID.
+     *
+     * Requires superuser or organization-admin privileges; an organization admin
+     * may only activate users within their own organization.
+     *
+     * @param id - UUID of the user to activate.
+     * @returns The updated user with `isActive` set to `true`.
+     */
+    activateUser(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.request(`${urls.users}/${id}/activate`, 'PATCH');
+        });
+    }
+    /**
+     * Deactivate (disable) a user by ID.
+     *
+     * Requires superuser or organization-admin privileges; an organization admin
+     * may only deactivate users within their own organization. Deactivation takes
+     * effect immediately: the user can no longer authenticate.
+     *
+     * @param id - UUID of the user to deactivate.
+     * @returns The updated user with `isActive` set to `false`.
+     */
+    deactivateUser(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.request(`${urls.users}/${id}/deactivate`, 'PATCH');
+        });
+    }
     /**
      * Delete a user by ID.
      *

package/dist/src/sdk/sdk.d.ts

@@ -60,6 +60,10 @@ export declare class ApiSDK extends BaseClient {
         message: string;
     }>;
     loginWithCode(...args: Parameters<AuthModule['loginWithCode']>): Promise<import("./types").LoginResponse>;
+    loginWithEntra(...args: Parameters<AuthModule['loginWithEntra']>): Promise<import("./types").LoginResponse>;
+    connectEntra(...args: Parameters<AuthModule['connectEntra']>): Promise<{
+        message: string;
+    }>;
     createUser(...args: Parameters<UserModule['createUser']>): Promise<User>;
     assignEditorToRoleToUser(...args: Parameters<UserModule['assignEditorToRoleToUser']>): Promise<User>;
     assignAdminToRoleToUser(...args: Parameters<UserModule['assignAdminToRoleToUser']>): Promise<User>;

package/dist/src/sdk/sdk.js

@@ -159,6 +159,19 @@ export class ApiSDK extends BaseClient {
             return result;
         });
     }
+    loginWithEntra(...args) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const result = yield this.auth.loginWithEntra(...args);
+            // Sync user state across all modules after successful login
+            yield this.syncUserState(result.user, result.access_token, result.refresh_token);
+            return result;
+        });
+    }
+    connectEntra(...args) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.auth.connectEntra(...args);
+        });
+    }
     // User methods
     createUser(...args) {
         return __awaiter(this, void 0, void 0, function* () {

package/dist/src/sdk/urls.d.ts

@@ -6,6 +6,8 @@ declare const urls: {
     logout: string;
     changePassword: string;
     adminChangePassword: string;
+    entra: string;
+    entraConnect: string;
     user: string;
     users: string;
     organizations: string;

package/dist/src/sdk/urls.js

@@ -7,6 +7,8 @@ const urls = {
     logout: '/auth/logout',
     changePassword: '/auth/change-password',
     adminChangePassword: '/auth/admin/change-password',
+    entra: '/auth/entra',
+    entraConnect: '/auth/entra/connect',
     // Users
     user: '/users',
     users: '/users',

package/dist/src/sdk/whio-orgadmin-sdk.d.ts

@@ -58,6 +58,8 @@ export declare class WhioOrgAdminSDK extends BaseClient {
     getUsersByOrganization(...args: Parameters<UserModule['getUsersByOrganization']>): Promise<User[]>;
     getUser(...args: Parameters<UserModule['getUser']>): Promise<User>;
     updateUser(...args: Parameters<UserModule['updateUser']>): Promise<User>;
+    activateUser(...args: Parameters<UserModule['activateUser']>): Promise<User>;
+    deactivateUser(...args: Parameters<UserModule['deactivateUser']>): Promise<User>;
     deleteUser(...args: Parameters<UserModule['deleteUser']>): Promise<void>;
     createEditorUser(...args: Parameters<UserModule['createEditorUser']>): Promise<User>;
     createAdminUser(...args: Parameters<UserModule['createAdminUser']>): Promise<User>;

package/dist/src/sdk/whio-orgadmin-sdk.js

@@ -192,6 +192,16 @@ export class WhioOrgAdminSDK extends BaseClient {
             return this.usersModule.updateUser(...args);
         });
     }
+    activateUser(...args) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.usersModule.activateUser(...args);
+        });
+    }
+    deactivateUser(...args) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.usersModule.deactivateUser(...args);
+        });
+    }
     deleteUser(...args) {
         return __awaiter(this, void 0, void 0, function* () {
             return this.usersModule.deleteUser(...args);

package/dist/src/sdk/whio-sdk.d.ts

@@ -47,6 +47,10 @@ export declare class WhioSDK extends BaseClient {
     login(...args: Parameters<AuthModule['login']>): Promise<import("./types").LoginResponse>;
     logout(...args: Parameters<AuthModule['logout']>): Promise<void>;
     loginWithCode(...args: Parameters<AuthModule['loginWithCode']>): Promise<import("./types").LoginResponse>;
+    loginWithEntra(...args: Parameters<AuthModule['loginWithEntra']>): Promise<import("./types").LoginResponse>;
+    connectEntra(...args: Parameters<AuthModule['connectEntra']>): Promise<{
+        message: string;
+    }>;
     getProfile(...args: Parameters<AuthModule['getProfile']>): Promise<User>;
     changePassword(...args: Parameters<AuthModule['changePassword']>): Promise<import("./types").PasswordChangeResponse>;
     requestLoginCode(...args: Parameters<AuthModule['requestLoginCode']>): Promise<{

package/dist/src/sdk/whio-sdk.js

@@ -129,6 +129,18 @@ export class WhioSDK extends BaseClient {
             return result;
         });
     }
+    loginWithEntra(...args) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const result = yield this.authModule.loginWithEntra(...args);
+            yield this.syncUserState(result.user, result.access_token, result.refresh_token);
+            return result;
+        });
+    }
+    connectEntra(...args) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.authModule.connectEntra(...args);
+        });
+    }
     getProfile(...args) {
         return __awaiter(this, void 0, void 0, function* () {
             return this.authModule.getProfile(...args);

package/dist/src/sdk/whio-superuser-sdk.d.ts

@@ -65,6 +65,8 @@ export declare class WhioSuperuserSDK extends BaseClient {
     getUser(...args: Parameters<UserModule['getUser']>): Promise<User>;
     getUsersByOrganization(...args: Parameters<UserModule['getUsersByOrganization']>): Promise<User[]>;
     updateUser(...args: Parameters<UserModule['updateUser']>): Promise<User>;
+    activateUser(...args: Parameters<UserModule['activateUser']>): Promise<User>;
+    deactivateUser(...args: Parameters<UserModule['deactivateUser']>): Promise<User>;
     deleteUser(...args: Parameters<UserModule['deleteUser']>): Promise<void>;
     createEditorUser(...args: Parameters<UserModule['createEditorUser']>): Promise<User>;
     createAdminUser(...args: Parameters<UserModule['createAdminUser']>): Promise<User>;

package/dist/src/sdk/whio-superuser-sdk.js

@@ -207,6 +207,16 @@ export class WhioSuperuserSDK extends BaseClient {
             return this.usersModule.updateUser(...args);
         });
     }
+    activateUser(...args) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.usersModule.activateUser(...args);
+        });
+    }
+    deactivateUser(...args) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.usersModule.deactivateUser(...args);
+        });
+    }
     deleteUser(...args) {
         return __awaiter(this, void 0, void 0, function* () {
             return this.usersModule.deleteUser(...args);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "whio-api-sdk",
-  "version": "1.1.29",
+  "version": "1.1.34",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "type": "module",

package/src/sdk/modules/auth.module.ts

@@ -66,6 +66,51 @@ export class AuthModule extends BaseClient {
     }
   }
 
+  /**
+   * Authenticate with a Microsoft (Entra ID) token and persist the session.
+   *
+   * The client runs the Microsoft sign-in itself and passes the resulting Entra
+   * ID token here; the backend verifies it and mints the normal app session. The
+   * Microsoft identity must already be linked to a local account (see
+   * {@link connectEntra}) - an unlinked customer-app token is rejected.
+   *
+   * @param idToken - The Entra ID token obtained from the Microsoft sign-in.
+   * @returns The login response including access/refresh tokens and the user.
+   */
+  public async loginWithEntra(idToken: string): Promise<LoginResponse> {
+    try {
+      const response = await this.request<LoginResponse>(
+        urls.entra,
+        'POST',
+        { idToken },
+        {},
+        true
+      );
+      await this.updateAuthState(response);
+      return response;
+    } catch (error) {
+      await this.clearAuth();
+      throw error;
+    }
+  }
+
+  /**
+   * Link the authenticated user's account to their Microsoft (Entra ID) identity
+   * so future {@link loginWithEntra} calls resolve them by their Microsoft oid.
+   *
+   * Requires an active session - the bearer token is attached automatically.
+   *
+   * @param idToken - The Entra ID token obtained from the Microsoft sign-in.
+   * @returns A confirmation message.
+   */
+  public async connectEntra(idToken: string): Promise<{ message: string }> {
+    return this.request<{ message: string }>(
+      urls.entraConnect,
+      'POST',
+      { idToken }
+    );
+  }
+
   /**
    * Clear the current session and any persisted authentication state.
    *

package/src/sdk/modules/base-client.ts

@@ -80,15 +80,36 @@ export class BaseClient {
       }
     }
 
-    const response = await axios({
-      url,
-      method,
-      headers: { ...defaultHeaders, ...headers },
-      data: body,
-      timeout: 5000,
-    });
+    try {
+      const response = await axios({
+        url,
+        method,
+        headers: { ...defaultHeaders, ...headers },
+        data: body,
+        timeout: 5000,
+      });
 
-    return response.data;
+      return response.data;
+    } catch (error) {
+      // Surface the server-provided error message (NestJS sends `{ message }`)
+      // instead of axios's generic "Request failed with status code 4xx", so the
+      // reason reaches the UI. The AxiosError is kept intact (response/status/
+      // isAxiosError) so callers can still branch on the type of failure.
+      if (axios.isAxiosError(error)) {
+        const data = error.response?.data as
+          | { message?: string | string[] }
+          | undefined;
+        const serverMessage = Array.isArray(data?.message)
+          ? data?.message.join(', ')
+          : typeof data?.message === 'string'
+            ? data.message
+            : undefined;
+        if (serverMessage) {
+          error.message = serverMessage;
+        }
+      }
+      throw error;
+    }
   }
 
   protected async fileUploadRequest<T>(

package/src/sdk/modules/user.module.ts

@@ -178,6 +178,33 @@ export class UserModule extends BaseClient {
     return this.request<User>(`${urls.users}/${id}`, 'PATCH', data);
   }
 
+  /**
+   * Activate (enable) a user by ID.
+   *
+   * Requires superuser or organization-admin privileges; an organization admin
+   * may only activate users within their own organization.
+   *
+   * @param id - UUID of the user to activate.
+   * @returns The updated user with `isActive` set to `true`.
+   */
+  public async activateUser(id: string): Promise<User> {
+    return this.request<User>(`${urls.users}/${id}/activate`, 'PATCH');
+  }
+
+  /**
+   * Deactivate (disable) a user by ID.
+   *
+   * Requires superuser or organization-admin privileges; an organization admin
+   * may only deactivate users within their own organization. Deactivation takes
+   * effect immediately: the user can no longer authenticate.
+   *
+   * @param id - UUID of the user to deactivate.
+   * @returns The updated user with `isActive` set to `false`.
+   */
+  public async deactivateUser(id: string): Promise<User> {
+    return this.request<User>(`${urls.users}/${id}/deactivate`, 'PATCH');
+  }
+
   /**
    * Delete a user by ID.
    *

package/src/sdk/sdk.ts

@@ -180,6 +180,17 @@ export class ApiSDK extends BaseClient {
     return result;
   }
 
+  public async loginWithEntra(...args: Parameters<AuthModule['loginWithEntra']>) {
+    const result = await this.auth.loginWithEntra(...args);
+    // Sync user state across all modules after successful login
+    await this.syncUserState(result.user, result.access_token, result.refresh_token);
+    return result;
+  }
+
+  public async connectEntra(...args: Parameters<AuthModule['connectEntra']>) {
+    return this.auth.connectEntra(...args);
+  }
+
   // User methods
   public async createUser(...args: Parameters<UserModule['createUser']>) {
     return this.users.createUser(...args);

package/src/sdk/urls.ts

@@ -7,7 +7,9 @@ const urls = {
   logout: '/auth/logout',
   changePassword: '/auth/change-password',
   adminChangePassword: '/auth/admin/change-password',
-  
+  entra: '/auth/entra',
+  entraConnect: '/auth/entra/connect',
+
   // Users
   user: '/users',
   users: '/users',

package/src/sdk/whio-orgadmin-sdk.ts

@@ -198,6 +198,14 @@ export class WhioOrgAdminSDK extends BaseClient {
     return this.usersModule.updateUser(...args);
   }
 
+  public async activateUser(...args: Parameters<UserModule['activateUser']>) {
+    return this.usersModule.activateUser(...args);
+  }
+
+  public async deactivateUser(...args: Parameters<UserModule['deactivateUser']>) {
+    return this.usersModule.deactivateUser(...args);
+  }
+
   public async deleteUser(...args: Parameters<UserModule['deleteUser']>) {
     return this.usersModule.deleteUser(...args);
   }

package/src/sdk/whio-sdk.ts

@@ -149,6 +149,16 @@ export class WhioSDK extends BaseClient {
     return result;
   }
 
+  public async loginWithEntra(...args: Parameters<AuthModule['loginWithEntra']>) {
+    const result = await this.authModule.loginWithEntra(...args);
+    await this.syncUserState(result.user, result.access_token, result.refresh_token);
+    return result;
+  }
+
+  public async connectEntra(...args: Parameters<AuthModule['connectEntra']>) {
+    return this.authModule.connectEntra(...args);
+  }
+
   public async getProfile(...args: Parameters<AuthModule['getProfile']>) {
     return this.authModule.getProfile(...args);
   }

package/src/sdk/whio-superuser-sdk.ts

@@ -213,6 +213,14 @@ export class WhioSuperuserSDK extends BaseClient {
     return this.usersModule.updateUser(...args);
   }
 
+  public async activateUser(...args: Parameters<UserModule['activateUser']>) {
+    return this.usersModule.activateUser(...args);
+  }
+
+  public async deactivateUser(...args: Parameters<UserModule['deactivateUser']>) {
+    return this.usersModule.deactivateUser(...args);
+  }
+
   public async deleteUser(...args: Parameters<UserModule['deleteUser']>) {
     return this.usersModule.deleteUser(...args);
   }