Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@descope/node-sdk
Advanced tools
@descope/node-sdk - npm Package Compare versions
Comparing version 0.0.0-next-b31c68d3-20240320 to 0.0.0-next-b42a85d0-20250102
@@ -1,2 +0,2 @@ | ||
| "use strict";Object.defineProperty(exports,"__esModule",{value:!0});var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),n=require("cross-fetch");function o(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var a=o(t);const r=t=>async(...s)=>{var n,o,a;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,p=e.__rest(i,["refreshJwt"]);const d=[];var m;return l?d.push(`${"DSR"}=${l}; Domain=${(null==(m=p)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),d.push(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:d})})};function i(e,t,s){var n,o;const a=s?null===(o=null===(n=e.token.tenants)||void 0===n?void 0:n[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(a)?a:[]}function l(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var p={create:"/v1/mgmt/user/create",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",history:"/v1/mgmt/user/history"},d={updateName:"/v1/mgmt/project/update/name",clone:"/v1/mgmt/project/clone",export:"/v1/mgmt/project/export",import:"/v1/mgmt/project/import"},m={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},c={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search"},g={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},u={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},h={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate"},v={settings:"/v1/mgmt/password/settings"},f={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},k={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},R={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},C={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},y={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},I={search:"/v1/mgmt/audit/search"},b={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",getModified:"/v1/mgmt/authz/getmodified"};const w=(e,s)=>({create:function(n,o,a,r,i,l,d,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:l,customAttributes:d,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.httpClient.post(p.create,k,{token:s}),(e=>e.user))},createTestUser:function(n,o,a,r,i,l,d,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:l,customAttributes:d,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f,test:!0}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0,test:!0});return t.transformResponse(e.httpClient.post(p.create,k,{token:s}),(e=>e.user))},invite:function(n,o,a,r,i,l,d,m,c,g,u,h,v,f,k,R,C){const y="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:f,middleName:k,familyName:R,roleNames:i,userTenants:l,invite:!0,customAttributes:d,picture:m,verifiedEmail:c,verifiedPhone:g,inviteUrl:u,sendMail:h,sendSMS:v,additionalLoginIds:C}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0,invite:!0});return t.transformResponse(e.httpClient.post(p.create,y,{token:s}),(e=>e.user))},inviteBatch:(n,o,a,r)=>t.transformResponse(e.httpClient.post(p.createBatch,{users:n,invite:!0,inviteUrl:o,sendMail:a,sendSMS:r},{token:s}),(e=>e)),update:function(n,o,a,r,i,l,d,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:l,customAttributes:d,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.httpClient.post(p.update,k,{token:s}),(e=>e.user))},delete:n=>t.transformResponse(e.httpClient.post(p.delete,{loginId:n},{token:s})),deleteByUserId:n=>t.transformResponse(e.httpClient.post(p.delete,{userId:n},{token:s})),deleteAllTestUsers:()=>t.transformResponse(e.httpClient.delete(p.deleteAllTestUsers,{token:s})),load:n=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{loginId:n},token:s}),(e=>e.user)),loadByUserId:n=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{userId:n},token:s}),(e=>e.user)),logoutUser:n=>t.transformResponse(e.httpClient.post(p.logout,{loginId:n},{token:s})),logoutUserByUserId:n=>t.transformResponse(e.httpClient.post(p.logout,{userId:n},{token:s})),searchAll:(n,o,a,r,i,l,d,m,c,g)=>t.transformResponse(e.httpClient.post(p.search,{tenantIds:n,roleNames:o,limit:a,page:r,testUsersOnly:i,withTestUser:l,customAttributes:d,statuses:m,emails:c,phones:g},{token:s}),(e=>e.users)),search:n=>t.transformResponse(e.httpClient.post(p.search,Object.assign(Object.assign({},n),{roleNames:n.roles,roles:void 0}),{token:s}),(e=>e.users)),getProviderToken:(n,o)=>t.transformResponse(e.httpClient.get(p.getProviderToken,{queryParams:{loginId:n,provider:o},token:s}),(e=>e)),activate:n=>t.transformResponse(e.httpClient.post(p.updateStatus,{loginId:n,status:"enabled"},{token:s}),(e=>e.user)),deactivate:n=>t.transformResponse(e.httpClient.post(p.updateStatus,{loginId:n,status:"disabled"},{token:s}),(e=>e.user)),updateLoginId:(n,o)=>t.transformResponse(e.httpClient.post(p.updateLoginId,{loginId:n,newLoginId:o},{token:s}),(e=>e.user)),updateEmail:(n,o,a)=>t.transformResponse(e.httpClient.post(p.updateEmail,{loginId:n,email:o,verified:a},{token:s}),(e=>e.user)),updatePhone:(n,o,a)=>t.transformResponse(e.httpClient.post(p.updatePhone,{loginId:n,phone:o,verified:a},{token:s}),(e=>e.user)),updateDisplayName:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(p.updateDisplayName,{loginId:n,displayName:o,givenName:a,middleName:r,familyName:i},{token:s}),(e=>e.user)),updatePicture:(n,o)=>t.transformResponse(e.httpClient.post(p.updatePicture,{loginId:n,picture:o},{token:s}),(e=>e.user)),updateCustomAttribute:(n,o,a)=>t.transformResponse(e.httpClient.post(p.updateCustomAttribute,{loginId:n,attributeKey:o,attributeValue:a},{token:s}),(e=>e.user)),setRoles:(n,o)=>t.transformResponse(e.httpClient.post(p.setRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addRoles:(n,o)=>t.transformResponse(e.httpClient.post(p.addRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),removeRoles:(n,o)=>t.transformResponse(e.httpClient.post(p.removeRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addTenant:(n,o)=>t.transformResponse(e.httpClient.post(p.addTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),removeTenant:(n,o)=>t.transformResponse(e.httpClient.post(p.removeTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),setTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(p.setRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),addTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(p.addRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),removeTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(p.removeRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),addSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(p.addSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),setSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(p.setSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),removeSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(p.removeSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),generateOTPForTestUser:(n,o,a)=>t.transformResponse(e.httpClient.post(p.generateOTPForTest,{deliveryMethod:n,loginId:o,loginOptions:a},{token:s}),(e=>e)),generateMagicLinkForTestUser:(n,o,a,r)=>t.transformResponse(e.httpClient.post(p.generateMagicLinkForTest,{deliveryMethod:n,loginId:o,URI:a,loginOptions:r},{token:s}),(e=>e)),generateEnchantedLinkForTestUser:(n,o,a)=>t.transformResponse(e.httpClient.post(p.generateEnchantedLinkForTest,{loginId:n,URI:o,loginOptions:a},{token:s}),(e=>e)),generateEmbeddedLink:(n,o)=>t.transformResponse(e.httpClient.post(p.generateEmbeddedLink,{loginId:n,customClaims:o},{token:s}),(e=>e)),setTemporaryPassword:(n,o)=>t.transformResponse(e.httpClient.post(p.setTemporaryPassword,{loginId:n,password:o},{token:s}),(e=>e)),setActivePassword:(n,o)=>t.transformResponse(e.httpClient.post(p.setActivePassword,{loginId:n,password:o},{token:s}),(e=>e)),setPassword:(n,o)=>t.transformResponse(e.httpClient.post(p.setPassword,{loginId:n,password:o},{token:s}),(e=>e)),expirePassword:n=>t.transformResponse(e.httpClient.post(p.expirePassword,{loginId:n},{token:s}),(e=>e)),removeAllPasskeys:n=>t.transformResponse(e.httpClient.post(p.removeAllPasskeys,{loginId:n},{token:s}),(e=>e)),history:n=>t.transformResponse(e.httpClient.post(p.history,n,{token:s}),(e=>e))}),A=(e,s)=>({updateName:n=>t.transformResponse(e.httpClient.post(d.updateName,{name:n},{token:s})),clone:(n,o)=>t.transformResponse(e.httpClient.post(d.clone,{name:n,tag:o},{token:s})),export:()=>t.transformResponse(e.httpClient.post(d.export,{},{token:s}),(e=>e.files)),import:n=>t.transformResponse(e.httpClient.post(d.export,{files:n},{token:s}))}),O=(e,s)=>({create:(n,o,a)=>t.transformResponse(e.httpClient.post(c.create,{name:n,selfProvisioningDomains:o,customAttributes:a},{token:s})),createWithId:(n,o,a,r)=>t.transformResponse(e.httpClient.post(c.create,{id:n,name:o,selfProvisioningDomains:a,customAttributes:r},{token:s})),update:(n,o,a,r)=>t.transformResponse(e.httpClient.post(c.update,{id:n,name:o,selfProvisioningDomains:a,customAttributes:r},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(c.delete,{id:n},{token:s})),load:n=>t.transformResponse(e.httpClient.get(c.load,{queryParams:{id:n},token:s}),(e=>e)),loadAll:()=>t.transformResponse(e.httpClient.get(c.loadAll,{token:s}),(e=>e.tenants)),searchAll:(n,o,a,r)=>t.transformResponse(e.httpClient.post(c.searchAll,{tenantIds:n,tenantNames:o,tenantSelfProvisioningDomains:a,customAttributes:r},{token:s}),(e=>e.tenants)),getSettings:n=>t.transformResponse(e.httpClient.get(c.settings,{queryParams:{id:n},token:s}),(e=>e)),configureSettings:(n,o)=>t.transformResponse(e.httpClient.post(c.settings,Object.assign(Object.assign({},o),{tenantId:n}),{token:s}))}),S=(e,s)=>({update:(n,o)=>t.transformResponse(e.httpClient.post(h.update,{jwt:n,customClaims:o},{token:s})),impersonate:(n,o,a)=>t.transformResponse(e.httpClient.post(h.impersonate,{impersonatorId:n,loginId:o,validateConsent:a},{token:s}))}),N=(e,s)=>({create:(n,o)=>t.transformResponse(e.httpClient.post(f.create,{name:n,description:o},{token:s})),update:(n,o,a)=>t.transformResponse(e.httpClient.post(f.update,{name:n,newName:o,description:a},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(f.delete,{name:n},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(f.loadAll,{token:s}),(e=>e.permissions))}),j=(e,s)=>({create:(n,o,a,r)=>t.transformResponse(e.httpClient.post(k.create,{name:n,description:o,permissionNames:a,tenantId:r},{token:s})),update:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(k.update,{name:n,newName:o,description:a,permissionNames:r,tenantId:i},{token:s})),delete:(n,o)=>t.transformResponse(e.httpClient.post(k.delete,{name:n,tenantId:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(k.loadAll,{token:s}),(e=>e.roles)),search:n=>t.transformResponse(e.httpClient.post(k.search,n,{token:s}),(e=>e.roles))}),P=(e,s)=>({loadAllGroups:n=>t.transformResponse(e.httpClient.post(y.loadAllGroups,{tenantId:n},{token:s})),loadAllGroupsForMember:(n,o,a)=>t.transformResponse(e.httpClient.post(y.loadAllGroupsForMember,{tenantId:n,loginIds:a,userIds:o},{token:s})),loadAllGroupMembers:(n,o)=>t.transformResponse(e.httpClient.post(y.loadAllGroupMembers,{tenantId:n,groupId:o},{token:s}))}),T=(e,s)=>({getSettings:n=>t.transformResponse(e.httpClient.get(u.settings,{queryParams:{tenantId:n},token:s}),(e=>e)),deleteSettings:n=>t.transformResponse(e.httpClient.delete(u.settings,{queryParams:{tenantId:n},token:s})),configureSettings:(n,o,a,r,i,l)=>t.transformResponse(e.httpClient.post(u.settings,{tenantId:n,idpURL:o,entityId:r,idpCert:a,redirectURL:i,domains:l},{token:s})),configureMetadata:(n,o,a,r)=>t.transformResponse(e.httpClient.post(u.metadata,{tenantId:n,idpMetadataURL:o,redirectURL:a,domains:r},{token:s})),configureMapping:(n,o,a)=>t.transformResponse(e.httpClient.post(u.mapping,{tenantId:n,roleMappings:o,attributeMapping:a},{token:s})),configureOIDCSettings:(n,o,a)=>{const r=Object.assign(Object.assign({},o),{userAttrMapping:o.attributeMapping});return delete r.attributeMapping,t.transformResponse(e.httpClient.post(u.oidc.configure,{tenantId:n,settings:r,domains:a},{token:s}))},configureSAMLSettings:(n,o,a,r)=>t.transformResponse(e.httpClient.post(u.saml.configure,{tenantId:n,settings:o,redirectUrl:a,domains:r},{token:s})),configureSAMLByMetadata:(n,o,a,r)=>t.transformResponse(e.httpClient.post(u.saml.metadata,{tenantId:n,settings:o,redirectUrl:a,domains:r},{token:s})),loadSettings:n=>t.transformResponse(e.httpClient.get(u.settingsv2,{queryParams:{tenantId:n},token:s}),(e=>{var t,s;const n=e;return n.oidc&&(n.oidc=Object.assign(Object.assign({},n.oidc),{attributeMapping:n.oidc.userAttrMapping}),delete n.oidc.userAttrMapping),(null===(t=n.saml)||void 0===t?void 0:t.groupsMapping)&&(n.saml.groupsMapping=null===(s=n.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),n}))}),M=(e,s)=>({create:(n,o,a,r,i,l)=>t.transformResponse(e.httpClient.post(m.create,{name:n,expireTime:o,roleNames:a,keyTenants:r,userId:i,customClaims:l},{token:s})),load:n=>t.transformResponse(e.httpClient.get(m.load,{queryParams:{id:n},token:s}),(e=>e.key)),searchAll:n=>t.transformResponse(e.httpClient.post(m.search,{tenantIds:n},{token:s}),(e=>e.keys)),update:(n,o)=>t.transformResponse(e.httpClient.post(m.update,{id:n,name:o},{token:s}),(e=>e.key)),deactivate:n=>t.transformResponse(e.httpClient.post(m.deactivate,{id:n},{token:s})),activate:n=>t.transformResponse(e.httpClient.post(m.activate,{id:n},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(m.delete,{id:n},{token:s}))}),x=(e,s)=>({list:()=>t.transformResponse(e.httpClient.post(R.list,{},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(R.delete,{ids:n},{token:s})),export:n=>t.transformResponse(e.httpClient.post(R.export,{flowId:n},{token:s})),import:(n,o,a)=>t.transformResponse(e.httpClient.post(R.import,{flowId:n,flow:o,screens:a},{token:s}))}),E=(e,s)=>({export:()=>t.transformResponse(e.httpClient.post(C.export,{},{token:s})),import:n=>t.transformResponse(e.httpClient.post(C.import,{theme:n},{token:s}))}),U=(e,s)=>({search:n=>{const o=Object.assign(Object.assign({},n),{externalIds:n.loginIds});return delete o.loginIds,t.transformResponse(e.httpClient.post(I.search,o,{token:s}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))}}),L=(e,s)=>({saveSchema:(n,o)=>t.transformResponse(e.httpClient.post(b.schemaSave,{schema:n,upgrade:o},{token:s})),deleteSchema:()=>t.transformResponse(e.httpClient.post(b.schemaDelete,{},{token:s})),loadSchema:()=>t.transformResponse(e.httpClient.post(b.schemaLoad,{},{token:s}),(e=>e.schema)),saveNamespace:(n,o,a)=>t.transformResponse(e.httpClient.post(b.nsSave,{namespace:n,oldName:o,schemaName:a},{token:s})),deleteNamespace:(n,o)=>t.transformResponse(e.httpClient.post(b.nsDelete,{name:n,schemaName:o},{token:s})),saveRelationDefinition:(n,o,a,r)=>t.transformResponse(e.httpClient.post(b.rdSave,{relationDefinition:n,namespace:o,oldName:a,schemaName:r},{token:s})),deleteRelationDefinition:(n,o,a)=>t.transformResponse(e.httpClient.post(b.rdDelete,{name:n,namespace:o,schemaName:a},{token:s})),createRelations:n=>t.transformResponse(e.httpClient.post(b.reCreate,{relations:n},{token:s})),deleteRelations:n=>t.transformResponse(e.httpClient.post(b.reDelete,{relations:n},{token:s})),deleteRelationsForResources:n=>t.transformResponse(e.httpClient.post(b.reDeleteResources,{resources:n},{token:s})),hasRelations:n=>t.transformResponse(e.httpClient.post(b.hasRelations,{relationQueries:n},{token:s}),(e=>e.relationQueries)),whoCanAccess:(n,o,a)=>t.transformResponse(e.httpClient.post(b.who,{resource:n,relationDefinition:o,namespace:a},{token:s}),(e=>e.targets)),resourceRelations:n=>t.transformResponse(e.httpClient.post(b.resource,{resource:n},{token:s}),(e=>e.relations)),targetsRelations:n=>t.transformResponse(e.httpClient.post(b.targets,{targets:n},{token:s}),(e=>e.relations)),whatCanTargetAccess:n=>t.transformResponse(e.httpClient.post(b.targetAll,{target:n},{token:s}),(e=>e.relations)),getModified:n=>t.transformResponse(e.httpClient.post(b.getModified,{since:n?n.getTime():0},{token:s}),(e=>e))}),D=(e,s)=>({createOidcApplication:n=>{var o;return t.transformResponse(e.httpClient.post(g.oidcCreate,Object.assign(Object.assign({},n),{enabled:null===(o=n.enabled)||void 0===o||o}),{token:s}))},createSamlApplication:n=>{var o;return t.transformResponse(e.httpClient.post(g.samlCreate,Object.assign(Object.assign({},n),{enabled:null===(o=n.enabled)||void 0===o||o}),{token:s}))},updateOidcApplication:n=>t.transformResponse(e.httpClient.post(g.oidcUpdate,Object.assign({},n),{token:s})),updateSamlApplication:n=>t.transformResponse(e.httpClient.post(g.samlUpdate,Object.assign({},n),{token:s})),delete:n=>t.transformResponse(e.httpClient.post(g.delete,{id:n},{token:s})),load:n=>t.transformResponse(e.httpClient.get(g.load,{queryParams:{id:n},token:s}),(e=>e)),loadAll:()=>t.transformResponse(e.httpClient.get(g.loadAll,{token:s}),(e=>e.apps))}),q=(e,s)=>({getSettings:n=>t.transformResponse(e.httpClient.get(v.settings,{queryParams:{tenantId:n},token:s}),(e=>e)),configureSettings:(n,o)=>t.transformResponse(e.httpClient.post(v.settings,Object.assign(Object.assign({},o),{tenantId:n}),{token:s}))});var F;null!==(F=globalThis.Headers)&&void 0!==F||(globalThis.Headers=n.Headers);const z=(...e)=>(e.forEach((e=>{var t,s;e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),n.fetch(...e)),J=n=>{var o,{managementKey:p,publicKey:d}=n,m=e.__rest(n,["managementKey","publicKey"]);const c=a.default(Object.assign(Object.assign({fetch:z},m),{baseHeaders:Object.assign(Object.assign({},m.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(o=null===process||void 0===process?void 0:process.versions)||void 0===o?void 0:o.node)||"","x-descope-sdk-version":"0.0.0-next-b31c68d3-20240320"})})),{projectId:g,logger:u}=m,h={},v=((e,t)=>({user:w(e,t),project:A(e,t),accessKey:M(e,t),tenant:O(e,t),ssoApplication:D(e,t),sso:T(e,t),jwt:S(e,t),permission:N(e,t),password:q(e,t),role:j(e,t),group:P(e,t),flow:x(e,t),theme:E(e,t),audit:U(e,t),authz:L(e,t)}))(c,p),f=Object.assign(Object.assign({},c),{management:v,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(h[e.kid])return h[e.kid];if(Object.assign(h,await(async()=>{if(d)try{const e=JSON.parse(d),t=await s.importJWK(e);return{[e.kid]:t}}catch(e){throw null==u||u.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await c.httpClient.get(`v2/keys/${g}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!h[e.kid])throw Error("failed to fetch matching key");return h[e.kid]},async validateJwt(e){var t;const n=(await s.jwtVerify(e,f.getKey,{clockTolerance:5})).payload;if(n&&(n.iss=null===(t=n.iss)||void 0===t?void 0:t.split("/").pop(),n.iss!==g))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:n}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await f.validateJwt(e)}catch(e){throw null==u||u.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await f.validateJwt(e);const n=await f.refresh(e);if(n.ok){return await f.validateJwt(null===(t=n.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=n.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==u||u.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await f.validateSession(e)}catch(e){null==u||u.log(`session validation failed with error ${e} - trying to refresh it`)}return f.refreshSession(t)},async exchangeAccessKey(e,t){if(!e)throw Error("access key must not be empty");let s;try{s=await f.accessKey.exchange(e,t)}catch(e){throw null==u||u.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}const{sessionJwt:n}=s.data;if(!n)throw null==u||u.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await f.validateJwt(n)}catch(e){throw null==u||u.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>f.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>f.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!l(e,t))return!1;const n=i(e,"permissions",t);return s.every((e=>n.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!l(e,t))return[];const n=i(e,"permissions",t);return s.filter((e=>n.includes(e)))},validateRoles:(e,t)=>f.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>f.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!l(e,t))return!1;const n=i(e,"roles",t);return s.every((e=>n.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!l(e,t))return[];const n=i(e,"roles",t);return s.filter((e=>n.includes(e)))}});return t.wrapWith(f,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],r)};J.RefreshTokenCookieName="DSR",J.SessionTokenCookieName="DS",exports.default=J,exports.descopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"}; | ||
| "use strict";Object.defineProperty(exports,"__esModule",{value:!0});var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),n=require("cross-fetch");function o(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var a=o(t);var r;null!==(r=globalThis.Headers)&&void 0!==r||(globalThis.Headers=n.Headers);const i=(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),n.fetch(...e)),p=t=>async(...s)=>{var n,o,a;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:p}=i,l=e.__rest(i,["refreshJwt"]);const m=[];var d;return p?m.push(`${"DSR"}=${p}; Domain=${(null==(d=l)?void 0:d.cookieDomain)||""}; Max-Age=${(null==d?void 0:d.cookieMaxAge)||""}; Path=${(null==d?void 0:d.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))&&(p=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),m.push(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:p,cookies:m})})};function l(e,t,s){var n,o;const a=s?null===(o=null===(n=e.token.tenants)||void 0===n?void 0:n[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(a)?a:[]}function m(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var d={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",history:"/v1/mgmt/user/history"},c={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},u={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",generateSSOConfigurationLink:"/v1/mgmt/tenant/adminlinks/sso/generate"},h={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},v={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},f={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate"},k={settings:"/v1/mgmt/password/settings"},R={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},C={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},y={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},I={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},b={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},w={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},A={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",getModified:"/v1/mgmt/authz/getmodified"},S={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check"};const N=(e,s)=>({create:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:p,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.httpClient.post(d.create,k,{token:s}),(e=>e.user))},createTestUser:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:p,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f,test:!0}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0,test:!0});return t.transformResponse(e.httpClient.post(d.createTestUser,k,{token:s}),(e=>e.user))},invite:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f,k,R,C,y){const I="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:f,middleName:k,familyName:R,roleNames:i,userTenants:p,invite:!0,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,inviteUrl:u,sendMail:h,sendSMS:v,additionalLoginIds:C,templateId:y}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0,invite:!0});return t.transformResponse(e.httpClient.post(d.create,I,{token:s}),(e=>e.user))},inviteBatch:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(d.createBatch,{users:n.map((e=>{const t=Object.assign(Object.assign({},e),{roleNames:e.roles});return delete t.roles,t})),invite:!0,inviteUrl:o,sendMail:a,sendSMS:r,templateOptions:i,templateId:p},{token:s}),(e=>e)),update:function(n,o,a,r,i,p,l,m,c,g,u,h,v,f){const k="string"==typeof o?{loginId:n,email:o,phone:a,displayName:r,givenName:u,middleName:h,familyName:v,roleNames:i,userTenants:p,customAttributes:l,picture:m,verifiedEmail:c,verifiedPhone:g,additionalLoginIds:f}:Object.assign(Object.assign({loginId:n},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return t.transformResponse(e.httpClient.post(d.update,k,{token:s}),(e=>e.user))},patch:function(n,o){const a={loginId:n};return void 0!==o.email&&(a.email=o.email),void 0!==o.phone&&(a.phone=o.phone),void 0!==o.displayName&&(a.displayName=o.displayName),void 0!==o.givenName&&(a.givenName=o.givenName),void 0!==o.middleName&&(a.middleName=o.middleName),void 0!==o.familyName&&(a.familyName=o.familyName),void 0!==o.roles&&(a.roleNames=o.roles),void 0!==o.userTenants&&(a.userTenants=o.userTenants),void 0!==o.customAttributes&&(a.customAttributes=o.customAttributes),void 0!==o.picture&&(a.picture=o.picture),void 0!==o.verifiedEmail&&(a.verifiedEmail=o.verifiedEmail),void 0!==o.verifiedPhone&&(a.verifiedPhone=o.verifiedPhone),void 0!==o.ssoAppIds&&(a.ssoAppIds=o.ssoAppIds),t.transformResponse(e.httpClient.patch(d.patch,a,{token:s}),(e=>e.user))},delete:n=>t.transformResponse(e.httpClient.post(d.delete,{loginId:n},{token:s})),deleteByUserId:n=>t.transformResponse(e.httpClient.post(d.delete,{userId:n},{token:s})),deleteAllTestUsers:()=>t.transformResponse(e.httpClient.delete(d.deleteAllTestUsers,{token:s})),load:n=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{loginId:n},token:s}),(e=>e.user)),loadByUserId:n=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{userId:n},token:s}),(e=>e.user)),logoutUser:n=>t.transformResponse(e.httpClient.post(d.logout,{loginId:n},{token:s})),logoutUserByUserId:n=>t.transformResponse(e.httpClient.post(d.logout,{userId:n},{token:s})),searchAll:(n,o,a,r,i,p,l,m,c,g)=>t.transformResponse(e.httpClient.post(d.search,{tenantIds:n,roleNames:o,limit:a,page:r,testUsersOnly:i,withTestUser:p,customAttributes:l,statuses:m,emails:c,phones:g},{token:s}),(e=>e.users)),searchTestUsers:n=>t.transformResponse(e.httpClient.post(d.searchTestUsers,Object.assign(Object.assign({},n),{withTestUser:!0,testUsersOnly:!0,roleNames:n.roles,roles:void 0}),{token:s}),(e=>e.users)),search:n=>t.transformResponse(e.httpClient.post(d.search,Object.assign(Object.assign({},n),{roleNames:n.roles,roles:void 0}),{token:s}),(e=>e.users)),getProviderToken:(n,o,a)=>t.transformResponse(e.httpClient.get(d.getProviderToken,{queryParams:{loginId:n,provider:o,withRefreshToken:(null==a?void 0:a.withRefreshToken)?"true":"false",forceRefresh:(null==a?void 0:a.forceRefresh)?"true":"false"},token:s}),(e=>e)),activate:n=>t.transformResponse(e.httpClient.post(d.updateStatus,{loginId:n,status:"enabled"},{token:s}),(e=>e.user)),deactivate:n=>t.transformResponse(e.httpClient.post(d.updateStatus,{loginId:n,status:"disabled"},{token:s}),(e=>e.user)),updateLoginId:(n,o)=>t.transformResponse(e.httpClient.post(d.updateLoginId,{loginId:n,newLoginId:o},{token:s}),(e=>e.user)),updateEmail:(n,o,a)=>t.transformResponse(e.httpClient.post(d.updateEmail,{loginId:n,email:o,verified:a},{token:s}),(e=>e.user)),updatePhone:(n,o,a)=>t.transformResponse(e.httpClient.post(d.updatePhone,{loginId:n,phone:o,verified:a},{token:s}),(e=>e.user)),updateDisplayName:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(d.updateDisplayName,{loginId:n,displayName:o,givenName:a,middleName:r,familyName:i},{token:s}),(e=>e.user)),updatePicture:(n,o)=>t.transformResponse(e.httpClient.post(d.updatePicture,{loginId:n,picture:o},{token:s}),(e=>e.user)),updateCustomAttribute:(n,o,a)=>t.transformResponse(e.httpClient.post(d.updateCustomAttribute,{loginId:n,attributeKey:o,attributeValue:a},{token:s}),(e=>e.user)),setRoles:(n,o)=>t.transformResponse(e.httpClient.post(d.setRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addRoles:(n,o)=>t.transformResponse(e.httpClient.post(d.addRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),removeRoles:(n,o)=>t.transformResponse(e.httpClient.post(d.removeRole,{loginId:n,roleNames:o},{token:s}),(e=>e.user)),addTenant:(n,o)=>t.transformResponse(e.httpClient.post(d.addTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),removeTenant:(n,o)=>t.transformResponse(e.httpClient.post(d.removeTenant,{loginId:n,tenantId:o},{token:s}),(e=>e.user)),setTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(d.setRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),addTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(d.addRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),removeTenantRoles:(n,o,a)=>t.transformResponse(e.httpClient.post(d.removeRole,{loginId:n,tenantId:o,roleNames:a},{token:s}),(e=>e.user)),addSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(d.addSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),setSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(d.setSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),removeSSOapps:(n,o)=>t.transformResponse(e.httpClient.post(d.removeSSOApps,{loginId:n,ssoAppIds:o},{token:s}),(e=>e.user)),generateOTPForTestUser:(n,o,a)=>t.transformResponse(e.httpClient.post(d.generateOTPForTest,{deliveryMethod:n,loginId:o,loginOptions:a},{token:s}),(e=>e)),generateMagicLinkForTestUser:(n,o,a,r)=>t.transformResponse(e.httpClient.post(d.generateMagicLinkForTest,{deliveryMethod:n,loginId:o,URI:a,loginOptions:r},{token:s}),(e=>e)),generateEnchantedLinkForTestUser:(n,o,a)=>t.transformResponse(e.httpClient.post(d.generateEnchantedLinkForTest,{loginId:n,URI:o,loginOptions:a},{token:s}),(e=>e)),generateEmbeddedLink:(n,o)=>t.transformResponse(e.httpClient.post(d.generateEmbeddedLink,{loginId:n,customClaims:o},{token:s}),(e=>e)),setTemporaryPassword:(n,o)=>t.transformResponse(e.httpClient.post(d.setTemporaryPassword,{loginId:n,password:o},{token:s}),(e=>e)),setActivePassword:(n,o)=>t.transformResponse(e.httpClient.post(d.setActivePassword,{loginId:n,password:o},{token:s}),(e=>e)),setPassword:(n,o)=>t.transformResponse(e.httpClient.post(d.setPassword,{loginId:n,password:o},{token:s}),(e=>e)),expirePassword:n=>t.transformResponse(e.httpClient.post(d.expirePassword,{loginId:n},{token:s}),(e=>e)),removeAllPasskeys:n=>t.transformResponse(e.httpClient.post(d.removeAllPasskeys,{loginId:n},{token:s}),(e=>e)),history:n=>t.transformResponse(e.httpClient.post(d.history,n,{token:s}),(e=>e))}),O=(e,s)=>({updateName:n=>t.transformResponse(e.httpClient.post(c.updateName,{name:n},{token:s})),updateTags:n=>t.transformResponse(e.httpClient.post(c.updateTags,{tags:n},{token:s})),clone:(n,o,a)=>t.transformResponse(e.httpClient.post(c.clone,{name:n,environment:o,tags:a},{token:s})),listProjects:async()=>t.transformResponse(e.httpClient.post(c.projectsList,{},{token:s}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:n})=>({id:e,name:t,environment:s,tags:n}))))),exportSnapshot:()=>t.transformResponse(e.httpClient.post(c.exportSnapshot,{},{token:s})),importSnapshot:n=>t.transformResponse(e.httpClient.post(c.importSnapshot,n,{token:s})),validateSnapshot:n=>t.transformResponse(e.httpClient.post(c.validateSnapshot,n,{token:s})),export:()=>t.transformResponse(e.httpClient.post(c.exportSnapshot,{},{token:s}),(e=>e.files)),import:n=>t.transformResponse(e.httpClient.post(c.importSnapshot,{files:n},{token:s}))}),j=(e,s)=>({create:(n,o,a)=>t.transformResponse(e.httpClient.post(u.create,{name:n,selfProvisioningDomains:o,customAttributes:a},{token:s})),createWithId:(n,o,a,r)=>t.transformResponse(e.httpClient.post(u.create,{id:n,name:o,selfProvisioningDomains:a,customAttributes:r},{token:s})),update:(n,o,a,r)=>t.transformResponse(e.httpClient.post(u.update,{id:n,name:o,selfProvisioningDomains:a,customAttributes:r},{token:s})),delete:(n,o)=>t.transformResponse(e.httpClient.post(u.delete,{id:n,cascade:o},{token:s})),load:n=>t.transformResponse(e.httpClient.get(u.load,{queryParams:{id:n},token:s}),(e=>e)),loadAll:()=>t.transformResponse(e.httpClient.get(u.loadAll,{token:s}),(e=>e.tenants)),searchAll:(n,o,a,r)=>t.transformResponse(e.httpClient.post(u.searchAll,{tenantIds:n,tenantNames:o,tenantSelfProvisioningDomains:a,customAttributes:r},{token:s}),(e=>e.tenants)),getSettings:n=>t.transformResponse(e.httpClient.get(u.settings,{queryParams:{id:n},token:s}),(e=>e)),configureSettings:(n,o)=>t.transformResponse(e.httpClient.post(u.settings,Object.assign(Object.assign({},o),{tenantId:n}),{token:s})),generateSSOConfigurationLink:(n,o)=>t.transformResponse(e.httpClient.post(u.generateSSOConfigurationLink,{tenantId:n,expireTime:o},{token:s}),(e=>e))}),T=(e,s)=>({update:(n,o)=>t.transformResponse(e.httpClient.post(f.update,{jwt:n,customClaims:o},{token:s})),impersonate:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(f.impersonate,{impersonatorId:n,loginId:o,validateConsent:a,customClaims:r,selectedTenant:i},{token:s}))}),P=(e,s)=>({create:(n,o)=>t.transformResponse(e.httpClient.post(R.create,{name:n,description:o},{token:s})),update:(n,o,a)=>t.transformResponse(e.httpClient.post(R.update,{name:n,newName:o,description:a},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(R.delete,{name:n},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(R.loadAll,{token:s}),(e=>e.permissions))}),E=(e,s)=>({create:(n,o,a,r)=>t.transformResponse(e.httpClient.post(C.create,{name:n,description:o,permissionNames:a,tenantId:r},{token:s})),update:(n,o,a,r,i)=>t.transformResponse(e.httpClient.post(C.update,{name:n,newName:o,description:a,permissionNames:r,tenantId:i},{token:s})),delete:(n,o)=>t.transformResponse(e.httpClient.post(C.delete,{name:n,tenantId:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(C.loadAll,{token:s}),(e=>e.roles)),search:n=>t.transformResponse(e.httpClient.post(C.search,n,{token:s}),(e=>e.roles))}),M=(e,s)=>({loadAllGroups:n=>t.transformResponse(e.httpClient.post(b.loadAllGroups,{tenantId:n},{token:s})),loadAllGroupsForMember:(n,o,a)=>t.transformResponse(e.httpClient.post(b.loadAllGroupsForMember,{tenantId:n,loginIds:a,userIds:o},{token:s})),loadAllGroupMembers:(n,o)=>t.transformResponse(e.httpClient.post(b.loadAllGroupMembers,{tenantId:n,groupId:o},{token:s}))}),x=(e,s)=>({getSettings:n=>t.transformResponse(e.httpClient.get(v.settings,{queryParams:{tenantId:n},token:s}),(e=>e)),deleteSettings:n=>t.transformResponse(e.httpClient.delete(v.settings,{queryParams:{tenantId:n},token:s})),configureSettings:(n,o,a,r,i,p)=>t.transformResponse(e.httpClient.post(v.settings,{tenantId:n,idpURL:o,entityId:r,idpCert:a,redirectURL:i,domains:p},{token:s})),configureMetadata:(n,o,a,r)=>t.transformResponse(e.httpClient.post(v.metadata,{tenantId:n,idpMetadataURL:o,redirectURL:a,domains:r},{token:s})),configureMapping:(n,o,a)=>t.transformResponse(e.httpClient.post(v.mapping,{tenantId:n,roleMappings:o,attributeMapping:a},{token:s})),configureOIDCSettings:(n,o,a)=>{const r=Object.assign(Object.assign({},o),{userAttrMapping:o.attributeMapping});return delete r.attributeMapping,t.transformResponse(e.httpClient.post(v.oidc.configure,{tenantId:n,settings:r,domains:a},{token:s}))},configureSAMLSettings:(n,o,a,r)=>t.transformResponse(e.httpClient.post(v.saml.configure,{tenantId:n,settings:o,redirectUrl:a,domains:r},{token:s})),configureSAMLByMetadata:(n,o,a,r)=>t.transformResponse(e.httpClient.post(v.saml.metadata,{tenantId:n,settings:o,redirectUrl:a,domains:r},{token:s})),loadSettings:n=>t.transformResponse(e.httpClient.get(v.settingsv2,{queryParams:{tenantId:n},token:s}),(e=>{var t,s;const n=e;return n.oidc&&(n.oidc=Object.assign(Object.assign({},n.oidc),{attributeMapping:n.oidc.userAttrMapping}),delete n.oidc.userAttrMapping),(null===(t=n.saml)||void 0===t?void 0:t.groupsMapping)&&(n.saml.groupsMapping=null===(s=n.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),n}))}),U=(e,s)=>({create:(n,o,a,r,i,p,l,m)=>t.transformResponse(e.httpClient.post(g.create,{name:n,expireTime:o,roleNames:a,keyTenants:r,userId:i,customClaims:p,description:l,permittedIps:m},{token:s})),load:n=>t.transformResponse(e.httpClient.get(g.load,{queryParams:{id:n},token:s}),(e=>e.key)),searchAll:n=>t.transformResponse(e.httpClient.post(g.search,{tenantIds:n},{token:s}),(e=>e.keys)),update:(n,o,a)=>t.transformResponse(e.httpClient.post(g.update,{id:n,name:o,description:a},{token:s}),(e=>e.key)),deactivate:n=>t.transformResponse(e.httpClient.post(g.deactivate,{id:n},{token:s})),activate:n=>t.transformResponse(e.httpClient.post(g.activate,{id:n},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(g.delete,{id:n},{token:s}))}),L=(e,s)=>({list:()=>t.transformResponse(e.httpClient.post(y.list,{},{token:s})),delete:n=>t.transformResponse(e.httpClient.post(y.delete,{ids:n},{token:s})),export:n=>t.transformResponse(e.httpClient.post(y.export,{flowId:n},{token:s})),import:(n,o,a)=>t.transformResponse(e.httpClient.post(y.import,{flowId:n,flow:o,screens:a},{token:s}))}),D=(e,s)=>({export:()=>t.transformResponse(e.httpClient.post(I.export,{},{token:s})),import:n=>t.transformResponse(e.httpClient.post(I.import,{theme:n},{token:s}))}),q=(e,s)=>({search:n=>{const o=Object.assign(Object.assign({},n),{externalIds:n.loginIds});return delete o.loginIds,t.transformResponse(e.httpClient.post(w.search,o,{token:s}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))},createEvent:n=>{const o=Object.assign({},n);return t.transformResponse(e.httpClient.post(w.createEvent,o,{token:s}))}}),F=(e,s)=>({saveSchema:(n,o)=>t.transformResponse(e.httpClient.post(A.schemaSave,{schema:n,upgrade:o},{token:s})),deleteSchema:()=>t.transformResponse(e.httpClient.post(A.schemaDelete,{},{token:s})),loadSchema:()=>t.transformResponse(e.httpClient.post(A.schemaLoad,{},{token:s}),(e=>e.schema)),saveNamespace:(n,o,a)=>t.transformResponse(e.httpClient.post(A.nsSave,{namespace:n,oldName:o,schemaName:a},{token:s})),deleteNamespace:(n,o)=>t.transformResponse(e.httpClient.post(A.nsDelete,{name:n,schemaName:o},{token:s})),saveRelationDefinition:(n,o,a,r)=>t.transformResponse(e.httpClient.post(A.rdSave,{relationDefinition:n,namespace:o,oldName:a,schemaName:r},{token:s})),deleteRelationDefinition:(n,o,a)=>t.transformResponse(e.httpClient.post(A.rdDelete,{name:n,namespace:o,schemaName:a},{token:s})),createRelations:n=>t.transformResponse(e.httpClient.post(A.reCreate,{relations:n},{token:s})),deleteRelations:n=>t.transformResponse(e.httpClient.post(A.reDelete,{relations:n},{token:s})),deleteRelationsForResources:n=>t.transformResponse(e.httpClient.post(A.reDeleteResources,{resources:n},{token:s})),hasRelations:n=>t.transformResponse(e.httpClient.post(A.hasRelations,{relationQueries:n},{token:s}),(e=>e.relationQueries)),whoCanAccess:(n,o,a)=>t.transformResponse(e.httpClient.post(A.who,{resource:n,relationDefinition:o,namespace:a},{token:s}),(e=>e.targets)),resourceRelations:n=>t.transformResponse(e.httpClient.post(A.resource,{resource:n},{token:s}),(e=>e.relations)),targetsRelations:n=>t.transformResponse(e.httpClient.post(A.targets,{targets:n},{token:s}),(e=>e.relations)),whatCanTargetAccess:n=>t.transformResponse(e.httpClient.post(A.targetAll,{target:n},{token:s}),(e=>e.relations)),getModified:n=>t.transformResponse(e.httpClient.post(A.getModified,{since:n?n.getTime():0},{token:s}),(e=>e))}),z=(e,s)=>({createOidcApplication:n=>{var o;return t.transformResponse(e.httpClient.post(h.oidcCreate,Object.assign(Object.assign({},n),{enabled:null===(o=n.enabled)||void 0===o||o}),{token:s}))},createSamlApplication:n=>{var o;return t.transformResponse(e.httpClient.post(h.samlCreate,Object.assign(Object.assign({},n),{enabled:null===(o=n.enabled)||void 0===o||o}),{token:s}))},updateOidcApplication:n=>t.transformResponse(e.httpClient.post(h.oidcUpdate,Object.assign({},n),{token:s})),updateSamlApplication:n=>t.transformResponse(e.httpClient.post(h.samlUpdate,Object.assign({},n),{token:s})),delete:n=>t.transformResponse(e.httpClient.post(h.delete,{id:n},{token:s})),load:n=>t.transformResponse(e.httpClient.get(h.load,{queryParams:{id:n},token:s}),(e=>e)),loadAll:()=>t.transformResponse(e.httpClient.get(h.loadAll,{token:s}),(e=>e.apps))}),J=(e,s)=>({getSettings:n=>t.transformResponse(e.httpClient.get(k.settings,{queryParams:{tenantId:n},token:s}),(e=>e)),configureSettings:(n,o)=>t.transformResponse(e.httpClient.post(k.settings,Object.assign(Object.assign({},o),{tenantId:n}),{token:s}))}),$=(e,s)=>({saveSchema:n=>t.transformResponse(e.httpClient.post(S.schema,n,{token:s})),deleteSchema:()=>t.transformResponse(e.httpClient.post(A.schemaDelete,{},{token:s})),createRelations:n=>t.transformResponse(e.httpClient.post(S.relations,{tuples:n},{token:s})),deleteRelations:n=>t.transformResponse(e.httpClient.post(S.deleteRelations,{tuples:n},{token:s})),check:n=>t.transformResponse(e.httpClient.post(S.check,{tuples:n},{token:s}),(e=>e.tuples))});var K=Object.freeze({__proto__:null,default:{badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"}});const _=n=>{var o,{managementKey:r,publicKey:d}=n,c=e.__rest(n,["managementKey","publicKey"]);const g=a.default(Object.assign(Object.assign({fetch:i},c),{baseHeaders:Object.assign(Object.assign({},c.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(o=null===process||void 0===process?void 0:process.versions)||void 0===o?void 0:o.node)||"","x-descope-sdk-version":"0.0.0-next-b42a85d0-20250102"})})),{projectId:u,logger:h}=c,v={},f=((e,t)=>({user:N(e,t),project:O(e,t),accessKey:U(e,t),tenant:j(e,t),ssoApplication:z(e,t),sso:x(e,t),jwt:T(e,t),permission:P(e,t),password:J(e,t),role:E(e,t),group:M(e,t),flow:L(e,t),theme:D(e,t),audit:q(e,t),authz:F(e,t),fga:$(e,t)}))(g,r),k=Object.assign(Object.assign({},g),{refresh:async e=>g.refresh(e),management:f,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(v[e.kid])return v[e.kid];if(Object.assign(v,await(async()=>{if(d)try{const e=JSON.parse(d),t=await s.importJWK(e);return{[e.kid]:t}}catch(e){throw null==h||h.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await g.httpClient.get(`v2/keys/${u}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!v[e.kid])throw Error("failed to fetch matching key");return v[e.kid]},async validateJwt(e){var t;const n=(await s.jwtVerify(e,k.getKey,{clockTolerance:5})).payload;if(n&&(n.iss=null===(t=n.iss)||void 0===t?void 0:t.split("/").pop(),n.iss!==u))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:n}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await k.validateJwt(e)}catch(e){throw null==h||h.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await k.validateJwt(e);const n=await k.refresh(e);if(n.ok){return await k.validateJwt(null===(t=n.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=n.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==h||h.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await k.validateSession(e)}catch(e){null==h||h.log(`session validation failed with error ${e} - trying to refresh it`)}return k.refreshSession(t)},async exchangeAccessKey(e,t){if(!e)throw Error("access key must not be empty");let s;try{s=await k.accessKey.exchange(e,t)}catch(e){throw null==h||h.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}const{sessionJwt:n}=s.data;if(!n)throw null==h||h.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await k.validateJwt(n)}catch(e){throw null==h||h.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>k.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>k.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!m(e,t))return!1;const n=l(e,"permissions",t);return s.every((e=>n.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!m(e,t))return[];const n=l(e,"permissions",t);return s.filter((e=>n.includes(e)))},validateRoles:(e,t)=>k.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>k.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!m(e,t))return!1;const n=l(e,"roles",t);return s.every((e=>n.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!m(e,t))return[];const n=l(e,"roles",t);return s.filter((e=>n.includes(e)))}});return t.wrapWith(k,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],p)};_.RefreshTokenCookieName="DSR",_.SessionTokenCookieName="DS",exports.default=_,exports.descopeErrors=K; | ||
| //# sourceMappingURL=index.cjs.js.map |
@@ -1,2 +0,2 @@ | ||
| import{__rest as e}from"tslib";import t,{transformResponse as s,wrapWith as a}from"@descope/core-js-sdk";import{jwtVerify as n,errors as o,importJWK as i}from"jose";import{Headers as r,fetch as l}from"cross-fetch";const d=t=>async(...s)=>{var a,n,o;const i=await t(...s);if(!i.data)return i;let r=i.data,{refreshJwt:l}=r,d=e(r,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=i.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(n=i.response)||void 0===n?void 0:n.headers.get("set-cookie"),"DSR"),p.push(null===(o=i.response)||void 0===o?void 0:o.headers.get("set-cookie"))),Object.assign(Object.assign({},i),{data:Object.assign(Object.assign({},i.data),{refreshJwt:l,cookies:p})})};function p(e,t,s){var a,n;const o=s?null===(n=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===n?void 0:n[t]:e.token[t];return Array.isArray(o)?o:[]}function m(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var g={create:"/v1/mgmt/user/create",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",history:"/v1/mgmt/user/history"},c={updateName:"/v1/mgmt/project/update/name",clone:"/v1/mgmt/project/clone",export:"/v1/mgmt/project/export",import:"/v1/mgmt/project/import"},u={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},h={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search"},v={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},k={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},C={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate"},f={settings:"/v1/mgmt/password/settings"},y={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},I={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},b={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},w={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},A={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},O={search:"/v1/mgmt/audit/search"},S={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",getModified:"/v1/mgmt/authz/getmodified"};const N=(e,t)=>({create:function(a,n,o,i,r,l,d,p,m,c,u,h,v,k){const C="string"==typeof n?{loginId:a,email:n,phone:o,displayName:i,givenName:u,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k}:Object.assign(Object.assign({loginId:a},n),{roleNames:null==n?void 0:n.roles,roles:void 0});return s(e.httpClient.post(g.create,C,{token:t}),(e=>e.user))},createTestUser:function(a,n,o,i,r,l,d,p,m,c,u,h,v,k){const C="string"==typeof n?{loginId:a,email:n,phone:o,displayName:i,givenName:u,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k,test:!0}:Object.assign(Object.assign({loginId:a},n),{roleNames:null==n?void 0:n.roles,roles:void 0,test:!0});return s(e.httpClient.post(g.create,C,{token:t}),(e=>e.user))},invite:function(a,n,o,i,r,l,d,p,m,c,u,h,v,k,C,f,y){const I="string"==typeof n?{loginId:a,email:n,phone:o,displayName:i,givenName:k,middleName:C,familyName:f,roleNames:r,userTenants:l,invite:!0,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,inviteUrl:u,sendMail:h,sendSMS:v,additionalLoginIds:y}:Object.assign(Object.assign({loginId:a},n),{roleNames:null==n?void 0:n.roles,roles:void 0,invite:!0});return s(e.httpClient.post(g.create,I,{token:t}),(e=>e.user))},inviteBatch:(a,n,o,i)=>s(e.httpClient.post(g.createBatch,{users:a,invite:!0,inviteUrl:n,sendMail:o,sendSMS:i},{token:t}),(e=>e)),update:function(a,n,o,i,r,l,d,p,m,c,u,h,v,k){const C="string"==typeof n?{loginId:a,email:n,phone:o,displayName:i,givenName:u,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k}:Object.assign(Object.assign({loginId:a},n),{roleNames:null==n?void 0:n.roles,roles:void 0});return s(e.httpClient.post(g.update,C,{token:t}),(e=>e.user))},delete:a=>s(e.httpClient.post(g.delete,{loginId:a},{token:t})),deleteByUserId:a=>s(e.httpClient.post(g.delete,{userId:a},{token:t})),deleteAllTestUsers:()=>s(e.httpClient.delete(g.deleteAllTestUsers,{token:t})),load:a=>s(e.httpClient.get(g.load,{queryParams:{loginId:a},token:t}),(e=>e.user)),loadByUserId:a=>s(e.httpClient.get(g.load,{queryParams:{userId:a},token:t}),(e=>e.user)),logoutUser:a=>s(e.httpClient.post(g.logout,{loginId:a},{token:t})),logoutUserByUserId:a=>s(e.httpClient.post(g.logout,{userId:a},{token:t})),searchAll:(a,n,o,i,r,l,d,p,m,c)=>s(e.httpClient.post(g.search,{tenantIds:a,roleNames:n,limit:o,page:i,testUsersOnly:r,withTestUser:l,customAttributes:d,statuses:p,emails:m,phones:c},{token:t}),(e=>e.users)),search:a=>s(e.httpClient.post(g.search,Object.assign(Object.assign({},a),{roleNames:a.roles,roles:void 0}),{token:t}),(e=>e.users)),getProviderToken:(a,n)=>s(e.httpClient.get(g.getProviderToken,{queryParams:{loginId:a,provider:n},token:t}),(e=>e)),activate:a=>s(e.httpClient.post(g.updateStatus,{loginId:a,status:"enabled"},{token:t}),(e=>e.user)),deactivate:a=>s(e.httpClient.post(g.updateStatus,{loginId:a,status:"disabled"},{token:t}),(e=>e.user)),updateLoginId:(a,n)=>s(e.httpClient.post(g.updateLoginId,{loginId:a,newLoginId:n},{token:t}),(e=>e.user)),updateEmail:(a,n,o)=>s(e.httpClient.post(g.updateEmail,{loginId:a,email:n,verified:o},{token:t}),(e=>e.user)),updatePhone:(a,n,o)=>s(e.httpClient.post(g.updatePhone,{loginId:a,phone:n,verified:o},{token:t}),(e=>e.user)),updateDisplayName:(a,n,o,i,r)=>s(e.httpClient.post(g.updateDisplayName,{loginId:a,displayName:n,givenName:o,middleName:i,familyName:r},{token:t}),(e=>e.user)),updatePicture:(a,n)=>s(e.httpClient.post(g.updatePicture,{loginId:a,picture:n},{token:t}),(e=>e.user)),updateCustomAttribute:(a,n,o)=>s(e.httpClient.post(g.updateCustomAttribute,{loginId:a,attributeKey:n,attributeValue:o},{token:t}),(e=>e.user)),setRoles:(a,n)=>s(e.httpClient.post(g.setRole,{loginId:a,roleNames:n},{token:t}),(e=>e.user)),addRoles:(a,n)=>s(e.httpClient.post(g.addRole,{loginId:a,roleNames:n},{token:t}),(e=>e.user)),removeRoles:(a,n)=>s(e.httpClient.post(g.removeRole,{loginId:a,roleNames:n},{token:t}),(e=>e.user)),addTenant:(a,n)=>s(e.httpClient.post(g.addTenant,{loginId:a,tenantId:n},{token:t}),(e=>e.user)),removeTenant:(a,n)=>s(e.httpClient.post(g.removeTenant,{loginId:a,tenantId:n},{token:t}),(e=>e.user)),setTenantRoles:(a,n,o)=>s(e.httpClient.post(g.setRole,{loginId:a,tenantId:n,roleNames:o},{token:t}),(e=>e.user)),addTenantRoles:(a,n,o)=>s(e.httpClient.post(g.addRole,{loginId:a,tenantId:n,roleNames:o},{token:t}),(e=>e.user)),removeTenantRoles:(a,n,o)=>s(e.httpClient.post(g.removeRole,{loginId:a,tenantId:n,roleNames:o},{token:t}),(e=>e.user)),addSSOapps:(a,n)=>s(e.httpClient.post(g.addSSOApps,{loginId:a,ssoAppIds:n},{token:t}),(e=>e.user)),setSSOapps:(a,n)=>s(e.httpClient.post(g.setSSOApps,{loginId:a,ssoAppIds:n},{token:t}),(e=>e.user)),removeSSOapps:(a,n)=>s(e.httpClient.post(g.removeSSOApps,{loginId:a,ssoAppIds:n},{token:t}),(e=>e.user)),generateOTPForTestUser:(a,n,o)=>s(e.httpClient.post(g.generateOTPForTest,{deliveryMethod:a,loginId:n,loginOptions:o},{token:t}),(e=>e)),generateMagicLinkForTestUser:(a,n,o,i)=>s(e.httpClient.post(g.generateMagicLinkForTest,{deliveryMethod:a,loginId:n,URI:o,loginOptions:i},{token:t}),(e=>e)),generateEnchantedLinkForTestUser:(a,n,o)=>s(e.httpClient.post(g.generateEnchantedLinkForTest,{loginId:a,URI:n,loginOptions:o},{token:t}),(e=>e)),generateEmbeddedLink:(a,n)=>s(e.httpClient.post(g.generateEmbeddedLink,{loginId:a,customClaims:n},{token:t}),(e=>e)),setTemporaryPassword:(a,n)=>s(e.httpClient.post(g.setTemporaryPassword,{loginId:a,password:n},{token:t}),(e=>e)),setActivePassword:(a,n)=>s(e.httpClient.post(g.setActivePassword,{loginId:a,password:n},{token:t}),(e=>e)),setPassword:(a,n)=>s(e.httpClient.post(g.setPassword,{loginId:a,password:n},{token:t}),(e=>e)),expirePassword:a=>s(e.httpClient.post(g.expirePassword,{loginId:a},{token:t}),(e=>e)),removeAllPasskeys:a=>s(e.httpClient.post(g.removeAllPasskeys,{loginId:a},{token:t}),(e=>e)),history:a=>s(e.httpClient.post(g.history,a,{token:t}),(e=>e))}),P=(e,t)=>({updateName:a=>s(e.httpClient.post(c.updateName,{name:a},{token:t})),clone:(a,n)=>s(e.httpClient.post(c.clone,{name:a,tag:n},{token:t})),export:()=>s(e.httpClient.post(c.export,{},{token:t}),(e=>e.files)),import:a=>s(e.httpClient.post(c.export,{files:a},{token:t}))}),j=(e,t)=>({create:(a,n,o)=>s(e.httpClient.post(h.create,{name:a,selfProvisioningDomains:n,customAttributes:o},{token:t})),createWithId:(a,n,o,i)=>s(e.httpClient.post(h.create,{id:a,name:n,selfProvisioningDomains:o,customAttributes:i},{token:t})),update:(a,n,o,i)=>s(e.httpClient.post(h.update,{id:a,name:n,selfProvisioningDomains:o,customAttributes:i},{token:t})),delete:a=>s(e.httpClient.post(h.delete,{id:a},{token:t})),load:a=>s(e.httpClient.get(h.load,{queryParams:{id:a},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(h.loadAll,{token:t}),(e=>e.tenants)),searchAll:(a,n,o,i)=>s(e.httpClient.post(h.searchAll,{tenantIds:a,tenantNames:n,tenantSelfProvisioningDomains:o,customAttributes:i},{token:t}),(e=>e.tenants)),getSettings:a=>s(e.httpClient.get(h.settings,{queryParams:{id:a},token:t}),(e=>e)),configureSettings:(a,n)=>s(e.httpClient.post(h.settings,Object.assign(Object.assign({},n),{tenantId:a}),{token:t}))}),T=(e,t)=>({update:(a,n)=>s(e.httpClient.post(C.update,{jwt:a,customClaims:n},{token:t})),impersonate:(a,n,o)=>s(e.httpClient.post(C.impersonate,{impersonatorId:a,loginId:n,validateConsent:o},{token:t}))}),R=(e,t)=>({create:(a,n)=>s(e.httpClient.post(y.create,{name:a,description:n},{token:t})),update:(a,n,o)=>s(e.httpClient.post(y.update,{name:a,newName:n,description:o},{token:t})),delete:a=>s(e.httpClient.post(y.delete,{name:a},{token:t})),loadAll:()=>s(e.httpClient.get(y.loadAll,{token:t}),(e=>e.permissions))}),M=(e,t)=>({create:(a,n,o,i)=>s(e.httpClient.post(I.create,{name:a,description:n,permissionNames:o,tenantId:i},{token:t})),update:(a,n,o,i,r)=>s(e.httpClient.post(I.update,{name:a,newName:n,description:o,permissionNames:i,tenantId:r},{token:t})),delete:(a,n)=>s(e.httpClient.post(I.delete,{name:a,tenantId:n},{token:t})),loadAll:()=>s(e.httpClient.get(I.loadAll,{token:t}),(e=>e.roles)),search:a=>s(e.httpClient.post(I.search,a,{token:t}),(e=>e.roles))}),E=(e,t)=>({loadAllGroups:a=>s(e.httpClient.post(A.loadAllGroups,{tenantId:a},{token:t})),loadAllGroupsForMember:(a,n,o)=>s(e.httpClient.post(A.loadAllGroupsForMember,{tenantId:a,loginIds:o,userIds:n},{token:t})),loadAllGroupMembers:(a,n)=>s(e.httpClient.post(A.loadAllGroupMembers,{tenantId:a,groupId:n},{token:t}))}),x=(e,t)=>({getSettings:a=>s(e.httpClient.get(k.settings,{queryParams:{tenantId:a},token:t}),(e=>e)),deleteSettings:a=>s(e.httpClient.delete(k.settings,{queryParams:{tenantId:a},token:t})),configureSettings:(a,n,o,i,r,l)=>s(e.httpClient.post(k.settings,{tenantId:a,idpURL:n,entityId:i,idpCert:o,redirectURL:r,domains:l},{token:t})),configureMetadata:(a,n,o,i)=>s(e.httpClient.post(k.metadata,{tenantId:a,idpMetadataURL:n,redirectURL:o,domains:i},{token:t})),configureMapping:(a,n,o)=>s(e.httpClient.post(k.mapping,{tenantId:a,roleMappings:n,attributeMapping:o},{token:t})),configureOIDCSettings:(a,n,o)=>{const i=Object.assign(Object.assign({},n),{userAttrMapping:n.attributeMapping});return delete i.attributeMapping,s(e.httpClient.post(k.oidc.configure,{tenantId:a,settings:i,domains:o},{token:t}))},configureSAMLSettings:(a,n,o,i)=>s(e.httpClient.post(k.saml.configure,{tenantId:a,settings:n,redirectUrl:o,domains:i},{token:t})),configureSAMLByMetadata:(a,n,o,i)=>s(e.httpClient.post(k.saml.metadata,{tenantId:a,settings:n,redirectUrl:o,domains:i},{token:t})),loadSettings:a=>s(e.httpClient.get(k.settingsv2,{queryParams:{tenantId:a},token:t}),(e=>{var t,s;const a=e;return a.oidc&&(a.oidc=Object.assign(Object.assign({},a.oidc),{attributeMapping:a.oidc.userAttrMapping}),delete a.oidc.userAttrMapping),(null===(t=a.saml)||void 0===t?void 0:t.groupsMapping)&&(a.saml.groupsMapping=null===(s=a.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),a}))}),U=(e,t)=>({create:(a,n,o,i,r,l)=>s(e.httpClient.post(u.create,{name:a,expireTime:n,roleNames:o,keyTenants:i,userId:r,customClaims:l},{token:t})),load:a=>s(e.httpClient.get(u.load,{queryParams:{id:a},token:t}),(e=>e.key)),searchAll:a=>s(e.httpClient.post(u.search,{tenantIds:a},{token:t}),(e=>e.keys)),update:(a,n)=>s(e.httpClient.post(u.update,{id:a,name:n},{token:t}),(e=>e.key)),deactivate:a=>s(e.httpClient.post(u.deactivate,{id:a},{token:t})),activate:a=>s(e.httpClient.post(u.activate,{id:a},{token:t})),delete:a=>s(e.httpClient.post(u.delete,{id:a},{token:t}))}),L=(e,t)=>({list:()=>s(e.httpClient.post(b.list,{},{token:t})),delete:a=>s(e.httpClient.post(b.delete,{ids:a},{token:t})),export:a=>s(e.httpClient.post(b.export,{flowId:a},{token:t})),import:(a,n,o)=>s(e.httpClient.post(b.import,{flowId:a,flow:n,screens:o},{token:t}))}),D=(e,t)=>({export:()=>s(e.httpClient.post(w.export,{},{token:t})),import:a=>s(e.httpClient.post(w.import,{theme:a},{token:t}))}),F=(e,t)=>({search:a=>{const n=Object.assign(Object.assign({},a),{externalIds:a.loginIds});return delete n.loginIds,s(e.httpClient.post(O.search,n,{token:t}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))}}),z=(e,t)=>({saveSchema:(a,n)=>s(e.httpClient.post(S.schemaSave,{schema:a,upgrade:n},{token:t})),deleteSchema:()=>s(e.httpClient.post(S.schemaDelete,{},{token:t})),loadSchema:()=>s(e.httpClient.post(S.schemaLoad,{},{token:t}),(e=>e.schema)),saveNamespace:(a,n,o)=>s(e.httpClient.post(S.nsSave,{namespace:a,oldName:n,schemaName:o},{token:t})),deleteNamespace:(a,n)=>s(e.httpClient.post(S.nsDelete,{name:a,schemaName:n},{token:t})),saveRelationDefinition:(a,n,o,i)=>s(e.httpClient.post(S.rdSave,{relationDefinition:a,namespace:n,oldName:o,schemaName:i},{token:t})),deleteRelationDefinition:(a,n,o)=>s(e.httpClient.post(S.rdDelete,{name:a,namespace:n,schemaName:o},{token:t})),createRelations:a=>s(e.httpClient.post(S.reCreate,{relations:a},{token:t})),deleteRelations:a=>s(e.httpClient.post(S.reDelete,{relations:a},{token:t})),deleteRelationsForResources:a=>s(e.httpClient.post(S.reDeleteResources,{resources:a},{token:t})),hasRelations:a=>s(e.httpClient.post(S.hasRelations,{relationQueries:a},{token:t}),(e=>e.relationQueries)),whoCanAccess:(a,n,o)=>s(e.httpClient.post(S.who,{resource:a,relationDefinition:n,namespace:o},{token:t}),(e=>e.targets)),resourceRelations:a=>s(e.httpClient.post(S.resource,{resource:a},{token:t}),(e=>e.relations)),targetsRelations:a=>s(e.httpClient.post(S.targets,{targets:a},{token:t}),(e=>e.relations)),whatCanTargetAccess:a=>s(e.httpClient.post(S.targetAll,{target:a},{token:t}),(e=>e.relations)),getModified:a=>s(e.httpClient.post(S.getModified,{since:a?a.getTime():0},{token:t}),(e=>e))}),q=(e,t)=>({createOidcApplication:a=>{var n;return s(e.httpClient.post(v.oidcCreate,Object.assign(Object.assign({},a),{enabled:null===(n=a.enabled)||void 0===n||n}),{token:t}))},createSamlApplication:a=>{var n;return s(e.httpClient.post(v.samlCreate,Object.assign(Object.assign({},a),{enabled:null===(n=a.enabled)||void 0===n||n}),{token:t}))},updateOidcApplication:a=>s(e.httpClient.post(v.oidcUpdate,Object.assign({},a),{token:t})),updateSamlApplication:a=>s(e.httpClient.post(v.samlUpdate,Object.assign({},a),{token:t})),delete:a=>s(e.httpClient.post(v.delete,{id:a},{token:t})),load:a=>s(e.httpClient.get(v.load,{queryParams:{id:a},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(v.loadAll,{token:t}),(e=>e.apps))}),$=(e,t)=>({getSettings:a=>s(e.httpClient.get(f.settings,{queryParams:{tenantId:a},token:t}),(e=>e)),configureSettings:(a,n)=>s(e.httpClient.post(f.settings,Object.assign(Object.assign({},n),{tenantId:a}),{token:t}))});var J;null!==(J=globalThis.Headers)&&void 0!==J||(globalThis.Headers=r);const K=(...e)=>(e.forEach((e=>{var t,s;e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),l(...e)),G={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"},B=s=>{var r,{managementKey:l,publicKey:g}=s,c=e(s,["managementKey","publicKey"]);const u=t(Object.assign(Object.assign({fetch:K},c),{baseHeaders:Object.assign(Object.assign({},c.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(r=null===process||void 0===process?void 0:process.versions)||void 0===r?void 0:r.node)||"","x-descope-sdk-version":"0.0.0-next-b31c68d3-20240320"})})),{projectId:h,logger:v}=c,k={},C=((e,t)=>({user:N(e,t),project:P(e,t),accessKey:U(e,t),tenant:j(e,t),ssoApplication:q(e,t),sso:x(e,t),jwt:T(e,t),permission:R(e,t),password:$(e,t),role:M(e,t),group:E(e,t),flow:L(e,t),theme:D(e,t),audit:F(e,t),authz:z(e,t)}))(u,l),f=Object.assign(Object.assign({},u),{management:C,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(k[e.kid])return k[e.kid];if(Object.assign(k,await(async()=>{if(g)try{const e=JSON.parse(g),t=await i(e);return{[e.kid]:t}}catch(e){throw null==v||v.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await u.httpClient.get(`v2/keys/${h}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await i(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!k[e.kid])throw Error("failed to fetch matching key");return k[e.kid]},async validateJwt(e){var t;const s=(await n(e,f.getKey,{clockTolerance:5})).payload;if(s&&(s.iss=null===(t=s.iss)||void 0===t?void 0:t.split("/").pop(),s.iss!==h))throw new o.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:s}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await f.validateJwt(e)}catch(e){throw null==v||v.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await f.validateJwt(e);const a=await f.refresh(e);if(a.ok){return await f.validateJwt(null===(t=a.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=a.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==v||v.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await f.validateSession(e)}catch(e){null==v||v.log(`session validation failed with error ${e} - trying to refresh it`)}return f.refreshSession(t)},async exchangeAccessKey(e,t){if(!e)throw Error("access key must not be empty");let s;try{s=await f.accessKey.exchange(e,t)}catch(e){throw null==v||v.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}const{sessionJwt:a}=s.data;if(!a)throw null==v||v.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await f.validateJwt(a)}catch(e){throw null==v||v.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>f.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>f.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!m(e,t))return!1;const a=p(e,"permissions",t);return s.every((e=>a.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!m(e,t))return[];const a=p(e,"permissions",t);return s.filter((e=>a.includes(e)))},validateRoles:(e,t)=>f.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>f.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!m(e,t))return!1;const a=p(e,"roles",t);return s.every((e=>a.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!m(e,t))return[];const a=p(e,"roles",t);return s.filter((e=>a.includes(e)))}});return a(f,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],d)};B.RefreshTokenCookieName="DSR",B.SessionTokenCookieName="DS";export{B as default,G as descopeErrors}; | ||
| import{__rest as e}from"tslib";import t,{transformResponse as s,wrapWith as a}from"@descope/core-js-sdk";import{jwtVerify as o,errors as n,importJWK as i}from"jose";import{Headers as r,fetch as l}from"cross-fetch";var d;null!==(d=globalThis.Headers)&&void 0!==d||(globalThis.Headers=r);const p=(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),l(...e)),m=t=>async(...s)=>{var a,o,n;const i=await t(...s);if(!i.data)return i;let r=i.data,{refreshJwt:l}=r,d=e(r,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=i.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=i.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(n=i.response)||void 0===n?void 0:n.headers.get("set-cookie"))),Object.assign(Object.assign({},i),{data:Object.assign(Object.assign({},i.data),{refreshJwt:l,cookies:p})})};function c(e,t,s){var a,o;const n=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(n)?n:[]}function g(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var u={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",history:"/v1/mgmt/user/history"},h={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate"},v={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},k={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",generateSSOConfigurationLink:"/v1/mgmt/tenant/adminlinks/sso/generate"},C={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load"},f={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},y={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate"},I={settings:"/v1/mgmt/password/settings"},b={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},w={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},A={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},S={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},N={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},O={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event"},T={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",getModified:"/v1/mgmt/authz/getmodified"},j={schema:"/v1/mgmt/fga/schema",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check"};const P=(e,t)=>({create:function(a,o,n,i,r,l,d,p,m,c,g,h,v,k){const C="string"==typeof o?{loginId:a,email:o,phone:n,displayName:i,givenName:g,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k}:Object.assign(Object.assign({loginId:a},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return s(e.httpClient.post(u.create,C,{token:t}),(e=>e.user))},createTestUser:function(a,o,n,i,r,l,d,p,m,c,g,h,v,k){const C="string"==typeof o?{loginId:a,email:o,phone:n,displayName:i,givenName:g,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k,test:!0}:Object.assign(Object.assign({loginId:a},o),{roleNames:null==o?void 0:o.roles,roles:void 0,test:!0});return s(e.httpClient.post(u.createTestUser,C,{token:t}),(e=>e.user))},invite:function(a,o,n,i,r,l,d,p,m,c,g,h,v,k,C,f,y,I){const b="string"==typeof o?{loginId:a,email:o,phone:n,displayName:i,givenName:k,middleName:C,familyName:f,roleNames:r,userTenants:l,invite:!0,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,inviteUrl:g,sendMail:h,sendSMS:v,additionalLoginIds:y,templateId:I}:Object.assign(Object.assign({loginId:a},o),{roleNames:null==o?void 0:o.roles,roles:void 0,invite:!0});return s(e.httpClient.post(u.create,b,{token:t}),(e=>e.user))},inviteBatch:(a,o,n,i,r,l)=>s(e.httpClient.post(u.createBatch,{users:a.map((e=>{const t=Object.assign(Object.assign({},e),{roleNames:e.roles});return delete t.roles,t})),invite:!0,inviteUrl:o,sendMail:n,sendSMS:i,templateOptions:r,templateId:l},{token:t}),(e=>e)),update:function(a,o,n,i,r,l,d,p,m,c,g,h,v,k){const C="string"==typeof o?{loginId:a,email:o,phone:n,displayName:i,givenName:g,middleName:h,familyName:v,roleNames:r,userTenants:l,customAttributes:d,picture:p,verifiedEmail:m,verifiedPhone:c,additionalLoginIds:k}:Object.assign(Object.assign({loginId:a},o),{roleNames:null==o?void 0:o.roles,roles:void 0});return s(e.httpClient.post(u.update,C,{token:t}),(e=>e.user))},patch:function(a,o){const n={loginId:a};return void 0!==o.email&&(n.email=o.email),void 0!==o.phone&&(n.phone=o.phone),void 0!==o.displayName&&(n.displayName=o.displayName),void 0!==o.givenName&&(n.givenName=o.givenName),void 0!==o.middleName&&(n.middleName=o.middleName),void 0!==o.familyName&&(n.familyName=o.familyName),void 0!==o.roles&&(n.roleNames=o.roles),void 0!==o.userTenants&&(n.userTenants=o.userTenants),void 0!==o.customAttributes&&(n.customAttributes=o.customAttributes),void 0!==o.picture&&(n.picture=o.picture),void 0!==o.verifiedEmail&&(n.verifiedEmail=o.verifiedEmail),void 0!==o.verifiedPhone&&(n.verifiedPhone=o.verifiedPhone),void 0!==o.ssoAppIds&&(n.ssoAppIds=o.ssoAppIds),s(e.httpClient.patch(u.patch,n,{token:t}),(e=>e.user))},delete:a=>s(e.httpClient.post(u.delete,{loginId:a},{token:t})),deleteByUserId:a=>s(e.httpClient.post(u.delete,{userId:a},{token:t})),deleteAllTestUsers:()=>s(e.httpClient.delete(u.deleteAllTestUsers,{token:t})),load:a=>s(e.httpClient.get(u.load,{queryParams:{loginId:a},token:t}),(e=>e.user)),loadByUserId:a=>s(e.httpClient.get(u.load,{queryParams:{userId:a},token:t}),(e=>e.user)),logoutUser:a=>s(e.httpClient.post(u.logout,{loginId:a},{token:t})),logoutUserByUserId:a=>s(e.httpClient.post(u.logout,{userId:a},{token:t})),searchAll:(a,o,n,i,r,l,d,p,m,c)=>s(e.httpClient.post(u.search,{tenantIds:a,roleNames:o,limit:n,page:i,testUsersOnly:r,withTestUser:l,customAttributes:d,statuses:p,emails:m,phones:c},{token:t}),(e=>e.users)),searchTestUsers:a=>s(e.httpClient.post(u.searchTestUsers,Object.assign(Object.assign({},a),{withTestUser:!0,testUsersOnly:!0,roleNames:a.roles,roles:void 0}),{token:t}),(e=>e.users)),search:a=>s(e.httpClient.post(u.search,Object.assign(Object.assign({},a),{roleNames:a.roles,roles:void 0}),{token:t}),(e=>e.users)),getProviderToken:(a,o,n)=>s(e.httpClient.get(u.getProviderToken,{queryParams:{loginId:a,provider:o,withRefreshToken:(null==n?void 0:n.withRefreshToken)?"true":"false",forceRefresh:(null==n?void 0:n.forceRefresh)?"true":"false"},token:t}),(e=>e)),activate:a=>s(e.httpClient.post(u.updateStatus,{loginId:a,status:"enabled"},{token:t}),(e=>e.user)),deactivate:a=>s(e.httpClient.post(u.updateStatus,{loginId:a,status:"disabled"},{token:t}),(e=>e.user)),updateLoginId:(a,o)=>s(e.httpClient.post(u.updateLoginId,{loginId:a,newLoginId:o},{token:t}),(e=>e.user)),updateEmail:(a,o,n)=>s(e.httpClient.post(u.updateEmail,{loginId:a,email:o,verified:n},{token:t}),(e=>e.user)),updatePhone:(a,o,n)=>s(e.httpClient.post(u.updatePhone,{loginId:a,phone:o,verified:n},{token:t}),(e=>e.user)),updateDisplayName:(a,o,n,i,r)=>s(e.httpClient.post(u.updateDisplayName,{loginId:a,displayName:o,givenName:n,middleName:i,familyName:r},{token:t}),(e=>e.user)),updatePicture:(a,o)=>s(e.httpClient.post(u.updatePicture,{loginId:a,picture:o},{token:t}),(e=>e.user)),updateCustomAttribute:(a,o,n)=>s(e.httpClient.post(u.updateCustomAttribute,{loginId:a,attributeKey:o,attributeValue:n},{token:t}),(e=>e.user)),setRoles:(a,o)=>s(e.httpClient.post(u.setRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),addRoles:(a,o)=>s(e.httpClient.post(u.addRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),removeRoles:(a,o)=>s(e.httpClient.post(u.removeRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),addTenant:(a,o)=>s(e.httpClient.post(u.addTenant,{loginId:a,tenantId:o},{token:t}),(e=>e.user)),removeTenant:(a,o)=>s(e.httpClient.post(u.removeTenant,{loginId:a,tenantId:o},{token:t}),(e=>e.user)),setTenantRoles:(a,o,n)=>s(e.httpClient.post(u.setRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),addTenantRoles:(a,o,n)=>s(e.httpClient.post(u.addRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),removeTenantRoles:(a,o,n)=>s(e.httpClient.post(u.removeRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),addSSOapps:(a,o)=>s(e.httpClient.post(u.addSSOApps,{loginId:a,ssoAppIds:o},{token:t}),(e=>e.user)),setSSOapps:(a,o)=>s(e.httpClient.post(u.setSSOApps,{loginId:a,ssoAppIds:o},{token:t}),(e=>e.user)),removeSSOapps:(a,o)=>s(e.httpClient.post(u.removeSSOApps,{loginId:a,ssoAppIds:o},{token:t}),(e=>e.user)),generateOTPForTestUser:(a,o,n)=>s(e.httpClient.post(u.generateOTPForTest,{deliveryMethod:a,loginId:o,loginOptions:n},{token:t}),(e=>e)),generateMagicLinkForTestUser:(a,o,n,i)=>s(e.httpClient.post(u.generateMagicLinkForTest,{deliveryMethod:a,loginId:o,URI:n,loginOptions:i},{token:t}),(e=>e)),generateEnchantedLinkForTestUser:(a,o,n)=>s(e.httpClient.post(u.generateEnchantedLinkForTest,{loginId:a,URI:o,loginOptions:n},{token:t}),(e=>e)),generateEmbeddedLink:(a,o)=>s(e.httpClient.post(u.generateEmbeddedLink,{loginId:a,customClaims:o},{token:t}),(e=>e)),setTemporaryPassword:(a,o)=>s(e.httpClient.post(u.setTemporaryPassword,{loginId:a,password:o},{token:t}),(e=>e)),setActivePassword:(a,o)=>s(e.httpClient.post(u.setActivePassword,{loginId:a,password:o},{token:t}),(e=>e)),setPassword:(a,o)=>s(e.httpClient.post(u.setPassword,{loginId:a,password:o},{token:t}),(e=>e)),expirePassword:a=>s(e.httpClient.post(u.expirePassword,{loginId:a},{token:t}),(e=>e)),removeAllPasskeys:a=>s(e.httpClient.post(u.removeAllPasskeys,{loginId:a},{token:t}),(e=>e)),history:a=>s(e.httpClient.post(u.history,a,{token:t}),(e=>e))}),R=(e,t)=>({updateName:a=>s(e.httpClient.post(h.updateName,{name:a},{token:t})),updateTags:a=>s(e.httpClient.post(h.updateTags,{tags:a},{token:t})),clone:(a,o,n)=>s(e.httpClient.post(h.clone,{name:a,environment:o,tags:n},{token:t})),listProjects:async()=>s(e.httpClient.post(h.projectsList,{},{token:t}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:a})=>({id:e,name:t,environment:s,tags:a}))))),exportSnapshot:()=>s(e.httpClient.post(h.exportSnapshot,{},{token:t})),importSnapshot:a=>s(e.httpClient.post(h.importSnapshot,a,{token:t})),validateSnapshot:a=>s(e.httpClient.post(h.validateSnapshot,a,{token:t})),export:()=>s(e.httpClient.post(h.exportSnapshot,{},{token:t}),(e=>e.files)),import:a=>s(e.httpClient.post(h.importSnapshot,{files:a},{token:t}))}),E=(e,t)=>({create:(a,o,n)=>s(e.httpClient.post(k.create,{name:a,selfProvisioningDomains:o,customAttributes:n},{token:t})),createWithId:(a,o,n,i)=>s(e.httpClient.post(k.create,{id:a,name:o,selfProvisioningDomains:n,customAttributes:i},{token:t})),update:(a,o,n,i)=>s(e.httpClient.post(k.update,{id:a,name:o,selfProvisioningDomains:n,customAttributes:i},{token:t})),delete:(a,o)=>s(e.httpClient.post(k.delete,{id:a,cascade:o},{token:t})),load:a=>s(e.httpClient.get(k.load,{queryParams:{id:a},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(k.loadAll,{token:t}),(e=>e.tenants)),searchAll:(a,o,n,i)=>s(e.httpClient.post(k.searchAll,{tenantIds:a,tenantNames:o,tenantSelfProvisioningDomains:n,customAttributes:i},{token:t}),(e=>e.tenants)),getSettings:a=>s(e.httpClient.get(k.settings,{queryParams:{id:a},token:t}),(e=>e)),configureSettings:(a,o)=>s(e.httpClient.post(k.settings,Object.assign(Object.assign({},o),{tenantId:a}),{token:t})),generateSSOConfigurationLink:(a,o)=>s(e.httpClient.post(k.generateSSOConfigurationLink,{tenantId:a,expireTime:o},{token:t}),(e=>e))}),M=(e,t)=>({update:(a,o)=>s(e.httpClient.post(y.update,{jwt:a,customClaims:o},{token:t})),impersonate:(a,o,n,i,r)=>s(e.httpClient.post(y.impersonate,{impersonatorId:a,loginId:o,validateConsent:n,customClaims:i,selectedTenant:r},{token:t}))}),x=(e,t)=>({create:(a,o)=>s(e.httpClient.post(b.create,{name:a,description:o},{token:t})),update:(a,o,n)=>s(e.httpClient.post(b.update,{name:a,newName:o,description:n},{token:t})),delete:a=>s(e.httpClient.post(b.delete,{name:a},{token:t})),loadAll:()=>s(e.httpClient.get(b.loadAll,{token:t}),(e=>e.permissions))}),U=(e,t)=>({create:(a,o,n,i)=>s(e.httpClient.post(w.create,{name:a,description:o,permissionNames:n,tenantId:i},{token:t})),update:(a,o,n,i,r)=>s(e.httpClient.post(w.update,{name:a,newName:o,description:n,permissionNames:i,tenantId:r},{token:t})),delete:(a,o)=>s(e.httpClient.post(w.delete,{name:a,tenantId:o},{token:t})),loadAll:()=>s(e.httpClient.get(w.loadAll,{token:t}),(e=>e.roles)),search:a=>s(e.httpClient.post(w.search,a,{token:t}),(e=>e.roles))}),L=(e,t)=>({loadAllGroups:a=>s(e.httpClient.post(N.loadAllGroups,{tenantId:a},{token:t})),loadAllGroupsForMember:(a,o,n)=>s(e.httpClient.post(N.loadAllGroupsForMember,{tenantId:a,loginIds:n,userIds:o},{token:t})),loadAllGroupMembers:(a,o)=>s(e.httpClient.post(N.loadAllGroupMembers,{tenantId:a,groupId:o},{token:t}))}),D=(e,t)=>({getSettings:a=>s(e.httpClient.get(f.settings,{queryParams:{tenantId:a},token:t}),(e=>e)),deleteSettings:a=>s(e.httpClient.delete(f.settings,{queryParams:{tenantId:a},token:t})),configureSettings:(a,o,n,i,r,l)=>s(e.httpClient.post(f.settings,{tenantId:a,idpURL:o,entityId:i,idpCert:n,redirectURL:r,domains:l},{token:t})),configureMetadata:(a,o,n,i)=>s(e.httpClient.post(f.metadata,{tenantId:a,idpMetadataURL:o,redirectURL:n,domains:i},{token:t})),configureMapping:(a,o,n)=>s(e.httpClient.post(f.mapping,{tenantId:a,roleMappings:o,attributeMapping:n},{token:t})),configureOIDCSettings:(a,o,n)=>{const i=Object.assign(Object.assign({},o),{userAttrMapping:o.attributeMapping});return delete i.attributeMapping,s(e.httpClient.post(f.oidc.configure,{tenantId:a,settings:i,domains:n},{token:t}))},configureSAMLSettings:(a,o,n,i)=>s(e.httpClient.post(f.saml.configure,{tenantId:a,settings:o,redirectUrl:n,domains:i},{token:t})),configureSAMLByMetadata:(a,o,n,i)=>s(e.httpClient.post(f.saml.metadata,{tenantId:a,settings:o,redirectUrl:n,domains:i},{token:t})),loadSettings:a=>s(e.httpClient.get(f.settingsv2,{queryParams:{tenantId:a},token:t}),(e=>{var t,s;const a=e;return a.oidc&&(a.oidc=Object.assign(Object.assign({},a.oidc),{attributeMapping:a.oidc.userAttrMapping}),delete a.oidc.userAttrMapping),(null===(t=a.saml)||void 0===t?void 0:t.groupsMapping)&&(a.saml.groupsMapping=null===(s=a.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),a}))}),F=(e,t)=>({create:(a,o,n,i,r,l,d,p)=>s(e.httpClient.post(v.create,{name:a,expireTime:o,roleNames:n,keyTenants:i,userId:r,customClaims:l,description:d,permittedIps:p},{token:t})),load:a=>s(e.httpClient.get(v.load,{queryParams:{id:a},token:t}),(e=>e.key)),searchAll:a=>s(e.httpClient.post(v.search,{tenantIds:a},{token:t}),(e=>e.keys)),update:(a,o,n)=>s(e.httpClient.post(v.update,{id:a,name:o,description:n},{token:t}),(e=>e.key)),deactivate:a=>s(e.httpClient.post(v.deactivate,{id:a},{token:t})),activate:a=>s(e.httpClient.post(v.activate,{id:a},{token:t})),delete:a=>s(e.httpClient.post(v.delete,{id:a},{token:t}))}),z=(e,t)=>({list:()=>s(e.httpClient.post(A.list,{},{token:t})),delete:a=>s(e.httpClient.post(A.delete,{ids:a},{token:t})),export:a=>s(e.httpClient.post(A.export,{flowId:a},{token:t})),import:(a,o,n)=>s(e.httpClient.post(A.import,{flowId:a,flow:o,screens:n},{token:t}))}),q=(e,t)=>({export:()=>s(e.httpClient.post(S.export,{},{token:t})),import:a=>s(e.httpClient.post(S.import,{theme:a},{token:t}))}),$=(e,t)=>({search:a=>{const o=Object.assign(Object.assign({},a),{externalIds:a.loginIds});return delete o.loginIds,s(e.httpClient.post(O.search,o,{token:t}),(e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t}))))},createEvent:a=>{const o=Object.assign({},a);return s(e.httpClient.post(O.createEvent,o,{token:t}))}}),J=(e,t)=>({saveSchema:(a,o)=>s(e.httpClient.post(T.schemaSave,{schema:a,upgrade:o},{token:t})),deleteSchema:()=>s(e.httpClient.post(T.schemaDelete,{},{token:t})),loadSchema:()=>s(e.httpClient.post(T.schemaLoad,{},{token:t}),(e=>e.schema)),saveNamespace:(a,o,n)=>s(e.httpClient.post(T.nsSave,{namespace:a,oldName:o,schemaName:n},{token:t})),deleteNamespace:(a,o)=>s(e.httpClient.post(T.nsDelete,{name:a,schemaName:o},{token:t})),saveRelationDefinition:(a,o,n,i)=>s(e.httpClient.post(T.rdSave,{relationDefinition:a,namespace:o,oldName:n,schemaName:i},{token:t})),deleteRelationDefinition:(a,o,n)=>s(e.httpClient.post(T.rdDelete,{name:a,namespace:o,schemaName:n},{token:t})),createRelations:a=>s(e.httpClient.post(T.reCreate,{relations:a},{token:t})),deleteRelations:a=>s(e.httpClient.post(T.reDelete,{relations:a},{token:t})),deleteRelationsForResources:a=>s(e.httpClient.post(T.reDeleteResources,{resources:a},{token:t})),hasRelations:a=>s(e.httpClient.post(T.hasRelations,{relationQueries:a},{token:t}),(e=>e.relationQueries)),whoCanAccess:(a,o,n)=>s(e.httpClient.post(T.who,{resource:a,relationDefinition:o,namespace:n},{token:t}),(e=>e.targets)),resourceRelations:a=>s(e.httpClient.post(T.resource,{resource:a},{token:t}),(e=>e.relations)),targetsRelations:a=>s(e.httpClient.post(T.targets,{targets:a},{token:t}),(e=>e.relations)),whatCanTargetAccess:a=>s(e.httpClient.post(T.targetAll,{target:a},{token:t}),(e=>e.relations)),getModified:a=>s(e.httpClient.post(T.getModified,{since:a?a.getTime():0},{token:t}),(e=>e))}),K=(e,t)=>({createOidcApplication:a=>{var o;return s(e.httpClient.post(C.oidcCreate,Object.assign(Object.assign({},a),{enabled:null===(o=a.enabled)||void 0===o||o}),{token:t}))},createSamlApplication:a=>{var o;return s(e.httpClient.post(C.samlCreate,Object.assign(Object.assign({},a),{enabled:null===(o=a.enabled)||void 0===o||o}),{token:t}))},updateOidcApplication:a=>s(e.httpClient.post(C.oidcUpdate,Object.assign({},a),{token:t})),updateSamlApplication:a=>s(e.httpClient.post(C.samlUpdate,Object.assign({},a),{token:t})),delete:a=>s(e.httpClient.post(C.delete,{id:a},{token:t})),load:a=>s(e.httpClient.get(C.load,{queryParams:{id:a},token:t}),(e=>e)),loadAll:()=>s(e.httpClient.get(C.loadAll,{token:t}),(e=>e.apps))}),G=(e,t)=>({getSettings:a=>s(e.httpClient.get(I.settings,{queryParams:{tenantId:a},token:t}),(e=>e)),configureSettings:(a,o)=>s(e.httpClient.post(I.settings,Object.assign(Object.assign({},o),{tenantId:a}),{token:t}))}),B=(e,t)=>({saveSchema:a=>s(e.httpClient.post(j.schema,a,{token:t})),deleteSchema:()=>s(e.httpClient.post(T.schemaDelete,{},{token:t})),createRelations:a=>s(e.httpClient.post(j.relations,{tuples:a},{token:t})),deleteRelations:a=>s(e.httpClient.post(j.deleteRelations,{tuples:a},{token:t})),check:a=>s(e.httpClient.post(j.check,{tuples:a},{token:t}),(e=>e.tuples))});var H=Object.freeze({__proto__:null,default:{badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"}});const _=s=>{var r,{managementKey:l,publicKey:d}=s,u=e(s,["managementKey","publicKey"]);const h=t(Object.assign(Object.assign({fetch:p},u),{baseHeaders:Object.assign(Object.assign({},u.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(r=null===process||void 0===process?void 0:process.versions)||void 0===r?void 0:r.node)||"","x-descope-sdk-version":"0.0.0-next-b42a85d0-20250102"})})),{projectId:v,logger:k}=u,C={},f=((e,t)=>({user:P(e,t),project:R(e,t),accessKey:F(e,t),tenant:E(e,t),ssoApplication:K(e,t),sso:D(e,t),jwt:M(e,t),permission:x(e,t),password:G(e,t),role:U(e,t),group:L(e,t),flow:z(e,t),theme:q(e,t),audit:$(e,t),authz:J(e,t),fga:B(e,t)}))(h,l),y=Object.assign(Object.assign({},h),{refresh:async e=>h.refresh(e),management:f,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(C[e.kid])return C[e.kid];if(Object.assign(C,await(async()=>{if(d)try{const e=JSON.parse(d),t=await i(e);return{[e.kid]:t}}catch(e){throw null==k||k.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await h.httpClient.get(`v2/keys/${v}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await i(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!C[e.kid])throw Error("failed to fetch matching key");return C[e.kid]},async validateJwt(e){var t;const s=(await o(e,y.getKey,{clockTolerance:5})).payload;if(s&&(s.iss=null===(t=s.iss)||void 0===t?void 0:t.split("/").pop(),s.iss!==v))throw new n.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:s}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await y.validateJwt(e)}catch(e){throw null==k||k.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await y.validateJwt(e);const a=await y.refresh(e);if(a.ok){return await y.validateJwt(null===(t=a.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=a.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==k||k.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await y.validateSession(e)}catch(e){null==k||k.log(`session validation failed with error ${e} - trying to refresh it`)}return y.refreshSession(t)},async exchangeAccessKey(e,t){if(!e)throw Error("access key must not be empty");let s;try{s=await y.accessKey.exchange(e,t)}catch(e){throw null==k||k.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}const{sessionJwt:a}=s.data;if(!a)throw null==k||k.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await y.validateJwt(a)}catch(e){throw null==k||k.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>y.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>y.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!g(e,t))return!1;const a=c(e,"permissions",t);return s.every((e=>a.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!g(e,t))return[];const a=c(e,"permissions",t);return s.filter((e=>a.includes(e)))},validateRoles:(e,t)=>y.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>y.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!g(e,t))return!1;const a=c(e,"roles",t);return s.every((e=>a.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!g(e,t))return[];const a=c(e,"roles",t);return s.filter((e=>a.includes(e)))}});return a(y,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],m)};_.RefreshTokenCookieName="DSR",_.SessionTokenCookieName="DS";export{_ as default,H as descopeErrors}; | ||
| //# sourceMappingURL=index.esm.js.map |
| { | ||
| "name": "@descope/node-sdk", | ||
| "version": "0.0.0-next-b31c68d3-20240320", | ||
| "version": "0.0.0-next-b42a85d0-20250102", | ||
| "description": "Node.js library used to integrate with Descope", | ||
@@ -58,6 +58,6 @@ "typings": "./dist/index.d.ts", | ||
| "devDependencies": { | ||
| "@rollup/plugin-commonjs": "^25.0.0", | ||
| "@rollup/plugin-commonjs": "^28.0.0", | ||
| "@rollup/plugin-json": "^4.1.0", | ||
| "@rollup/plugin-node-resolve": "^13.3.0", | ||
| "@rollup/plugin-replace": "^5.0.0", | ||
| "@rollup/plugin-replace": "^6.0.0", | ||
| "@rollup/plugin-typescript": "^8.3.0", | ||
@@ -67,3 +67,3 @@ "@size-limit/preset-small-lib": "^11.0.0", | ||
| "@types/jsonwebtoken": "^9.0.0", | ||
| "@types/node": "^20.0.0", | ||
| "@types/node": "^22.0.0", | ||
| "@typescript-eslint/eslint-plugin": "^5.25.0", | ||
@@ -90,3 +90,3 @@ "@typescript-eslint/parser": "^5.27.0", | ||
| "pretty-quick": "^3.1.3", | ||
| "rollup": "^2.62.0", | ||
| "rollup": "^2.79.2", | ||
| "rollup-plugin-auto-external": "^2.0.0", | ||
@@ -106,7 +106,7 @@ "rollup-plugin-browsersync": "^1.3.3", | ||
| "dependencies": { | ||
| "@descope/core-js-sdk": "2.11.5", | ||
| "@descope/core-js-sdk": "2.31.0", | ||
| "cross-fetch": "^4.0.0", | ||
| "jose": "4.15.5", | ||
| "tslib": "^1.14.1" | ||
| "jose": "5.2.2", | ||
| "tslib": "^2.0.0" | ||
| } | ||
| } |
291
README.md
@@ -75,4 +75,4 @@ # Descope SDK for Node.js | ||
| 11. [Embedded Links](#embedded-links) | ||
| 12. [Search Audit](#search-audit) | ||
| 13. [Manage Authz](#manage-authz) | ||
| 12. [Audit](#audit) | ||
| 13. [Manage FGA (Fine-grained Authorization)](#manage-fga-fine-grained-authorization) | ||
| 14. [Manage Project](#manage-project) | ||
@@ -119,3 +119,3 @@ 15. [Manage SSO applications](#manage-sso-applications) | ||
| Send a user a one-time password (OTP) using your preferred delivery method (_email / SMS_). An email address or phone number must be provided accordingly. | ||
| Send a user a one-time password (OTP) using your preferred delivery method (_Email / SMS / Voice call / WhatsApp_). An email address or phone number must be provided accordingly. | ||
@@ -553,3 +553,4 @@ The user can either `sign up`, `sign in` or `sign up or in` | ||
| // Tenant deletion cannot be undone. Use carefully. | ||
| await descopeClient.management.tenant.delete('my-custom-id'); | ||
| // Pass true to cascade value, in case you want to delete all users/keys associated only with this tenant | ||
| await descopeClient.management.tenant.delete('my-custom-id', false); | ||
@@ -588,2 +589,9 @@ // Load tenant by id | ||
| }); | ||
| // Generate tenant admin self service link for SSO configuration (valid for 24 hours) | ||
| const res = await descopeClient.management.tenant.generateSSOConfigurationLink( | ||
| 'my-tenant-id', | ||
| 60 * 60 * 24, | ||
| ); | ||
| console.log(res.adminSSOConfigurationLink); | ||
| ``` | ||
@@ -690,2 +698,6 @@ | ||
| userTenants: [{ tenantId: 'tenant-ID1', roleNames: ['role-name1'] }], | ||
| // You can inject custom data into the template. | ||
| // Note that you first need to configure custom template in Descope Console | ||
| // For example: configure {{options_k1}} in the custom template, and pass { k1: 'v1' } as templateOptions | ||
| templateOptions: { k1: 'v1', k2: 'v2' }, | ||
| }); | ||
@@ -733,2 +745,6 @@ | ||
| // Update explicit user's data using patch (will override only provided fields) | ||
| const options: PatchUserOptions = { displayName: 'Desmond Copeland Jr.' }; | ||
| await descopeClient.management.user.patch('desmond@descope.com', options); | ||
| // User deletion cannot be undone. Use carefully. | ||
@@ -781,3 +797,3 @@ await descopeClient.management.user.delete('desmond@descope.com'); | ||
| You can update project name, as well as to clone the current project to a new one: | ||
| You can update project name and tags, as well as clone the current project to a new one: | ||
@@ -788,2 +804,5 @@ ```typescript | ||
| // Set will override all fields as is. Use carefully. | ||
| await descopeClient.management.project.updateTags(['tag1!', 'new']); | ||
| // Clone the current project to a new one | ||
@@ -794,12 +813,34 @@ // Note that this action is supported only with a pro license or above. | ||
| You can manage your project's settings and configurations by exporting your | ||
| project's environment. You can also import previously exported data into | ||
| the same project or a different one. | ||
| With using a company management key you can get a list of all the projects in the company: | ||
| ```typescript | ||
| const projects = await descopeClient.management.project.listProjects(); | ||
| ``` | ||
| You can manage your project's settings and configurations by exporting a snapshot: | ||
| ```typescript | ||
| // Exports the current state of the project | ||
| const files = await descopeClient.management.project.export(); | ||
| const exportRes = await descopeClient.management.project.exportSnapshot(); | ||
| ``` | ||
| // Import the previously exported data into the current project | ||
| await descopeClient.management.project.import(files); | ||
| You can also import previously exported snapshots into the same project or a different one: | ||
| ```typescript | ||
| const validateReq = { | ||
| files: exportRes.files, | ||
| }; | ||
| // Validate that an exported snapshot can be imported into the current project | ||
| const validateRes = await descopeClient.management.project.import(files); | ||
| if (!validateRes.ok) { | ||
| // validation failed, check failures and missingSecrets to fix this | ||
| } | ||
| // Import the previously exported snapshot into the current project | ||
| const importReq = { | ||
| files: exportRes.files, | ||
| }; | ||
| await descopeClient.management.project.importSnapshot(files); | ||
| ``` | ||
@@ -817,2 +858,4 @@ | ||
| // If customClaims is supplied, then those claims will be present in the JWT returned by calls to ExchangeAccessKey. | ||
| // If description is supplied, then the access key will hold a descriptive text. | ||
| // If permittedIps is supplied, then the access key can only be used from that list of IP addresses or CIDR ranges. | ||
| await descopeClient.management.accessKey.create( | ||
@@ -835,3 +878,3 @@ 'key-name', | ||
| // Update will override all fields as is. Use carefully. | ||
| await descopeClient.management.accessKey.update('key-id', 'new-key-name'); | ||
| await descopeClient.management.accessKey.update('key-id', 'new-key-name', 'new-description'); | ||
@@ -1047,2 +1090,4 @@ // Access keys can be deactivated to prevent usage. This can be undone using "activate". | ||
| true, | ||
| { k1: 'v1' }, | ||
| 't1', | ||
| ); | ||
@@ -1065,3 +1110,3 @@ ``` | ||
| ### Search Audit | ||
| ### Audit | ||
@@ -1083,141 +1128,51 @@ You can perform an audit search for either specific values or full-text across the fields. Audit search is limited to the last 30 days. | ||
| ### Manage Authz | ||
| You can also create audit event with data | ||
| Descope support full relation based access control (ReBAC) using a zanzibar like schema and operations. | ||
| A schema is comprized of namespaces (entities like documents, folders, orgs, etc.) and each namespace has relation definitions to define relations. | ||
| Each relation definition can be simple (either you have it or not) or complex (union of nodes). | ||
| ```typescript | ||
| await descopeClient.management.audit.createEvent({ | ||
| action: 'pencil.created', | ||
| type: 'info', // info/warn/error | ||
| actorId: 'UXXX', | ||
| tenantId: 'tenant-id', | ||
| data: { | ||
| some: 'data', | ||
| }, | ||
| }); | ||
| ``` | ||
| ### Manage FGA (Fine-grained Authorization) | ||
| Descope supports full relation based access control (ReBAC) using a zanzibar like schema and operations. | ||
| A schema is comprised of types (entities like documents, folders, orgs, etc.) and each type has relation definitions and permission to define relations to other types. | ||
| A simple example for a file system like schema would be: | ||
| ```yaml | ||
| # Example schema for the authz tests | ||
| name: Files | ||
| namespaces: | ||
| - name: org | ||
| relationDefinitions: | ||
| - name: parent | ||
| - name: member | ||
| complexDefinition: | ||
| nType: union | ||
| children: | ||
| - nType: child | ||
| expression: | ||
| neType: self | ||
| - nType: child | ||
| expression: | ||
| neType: relationLeft | ||
| relationDefinition: parent | ||
| relationDefinitionNamespace: org | ||
| targetRelationDefinition: member | ||
| targetRelationDefinitionNamespace: org | ||
| - name: folder | ||
| relationDefinitions: | ||
| - name: parent | ||
| - name: owner | ||
| complexDefinition: | ||
| nType: union | ||
| children: | ||
| - nType: child | ||
| expression: | ||
| neType: self | ||
| - nType: child | ||
| expression: | ||
| neType: relationRight | ||
| relationDefinition: parent | ||
| relationDefinitionNamespace: folder | ||
| targetRelationDefinition: owner | ||
| targetRelationDefinitionNamespace: folder | ||
| - name: editor | ||
| complexDefinition: | ||
| nType: union | ||
| children: | ||
| - nType: child | ||
| expression: | ||
| neType: self | ||
| - nType: child | ||
| expression: | ||
| neType: relationRight | ||
| relationDefinition: parent | ||
| relationDefinitionNamespace: folder | ||
| targetRelationDefinition: editor | ||
| targetRelationDefinitionNamespace: folder | ||
| - nType: child | ||
| expression: | ||
| neType: targetSet | ||
| targetRelationDefinition: owner | ||
| targetRelationDefinitionNamespace: folder | ||
| - name: viewer | ||
| complexDefinition: | ||
| nType: union | ||
| children: | ||
| - nType: child | ||
| expression: | ||
| neType: self | ||
| - nType: child | ||
| expression: | ||
| neType: relationRight | ||
| relationDefinition: parent | ||
| relationDefinitionNamespace: folder | ||
| targetRelationDefinition: viewer | ||
| targetRelationDefinitionNamespace: folder | ||
| - nType: child | ||
| expression: | ||
| neType: targetSet | ||
| targetRelationDefinition: editor | ||
| targetRelationDefinitionNamespace: folder | ||
| - name: doc | ||
| relationDefinitions: | ||
| - name: parent | ||
| - name: owner | ||
| complexDefinition: | ||
| nType: union | ||
| children: | ||
| - nType: child | ||
| expression: | ||
| neType: self | ||
| - nType: child | ||
| expression: | ||
| neType: relationRight | ||
| relationDefinition: parent | ||
| relationDefinitionNamespace: doc | ||
| targetRelationDefinition: owner | ||
| targetRelationDefinitionNamespace: folder | ||
| - name: editor | ||
| complexDefinition: | ||
| nType: union | ||
| children: | ||
| - nType: child | ||
| expression: | ||
| neType: self | ||
| - nType: child | ||
| expression: | ||
| neType: relationRight | ||
| relationDefinition: parent | ||
| relationDefinitionNamespace: doc | ||
| targetRelationDefinition: editor | ||
| targetRelationDefinitionNamespace: folder | ||
| - nType: child | ||
| expression: | ||
| neType: targetSet | ||
| targetRelationDefinition: owner | ||
| targetRelationDefinitionNamespace: doc | ||
| - name: viewer | ||
| complexDefinition: | ||
| nType: union | ||
| children: | ||
| - nType: child | ||
| expression: | ||
| neType: self | ||
| - nType: child | ||
| expression: | ||
| neType: relationRight | ||
| relationDefinition: parent | ||
| relationDefinitionNamespace: doc | ||
| targetRelationDefinition: viewer | ||
| targetRelationDefinitionNamespace: folder | ||
| - nType: child | ||
| expression: | ||
| neType: targetSet | ||
| targetRelationDefinition: editor | ||
| targetRelationDefinitionNamespace: doc | ||
| model AuthZ 1.0 | ||
| type user | ||
| type org | ||
| relation member: user | ||
| relation parent: org | ||
| type folder | ||
| relation parent: folder | ||
| relation owner: user | org#member | ||
| relation editor: user | ||
| relation viewer: user | ||
| permission can_create: owner | parent.owner | ||
| permission can_edit: editor | can_create | ||
| permission can_view: viewer | can_edit | ||
| type doc | ||
| relation parent: folder | ||
| relation owner: user | org#member | ||
| relation editor: user | ||
| relation viewer: user | ||
| permission can_create: owner | parent.owner | ||
| permission can_edit: editor | can_create | ||
| permission can_view: viewer | can_edit | ||
| ``` | ||
@@ -1228,33 +1183,27 @@ | ||
| ```typescript | ||
| // Load the existing schema | ||
| const s = await descopeClient.management.authz.loadSchema(); | ||
| console.log(s); | ||
| const descopeClient = require('@descope/node-sdk'); | ||
| // Save schema and make sure to remove all namespaces not listed | ||
| await descopeClient.management.authz.saveSchema(s, true); | ||
| // Save schema | ||
| await descopeClient.management.fga.saveSchema(schema); | ||
| // Create a relation between a resource and user | ||
| await descopeClient.management.authz.createRelations([ | ||
| await descopeClient.management.fga.createRelations([ | ||
| { | ||
| resource: 'some-doc', | ||
| relationDefinition: 'owner', | ||
| namespace: 'doc', | ||
| resourceType: 'doc', | ||
| relation: 'owner', | ||
| target: 'u1', | ||
| targetType: 'user', | ||
| }, | ||
| { | ||
| resource: 'some-doc', | ||
| relationDefinition: 'editor', | ||
| namespace: 'doc', | ||
| target: 'u2', | ||
| }, | ||
| ]); | ||
| // Check if target has the relevant relation | ||
| // The answer should be true because an owner is also a viewer | ||
| const q = await descopeClient.management.authz.hasRelations([ | ||
| // Check if target has a relevant relation | ||
| // The answer should be true because an owner can also view | ||
| const relations = await descopeClient.management.fga.check([ | ||
| { | ||
| resource: 'some-doc', | ||
| relationDefinition: 'viewer', | ||
| namespace: 'doc', | ||
| resourceType: 'doc', | ||
| relation: 'can_view', | ||
| target: 'u1', | ||
| targetType: 'user', | ||
| }, | ||
@@ -1267,3 +1216,3 @@ ]); | ||
| To ease your e2e tests, we exposed dedicated management methods, | ||
| that way, you don't need to use 3rd party messaging services in order to receive sign-in/up Emails or SMS, and avoid the need of parsing the code and token from them. | ||
| that way, you don't need to use 3rd party messaging services in order to receive sign-in/up Email, SMS, Voice call or WhatsApp, and avoid the need of parsing the code and token from them. | ||
@@ -1282,2 +1231,8 @@ ```typescript | ||
| // Search all test users according to various parameters | ||
| const searchRes = await descopeClient.management.user.searchTestUsers(['id']); | ||
| searchRes.data.forEach((user) => { | ||
| // do something | ||
| }); | ||
| // Now test user got created, and this user will be available until you delete it, | ||
@@ -1290,3 +1245,3 @@ // you can use any management operation for test user CRUD. | ||
| const { code } = await descopeClient.management.user.generateOTPForTestUser( | ||
| 'sms', | ||
| 'sms', // you can use also 'email', 'whatsapp', 'voice' | ||
| 'desmond@descope.com', | ||
@@ -1293,0 +1248,0 @@ ); |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by12.48%
460024
- Lines of code
- increased by23.39%
1862
Worsened metrics
- Number of lines in readme file
- decreased by-3.29%
1321
Dependency changes
+ Added@descope/core-js-sdk@2.31.0(transitive)
+ Addedjose@5.2.2(transitive)
+ Addedjwt-decode@4.0.0(transitive)
+ Addedtslib@2.8.1(transitive)
- Removed@descope/core-js-sdk@2.11.5(transitive)
- Removedjose@4.15.5(transitive)
- Removedjwt-decode@3.1.2(transitive)
- Removedtslib@1.14.1(transitive)
Updated@descope/core-js-sdk@2.31.0
Updatedjose@5.2.2
Updatedtslib@^2.0.0