New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@descope/node-sdk

Package Overview
Dependencies
Maintainers
4
Versions
322
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@descope/node-sdk - npm Package Compare versions

Comparing version 0.0.0-next-dfd41cb3-20230210 to 0.0.0-next-e0361769-20230612

2

dist/cjs/index.cjs.js

@@ -1,2 +0,2 @@

"use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),a=require("node-fetch");function n(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var o=n(t),r=n(a);const i=t=>async(...s)=>{var a,n,o;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,d=e.__rest(i,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"),"DSR"),p.push(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:p})})};function l(e,t,s){var a,n;const o=s?null===(n=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===n?void 0:n[t]:e.token[t];return Array.isArray(o)?o:[]}var d={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search",updateStatus:"/v1/mgmt/user/update/status",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove"},p={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},m={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},c={configure:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},u={update:"/v1/mgmt/jwt/update"},g={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},h={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},v={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const f=(e,s)=>({create:(a,n,o,r,i,l)=>t.transformResponse(e.httpClient.post(d.create,{loginId:a,email:n,phone:o,displayName:r,roleNames:i,userTenants:l},{token:s}),(e=>e.user)),update:(a,n,o,r,i,l)=>t.transformResponse(e.httpClient.post(d.update,{loginId:a,email:n,phone:o,displayName:r,roleNames:i,userTenants:l},{token:s}),(e=>e.user)),delete:a=>t.transformResponse(e.httpClient.post(d.delete,{loginId:a},{token:s})),load:a=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{loginId:a},token:s}),(e=>e.user)),loadByUserId:a=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{userId:a},token:s}),(e=>e.user)),searchAll:(a,n,o)=>t.transformResponse(e.httpClient.post(d.search,{tenantIds:a,roleNames:n,limit:o},{token:s}),(e=>e.users)),activate:a=>t.transformResponse(e.httpClient.post(d.updateStatus,{loginId:a,status:"enabled"},{token:s}),(e=>e.user)),deactivate:a=>t.transformResponse(e.httpClient.post(d.updateStatus,{loginId:a,status:"disabled"},{token:s}),(e=>e.user)),updateEmail:(a,n,o)=>t.transformResponse(e.httpClient.post(d.updateEmail,{loginId:a,email:n,verified:o},{token:s}),(e=>e.user)),updatePhone:(a,n,o)=>t.transformResponse(e.httpClient.post(d.updatePhone,{loginId:a,phone:n,verified:o},{token:s}),(e=>e.user)),updateDisplayName:(a,n)=>t.transformResponse(e.httpClient.post(d.updateDisplayName,{loginId:a,displayName:n},{token:s}),(e=>e.user)),addRoles:(a,n)=>t.transformResponse(e.httpClient.post(d.addRole,{loginId:a,roleNames:n},{token:s}),(e=>e.user)),removeRoles:(a,n)=>t.transformResponse(e.httpClient.post(d.removeRole,{loginId:a,roleNames:n},{token:s}),(e=>e.user)),addTenant:(a,n)=>t.transformResponse(e.httpClient.post(d.addTenant,{loginId:a,tenantId:n},{token:s}),(e=>e.user)),removeTenant:(a,n)=>t.transformResponse(e.httpClient.post(d.removeTenant,{loginId:a,tenantId:n},{token:s}),(e=>e.user)),addTenantRoles:(a,n,o)=>t.transformResponse(e.httpClient.post(d.addRole,{loginId:a,tenantId:n,roleNames:o},{token:s}),(e=>e.user)),removeTenantRoles:(a,n,o)=>t.transformResponse(e.httpClient.post(d.removeRole,{loginId:a,tenantId:n,roleNames:o},{token:s}),(e=>e.user))}),k=(e,s)=>({create:(a,n)=>t.transformResponse(e.httpClient.post(m.create,{name:a,selfProvisioningDomains:n},{token:s})),createWithId:(a,n,o)=>t.transformResponse(e.httpClient.post(m.create,{id:a,name:n,selfProvisioningDomains:o},{token:s})),update:(a,n,o)=>t.transformResponse(e.httpClient.post(m.update,{id:a,name:n,selfProvisioningDomains:o},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(m.delete,{id:a},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(m.loadAll,{token:s}),(e=>e.tenants))}),y=(e,s)=>({update:(a,n)=>t.transformResponse(e.httpClient.post(u.update,{jwt:a,customClaims:n},{token:s}))}),R=(e,s)=>({create:(a,n)=>t.transformResponse(e.httpClient.post(g.create,{name:a,description:n},{token:s})),update:(a,n,o)=>t.transformResponse(e.httpClient.post(g.update,{name:a,newName:n,description:o},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(g.delete,{name:a},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(g.loadAll,{token:s}),(e=>e.permissions))}),C=(e,s)=>({create:(a,n,o)=>t.transformResponse(e.httpClient.post(h.create,{name:a,description:n,permissionNames:o},{token:s})),update:(a,n,o,r)=>t.transformResponse(e.httpClient.post(h.update,{name:a,newName:n,description:o,permissionNames:r},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(h.delete,{name:a},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(h.loadAll,{token:s}),(e=>e.roles))}),w=(e,s)=>({loadAllGroups:a=>t.transformResponse(e.httpClient.post(v.loadAllGroups,{tenantId:a},{token:s})),loadAllGroupsForMember:(a,n,o)=>t.transformResponse(e.httpClient.post(v.loadAllGroupsForMember,{tenantId:a,loginIds:o,userIds:n},{token:s})),loadAllGroupMembers:(a,n)=>t.transformResponse(e.httpClient.post(v.loadAllGroupMembers,{tenantId:a,groupId:n},{token:s}))}),b=(e,s)=>({configureSettings:(a,n,o,r,i)=>t.transformResponse(e.httpClient.post(c.configure,{tenantId:a,idpURL:n,entityId:r,idpCert:o,redirectURL:i},{token:s})),configureMetadata:(a,n)=>t.transformResponse(e.httpClient.post(c.metadata,{tenantId:a,idpMetadataURL:n},{token:s})),configureMapping:(a,n,o)=>t.transformResponse(e.httpClient.post(c.mapping,{tenantId:a,roleMapping:n,attributeMapping:o},{token:s}))}),I=(e,s)=>({create:(a,n,o,r)=>t.transformResponse(e.httpClient.post(p.create,{name:a,expireTime:n,roleNames:o,keyTenants:r},{token:s})),load:a=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{id:a},token:s}),(e=>e.key)),searchAll:a=>t.transformResponse(e.httpClient.post(p.search,{tenantIds:a},{token:s}),(e=>e.keys)),update:(a,n)=>t.transformResponse(e.httpClient.post(p.update,{id:a,name:n},{token:s}),(e=>e.key)),deactivate:a=>t.transformResponse(e.httpClient.post(p.deactivate,{id:a},{token:s})),activate:a=>t.transformResponse(e.httpClient.post(p.activate,{id:a},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(p.delete,{id:a},{token:s}))});globalThis.fetch=r.default,globalThis.Headers=a.Headers,globalThis.Request=a.Request,globalThis.Response=a.Response;const A=a=>{var n,{managementKey:r}=a,d=e.__rest(a,["managementKey"]);const p=o.default(Object.assign(Object.assign({},d),{baseHeaders:Object.assign(Object.assign({},d.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(n=null===process||void 0===process?void 0:process.versions)||void 0===n?void 0:n.node)||"","x-descope-sdk-version":"0.0.0-next-dfd41cb3-20230210"})})),{projectId:m,logger:c}=d,u={},g=((e,t)=>({user:f(e,t),accessKey:I(e,t),tenant:k(e,t),sso:b(e,t),jwt:y(e,t),permission:R(e,t),role:C(e,t),group:w(e,t)}))(p,r),h=Object.assign(Object.assign({},p),{management:g,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(u[e.kid])return u[e.kid];if(Object.assign(u,await(async()=>{const e=(await p.httpClient.get(`v2/keys/${m}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!u[e.kid])throw Error("failed to fetch matching key");return u[e.kid]},async validateJwt(e){var t;const a=(await s.jwtVerify(e,h.getKey,{clockTolerance:5})).payload;if(a&&(a.iss=null===(t=a.iss)||void 0===t?void 0:t.split("/").pop(),a.iss!==m))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:a}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await h.validateJwt(e)}catch(e){throw null==c||c.error("session validation failed",e),Error("session validation failed")}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await h.validateJwt(e);const a=await h.refresh(e);if(a.ok){return await h.validateJwt(null===(t=a.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=a.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==c||c.error("refresh token validation failed",e),Error("refresh token validation failed")}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await h.validateSession(e)}catch(e){null==c||c.log("session validation failed - trying to refresh it")}return h.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await h.accessKey.exchange(e)}catch(e){throw null==c||c.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:s}=t.data;if(!s)throw null==c||c.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await h.validateJwt(s)}catch(e){throw null==c||c.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>h.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,s){const a=l(e,"permissions",t);return s.every((e=>a.includes(e)))},validateRoles:(e,t)=>h.validateTenantRoles(e,null,t),validateTenantRoles(e,t,s){const a=l(e,"roles",t);return s.every((e=>a.includes(e)))}});return t.wrapWith(h,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],i)};A.RefreshTokenCookieName="DSR",A.SessionTokenCookieName="DS",module.exports=A;
"use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),o=require("node-fetch-commonjs");function n(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var r=n(t),a=n(o);const i=t=>async(...s)=>{var o,n,r;const a=await t(...s);if(!a.data)return a;let i=a.data,{refreshJwt:l}=i,p=e.__rest(i,["refreshJwt"]);const d=[];var m;return l?d.push(`${"DSR"}=${l}; Domain=${(null==(m=p)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(o=a.response)||void 0===o?void 0:o.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(n=a.response)||void 0===n?void 0:n.headers.get("set-cookie"),"DSR"),d.push(null===(r=a.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},a),{data:Object.assign(Object.assign({},a.data),{refreshJwt:l,cookies:d})})};function l(e,t,s){var o,n;const r=s?null===(n=null===(o=e.token.tenants)||void 0===o?void 0:o[s])||void 0===n?void 0:n[t]:e.token[t];return Array.isArray(r)?r:[]}var p={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",expirePassword:"/v1/mgmt/user/password/expire",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink"},d={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},m={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},u={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},c={update:"/v1/mgmt/jwt/update"},g={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},h={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},v={export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},f={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},k={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const R=(e,s)=>({create:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.create,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,customAttributes:d,picture:m},{token:s}),(e=>e.user)),createTestUser:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.create,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,test:!0,customAttributes:d,picture:m},{token:s}),(e=>e.user)),invite:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.create,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,invite:!0,customAttributes:d,picture:m},{token:s}),(e=>e.user)),update:(o,n,r,a,i,l,d,m)=>t.transformResponse(e.httpClient.post(p.update,{loginId:o,email:n,phone:r,displayName:a,roleNames:i,userTenants:l,customAttributes:d,picture:m},{token:s}),(e=>e.user)),delete:o=>t.transformResponse(e.httpClient.post(p.delete,{loginId:o},{token:s})),deleteAllTestUsers:()=>t.transformResponse(e.httpClient.delete(p.deleteAllTestUsers,{token:s})),load:o=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{loginId:o},token:s}),(e=>e.user)),loadByUserId:o=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{userId:o},token:s}),(e=>e.user)),searchAll:(o,n,r,a,i,l,d)=>t.transformResponse(e.httpClient.post(p.search,{tenantIds:o,roleNames:n,limit:r,page:a,testUsersOnly:i,withTestUser:l,customAttributes:d},{token:s}),(e=>e.users)),getProviderToken:(o,n)=>t.transformResponse(e.httpClient.get(p.getProviderToken,{queryParams:{loginId:o,provider:n},token:s}),(e=>e)),activate:o=>t.transformResponse(e.httpClient.post(p.updateStatus,{loginId:o,status:"enabled"},{token:s}),(e=>e.user)),deactivate:o=>t.transformResponse(e.httpClient.post(p.updateStatus,{loginId:o,status:"disabled"},{token:s}),(e=>e.user)),updateEmail:(o,n,r)=>t.transformResponse(e.httpClient.post(p.updateEmail,{loginId:o,email:n,verified:r},{token:s}),(e=>e.user)),updatePhone:(o,n,r)=>t.transformResponse(e.httpClient.post(p.updatePhone,{loginId:o,phone:n,verified:r},{token:s}),(e=>e.user)),updateDisplayName:(o,n)=>t.transformResponse(e.httpClient.post(p.updateDisplayName,{loginId:o,displayName:n},{token:s}),(e=>e.user)),updatePicture:(o,n)=>t.transformResponse(e.httpClient.post(p.updatePicture,{loginId:o,picture:n},{token:s}),(e=>e.user)),updateCustomAttribute:(o,n,r)=>t.transformResponse(e.httpClient.post(p.updateCustomAttribute,{loginId:o,attributeKey:n,attributeValue:r},{token:s}),(e=>e.user)),addRoles:(o,n)=>t.transformResponse(e.httpClient.post(p.addRole,{loginId:o,roleNames:n},{token:s}),(e=>e.user)),removeRoles:(o,n)=>t.transformResponse(e.httpClient.post(p.removeRole,{loginId:o,roleNames:n},{token:s}),(e=>e.user)),addTenant:(o,n)=>t.transformResponse(e.httpClient.post(p.addTenant,{loginId:o,tenantId:n},{token:s}),(e=>e.user)),removeTenant:(o,n)=>t.transformResponse(e.httpClient.post(p.removeTenant,{loginId:o,tenantId:n},{token:s}),(e=>e.user)),addTenantRoles:(o,n,r)=>t.transformResponse(e.httpClient.post(p.addRole,{loginId:o,tenantId:n,roleNames:r},{token:s}),(e=>e.user)),removeTenantRoles:(o,n,r)=>t.transformResponse(e.httpClient.post(p.removeRole,{loginId:o,tenantId:n,roleNames:r},{token:s}),(e=>e.user)),generateOTPForTestUser:(o,n)=>t.transformResponse(e.httpClient.post(p.generateOTPForTest,{deliveryMethod:o,loginId:n},{token:s}),(e=>e)),generateMagicLinkForTestUser:(o,n,r)=>t.transformResponse(e.httpClient.post(p.generateMagicLinkForTest,{deliveryMethod:o,loginId:n,URI:r},{token:s}),(e=>e)),generateEnchantedLinkForTestUser:(o,n)=>t.transformResponse(e.httpClient.post(p.generateEnchantedLinkForTest,{loginId:o,URI:n},{token:s}),(e=>e)),setPassword:(o,n)=>t.transformResponse(e.httpClient.post(p.setPassword,{loginId:o,password:n},{token:s}),(e=>e)),expirePassword:o=>t.transformResponse(e.httpClient.post(p.expirePassword,{loginId:o},{token:s}),(e=>e))}),y=(e,s)=>({create:(o,n)=>t.transformResponse(e.httpClient.post(m.create,{name:o,selfProvisioningDomains:n},{token:s})),createWithId:(o,n,r)=>t.transformResponse(e.httpClient.post(m.create,{id:o,name:n,selfProvisioningDomains:r},{token:s})),update:(o,n,r)=>t.transformResponse(e.httpClient.post(m.update,{id:o,name:n,selfProvisioningDomains:r},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(m.delete,{id:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(m.loadAll,{token:s}),(e=>e.tenants))}),C=(e,s)=>({update:(o,n)=>t.transformResponse(e.httpClient.post(c.update,{jwt:o,customClaims:n},{token:s}))}),w=(e,s)=>({create:(o,n)=>t.transformResponse(e.httpClient.post(g.create,{name:o,description:n},{token:s})),update:(o,n,r)=>t.transformResponse(e.httpClient.post(g.update,{name:o,newName:n,description:r},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(g.delete,{name:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(g.loadAll,{token:s}),(e=>e.permissions))}),I=(e,s)=>({create:(o,n,r)=>t.transformResponse(e.httpClient.post(h.create,{name:o,description:n,permissionNames:r},{token:s})),update:(o,n,r,a)=>t.transformResponse(e.httpClient.post(h.update,{name:o,newName:n,description:r,permissionNames:a},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(h.delete,{name:o},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(h.loadAll,{token:s}),(e=>e.roles))}),b=(e,s)=>({loadAllGroups:o=>t.transformResponse(e.httpClient.post(k.loadAllGroups,{tenantId:o},{token:s})),loadAllGroupsForMember:(o,n,r)=>t.transformResponse(e.httpClient.post(k.loadAllGroupsForMember,{tenantId:o,loginIds:r,userIds:n},{token:s})),loadAllGroupMembers:(o,n)=>t.transformResponse(e.httpClient.post(k.loadAllGroupMembers,{tenantId:o,groupId:n},{token:s}))}),T=(e,s)=>({getSettings:o=>t.transformResponse(e.httpClient.get(u.settings,{queryParams:{tenantId:o},token:s}),(e=>e)),deleteSettings:o=>t.transformResponse(e.httpClient.delete(u.settings,{queryParams:{tenantId:o},token:s})),configureSettings:(o,n,r,a,i,l)=>t.transformResponse(e.httpClient.post(u.settings,{tenantId:o,idpURL:n,entityId:a,idpCert:r,redirectURL:i,domain:l},{token:s})),configureMetadata:(o,n)=>t.transformResponse(e.httpClient.post(u.metadata,{tenantId:o,idpMetadataURL:n},{token:s})),configureMapping:(o,n,r)=>t.transformResponse(e.httpClient.post(u.mapping,{tenantId:o,roleMappings:n,attributeMapping:r},{token:s}))}),A=(e,s)=>({create:(o,n,r,a)=>t.transformResponse(e.httpClient.post(d.create,{name:o,expireTime:n,roleNames:r,keyTenants:a},{token:s})),load:o=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{id:o},token:s}),(e=>e.key)),searchAll:o=>t.transformResponse(e.httpClient.post(d.search,{tenantIds:o},{token:s}),(e=>e.keys)),update:(o,n)=>t.transformResponse(e.httpClient.post(d.update,{id:o,name:n},{token:s}),(e=>e.key)),deactivate:o=>t.transformResponse(e.httpClient.post(d.deactivate,{id:o},{token:s})),activate:o=>t.transformResponse(e.httpClient.post(d.activate,{id:o},{token:s})),delete:o=>t.transformResponse(e.httpClient.post(d.delete,{id:o},{token:s}))}),P=(e,s)=>({export:o=>t.transformResponse(e.httpClient.post(v.export,{flowId:o},{token:s})),import:(o,n,r)=>t.transformResponse(e.httpClient.post(v.import,{flowId:o,flow:n,screens:r},{token:s}))}),x=(e,s)=>({export:()=>t.transformResponse(e.httpClient.post(f.export,{},{token:s})),import:o=>t.transformResponse(e.httpClient.post(f.import,{theme:o},{token:s}))});var j;null!==(j=globalThis.Headers)&&void 0!==j||(globalThis.Headers=o.Headers);const N=(...e)=>(e.forEach((e=>{var t,s;e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),a.default(...e)),M=o=>{var n,{managementKey:a}=o,p=e.__rest(o,["managementKey"]);const d=r.default(Object.assign(Object.assign({},p),{fetch:N,baseHeaders:Object.assign(Object.assign({},p.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(n=null===process||void 0===process?void 0:process.versions)||void 0===n?void 0:n.node)||"","x-descope-sdk-version":"0.0.0-next-e0361769-20230612"})})),{projectId:m,logger:u}=p,c={},g=((e,t)=>({user:R(e,t),accessKey:A(e,t),tenant:y(e,t),sso:T(e,t),jwt:C(e,t),permission:w(e,t),role:I(e,t),group:b(e,t),flow:P(e,t),theme:x(e,t)}))(d,a),h=Object.assign(Object.assign({},d),{management:g,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(c[e.kid])return c[e.kid];if(Object.assign(c,await(async()=>{const e=(await d.httpClient.get(`v2/keys/${m}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!c[e.kid])throw Error("failed to fetch matching key");return c[e.kid]},async validateJwt(e){var t;const o=(await s.jwtVerify(e,h.getKey,{clockTolerance:5})).payload;if(o&&(o.iss=null===(t=o.iss)||void 0===t?void 0:t.split("/").pop(),o.iss!==m))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:o}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await h.validateJwt(e)}catch(e){throw null==u||u.error("session validation failed",e),Error("session validation failed")}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await h.validateJwt(e);const o=await h.refresh(e);if(o.ok){return await h.validateJwt(null===(t=o.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=o.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==u||u.error("refresh token validation failed",e),Error("refresh token validation failed")}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await h.validateSession(e)}catch(e){null==u||u.log("session validation failed - trying to refresh it")}return h.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await h.accessKey.exchange(e)}catch(e){throw null==u||u.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:s}=t.data;if(!s)throw null==u||u.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await h.validateJwt(s)}catch(e){throw null==u||u.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>h.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,s){const o=l(e,"permissions",t);return s.every((e=>o.includes(e)))},validateRoles:(e,t)=>h.validateTenantRoles(e,null,t),validateTenantRoles(e,t,s){const o=l(e,"roles",t);return s.every((e=>o.includes(e)))}});return t.wrapWith(h,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],i)};M.RefreshTokenCookieName="DSR",M.SessionTokenCookieName="DS",module.exports=M;
//# sourceMappingURL=index.cjs.js.map

335

dist/index.d.ts
import * as _descope_core_js_sdk from '@descope/core-js-sdk';
import _descope_core_js_sdk__default, { SdkResponse, ExchangeAccessKeyResponse } from '@descope/core-js-sdk';
export { DeliveryMethod, OAuthProvider } from '@descope/core-js-sdk';
export { DeliveryMethod, JWTResponse, OAuthProvider, ResponseData, SdkResponse } from '@descope/core-js-sdk';
import { JWTHeaderParameters, KeyLike } from 'jose';

@@ -38,4 +38,5 @@

groups: string[];
role: string;
roleName: string;
};
declare type RoleMappings = RoleMapping[];
/** Represents a mapping between Descope and IDP user attributes */

@@ -75,2 +76,3 @@ declare type AttributeMapping = {

permissionNames: string[];
createdTime: number;
};

@@ -89,2 +91,78 @@ /** Represents a group in a project. It has an id and display name and a list of group members. */

};
declare type Flow = {
id: string;
name: string;
description?: string;
dsl: any;
disabled: boolean;
etag?: string;
};
declare type Screen = {
id: string;
flowId: string;
inputs?: any;
interactions?: any;
htmlTemplate: any;
};
declare type FlowResponse = {
flow: Flow;
screens: Screen[];
};
declare type Theme = {
id: string;
cssTemplate?: any;
};
declare type ThemeResponse = {
theme: Theme;
};
declare type GenerateOTPForTestResponse = {
loginId: string;
code: string;
};
declare type GenerateMagicLinkForTestResponse = {
loginId: string;
link: string;
};
declare type GenerateEnchantedLinkForTestResponse = {
loginId: string;
link: string;
pendingRef: string;
};
declare type AttributesTypes = string | boolean | number;
declare type UserMapping = {
name: string;
email: string;
username: string;
phoneNumber: string;
group: string;
};
declare type RoleItem = {
id: string;
name: string;
};
declare type GroupsMapping = {
role: RoleItem;
groups: string[];
};
declare type SSOSettingsResponse = {
tenantId: string;
idpEntityId: string;
idpSSOUrl: string;
idpCertificate: string;
idpMetadataUrl: string;
spEntityId: string;
spACSUrl: string;
spCertificate: string;
userMapping: UserMapping;
groupsMapping: GroupsMapping[];
redirectUrl: string;
domain: string;
};
declare type ProviderTokenResponse = {
provider: string;
providerUserId: string;
accessToken: string;
expiration: number;
scopes: string[];
};

@@ -113,8 +191,12 @@ /** Parsed JWT token */

user: {
create: (loginId: string, email?: string, phone?: string, displayName?: string, roles?: string[], userTenants?: AssociatedTenant[]) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
update: (loginId: string, email?: string, phone?: string, displayName?: string, roles?: string[], userTenants?: AssociatedTenant[]) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
create: (loginId: string, email?: string, phone?: string, displayName?: string, roles?: string[], userTenants?: AssociatedTenant[], customAttributes?: Record<string, AttributesTypes>, picture?: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
createTestUser: (loginId: string, email?: string, phone?: string, displayName?: string, roles?: string[], userTenants?: AssociatedTenant[], customAttributes?: Record<string, AttributesTypes>, picture?: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
invite: (loginId: string, email?: string, phone?: string, displayName?: string, roles?: string[], userTenants?: AssociatedTenant[], customAttributes?: Record<string, AttributesTypes>, picture?: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
update: (loginId: string, email?: string, phone?: string, displayName?: string, roles?: string[], userTenants?: AssociatedTenant[], customAttributes?: Record<string, AttributesTypes>, picture?: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
delete: (loginId: string) => Promise<SdkResponse<never>>;
deleteAllTestUsers: () => Promise<SdkResponse<never>>;
load: (loginId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
loadByUserId: (userId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
searchAll: (tenantIds?: string[], roles?: string[], limit?: number) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse[]>>;
searchAll: (tenantIds?: string[], roles?: string[], limit?: number, page?: number, testUsersOnly?: boolean, withTestUser?: boolean, customAttributes?: Record<string, AttributesTypes>) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse[]>>;
getProviderToken: (loginId: string, provider: string) => Promise<SdkResponse<ProviderTokenResponse>>;
activate: (loginId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;

@@ -125,2 +207,4 @@ deactivate: (loginId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;

updateDisplayName: (loginId: string, displayName: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
updatePicture: (loginId: string, picture: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
updateCustomAttribute: (loginId: string, attributeKey: string, attributeValue: AttributesTypes) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
addRoles: (loginId: string, roles: string[]) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;

@@ -132,2 +216,7 @@ removeRoles: (loginId: string, roles: string[]) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;

removeTenantRoles: (loginId: string, tenantId: string, roles: string[]) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>;
generateOTPForTestUser: (deliveryMethod: "email" | "sms" | "whatsapp", loginId: string) => Promise<SdkResponse<GenerateOTPForTestResponse>>;
generateMagicLinkForTestUser: (deliveryMethod: "email" | "sms" | "whatsapp", loginId: string, uri: string) => Promise<SdkResponse<GenerateMagicLinkForTestResponse>>;
generateEnchantedLinkForTestUser: (loginId: string, uri: string) => Promise<SdkResponse<GenerateEnchantedLinkForTestResponse>>;
setPassword: (loginId: string, password: string) => Promise<SdkResponse<never>>;
expirePassword: (loginId: string) => Promise<SdkResponse<never>>;
};

@@ -151,5 +240,7 @@ accessKey: {

sso: {
configureSettings: (tenantId: string, idpURL: string, idpCert: string, entityId: string, redirectURL?: string) => Promise<SdkResponse<never>>;
getSettings: (tenantId: string) => Promise<SdkResponse<SSOSettingsResponse>>;
deleteSettings: (tenantId: string) => Promise<SdkResponse<never>>;
configureSettings: (tenantId: string, idpURL: string, idpCert: string, entityId: string, redirectURL?: string, domain?: string) => Promise<SdkResponse<never>>;
configureMetadata: (tenantId: string, idpMetadataURL: string) => Promise<SdkResponse<never>>;
configureMapping: (tenantId: string, roleMapping?: RoleMapping, attributeMapping?: AttributeMapping) => Promise<SdkResponse<never>>;
configureMapping: (tenantId: string, roleMappings?: RoleMappings, attributeMapping?: AttributeMapping) => Promise<SdkResponse<never>>;
};

@@ -176,2 +267,10 @@ jwt: {

};
flow: {
export: (flowId: string) => Promise<SdkResponse<FlowResponse>>;
import: (flowId: string, flow: Flow, screens?: Screen[]) => Promise<SdkResponse<FlowResponse>>;
};
theme: {
export: () => Promise<SdkResponse<ThemeResponse>>;
import: (theme: Theme) => Promise<SdkResponse<ThemeResponse>>;
};
};

@@ -193,11 +292,11 @@ getKey: (header: JWTHeaderParameters) => Promise<KeyLike | Uint8Array>;

verify: {
email: (loginId: string, code: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & {
sms: (loginId: string, code: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & {
refreshJwt?: string;
cookies?: string[];
}>>;
sms: (loginId: string, code: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & {
whatsapp: (loginId: string, code: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & {
refreshJwt?: string;
cookies?: string[];
}>>;
whatsapp: (loginId: string, code: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & {
email: (loginId: string, code: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & {
refreshJwt?: string;

@@ -208,34 +307,66 @@ cookies?: string[];

signIn: {
email: (loginId: string) => Promise<SdkResponse<never>>;
sms: (loginId: string) => Promise<SdkResponse<never>>;
whatsapp: (loginId: string) => Promise<SdkResponse<never>>;
sms: (loginId: string) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
whatsapp: (loginId: string) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
email: (loginId: string) => Promise<SdkResponse<{
maskedEmail: string;
}>>;
};
signUp: {
email: (loginId: string, user?: {
sms: (loginId: string, user?: {
email?: string;
name?: string;
phone?: string;
}) => Promise<SdkResponse<never>>;
sms: (loginId: string, user?: {
}) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
whatsapp: (loginId: string, user?: {
email?: string;
name?: string;
phone?: string;
}) => Promise<SdkResponse<never>>;
whatsapp: (loginId: string, user?: {
}) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
email: (loginId: string, user?: {
email?: string;
name?: string;
phone?: string;
}) => Promise<SdkResponse<never>>;
}) => Promise<SdkResponse<{
maskedEmail: string;
}>>;
};
signUpOrIn: {
email: (loginId: string) => Promise<SdkResponse<never>>;
sms: (loginId: string) => Promise<SdkResponse<never>>;
whatsapp: (loginId: string) => Promise<SdkResponse<never>>;
sms: (loginId: string) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
whatsapp: (loginId: string) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
email: (loginId: string) => Promise<SdkResponse<{
maskedEmail: string;
}>>;
};
update: {
email: (loginId: string, email: string, token?: string) => Promise<SdkResponse<never>>;
email: <T extends boolean>(loginId: string, email: string, token?: string, updateOptions?: {
addToLoginIDs?: T;
onMergeUseExisting?: T extends true ? boolean : never;
}) => Promise<SdkResponse<{
maskedEmail: string;
}>>;
phone: {
email: (loginId: string, phone: string) => Promise<SdkResponse<never>>;
sms: (loginId: string, phone: string) => Promise<SdkResponse<never>>;
whatsapp: (loginId: string, phone: string) => Promise<SdkResponse<never>>;
sms: <T_1 extends boolean>(loginId: string, phone: string, token?: string, updateOptions?: {
addToLoginIDs?: T_1;
onMergeUseExisting?: T_1 extends true ? boolean : never;
}) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
whatsapp: <T_1 extends boolean>(loginId: string, phone: string, token?: string, updateOptions?: {
addToLoginIDs?: T_1;
onMergeUseExisting?: T_1 extends true ? boolean : never;
}) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
};

@@ -250,34 +381,66 @@ };

signIn: {
email: (loginId: string, uri: string) => Promise<SdkResponse<never>>;
sms: (loginId: string, uri: string) => Promise<SdkResponse<never>>;
whatsapp: (loginId: string, uri: string) => Promise<SdkResponse<never>>;
sms: (loginId: string, uri: string) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
whatsapp: (loginId: string, uri: string) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
email: (loginId: string, uri: string) => Promise<SdkResponse<{
maskedEmail: string;
}>>;
};
signUp: {
email: (loginId: string, uri: string, user?: {
sms: (loginId: string, uri: string, user?: {
email?: string;
name?: string;
phone?: string;
}) => Promise<SdkResponse<never>>;
sms: (loginId: string, uri: string, user?: {
}) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
whatsapp: (loginId: string, uri: string, user?: {
email?: string;
name?: string;
phone?: string;
}) => Promise<SdkResponse<never>>;
whatsapp: (loginId: string, uri: string, user?: {
}) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
email: (loginId: string, uri: string, user?: {
email?: string;
name?: string;
phone?: string;
}) => Promise<SdkResponse<never>>;
}) => Promise<SdkResponse<{
maskedEmail: string;
}>>;
};
signUpOrIn: {
email: (loginId: string, uri: string) => Promise<SdkResponse<never>>;
sms: (loginId: string, uri: string) => Promise<SdkResponse<never>>;
whatsapp: (loginId: string, uri: string) => Promise<SdkResponse<never>>;
sms: (loginId: string, uri: string) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
whatsapp: (loginId: string, uri: string) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
email: (loginId: string, uri: string) => Promise<SdkResponse<{
maskedEmail: string;
}>>;
};
update: {
email: (loginId: string, email: string, uri: string, token?: string) => Promise<SdkResponse<never>>;
email: <T_2 extends boolean>(loginId: string, email: string, URI?: string, token?: string, updateOptions?: {
addToLoginIDs?: T_2;
onMergeUseExisting?: T_2 extends true ? boolean : never;
}) => Promise<SdkResponse<{
maskedEmail: string;
}>>;
phone: {
email: (loginId: string, phone: string) => Promise<SdkResponse<never>>;
sms: (loginId: string, phone: string) => Promise<SdkResponse<never>>;
whatsapp: (loginId: string, phone: string) => Promise<SdkResponse<never>>;
sms: <T_3 extends boolean>(loginId: string, phone: string, URI?: string, token?: string, updateOptions?: {
addToLoginIDs?: T_3;
onMergeUseExisting?: T_3 extends true ? boolean : never;
}) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
whatsapp: <T_3 extends boolean>(loginId: string, phone: string, URI?: string, token?: string, updateOptions?: {
addToLoginIDs?: T_3;
onMergeUseExisting?: T_3 extends true ? boolean : never;
}) => Promise<SdkResponse<{
maskedPhone: string;
}>>;
};

@@ -302,8 +465,2 @@ };

waitForSession: (pendingRef: string, config?: {
/**
* Validate session and refresh it if it expired
* @param sessionToken session JWT
* @param refreshToken refresh JWT
* @returns AuthenticationInfo promise or throws Error if there is an issue with JWTs
*/
pollingIntervalMs: number;

@@ -313,3 +470,6 @@ timeoutMs: number;

update: {
email: (loginId: string, email: string, uri: string, token?: string) => Promise<SdkResponse<_descope_core_js_sdk.EnchantedLinkResponse>>;
email: <T_4 extends boolean>(loginId: string, email: string, URI?: string, token?: string, updateOptions?: {
addToLoginIDs?: T_4;
onMergeUseExisting?: T_4 extends true ? boolean : never;
}) => Promise<SdkResponse<_descope_core_js_sdk.EnchantedLinkResponse>>;
};

@@ -321,40 +481,24 @@ };

redirect: boolean;
}>(redirectURL?: string, config?: B) => Promise<B extends {
redirect: true;
} ? undefined : SdkResponse<_descope_core_js_sdk.URLResponse>>;
}>(redirectURL?: string, config?: B) => Promise<SdkResponse<_descope_core_js_sdk.URLResponse>>;
github: <B_1 extends {
redirect: boolean;
}>(redirectURL?: string, config?: B_1) => Promise<B_1 extends {
redirect: true;
} ? undefined : SdkResponse<_descope_core_js_sdk.URLResponse>>;
}>(redirectURL?: string, config?: B_1) => Promise<SdkResponse<_descope_core_js_sdk.URLResponse>>;
google: <B_2 extends {
redirect: boolean;
}>(redirectURL?: string, config?: B_2) => Promise<B_2 extends {
redirect: true;
} ? undefined : SdkResponse<_descope_core_js_sdk.URLResponse>>;
}>(redirectURL?: string, config?: B_2) => Promise<SdkResponse<_descope_core_js_sdk.URLResponse>>;
microsoft: <B_3 extends {
redirect: boolean;
}>(redirectURL?: string, config?: B_3) => Promise<B_3 extends {
redirect: true;
} ? undefined : SdkResponse<_descope_core_js_sdk.URLResponse>>;
}>(redirectURL?: string, config?: B_3) => Promise<SdkResponse<_descope_core_js_sdk.URLResponse>>;
gitlab: <B_4 extends {
redirect: boolean;
}>(redirectURL?: string, config?: B_4) => Promise<B_4 extends {
redirect: true;
} ? undefined : SdkResponse<_descope_core_js_sdk.URLResponse>>;
}>(redirectURL?: string, config?: B_4) => Promise<SdkResponse<_descope_core_js_sdk.URLResponse>>;
apple: <B_5 extends {
redirect: boolean;
}>(redirectURL?: string, config?: B_5) => Promise<B_5 extends {
redirect: true;
} ? undefined : SdkResponse<_descope_core_js_sdk.URLResponse>>;
}>(redirectURL?: string, config?: B_5) => Promise<SdkResponse<_descope_core_js_sdk.URLResponse>>;
discord: <B_6 extends {
redirect: boolean;
}>(redirectURL?: string, config?: B_6) => Promise<B_6 extends {
redirect: true;
} ? undefined : SdkResponse<_descope_core_js_sdk.URLResponse>>;
}>(redirectURL?: string, config?: B_6) => Promise<SdkResponse<_descope_core_js_sdk.URLResponse>>;
linkedin: <B_7 extends {
redirect: boolean;
}>(redirectURL?: string, config?: B_7) => Promise<B_7 extends {
redirect: true;
} ? undefined : SdkResponse<_descope_core_js_sdk.URLResponse>>;
}>(redirectURL?: string, config?: B_7) => Promise<SdkResponse<_descope_core_js_sdk.URLResponse>>;
};

@@ -367,7 +511,7 @@ exchange: (code: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & {

saml: {
start: <B_1 extends {
redirect: boolean;
}>(tenantNameOrEmail: string, config?: B_1) => Promise<B_1 extends {
redirect: true;
} ? undefined : SdkResponse<_descope_core_js_sdk.URLResponse>>;
start: (tenantIdOrEmail: string, redirectUrl?: string, loginOptions?: {
stepup?: boolean;
mfa?: boolean;
customClaims?: Record<string, any>;
}, token?: string) => Promise<SdkResponse<_descope_core_js_sdk.URLResponse>>;
exchange: (code: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & {

@@ -437,2 +581,25 @@ refreshJwt?: string;

};
password: {
signUp: (loginId: string, password: string, user?: {
email?: string;
name?: string;
phone?: string;
}) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse>>;
signIn: (loginId: string, password: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse>>;
sendReset: (loginId: string, redirectUrl?: string) => Promise<SdkResponse<{
resetMethod: string;
pendingRef?: string;
linkId?: string;
maskedEmail: string;
}>>;
update: (loginId: string, newPassword: string, token?: string) => Promise<SdkResponse<never>>;
replace: (loginId: string, oldPassword: string, newPassword: string) => Promise<SdkResponse<never>>;
policy: () => Promise<SdkResponse<{
minLength: number;
lowercase: boolean;
uppercase: boolean;
number: boolean;
nonAlphanumeric: boolean;
}>>;
};
flow: {

@@ -451,8 +618,12 @@ start: (flowId: string, options?: {

};
redirectAuth?: {
callbackUrl: string;
codeChallenge: string;
};
}, conditionInteractionId?: string, interactionId?: string, input?: {
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
}) => Promise<SdkResponse<_descope_core_js_sdk.FlowResponse>>;
}, version?: number) => Promise<SdkResponse<_descope_core_js_sdk.FlowResponse>>;
next: (executionId: string, stepId: string, interactionId: string, input?: {
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
}) => Promise<SdkResponse<_descope_core_js_sdk.FlowResponse>>;
}, version?: number) => Promise<SdkResponse<_descope_core_js_sdk.FlowResponse>>;
};

@@ -491,3 +662,3 @@ refresh: (token?: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & {

}) => Promise<Response>;
delete: (path: string, body?: any, config?: {
delete: (path: string, config?: {
headers?: HeadersInit;

@@ -525,2 +696,2 @@ queryParams?: {

export { nodeSdk as default };
export { AuthenticationInfo, nodeSdk as default };

2

dist/index.esm.js

@@ -1,2 +0,2 @@

import{__rest as e}from"tslib";import t,{transformResponse as a,wrapWith as s}from"@descope/core-js-sdk";import{jwtVerify as o,errors as n,importJWK as r}from"jose";import i,{Headers as l,Request as d,Response as p}from"node-fetch";const m=t=>async(...a)=>{var s,o,n;const r=await t(...a);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,d=e(i,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(s=r.response)||void 0===s?void 0:s.headers.get("set-cookie"))&&(l=((e,t)=>{const a=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return a?a[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:p})})};function c(e,t,a){var s,o;const n=a?null===(o=null===(s=e.token.tenants)||void 0===s?void 0:s[a])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(n)?n:[]}var u={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search",updateStatus:"/v1/mgmt/user/update/status",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},h={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},v={configure:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},k={update:"/v1/mgmt/jwt/update"},y={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},f={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},C={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const w=(e,t)=>({create:(s,o,n,r,i,l)=>a(e.httpClient.post(u.create,{loginId:s,email:o,phone:n,displayName:r,roleNames:i,userTenants:l},{token:t}),(e=>e.user)),update:(s,o,n,r,i,l)=>a(e.httpClient.post(u.update,{loginId:s,email:o,phone:n,displayName:r,roleNames:i,userTenants:l},{token:t}),(e=>e.user)),delete:s=>a(e.httpClient.post(u.delete,{loginId:s},{token:t})),load:s=>a(e.httpClient.get(u.load,{queryParams:{loginId:s},token:t}),(e=>e.user)),loadByUserId:s=>a(e.httpClient.get(u.load,{queryParams:{userId:s},token:t}),(e=>e.user)),searchAll:(s,o,n)=>a(e.httpClient.post(u.search,{tenantIds:s,roleNames:o,limit:n},{token:t}),(e=>e.users)),activate:s=>a(e.httpClient.post(u.updateStatus,{loginId:s,status:"enabled"},{token:t}),(e=>e.user)),deactivate:s=>a(e.httpClient.post(u.updateStatus,{loginId:s,status:"disabled"},{token:t}),(e=>e.user)),updateEmail:(s,o,n)=>a(e.httpClient.post(u.updateEmail,{loginId:s,email:o,verified:n},{token:t}),(e=>e.user)),updatePhone:(s,o,n)=>a(e.httpClient.post(u.updatePhone,{loginId:s,phone:o,verified:n},{token:t}),(e=>e.user)),updateDisplayName:(s,o)=>a(e.httpClient.post(u.updateDisplayName,{loginId:s,displayName:o},{token:t}),(e=>e.user)),addRoles:(s,o)=>a(e.httpClient.post(u.addRole,{loginId:s,roleNames:o},{token:t}),(e=>e.user)),removeRoles:(s,o)=>a(e.httpClient.post(u.removeRole,{loginId:s,roleNames:o},{token:t}),(e=>e.user)),addTenant:(s,o)=>a(e.httpClient.post(u.addTenant,{loginId:s,tenantId:o},{token:t}),(e=>e.user)),removeTenant:(s,o)=>a(e.httpClient.post(u.removeTenant,{loginId:s,tenantId:o},{token:t}),(e=>e.user)),addTenantRoles:(s,o,n)=>a(e.httpClient.post(u.addRole,{loginId:s,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),removeTenantRoles:(s,o,n)=>a(e.httpClient.post(u.removeRole,{loginId:s,tenantId:o,roleNames:n},{token:t}),(e=>e.user))}),b=(e,t)=>({create:(s,o)=>a(e.httpClient.post(h.create,{name:s,selfProvisioningDomains:o},{token:t})),createWithId:(s,o,n)=>a(e.httpClient.post(h.create,{id:s,name:o,selfProvisioningDomains:n},{token:t})),update:(s,o,n)=>a(e.httpClient.post(h.update,{id:s,name:o,selfProvisioningDomains:n},{token:t})),delete:s=>a(e.httpClient.post(h.delete,{id:s},{token:t})),loadAll:()=>a(e.httpClient.get(h.loadAll,{token:t}),(e=>e.tenants))}),I=(e,t)=>({update:(s,o)=>a(e.httpClient.post(k.update,{jwt:s,customClaims:o},{token:t}))}),A=(e,t)=>({create:(s,o)=>a(e.httpClient.post(y.create,{name:s,description:o},{token:t})),update:(s,o,n)=>a(e.httpClient.post(y.update,{name:s,newName:o,description:n},{token:t})),delete:s=>a(e.httpClient.post(y.delete,{name:s},{token:t})),loadAll:()=>a(e.httpClient.get(y.loadAll,{token:t}),(e=>e.permissions))}),R=(e,t)=>({create:(s,o,n)=>a(e.httpClient.post(f.create,{name:s,description:o,permissionNames:n},{token:t})),update:(s,o,n,r)=>a(e.httpClient.post(f.update,{name:s,newName:o,description:n,permissionNames:r},{token:t})),delete:s=>a(e.httpClient.post(f.delete,{name:s},{token:t})),loadAll:()=>a(e.httpClient.get(f.loadAll,{token:t}),(e=>e.roles))}),T=(e,t)=>({loadAllGroups:s=>a(e.httpClient.post(C.loadAllGroups,{tenantId:s},{token:t})),loadAllGroupsForMember:(s,o,n)=>a(e.httpClient.post(C.loadAllGroupsForMember,{tenantId:s,loginIds:n,userIds:o},{token:t})),loadAllGroupMembers:(s,o)=>a(e.httpClient.post(C.loadAllGroupMembers,{tenantId:s,groupId:o},{token:t}))}),j=(e,t)=>({configureSettings:(s,o,n,r,i)=>a(e.httpClient.post(v.configure,{tenantId:s,idpURL:o,entityId:r,idpCert:n,redirectURL:i},{token:t})),configureMetadata:(s,o)=>a(e.httpClient.post(v.metadata,{tenantId:s,idpMetadataURL:o},{token:t})),configureMapping:(s,o,n)=>a(e.httpClient.post(v.mapping,{tenantId:s,roleMapping:o,attributeMapping:n},{token:t}))}),N=(e,t)=>({create:(s,o,n,r)=>a(e.httpClient.post(g.create,{name:s,expireTime:o,roleNames:n,keyTenants:r},{token:t})),load:s=>a(e.httpClient.get(g.load,{queryParams:{id:s},token:t}),(e=>e.key)),searchAll:s=>a(e.httpClient.post(g.search,{tenantIds:s},{token:t}),(e=>e.keys)),update:(s,o)=>a(e.httpClient.post(g.update,{id:s,name:o},{token:t}),(e=>e.key)),deactivate:s=>a(e.httpClient.post(g.deactivate,{id:s},{token:t})),activate:s=>a(e.httpClient.post(g.activate,{id:s},{token:t})),delete:s=>a(e.httpClient.post(g.delete,{id:s},{token:t}))});globalThis.fetch=i,globalThis.Headers=l,globalThis.Request=d,globalThis.Response=p;const x=a=>{var i,{managementKey:l}=a,d=e(a,["managementKey"]);const p=t(Object.assign(Object.assign({},d),{baseHeaders:Object.assign(Object.assign({},d.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(i=null===process||void 0===process?void 0:process.versions)||void 0===i?void 0:i.node)||"","x-descope-sdk-version":"0.0.0-next-dfd41cb3-20230210"})})),{projectId:u,logger:g}=d,h={},v=((e,t)=>({user:w(e,t),accessKey:N(e,t),tenant:b(e,t),sso:j(e,t),jwt:I(e,t),permission:A(e,t),role:R(e,t),group:T(e,t)}))(p,l),k=Object.assign(Object.assign({},p),{management:v,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(h[e.kid])return h[e.kid];if(Object.assign(h,await(async()=>{const e=(await p.httpClient.get(`v2/keys/${u}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await r(e)])))).reduce(((e,[t,a])=>t?Object.assign(Object.assign({},e),{[t.toString()]:a}):e),{}):{}})()),!h[e.kid])throw Error("failed to fetch matching key");return h[e.kid]},async validateJwt(e){var t;const a=(await o(e,k.getKey,{clockTolerance:5})).payload;if(a&&(a.iss=null===(t=a.iss)||void 0===t?void 0:t.split("/").pop(),a.iss!==u))throw new n.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:a}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await k.validateJwt(e)}catch(e){throw null==g||g.error("session validation failed",e),Error("session validation failed")}},async refreshSession(e){var t,a;if(!e)throw Error("refresh token is required to refresh a session");try{await k.validateJwt(e);const s=await k.refresh(e);if(s.ok){return await k.validateJwt(null===(t=s.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(a=s.error)||void 0===a?void 0:a.errorMessage)}catch(e){throw null==g||g.error("refresh token validation failed",e),Error("refresh token validation failed")}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await k.validateSession(e)}catch(e){null==g||g.log("session validation failed - trying to refresh it")}return k.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await k.accessKey.exchange(e)}catch(e){throw null==g||g.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:a}=t.data;if(!a)throw null==g||g.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await k.validateJwt(a)}catch(e){throw null==g||g.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>k.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,a){const s=c(e,"permissions",t);return a.every((e=>s.includes(e)))},validateRoles:(e,t)=>k.validateTenantRoles(e,null,t),validateTenantRoles(e,t,a){const s=c(e,"roles",t);return a.every((e=>s.includes(e)))}});return s(k,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],m)};x.RefreshTokenCookieName="DSR",x.SessionTokenCookieName="DS";export{x as default};
import{__rest as e}from"tslib";import t,{transformResponse as s,wrapWith as a}from"@descope/core-js-sdk";import{jwtVerify as o,errors as n,importJWK as r}from"jose";import i,{Headers as l}from"node-fetch-commonjs";const d=t=>async(...s)=>{var a,o,n;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,d=e(i,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:p})})};function p(e,t,s){var a,o;const n=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(n)?n:[]}var m={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",expirePassword:"/v1/mgmt/user/password/expire",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink"},u={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},c={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},g={settings:"/v1/mgmt/sso/settings",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping"},h={update:"/v1/mgmt/jwt/update"},v={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},k={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},y={export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import"},C={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},f={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const w=(e,t)=>({create:(a,o,n,r,i,l,d,p)=>s(e.httpClient.post(m.create,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,customAttributes:d,picture:p},{token:t}),(e=>e.user)),createTestUser:(a,o,n,r,i,l,d,p)=>s(e.httpClient.post(m.create,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,test:!0,customAttributes:d,picture:p},{token:t}),(e=>e.user)),invite:(a,o,n,r,i,l,d,p)=>s(e.httpClient.post(m.create,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,invite:!0,customAttributes:d,picture:p},{token:t}),(e=>e.user)),update:(a,o,n,r,i,l,d,p)=>s(e.httpClient.post(m.update,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l,customAttributes:d,picture:p},{token:t}),(e=>e.user)),delete:a=>s(e.httpClient.post(m.delete,{loginId:a},{token:t})),deleteAllTestUsers:()=>s(e.httpClient.delete(m.deleteAllTestUsers,{token:t})),load:a=>s(e.httpClient.get(m.load,{queryParams:{loginId:a},token:t}),(e=>e.user)),loadByUserId:a=>s(e.httpClient.get(m.load,{queryParams:{userId:a},token:t}),(e=>e.user)),searchAll:(a,o,n,r,i,l,d)=>s(e.httpClient.post(m.search,{tenantIds:a,roleNames:o,limit:n,page:r,testUsersOnly:i,withTestUser:l,customAttributes:d},{token:t}),(e=>e.users)),getProviderToken:(a,o)=>s(e.httpClient.get(m.getProviderToken,{queryParams:{loginId:a,provider:o},token:t}),(e=>e)),activate:a=>s(e.httpClient.post(m.updateStatus,{loginId:a,status:"enabled"},{token:t}),(e=>e.user)),deactivate:a=>s(e.httpClient.post(m.updateStatus,{loginId:a,status:"disabled"},{token:t}),(e=>e.user)),updateEmail:(a,o,n)=>s(e.httpClient.post(m.updateEmail,{loginId:a,email:o,verified:n},{token:t}),(e=>e.user)),updatePhone:(a,o,n)=>s(e.httpClient.post(m.updatePhone,{loginId:a,phone:o,verified:n},{token:t}),(e=>e.user)),updateDisplayName:(a,o)=>s(e.httpClient.post(m.updateDisplayName,{loginId:a,displayName:o},{token:t}),(e=>e.user)),updatePicture:(a,o)=>s(e.httpClient.post(m.updatePicture,{loginId:a,picture:o},{token:t}),(e=>e.user)),updateCustomAttribute:(a,o,n)=>s(e.httpClient.post(m.updateCustomAttribute,{loginId:a,attributeKey:o,attributeValue:n},{token:t}),(e=>e.user)),addRoles:(a,o)=>s(e.httpClient.post(m.addRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),removeRoles:(a,o)=>s(e.httpClient.post(m.removeRole,{loginId:a,roleNames:o},{token:t}),(e=>e.user)),addTenant:(a,o)=>s(e.httpClient.post(m.addTenant,{loginId:a,tenantId:o},{token:t}),(e=>e.user)),removeTenant:(a,o)=>s(e.httpClient.post(m.removeTenant,{loginId:a,tenantId:o},{token:t}),(e=>e.user)),addTenantRoles:(a,o,n)=>s(e.httpClient.post(m.addRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),removeTenantRoles:(a,o,n)=>s(e.httpClient.post(m.removeRole,{loginId:a,tenantId:o,roleNames:n},{token:t}),(e=>e.user)),generateOTPForTestUser:(a,o)=>s(e.httpClient.post(m.generateOTPForTest,{deliveryMethod:a,loginId:o},{token:t}),(e=>e)),generateMagicLinkForTestUser:(a,o,n)=>s(e.httpClient.post(m.generateMagicLinkForTest,{deliveryMethod:a,loginId:o,URI:n},{token:t}),(e=>e)),generateEnchantedLinkForTestUser:(a,o)=>s(e.httpClient.post(m.generateEnchantedLinkForTest,{loginId:a,URI:o},{token:t}),(e=>e)),setPassword:(a,o)=>s(e.httpClient.post(m.setPassword,{loginId:a,password:o},{token:t}),(e=>e)),expirePassword:a=>s(e.httpClient.post(m.expirePassword,{loginId:a},{token:t}),(e=>e))}),I=(e,t)=>({create:(a,o)=>s(e.httpClient.post(c.create,{name:a,selfProvisioningDomains:o},{token:t})),createWithId:(a,o,n)=>s(e.httpClient.post(c.create,{id:a,name:o,selfProvisioningDomains:n},{token:t})),update:(a,o,n)=>s(e.httpClient.post(c.update,{id:a,name:o,selfProvisioningDomains:n},{token:t})),delete:a=>s(e.httpClient.post(c.delete,{id:a},{token:t})),loadAll:()=>s(e.httpClient.get(c.loadAll,{token:t}),(e=>e.tenants))}),b=(e,t)=>({update:(a,o)=>s(e.httpClient.post(h.update,{jwt:a,customClaims:o},{token:t}))}),T=(e,t)=>({create:(a,o)=>s(e.httpClient.post(v.create,{name:a,description:o},{token:t})),update:(a,o,n)=>s(e.httpClient.post(v.update,{name:a,newName:o,description:n},{token:t})),delete:a=>s(e.httpClient.post(v.delete,{name:a},{token:t})),loadAll:()=>s(e.httpClient.get(v.loadAll,{token:t}),(e=>e.permissions))}),A=(e,t)=>({create:(a,o,n)=>s(e.httpClient.post(k.create,{name:a,description:o,permissionNames:n},{token:t})),update:(a,o,n,r)=>s(e.httpClient.post(k.update,{name:a,newName:o,description:n,permissionNames:r},{token:t})),delete:a=>s(e.httpClient.post(k.delete,{name:a},{token:t})),loadAll:()=>s(e.httpClient.get(k.loadAll,{token:t}),(e=>e.roles))}),P=(e,t)=>({loadAllGroups:a=>s(e.httpClient.post(f.loadAllGroups,{tenantId:a},{token:t})),loadAllGroupsForMember:(a,o,n)=>s(e.httpClient.post(f.loadAllGroupsForMember,{tenantId:a,loginIds:n,userIds:o},{token:t})),loadAllGroupMembers:(a,o)=>s(e.httpClient.post(f.loadAllGroupMembers,{tenantId:a,groupId:o},{token:t}))}),x=(e,t)=>({getSettings:a=>s(e.httpClient.get(g.settings,{queryParams:{tenantId:a},token:t}),(e=>e)),deleteSettings:a=>s(e.httpClient.delete(g.settings,{queryParams:{tenantId:a},token:t})),configureSettings:(a,o,n,r,i,l)=>s(e.httpClient.post(g.settings,{tenantId:a,idpURL:o,entityId:r,idpCert:n,redirectURL:i,domain:l},{token:t})),configureMetadata:(a,o)=>s(e.httpClient.post(g.metadata,{tenantId:a,idpMetadataURL:o},{token:t})),configureMapping:(a,o,n)=>s(e.httpClient.post(g.mapping,{tenantId:a,roleMappings:o,attributeMapping:n},{token:t}))}),j=(e,t)=>({create:(a,o,n,r)=>s(e.httpClient.post(u.create,{name:a,expireTime:o,roleNames:n,keyTenants:r},{token:t})),load:a=>s(e.httpClient.get(u.load,{queryParams:{id:a},token:t}),(e=>e.key)),searchAll:a=>s(e.httpClient.post(u.search,{tenantIds:a},{token:t}),(e=>e.keys)),update:(a,o)=>s(e.httpClient.post(u.update,{id:a,name:o},{token:t}),(e=>e.key)),deactivate:a=>s(e.httpClient.post(u.deactivate,{id:a},{token:t})),activate:a=>s(e.httpClient.post(u.activate,{id:a},{token:t})),delete:a=>s(e.httpClient.post(u.delete,{id:a},{token:t}))}),N=(e,t)=>({export:a=>s(e.httpClient.post(y.export,{flowId:a},{token:t})),import:(a,o,n)=>s(e.httpClient.post(y.import,{flowId:a,flow:o,screens:n},{token:t}))}),R=(e,t)=>({export:()=>s(e.httpClient.post(C.export,{},{token:t})),import:a=>s(e.httpClient.post(C.import,{theme:a},{token:t}))});var M;null!==(M=globalThis.Headers)&&void 0!==M||(globalThis.Headers=l);const E=(...e)=>(e.forEach((e=>{var t,s;e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),i(...e)),S=s=>{var i,{managementKey:l}=s,m=e(s,["managementKey"]);const u=t(Object.assign(Object.assign({},m),{fetch:E,baseHeaders:Object.assign(Object.assign({},m.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(i=null===process||void 0===process?void 0:process.versions)||void 0===i?void 0:i.node)||"","x-descope-sdk-version":"0.0.0-next-e0361769-20230612"})})),{projectId:c,logger:g}=m,h={},v=((e,t)=>({user:w(e,t),accessKey:j(e,t),tenant:I(e,t),sso:x(e,t),jwt:b(e,t),permission:T(e,t),role:A(e,t),group:P(e,t),flow:N(e,t),theme:R(e,t)}))(u,l),k=Object.assign(Object.assign({},u),{management:v,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(h[e.kid])return h[e.kid];if(Object.assign(h,await(async()=>{const e=(await u.httpClient.get(`v2/keys/${c}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await r(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!h[e.kid])throw Error("failed to fetch matching key");return h[e.kid]},async validateJwt(e){var t;const s=(await o(e,k.getKey,{clockTolerance:5})).payload;if(s&&(s.iss=null===(t=s.iss)||void 0===t?void 0:t.split("/").pop(),s.iss!==c))throw new n.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:s}},async validateSession(e){if(!e)throw Error("session token is required for validation");try{return await k.validateJwt(e)}catch(e){throw null==g||g.error("session validation failed",e),Error("session validation failed")}},async refreshSession(e){var t,s;if(!e)throw Error("refresh token is required to refresh a session");try{await k.validateJwt(e);const a=await k.refresh(e);if(a.ok){return await k.validateJwt(null===(t=a.data)||void 0===t?void 0:t.sessionJwt)}throw Error(null===(s=a.error)||void 0===s?void 0:s.errorMessage)}catch(e){throw null==g||g.error("refresh token validation failed",e),Error("refresh token validation failed")}},async validateAndRefreshSession(e,t){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await k.validateSession(e)}catch(e){null==g||g.log("session validation failed - trying to refresh it")}return k.refreshSession(t)},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await k.accessKey.exchange(e)}catch(e){throw null==g||g.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:s}=t.data;if(!s)throw null==g||g.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await k.validateJwt(s)}catch(e){throw null==g||g.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>k.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,s){const a=p(e,"permissions",t);return s.every((e=>a.includes(e)))},validateRoles:(e,t)=>k.validateTenantRoles(e,null,t),validateTenantRoles(e,t,s){const a=p(e,"roles",t);return s.every((e=>a.includes(e)))}});return a(k,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],d)};S.RefreshTokenCookieName="DSR",S.SessionTokenCookieName="DS";export{S as default};
//# sourceMappingURL=index.esm.js.map

34

package.json
{
"name": "@descope/node-sdk",
"version": "0.0.0-next-dfd41cb3-20230210",
"version": "0.0.0-next-e0361769-20230612",
"description": "Node.js library used to integrate with Descope",

@@ -10,4 +10,10 @@ "typings": "./dist/index.d.ts",

"exports": {
"require": "./dist/cjs/index.cjs.js",
"import": "./dist/index.esm.js"
"require": {
"types": "./dist/index.d.ts",
"default": "./dist/cjs/index.cjs.js"
},
"import": {
"types": "./dist/index.d.ts",
"default": "./dist/index.esm.js"
}
},

@@ -53,9 +59,9 @@ "type": "module",

"devDependencies": {
"@rollup/plugin-commonjs": "^22.0.0",
"@rollup/plugin-commonjs": "^25.0.0",
"@rollup/plugin-json": "^4.1.0",
"@rollup/plugin-node-resolve": "^13.3.0",
"@rollup/plugin-replace": "^4.0.0",
"@rollup/plugin-replace": "^5.0.0",
"@rollup/plugin-typescript": "^8.3.0",
"@size-limit/preset-small-lib": "^8.0.0",
"@types/jest": "^28.0.0",
"@types/jest": "^29.0.0",
"@types/jsonwebtoken": "^9.0.0",

@@ -72,3 +78,3 @@ "@types/node": "^15.14.9",

"eslint-plugin-import": "^2.26.0",
"eslint-plugin-jest": "^26.4.6",
"eslint-plugin-jest": "^27.0.0",
"eslint-plugin-jest-dom": "^4.0.2",

@@ -80,4 +86,4 @@ "eslint-plugin-jest-formatting": "^3.1.0",

"husky": "^8.0.1",
"jest": "^28.1.0",
"jsdoc": "^3.6.10",
"jest": "^29.0.0",
"jsdoc": "^4.0.0",
"lint-staged": "^13.0.3",

@@ -93,7 +99,7 @@ "nock": "^13.2.4",

"rollup-plugin-dts": "^4.2.2",
"rollup-plugin-esbuild": "^4.9.1",
"rollup-plugin-esbuild": "^5.0.0",
"rollup-plugin-inject-process-env": "^1.3.1",
"rollup-plugin-livereload": "^2.0.5",
"rollup-plugin-terser": "^7.0.2",
"ts-jest": "^28.0.3",
"ts-jest": "^29.0.0",
"ts-node": "^10.8.2",

@@ -103,5 +109,5 @@ "typescript": "^4.6.4"

"dependencies": {
"@descope/core-js-sdk": "0.0.41-alpha.55",
"jose": "4.11.2",
"node-fetch": "2.6.8"
"@descope/core-js-sdk": "1.3.4",
"jose": "4.14.4",
"node-fetch-commonjs": "3.2.4"
},

@@ -108,0 +114,0 @@ "peerDependencies": {

241

README.md

@@ -18,7 +18,10 @@ # Descope SDK for Node.js

## Setup
## Authentication Functions
A Descope `Project ID` is required to initialize the SDK. Find it on the
[project page in the Descope Console](https://app.descope.com/settings/project).
### Setup
Before you can use authentication functions listed below, you must initialize `descopeClient` to use all of the built-in SDK functions.
You'll need your Descope `Project ID` to create this, and you can find it on the [project page](https://app.descope.com/settings/project) in the Descope Console.
```typescript

@@ -30,6 +33,50 @@ import DescopeClient from '@descope/node-sdk';

## Usage
Once you've created a `descopeClient`, you can use that to work with the following functions:
Here are some examples how to manage and authenticate users:
1. [OTP Authentication](#otp-authentication)
2. [Magic Link](#magic-link)
3. [Enchanted Link](#enchanted-link)
4. [OAuth](#oauth)
5. [SSO/SAML](#ssosaml)
6. [TOTP Authentication](#totp-authentication)
7. [Passwords](#passwords)
8. [Session Validation](#session-validation)
9. [Roles & Permission Validation](#roles--permission-validation)
10. [Logging Out](#logging-out)
## Management Functions
### Setup
Before you can use management functions listed below, you must initialize `descopeClient`.
If you wish to also use management functions, you will need to initialize a new version of your `descopeClient`, but this time with a `ManagementKey` as well as your `Project ID`. Create a management key in the [Descope Console](https://app.descope.com/settings/company/managementkeys).
```typescript
import DescopeClient from '@descope/node-sdk';
const descopeClient = DescopeClient({
projectId: 'my-project-ID',
managementKey: 'management-key',
});
```
Then, you can use that to work with the following functions:
1. [Manage Tenants](#manage-tenants)
2. [Manage Users](#manage-users)
3. [Manage Access Keys](#manage-access-keys)
4. [Manage SSO Setting](#manage-sso-setting)
5. [Manage Permissions](#manage-permissions)
6. [Manage Roles](#manage-roles)
7. [Query SSO Groups](#query-sso-groups)
8. [Manage Flows](#manage-flows)
9. [Manage JWTs](#manage-jwts)
If you wish to run any of our code samples and play with them, check out our [Code Examples](#code-examples) section.
If you're performing end-to-end testing, check out the [Utils for your end to end (e2e) tests and integration tests](#utils-for-your-end-to-end-e2e-tests-and-integration-tests) section. You will need to use the `descopeClient` you created under the setup of [Management Functions](#management-functions).
---
### OTP Authentication

@@ -224,2 +271,66 @@

### Passwords
The user can also authenticate with a password, though it's recommended to
prefer passwordless authentication methods if possible. Sign up requires the
caller to provide a valid password that meets all the requirements configured
for the [password authentication method](https://app.descope.com/settings/authentication/password) in the Descope console.
```js
// Every user must have a loginId. All other user information is optional
const loginId = 'desmond@descope.com';
const password = 'qYlvi65KaX';
const user = {
name: 'Desmond Copeland',
email: loginId,
};
const jwtResponse = await descopeClient.password.signUp(loginId, password, user);
// jwtResponse.data.sessionJwt;
// jwtResponse.data.refreshJwt;
```
The user can later sign in using the same loginId and password.
```js
const jwtResponse = await descopeClient.password.signIn(loginId, password);
// jwtResponse.data.sessionJwt;
// jwtResponse.data.refreshJwt;
```
The session and refresh JWTs should be returned to the caller, and passed with every request in the session. Read more on [session validation](#session-validation)
In case the user needs to update their password, one of two methods are available: Resetting their password or replacing their password
**Changing Passwords**
_NOTE: sendReset will only work if the user has a validated email address. Otherwise password reset prompts cannot be sent._
In the [password authentication method](https://app.descope.com/settings/authentication/password) in the Descope console, it is possible to define which alternative authentication method can be used in order to authenticate the user, in order to reset and update their password.
```js
// Start the reset process by sending a password reset prompt. In this example we'll assume
// that magic link is configured as the reset method. The optional redirect URL is used in the
// same way as in regular magic link authentication.
const loginId = 'desmond@descope.com';
const redirectURL = 'https://myapp.com/password-reset';
const passwordResetResponse = await descopeClient.password.sendReset(loginId, redirectURL);
```
The magic link, in this case, must then be verified like any other magic link (see the [magic link section](#magic-link) for more details). However, after verifying the user, it is expected
to allow them to provide a new password instead of the old one. Since the user is now authenticated, this is possible via:
```js
// The refresh token is required to make sure the user is authenticated.
await descopeClient.password.update(loginId, newPassword, token);
```
`update()` can always be called when the user is authenticated and has a valid session.
Alternatively, it is also possible to replace an existing active password with a new one.
```js
// Replaces the user's current password with a new one
await descopeClient.password.replace(loginId, oldPassword, newPassword);
```
### Session Validation

@@ -341,6 +452,6 @@

## Management API
## Management Functions
It is very common for some form of management or automation to be required. These can be performed
using the management API. Please note that these actions are more sensitive as they are administrative
using the management functions. Please note that these actions are more sensitive as they are administrative
in nature. Please use responsibly.

@@ -407,2 +518,14 @@

// Alternatively, a user can be created and invited via an email message.
// Make sure to configure the invite URL in the Descope console prior to using this function,
// and that an email address is provided in the information.
await descopeClient.management.user.invite(
'desmond@descope.com',
'desmond@descope.com',
null,
'Desmond Copeland',
null,
[{ tenantId: 'tenant-ID1', roleNames: ['role-name1'] }],
);
// Update will override all fields as is. Use carefully.

@@ -436,2 +559,3 @@ await descopeClient.management.user.update(

// Search all users, optionally according to tenant and/or role filter
// Results can be paginated using the limit and page parameters
const usersRes = await descopeClient.management.user.searchAll(['tenant-ID']);

@@ -443,2 +567,16 @@ usersRes.data.forEach((user) => {

#### Set or Expire User Password
You can set or expire a user's password.
Note: When setting a password, it will automatically be set as expired.
The user will not be able log-in using an expired password, and will be required replace it on next login.
```typescript
// Set a user's password
await descopeClient.management.user.setPassword('<login-ID>', '<some-password>');
// Or alternatively, expire a user password
await descopeClient.management.user.expirePassword('<login-ID>');
```
### Manage Access Keys

@@ -486,2 +624,5 @@

```typescript
// You can get SSO settings for a specific tenant ID
const ssoSettings = await descopeClient.management.sso.getSettings("tenant-id")
// You can configure SSO settings manually by setting the required fields directly

@@ -493,3 +634,4 @@ const tenantId = 'tenant-id' // Which tenant this configuration is for

const redirectURL = 'https://my-app.com/handle-saml' // Global redirect URL for SSO/SAML
await descopeClient.management.sso.configureSettings(tenantID, idpURL, entityID, idpCert, redirectURL)
const domain = 'tenant-users.com' // Users authentication with this domain will be logged in to this tenant
await descopeClient.management.sso.configureSettings(tenantID, idpURL, entityID, idpCert, redirectURL, domain)

@@ -503,3 +645,3 @@ // Alternatively, configure using an SSO metadata URL

tenantId,
{ groups: ['IDP_ADMIN'], role: 'Tenant Admin'}
[{ groups: ['IDP_ADMIN'], roleName: 'Tenant Admin'}]
{ name: 'IDP_NAME', phoneNumber: 'IDP_PHONE'},

@@ -517,2 +659,5 @@ )

// You can delete SSO settings for a specific tenant ID
await descopeClient.management.sso.deleteSettings("tenant-id")
### Manage Permissions

@@ -599,2 +744,31 @@

### Manage Flows
You can import and export flows and screens, or the project theme:
```typescript
// Export the flow and it's matching screens based on the given id
const res = await descopeClient.management.flow.export('sign-up');
console.log('found flow', res.data.flow);
res.data.screens.forEach((screen) => {
// do something
});
// Import the given flow and screens as the given id
const { flow, screens } = res.data;
const updatedRes = descopeClient.management.flow.import('sign-up', flow, screens);
console.log('updated flow', updatedRes.data.flow);
updatedRes.data.screens.forEach((screen) => {
// do something
});
// Export the current theme of the project
const res = descopeClient.management.theme.export();
console.log(res.data.theme);
// Import the given theme to the project
const updatedRes = descopeClient.management.theme.import(theme);
console.log(updatedRes.data.theme);
```
### Manage JWTs

@@ -611,2 +785,51 @@

### Utils for your end to end (e2e) tests and integration tests
To ease your e2e tests, we exposed dedicated management methods,
that way, you don't need to use 3rd party messaging services in order to receive sign-in/up Emails or SMS, and avoid the need of parsing the code and token from them.
```typescript
// User for test can be created, this user will be able to generate code/link without
// the need of 3rd party messaging services.
// Test user must have a loginId, other fields are optional.
// Roles should be set directly if no tenants exist, otherwise set
// on a per-tenant basis.
await descopeClient.management.user.createTestUser(
'desmond@descope.com',
'desmond@descope.com',
null,
'Desmond Copeland',
null,
[{ tenantId: 'tenant-ID1', roleNames: ['role-name1'] }],
);
// Now test user got created, and this user will be available until you delete it,
// you can use any management operation for test user CRUD.
// You can also delete all test users.
await descopeClient.management.user.deleteAllTestUsers();
// OTP code can be generated for test user, for example:
const { code } = await descopeClient.management.user.generateOTPForTestUser(
'sms',
'desmond@descope.com',
);
// Now you can verify the code is valid (using descopeClient.auth.*.verify for example)
// Same as OTP, magic link can be generated for test user, for example:
const { link } = await descopeClient.management.user.generateMagicLinkForTestUser(
'email',
'desmond@descope.com',
'',
);
// Enchanted link can be generated for test user, for example:
const { link, pendingRef } = await descopeClient.management.user.generateEnchantedLinkForTestUser(
'desmond@descope.com',
'',
);
// Note 1: The generate code/link functions, work only for test users, will not work for regular users.
// Note 2: In case of testing sign-in / sign-up operations with test users, need to make sure to generate the code prior calling the sign-in / sign-up operations.
```
## Code Examples

@@ -613,0 +836,0 @@ 

dist/cjs/index.cjs.js.map

Sorry, the diff of this file is not supported yet

dist/index.esm.js.map

Sorry, the diff of this file is not supported yet

LICENSE

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc