Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@descope/node-sdk
Advanced tools
@descope/node-sdk - npm Package Compare versions
Comparing version 1.0.4-alpha.12 to 1.0.4-alpha.13
@@ -1,2 +0,2 @@ | ||
| "use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),a=require("node-fetch");function o(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var n=o(t),r=o(a);const i=t=>async(...s)=>{var a,o,n;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,d=e.__rest(i,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:p})})};function l(e,t,s){var a,o;const n=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(n)?n:[]}var d={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search"},p={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},m={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},c={configure:"mgmt/sso/settings",metadata:"mgmt/sso/metadata",mapping:"mgmt/sso/mapping"},u={update:"/v1/mgmt/jwt/update"},h={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},g={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},v={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const k=(e,s)=>({create:(a,o,n,r,i,l)=>t.transformResponse(e.httpClient.post(d.create,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l},{token:s}),(e=>e.user)),update:(a,o,n,r,i,l)=>t.transformResponse(e.httpClient.post(d.update,{loginId:a,email:o,phone:n,displayName:r,roleNames:i,userTenants:l},{token:s}),(e=>e.user)),delete:a=>t.transformResponse(e.httpClient.post(d.delete,{loginId:a},{token:s})),load:a=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{loginId:a},token:s}),(e=>e.user)),loadByUserId:a=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{userId:a},token:s}),(e=>e.user)),searchAll:(a,o,n)=>t.transformResponse(e.httpClient.post(d.search,{tenantIds:a,roleNames:o,limit:n},{token:s}),(e=>e.users))}),f=(e,s)=>({create:(a,o)=>t.transformResponse(e.httpClient.post(m.create,{name:a,selfProvisioningDomains:o},{token:s})),createWithId:(a,o,n)=>t.transformResponse(e.httpClient.post(m.create,{tenantId:a,name:o,selfProvisioningDomains:n},{token:s})),update:(a,o,n)=>t.transformResponse(e.httpClient.post(m.update,{tenantId:a,name:o,selfProvisioningDomains:n},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(m.delete,{tenantId:a},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(m.loadAll,{token:s}),(e=>e.tenants))}),y=(e,s)=>({update:(a,o)=>t.transformResponse(e.httpClient.post(u.update,{jwt:a,customClaims:o},{token:s}))}),R=(e,s)=>({create:(a,o)=>t.transformResponse(e.httpClient.post(h.create,{name:a,description:o},{token:s})),update:(a,o,n)=>t.transformResponse(e.httpClient.post(h.update,{name:a,newName:o,description:n},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(h.delete,{name:a},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(h.loadAll,{token:s}),(e=>e.permissions))}),w=(e,s)=>({create:(a,o,n)=>t.transformResponse(e.httpClient.post(g.create,{name:a,description:o,permissionNames:n},{token:s})),update:(a,o,n,r)=>t.transformResponse(e.httpClient.post(g.update,{name:a,newName:o,description:n,permissionNames:r},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(g.delete,{name:a},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(g.loadAll,{token:s}),(e=>e.roles))}),C=(e,s)=>({loadAllGroups:a=>t.transformResponse(e.httpClient.post(v.loadAllGroups,{tenantId:a},{token:s})),loadAllGroupsForMember:(a,o,n)=>t.transformResponse(e.httpClient.post(v.loadAllGroupsForMember,{tenantId:a,loginIds:n,userIds:o},{token:s})),loadAllGroupMembers:(a,o)=>t.transformResponse(e.httpClient.post(v.loadAllGroupMembers,{tenantId:a,groupId:o},{token:s}))}),b=(e,s)=>({configureSettings:(a,o,n,r,i)=>t.transformResponse(e.httpClient.post(c.configure,{tenantId:a,idpURL:o,entityId:r,idpCert:n,redirectURL:i},{token:s})),configureMetadata:(a,o)=>t.transformResponse(e.httpClient.post(c.metadata,{tenantId:a,idpMetadataURL:o},{token:s})),configureMapping:(a,o,n)=>t.transformResponse(e.httpClient.post(c.mapping,{tenantId:a,roleMapping:o,attributeMapping:n},{token:s}))}),A=(e,s)=>({create:(a,o,n,r)=>t.transformResponse(e.httpClient.post(p.create,{name:a,expireTime:o,roleNames:n,keyTenants:r},{token:s})),load:a=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{id:a},token:s}),(e=>e.key)),searchAll:a=>t.transformResponse(e.httpClient.post(p.search,{tenantIds:a},{token:s}),(e=>e.keys)),update:(a,o)=>t.transformResponse(e.httpClient.post(p.update,{id:a,name:o},{token:s}),(e=>e.key)),deactivate:a=>t.transformResponse(e.httpClient.post(p.deactivate,{id:a},{token:s})),activate:a=>t.transformResponse(e.httpClient.post(p.activate,{id:a},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(p.delete,{id:a},{token:s}))});globalThis.fetch||(globalThis.fetch=r.default,globalThis.Headers=a.Headers,globalThis.Request=a.Request,globalThis.Response=a.Response);const I=a=>{var{managementKey:o}=a,r=e.__rest(a,["managementKey"]);const d=n.default(t.addHooksToConfig(r,{beforeRequest:e=>{var t;return e.headers=Object.assign(Object.assign({},e.headers),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(t=null===process||void 0===process?void 0:process.versions)||void 0===t?void 0:t.node)||"","x-descope-sdk-version":"1.0.4-alpha.12"}),e}})),{projectId:p,logger:m}=r,c={},u=((e,t)=>({user:k(e,t),accessKey:A(e,t),tenant:f(e,t),sso:b(e,t),jwt:y(e,t),permission:R(e,t),role:w(e,t),group:C(e,t)}))(d,o),h=Object.assign(Object.assign({},d),{management:u,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(c[e.kid])return c[e.kid];if(Object.assign(c,await(async()=>{const e=(await d.httpClient.get(`v2/keys/${p}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!c[e.kid])throw Error("failed to fetch matching key");return c[e.kid]},async validateJwt(e){var t;const a=(await s.jwtVerify(e,h.getKey,{clockTolerance:5})).payload;if(a&&(a.iss=null===(t=a.iss)||void 0===t?void 0:t.split("/").pop(),a.iss!==p))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:a}},async validateSession(e,t){var s,a;if(!e&&!t)throw Error("both refresh token and session token are empty");if(e)try{return await h.validateJwt(e)}catch(e){if(!t)throw null==m||m.error("failed to validate session token and no refresh token provided",e),Error("could not validate tokens")}if(t)try{await h.validateJwt(t);const e=await h.refresh(t);if(e.ok){return await h.validateJwt(null===(s=e.data)||void 0===s?void 0:s.sessionJwt)}throw Error(null===(a=e.error)||void 0===a?void 0:a.message)}catch(e){throw null==m||m.error("failed to validate refresh token",e),Error("could not validate tokens")}throw Error("could not validate token")},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await h.accessKey.exchange(e)}catch(e){throw null==m||m.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:s}=t.data;if(!s)throw null==m||m.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await h.validateJwt(s)}catch(e){throw null==m||m.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>h.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,s){const a=l(e,"permissions",t);return s.every((e=>a.includes(e)))},validateRoles:(e,t)=>h.validateTenantRoles(e,null,t),validateTenantRoles(e,t,s){const a=l(e,"roles",t);return s.every((e=>a.includes(e)))}});return t.wrapWith(h,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],i)};I.RefreshTokenCookieName="DSR",I.SessionTokenCookieName="DS",module.exports=I; | ||
| "use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),a=require("node-fetch");function n(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var o=n(t),r=n(a);const i=t=>async(...s)=>{var a,n,o;const r=await t(...s);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,d=e.__rest(i,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=r.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(l=((e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return s?s[1]:null})(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"),"DSR"),p.push(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:p})})};function l(e,t,s){var a,n;const o=s?null===(n=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===n?void 0:n[t]:e.token[t];return Array.isArray(o)?o:[]}var d={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search",updateStatus:"/v1/mgmt/user/update/status",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove"},p={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},m={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},c={configure:"mgmt/sso/settings",metadata:"mgmt/sso/metadata",mapping:"mgmt/sso/mapping"},u={update:"/v1/mgmt/jwt/update"},g={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},h={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},v={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const k=(e,s)=>({create:(a,n,o,r,i,l)=>t.transformResponse(e.httpClient.post(d.create,{loginId:a,email:n,phone:o,displayName:r,roleNames:i,userTenants:l},{token:s}),(e=>e.user)),update:(a,n,o,r,i,l)=>t.transformResponse(e.httpClient.post(d.update,{loginId:a,email:n,phone:o,displayName:r,roleNames:i,userTenants:l},{token:s}),(e=>e.user)),delete:a=>t.transformResponse(e.httpClient.post(d.delete,{loginId:a},{token:s})),load:a=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{loginId:a},token:s}),(e=>e.user)),loadByUserId:a=>t.transformResponse(e.httpClient.get(d.load,{queryParams:{userId:a},token:s}),(e=>e.user)),searchAll:(a,n,o)=>t.transformResponse(e.httpClient.post(d.search,{tenantIds:a,roleNames:n,limit:o},{token:s}),(e=>e.users)),activate:a=>t.transformResponse(e.httpClient.post(d.updateStatus,{loginId:a,status:"enabled"},{token:s}),(e=>e.user)),deactivate:a=>t.transformResponse(e.httpClient.post(d.updateStatus,{loginId:a,status:"disabled"},{token:s}),(e=>e.user)),updateEmail:(a,n,o)=>t.transformResponse(e.httpClient.post(d.updateEmail,{loginId:a,email:n,verified:o},{token:s}),(e=>e.user)),updatePhone:(a,n,o)=>t.transformResponse(e.httpClient.post(d.updatePhone,{loginId:a,phone:n,verified:o},{token:s}),(e=>e.user)),updateDisplayName:(a,n)=>t.transformResponse(e.httpClient.post(d.updateDisplayName,{loginId:a,displayName:n},{token:s}),(e=>e.user)),addRoles:(a,n)=>t.transformResponse(e.httpClient.post(d.addRole,{loginId:a,roleNames:n},{token:s}),(e=>e.user)),removeRoles:(a,n)=>t.transformResponse(e.httpClient.post(d.removeRole,{loginId:a,roleNames:n},{token:s}),(e=>e.user)),addTenant:(a,n)=>t.transformResponse(e.httpClient.post(d.addTenant,{loginId:a,tenantId:n},{token:s}),(e=>e.user)),removeTenant:(a,n)=>t.transformResponse(e.httpClient.post(d.removeTenant,{loginId:a,tenantId:n},{token:s}),(e=>e.user)),addTenantRoles:(a,n,o)=>t.transformResponse(e.httpClient.post(d.addRole,{loginId:a,tenantId:n,roleNames:o},{token:s}),(e=>e.user)),removeTenantRoles:(a,n,o)=>t.transformResponse(e.httpClient.post(d.removeRole,{loginId:a,tenantId:n,roleNames:o},{token:s}),(e=>e.user))}),f=(e,s)=>({create:(a,n)=>t.transformResponse(e.httpClient.post(m.create,{name:a,selfProvisioningDomains:n},{token:s})),createWithId:(a,n,o)=>t.transformResponse(e.httpClient.post(m.create,{tenantId:a,name:n,selfProvisioningDomains:o},{token:s})),update:(a,n,o)=>t.transformResponse(e.httpClient.post(m.update,{tenantId:a,name:n,selfProvisioningDomains:o},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(m.delete,{tenantId:a},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(m.loadAll,{token:s}),(e=>e.tenants))}),R=(e,s)=>({update:(a,n)=>t.transformResponse(e.httpClient.post(u.update,{jwt:a,customClaims:n},{token:s}))}),y=(e,s)=>({create:(a,n)=>t.transformResponse(e.httpClient.post(g.create,{name:a,description:n},{token:s})),update:(a,n,o)=>t.transformResponse(e.httpClient.post(g.update,{name:a,newName:n,description:o},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(g.delete,{name:a},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(g.loadAll,{token:s}),(e=>e.permissions))}),C=(e,s)=>({create:(a,n,o)=>t.transformResponse(e.httpClient.post(h.create,{name:a,description:n,permissionNames:o},{token:s})),update:(a,n,o,r)=>t.transformResponse(e.httpClient.post(h.update,{name:a,newName:n,description:o,permissionNames:r},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(h.delete,{name:a},{token:s})),loadAll:()=>t.transformResponse(e.httpClient.get(h.loadAll,{token:s}),(e=>e.roles))}),w=(e,s)=>({loadAllGroups:a=>t.transformResponse(e.httpClient.post(v.loadAllGroups,{tenantId:a},{token:s})),loadAllGroupsForMember:(a,n,o)=>t.transformResponse(e.httpClient.post(v.loadAllGroupsForMember,{tenantId:a,loginIds:o,userIds:n},{token:s})),loadAllGroupMembers:(a,n)=>t.transformResponse(e.httpClient.post(v.loadAllGroupMembers,{tenantId:a,groupId:n},{token:s}))}),I=(e,s)=>({configureSettings:(a,n,o,r,i)=>t.transformResponse(e.httpClient.post(c.configure,{tenantId:a,idpURL:n,entityId:r,idpCert:o,redirectURL:i},{token:s})),configureMetadata:(a,n)=>t.transformResponse(e.httpClient.post(c.metadata,{tenantId:a,idpMetadataURL:n},{token:s})),configureMapping:(a,n,o)=>t.transformResponse(e.httpClient.post(c.mapping,{tenantId:a,roleMapping:n,attributeMapping:o},{token:s}))}),b=(e,s)=>({create:(a,n,o,r)=>t.transformResponse(e.httpClient.post(p.create,{name:a,expireTime:n,roleNames:o,keyTenants:r},{token:s})),load:a=>t.transformResponse(e.httpClient.get(p.load,{queryParams:{id:a},token:s}),(e=>e.key)),searchAll:a=>t.transformResponse(e.httpClient.post(p.search,{tenantIds:a},{token:s}),(e=>e.keys)),update:(a,n)=>t.transformResponse(e.httpClient.post(p.update,{id:a,name:n},{token:s}),(e=>e.key)),deactivate:a=>t.transformResponse(e.httpClient.post(p.deactivate,{id:a},{token:s})),activate:a=>t.transformResponse(e.httpClient.post(p.activate,{id:a},{token:s})),delete:a=>t.transformResponse(e.httpClient.post(p.delete,{id:a},{token:s}))});globalThis.fetch||(globalThis.fetch=r.default,globalThis.Headers=a.Headers,globalThis.Request=a.Request,globalThis.Response=a.Response);const A=a=>{var n,{managementKey:r}=a,d=e.__rest(a,["managementKey"]);const p=o.default(Object.assign(Object.assign({},d),{baseHeaders:Object.assign(Object.assign({},d.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(n=null===process||void 0===process?void 0:process.versions)||void 0===n?void 0:n.node)||"","x-descope-sdk-version":"1.0.4-alpha.13"})})),{projectId:m,logger:c}=d,u={},g=((e,t)=>({user:k(e,t),accessKey:b(e,t),tenant:f(e,t),sso:I(e,t),jwt:R(e,t),permission:y(e,t),role:C(e,t),group:w(e,t)}))(p,r),h=Object.assign(Object.assign({},p),{management:g,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(u[e.kid])return u[e.kid];if(Object.assign(u,await(async()=>{const e=(await p.httpClient.get(`v2/keys/${m}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!u[e.kid])throw Error("failed to fetch matching key");return u[e.kid]},async validateJwt(e){var t;const a=(await s.jwtVerify(e,h.getKey,{clockTolerance:5})).payload;if(a&&(a.iss=null===(t=a.iss)||void 0===t?void 0:t.split("/").pop(),a.iss!==m))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:a}},async validateSession(e,t){var s,a;if(!e&&!t)throw Error("both refresh token and session token are empty");if(e)try{return await h.validateJwt(e)}catch(e){if(!t)throw null==c||c.error("failed to validate session token and no refresh token provided",e),Error("could not validate tokens")}if(t)try{await h.validateJwt(t);const e=await h.refresh(t);if(e.ok){return await h.validateJwt(null===(s=e.data)||void 0===s?void 0:s.sessionJwt)}throw Error(null===(a=e.error)||void 0===a?void 0:a.message)}catch(e){throw null==c||c.error("failed to validate refresh token",e),Error("could not validate tokens")}throw Error("could not validate token")},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await h.accessKey.exchange(e)}catch(e){throw null==c||c.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:s}=t.data;if(!s)throw null==c||c.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await h.validateJwt(s)}catch(e){throw null==c||c.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>h.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,s){const a=l(e,"permissions",t);return s.every((e=>a.includes(e)))},validateRoles:(e,t)=>h.validateTenantRoles(e,null,t),validateTenantRoles(e,t,s){const a=l(e,"roles",t);return s.every((e=>a.includes(e)))}});return t.wrapWith(h,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],i)};A.RefreshTokenCookieName="DSR",A.SessionTokenCookieName="DS",module.exports=A; | ||
| //# sourceMappingURL=index.cjs.js.map |
| import * as _descope_core_js_sdk from '@descope/core-js-sdk'; | ||
| import _descope_core_js_sdk__default, { SdkResponse, ExchangeAccessKeyResponse, RequestConfig } from '@descope/core-js-sdk'; | ||
| import _descope_core_js_sdk__default, { SdkResponse, ExchangeAccessKeyResponse } from '@descope/core-js-sdk'; | ||
| export { DeliveryMethod, OAuthProvider } from '@descope/core-js-sdk'; | ||
@@ -116,2 +116,13 @@ import { JWTHeaderParameters, KeyLike } from 'jose'; | ||
| searchAll: (tenantIds?: string[], roles?: string[], limit?: number) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse[]>>; | ||
| activate: (loginId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>; | ||
| deactivate: (loginId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>; | ||
| updateEmail: (loginId: string, email: string, isVerified: boolean) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>; | ||
| updatePhone: (loginId: string, phone: string, isVerified: boolean) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>; | ||
| updateDisplayName: (loginId: string, displayName: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>; | ||
| addRoles: (loginId: string, roles: string[]) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>; | ||
| removeRoles: (loginId: string, roles: string[]) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>; | ||
| addTenant: (loginId: string, tenantId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>; | ||
| removeTenant: (loginId: string, tenantId: string) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>; | ||
| addTenantRoles: (loginId: string, tenantId: string, roles: string[]) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>; | ||
| removeTenantRoles: (loginId: string, tenantId: string, roles: string[]) => Promise<SdkResponse<_descope_core_js_sdk.UserResponse>>; | ||
| }; | ||
@@ -132,2 +143,3 @@ accessKey: { | ||
| delete: (tenantId: string) => Promise<SdkResponse<never>>; | ||
| /** Fetch the public keys (JWKs) from Descope for the configured project */ | ||
| loadAll: () => Promise<SdkResponse<Tenant[]>>; | ||
@@ -355,2 +367,3 @@ }; | ||
| mfa?: boolean; | ||
| /** Configuration arguments which include the Descope core SDK args and an optional management key */ | ||
| customClaims?: Record<string, any>; | ||
@@ -379,2 +392,3 @@ }, token?: string) => Promise<SdkResponse<_descope_core_js_sdk.JWTResponse & { | ||
| mfa?: boolean; | ||
| /** Configuration arguments which include the Descope core SDK args and an optional management key */ | ||
| customClaims?: Record<string, any>; | ||
@@ -462,4 +476,4 @@ }, token?: string) => Promise<SdkResponse<{ | ||
| hooks?: { | ||
| beforeRequest?: (config: RequestConfig) => RequestConfig; | ||
| afterRequest?: (req: RequestConfig, res: globalThis.Response) => void; | ||
| beforeRequest?: (config: _descope_core_js_sdk.RequestConfig) => _descope_core_js_sdk.RequestConfig; | ||
| afterRequest?: (req: _descope_core_js_sdk.RequestConfig, res: globalThis.Response) => void; | ||
| }; | ||
@@ -466,0 +480,0 @@ }; |
@@ -1,2 +0,2 @@ | ||
| import{__rest as e}from"tslib";import t,{transformResponse as a,addHooksToConfig as o,wrapWith as n}from"@descope/core-js-sdk";import{jwtVerify as s,errors as r,importJWK as i}from"jose";import l,{Headers as d,Request as c,Response as p}from"node-fetch";const m=t=>async(...a)=>{var o,n,s;const r=await t(...a);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,d=e(i,["refreshJwt"]);const c=[];var p;return l?c.push(`${"DSR"}=${l}; Domain=${(null==(p=d)?void 0:p.cookieDomain)||""}; Max-Age=${(null==p?void 0:p.cookieMaxAge)||""}; Path=${(null==p?void 0:p.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"))&&(l=((e,t)=>{const a=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return a?a[1]:null})(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"),"DSR"),c.push(null===(s=r.response)||void 0===s?void 0:s.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:c})})};function u(e,t,a){var o,n;const s=a?null===(n=null===(o=e.token.tenants)||void 0===o?void 0:o[a])||void 0===n?void 0:n[t]:e.token[t];return Array.isArray(s)?s:[]}var h={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},v={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},k={configure:"mgmt/sso/settings",metadata:"mgmt/sso/metadata",mapping:"mgmt/sso/mapping"},y={update:"/v1/mgmt/jwt/update"},f={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},w={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},C={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const b=(e,t)=>({create:(o,n,s,r,i,l)=>a(e.httpClient.post(h.create,{loginId:o,email:n,phone:s,displayName:r,roleNames:i,userTenants:l},{token:t}),(e=>e.user)),update:(o,n,s,r,i,l)=>a(e.httpClient.post(h.update,{loginId:o,email:n,phone:s,displayName:r,roleNames:i,userTenants:l},{token:t}),(e=>e.user)),delete:o=>a(e.httpClient.post(h.delete,{loginId:o},{token:t})),load:o=>a(e.httpClient.get(h.load,{queryParams:{loginId:o},token:t}),(e=>e.user)),loadByUserId:o=>a(e.httpClient.get(h.load,{queryParams:{userId:o},token:t}),(e=>e.user)),searchAll:(o,n,s)=>a(e.httpClient.post(h.search,{tenantIds:o,roleNames:n,limit:s},{token:t}),(e=>e.users))}),A=(e,t)=>({create:(o,n)=>a(e.httpClient.post(v.create,{name:o,selfProvisioningDomains:n},{token:t})),createWithId:(o,n,s)=>a(e.httpClient.post(v.create,{tenantId:o,name:n,selfProvisioningDomains:s},{token:t})),update:(o,n,s)=>a(e.httpClient.post(v.update,{tenantId:o,name:n,selfProvisioningDomains:s},{token:t})),delete:o=>a(e.httpClient.post(v.delete,{tenantId:o},{token:t})),loadAll:()=>a(e.httpClient.get(v.loadAll,{token:t}),(e=>e.tenants))}),I=(e,t)=>({update:(o,n)=>a(e.httpClient.post(y.update,{jwt:o,customClaims:n},{token:t}))}),j=(e,t)=>({create:(o,n)=>a(e.httpClient.post(f.create,{name:o,description:n},{token:t})),update:(o,n,s)=>a(e.httpClient.post(f.update,{name:o,newName:n,description:s},{token:t})),delete:o=>a(e.httpClient.post(f.delete,{name:o},{token:t})),loadAll:()=>a(e.httpClient.get(f.loadAll,{token:t}),(e=>e.permissions))}),x=(e,t)=>({create:(o,n,s)=>a(e.httpClient.post(w.create,{name:o,description:n,permissionNames:s},{token:t})),update:(o,n,s,r)=>a(e.httpClient.post(w.update,{name:o,newName:n,description:s,permissionNames:r},{token:t})),delete:o=>a(e.httpClient.post(w.delete,{name:o},{token:t})),loadAll:()=>a(e.httpClient.get(w.loadAll,{token:t}),(e=>e.roles))}),T=(e,t)=>({loadAllGroups:o=>a(e.httpClient.post(C.loadAllGroups,{tenantId:o},{token:t})),loadAllGroupsForMember:(o,n,s)=>a(e.httpClient.post(C.loadAllGroupsForMember,{tenantId:o,loginIds:s,userIds:n},{token:t})),loadAllGroupMembers:(o,n)=>a(e.httpClient.post(C.loadAllGroupMembers,{tenantId:o,groupId:n},{token:t}))}),R=(e,t)=>({configureSettings:(o,n,s,r,i)=>a(e.httpClient.post(k.configure,{tenantId:o,idpURL:n,entityId:r,idpCert:s,redirectURL:i},{token:t})),configureMetadata:(o,n)=>a(e.httpClient.post(k.metadata,{tenantId:o,idpMetadataURL:n},{token:t})),configureMapping:(o,n,s)=>a(e.httpClient.post(k.mapping,{tenantId:o,roleMapping:n,attributeMapping:s},{token:t}))}),M=(e,t)=>({create:(o,n,s,r)=>a(e.httpClient.post(g.create,{name:o,expireTime:n,roleNames:s,keyTenants:r},{token:t})),load:o=>a(e.httpClient.get(g.load,{queryParams:{id:o},token:t}),(e=>e.key)),searchAll:o=>a(e.httpClient.post(g.search,{tenantIds:o},{token:t}),(e=>e.keys)),update:(o,n)=>a(e.httpClient.post(g.update,{id:o,name:n},{token:t}),(e=>e.key)),deactivate:o=>a(e.httpClient.post(g.deactivate,{id:o},{token:t})),activate:o=>a(e.httpClient.post(g.activate,{id:o},{token:t})),delete:o=>a(e.httpClient.post(g.delete,{id:o},{token:t}))});globalThis.fetch||(globalThis.fetch=l,globalThis.Headers=d,globalThis.Request=c,globalThis.Response=p);const E=a=>{var{managementKey:l}=a,d=e(a,["managementKey"]);const c=t(o(d,{beforeRequest:e=>{var t;return e.headers=Object.assign(Object.assign({},e.headers),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(t=null===process||void 0===process?void 0:process.versions)||void 0===t?void 0:t.node)||"","x-descope-sdk-version":"1.0.4-alpha.12"}),e}})),{projectId:p,logger:h}=d,g={},v=((e,t)=>({user:b(e,t),accessKey:M(e,t),tenant:A(e,t),sso:R(e,t),jwt:I(e,t),permission:j(e,t),role:x(e,t),group:T(e,t)}))(c,l),k=Object.assign(Object.assign({},c),{management:v,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(g[e.kid])return g[e.kid];if(Object.assign(g,await(async()=>{const e=(await c.httpClient.get(`v2/keys/${p}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await i(e)])))).reduce(((e,[t,a])=>t?Object.assign(Object.assign({},e),{[t.toString()]:a}):e),{}):{}})()),!g[e.kid])throw Error("failed to fetch matching key");return g[e.kid]},async validateJwt(e){var t;const a=(await s(e,k.getKey,{clockTolerance:5})).payload;if(a&&(a.iss=null===(t=a.iss)||void 0===t?void 0:t.split("/").pop(),a.iss!==p))throw new r.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:a}},async validateSession(e,t){var a,o;if(!e&&!t)throw Error("both refresh token and session token are empty");if(e)try{return await k.validateJwt(e)}catch(e){if(!t)throw null==h||h.error("failed to validate session token and no refresh token provided",e),Error("could not validate tokens")}if(t)try{await k.validateJwt(t);const e=await k.refresh(t);if(e.ok){return await k.validateJwt(null===(a=e.data)||void 0===a?void 0:a.sessionJwt)}throw Error(null===(o=e.error)||void 0===o?void 0:o.message)}catch(e){throw null==h||h.error("failed to validate refresh token",e),Error("could not validate tokens")}throw Error("could not validate token")},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await k.accessKey.exchange(e)}catch(e){throw null==h||h.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:a}=t.data;if(!a)throw null==h||h.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await k.validateJwt(a)}catch(e){throw null==h||h.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>k.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,a){const o=u(e,"permissions",t);return a.every((e=>o.includes(e)))},validateRoles:(e,t)=>k.validateTenantRoles(e,null,t),validateTenantRoles(e,t,a){const o=u(e,"roles",t);return a.every((e=>o.includes(e)))}});return n(k,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],m)};E.RefreshTokenCookieName="DSR",E.SessionTokenCookieName="DS";export{E as default}; | ||
| import{__rest as e}from"tslib";import t,{transformResponse as a,wrapWith as o}from"@descope/core-js-sdk";import{jwtVerify as n,errors as s,importJWK as r}from"jose";import i,{Headers as l,Request as d,Response as p}from"node-fetch";const m=t=>async(...a)=>{var o,n,s;const r=await t(...a);if(!r.data)return r;let i=r.data,{refreshJwt:l}=i,d=e(i,["refreshJwt"]);const p=[];var m;return l?p.push(`${"DSR"}=${l}; Domain=${(null==(m=d)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(o=r.response)||void 0===o?void 0:o.headers.get("set-cookie"))&&(l=((e,t)=>{const a=null==e?void 0:e.match(RegExp(`(?:^|;\\s*)${t}=([^;]*)`));return a?a[1]:null})(null===(n=r.response)||void 0===n?void 0:n.headers.get("set-cookie"),"DSR"),p.push(null===(s=r.response)||void 0===s?void 0:s.headers.get("set-cookie"))),Object.assign(Object.assign({},r),{data:Object.assign(Object.assign({},r.data),{refreshJwt:l,cookies:p})})};function c(e,t,a){var o,n;const s=a?null===(n=null===(o=e.token.tenants)||void 0===o?void 0:o[a])||void 0===n?void 0:n[t]:e.token[t];return Array.isArray(s)?s:[]}var u={create:"/v1/mgmt/user/create",update:"/v1/mgmt/user/update",delete:"/v1/mgmt/user/delete",load:"/v1/mgmt/user",search:"/v1/mgmt/user/search",updateStatus:"/v1/mgmt/user/update/status",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",addRole:"/v1/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",activate:"/v1/mgmt/accesskey/activate",delete:"/v1/mgmt/accesskey/delete"},h={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",loadAll:"/v1/mgmt/tenant/all"},v={configure:"mgmt/sso/settings",metadata:"mgmt/sso/metadata",mapping:"mgmt/sso/mapping"},k={update:"/v1/mgmt/jwt/update"},y={create:"/v1/mgmt/permission/create",update:"/v1/mgmt/permission/update",delete:"/v1/mgmt/permission/delete",loadAll:"/v1/mgmt/permission/all"},f={create:"/v1/mgmt/role/create",update:"/v1/mgmt/role/update",delete:"/v1/mgmt/role/delete",loadAll:"/v1/mgmt/role/all"},C={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"};const w=(e,t)=>({create:(o,n,s,r,i,l)=>a(e.httpClient.post(u.create,{loginId:o,email:n,phone:s,displayName:r,roleNames:i,userTenants:l},{token:t}),(e=>e.user)),update:(o,n,s,r,i,l)=>a(e.httpClient.post(u.update,{loginId:o,email:n,phone:s,displayName:r,roleNames:i,userTenants:l},{token:t}),(e=>e.user)),delete:o=>a(e.httpClient.post(u.delete,{loginId:o},{token:t})),load:o=>a(e.httpClient.get(u.load,{queryParams:{loginId:o},token:t}),(e=>e.user)),loadByUserId:o=>a(e.httpClient.get(u.load,{queryParams:{userId:o},token:t}),(e=>e.user)),searchAll:(o,n,s)=>a(e.httpClient.post(u.search,{tenantIds:o,roleNames:n,limit:s},{token:t}),(e=>e.users)),activate:o=>a(e.httpClient.post(u.updateStatus,{loginId:o,status:"enabled"},{token:t}),(e=>e.user)),deactivate:o=>a(e.httpClient.post(u.updateStatus,{loginId:o,status:"disabled"},{token:t}),(e=>e.user)),updateEmail:(o,n,s)=>a(e.httpClient.post(u.updateEmail,{loginId:o,email:n,verified:s},{token:t}),(e=>e.user)),updatePhone:(o,n,s)=>a(e.httpClient.post(u.updatePhone,{loginId:o,phone:n,verified:s},{token:t}),(e=>e.user)),updateDisplayName:(o,n)=>a(e.httpClient.post(u.updateDisplayName,{loginId:o,displayName:n},{token:t}),(e=>e.user)),addRoles:(o,n)=>a(e.httpClient.post(u.addRole,{loginId:o,roleNames:n},{token:t}),(e=>e.user)),removeRoles:(o,n)=>a(e.httpClient.post(u.removeRole,{loginId:o,roleNames:n},{token:t}),(e=>e.user)),addTenant:(o,n)=>a(e.httpClient.post(u.addTenant,{loginId:o,tenantId:n},{token:t}),(e=>e.user)),removeTenant:(o,n)=>a(e.httpClient.post(u.removeTenant,{loginId:o,tenantId:n},{token:t}),(e=>e.user)),addTenantRoles:(o,n,s)=>a(e.httpClient.post(u.addRole,{loginId:o,tenantId:n,roleNames:s},{token:t}),(e=>e.user)),removeTenantRoles:(o,n,s)=>a(e.httpClient.post(u.removeRole,{loginId:o,tenantId:n,roleNames:s},{token:t}),(e=>e.user))}),I=(e,t)=>({create:(o,n)=>a(e.httpClient.post(h.create,{name:o,selfProvisioningDomains:n},{token:t})),createWithId:(o,n,s)=>a(e.httpClient.post(h.create,{tenantId:o,name:n,selfProvisioningDomains:s},{token:t})),update:(o,n,s)=>a(e.httpClient.post(h.update,{tenantId:o,name:n,selfProvisioningDomains:s},{token:t})),delete:o=>a(e.httpClient.post(h.delete,{tenantId:o},{token:t})),loadAll:()=>a(e.httpClient.get(h.loadAll,{token:t}),(e=>e.tenants))}),b=(e,t)=>({update:(o,n)=>a(e.httpClient.post(k.update,{jwt:o,customClaims:n},{token:t}))}),A=(e,t)=>({create:(o,n)=>a(e.httpClient.post(y.create,{name:o,description:n},{token:t})),update:(o,n,s)=>a(e.httpClient.post(y.update,{name:o,newName:n,description:s},{token:t})),delete:o=>a(e.httpClient.post(y.delete,{name:o},{token:t})),loadAll:()=>a(e.httpClient.get(y.loadAll,{token:t}),(e=>e.permissions))}),T=(e,t)=>({create:(o,n,s)=>a(e.httpClient.post(f.create,{name:o,description:n,permissionNames:s},{token:t})),update:(o,n,s,r)=>a(e.httpClient.post(f.update,{name:o,newName:n,description:s,permissionNames:r},{token:t})),delete:o=>a(e.httpClient.post(f.delete,{name:o},{token:t})),loadAll:()=>a(e.httpClient.get(f.loadAll,{token:t}),(e=>e.roles))}),j=(e,t)=>({loadAllGroups:o=>a(e.httpClient.post(C.loadAllGroups,{tenantId:o},{token:t})),loadAllGroupsForMember:(o,n,s)=>a(e.httpClient.post(C.loadAllGroupsForMember,{tenantId:o,loginIds:s,userIds:n},{token:t})),loadAllGroupMembers:(o,n)=>a(e.httpClient.post(C.loadAllGroupMembers,{tenantId:o,groupId:n},{token:t}))}),R=(e,t)=>({configureSettings:(o,n,s,r,i)=>a(e.httpClient.post(v.configure,{tenantId:o,idpURL:n,entityId:r,idpCert:s,redirectURL:i},{token:t})),configureMetadata:(o,n)=>a(e.httpClient.post(v.metadata,{tenantId:o,idpMetadataURL:n},{token:t})),configureMapping:(o,n,s)=>a(e.httpClient.post(v.mapping,{tenantId:o,roleMapping:n,attributeMapping:s},{token:t}))}),N=(e,t)=>({create:(o,n,s,r)=>a(e.httpClient.post(g.create,{name:o,expireTime:n,roleNames:s,keyTenants:r},{token:t})),load:o=>a(e.httpClient.get(g.load,{queryParams:{id:o},token:t}),(e=>e.key)),searchAll:o=>a(e.httpClient.post(g.search,{tenantIds:o},{token:t}),(e=>e.keys)),update:(o,n)=>a(e.httpClient.post(g.update,{id:o,name:n},{token:t}),(e=>e.key)),deactivate:o=>a(e.httpClient.post(g.deactivate,{id:o},{token:t})),activate:o=>a(e.httpClient.post(g.activate,{id:o},{token:t})),delete:o=>a(e.httpClient.post(g.delete,{id:o},{token:t}))});globalThis.fetch||(globalThis.fetch=i,globalThis.Headers=l,globalThis.Request=d,globalThis.Response=p);const x=a=>{var i,{managementKey:l}=a,d=e(a,["managementKey"]);const p=t(Object.assign(Object.assign({},d),{baseHeaders:Object.assign(Object.assign({},d.baseHeaders),{"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(i=null===process||void 0===process?void 0:process.versions)||void 0===i?void 0:i.node)||"","x-descope-sdk-version":"1.0.4-alpha.13"})})),{projectId:u,logger:g}=d,h={},v=((e,t)=>({user:w(e,t),accessKey:N(e,t),tenant:I(e,t),sso:R(e,t),jwt:b(e,t),permission:A(e,t),role:T(e,t),group:j(e,t)}))(p,l),k=Object.assign(Object.assign({},p),{management:v,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(h[e.kid])return h[e.kid];if(Object.assign(h,await(async()=>{const e=(await p.httpClient.get(`v2/keys/${u}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await r(e)])))).reduce(((e,[t,a])=>t?Object.assign(Object.assign({},e),{[t.toString()]:a}):e),{}):{}})()),!h[e.kid])throw Error("failed to fetch matching key");return h[e.kid]},async validateJwt(e){var t;const a=(await n(e,k.getKey,{clockTolerance:5})).payload;if(a&&(a.iss=null===(t=a.iss)||void 0===t?void 0:t.split("/").pop(),a.iss!==u))throw new s.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");return{jwt:e,token:a}},async validateSession(e,t){var a,o;if(!e&&!t)throw Error("both refresh token and session token are empty");if(e)try{return await k.validateJwt(e)}catch(e){if(!t)throw null==g||g.error("failed to validate session token and no refresh token provided",e),Error("could not validate tokens")}if(t)try{await k.validateJwt(t);const e=await k.refresh(t);if(e.ok){return await k.validateJwt(null===(a=e.data)||void 0===a?void 0:a.sessionJwt)}throw Error(null===(o=e.error)||void 0===o?void 0:o.message)}catch(e){throw null==g||g.error("failed to validate refresh token",e),Error("could not validate tokens")}throw Error("could not validate token")},async exchangeAccessKey(e){if(!e)throw Error("access key must not be empty");let t;try{t=await k.accessKey.exchange(e)}catch(e){throw null==g||g.error("failed to exchange access key",e),Error("could not exchange access key")}const{sessionJwt:a}=t.data;if(!a)throw null==g||g.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await k.validateJwt(a)}catch(e){throw null==g||g.error("failed to parse jwt from access key",e),Error("could not exchange access key")}},validatePermissions:(e,t)=>k.validateTenantPermissions(e,null,t),validateTenantPermissions(e,t,a){const o=c(e,"permissions",t);return a.every((e=>o.includes(e)))},validateRoles:(e,t)=>k.validateTenantRoles(e,null,t),validateTenantRoles(e,t,a){const o=c(e,"roles",t);return a.every((e=>o.includes(e)))}});return o(k,["otp.verify.email","otp.verify.sms","otp.verify.whatsapp","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","oauth.exchange","saml.exchange","totp.verify","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],m)};x.RefreshTokenCookieName="DSR",x.SessionTokenCookieName="DS";export{x as default}; | ||
| //# sourceMappingURL=index.esm.js.map |
| { | ||
| "name": "@descope/node-sdk", | ||
| "version": "1.0.4-alpha.12", | ||
| "version": "1.0.4-alpha.13", | ||
| "description": "Node.js library used to integrate with Descope", | ||
@@ -98,4 +98,4 @@ "typings": "./dist/index.d.ts", | ||
| "dependencies": { | ||
| "@descope/core-js-sdk": "0.0.41-alpha.45", | ||
| "jose": "4.11.1", | ||
| "@descope/core-js-sdk": "0.0.41-alpha.46", | ||
| "jose": "4.11.2", | ||
| "node-fetch": "2.6.7" | ||
@@ -102,0 +102,0 @@ }, |
@@ -316,2 +316,18 @@ # Descope SDK for Node.js | ||
| ### Logging Out | ||
| You can log out a user from an active session by providing their `refreshToken` for that session. | ||
| After calling this function, you must invalidate or remove any cookies you have created. | ||
| ```typescript | ||
| await descopeClient.logout(refreshToken); | ||
| ``` | ||
| It is also possible to sign the user out of all the devices they are currently signed-in with. Calling `logoutAll` will | ||
| invalidate all user's refresh tokens. After calling this function, you must invalidate or remove any cookies you have created. | ||
| ```typescript | ||
| await descopeClient.logoutAll(refreshToken); | ||
| ``` | ||
| ## Management API | ||
@@ -392,2 +408,10 @@ | ||
| // Update explicit data for a user rather than overriding all fields | ||
| await descopeClient.management.user.updatePhone('desmond@descope.com', '+18005551234', true); | ||
| await descopeClient.management.user.removeTenantRoles( | ||
| 'desmond@descope.com', | ||
| 'tenant-ID1', | ||
| 'role-name2', | ||
| ); | ||
| // User deletion cannot be undone. Use carefully. | ||
@@ -531,3 +555,3 @@ await descopeClient.management.user.delete('desmond@descope.com'); | ||
| ### ### Query SSO Groups | ||
| ### Query SSO Groups | ||
@@ -534,0 +558,0 @@ You can query SSO groups: |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by11.67%
166252
- Lines of code
- increased by4.73%
576
- Number of lines in readme file
- increased by3.86%
645
- Number of medium supply chain risk alerts
- decreased by-100%
0
Dependency changes
+ Added@descope/core-js-sdk@0.0.41-alpha.46(transitive)
+ Addedjose@4.11.2(transitive)
- Removed@descope/core-js-sdk@0.0.41-alpha.45(transitive)
- Removedjose@4.11.1(transitive)
Updatedjose@4.11.2