@asgardeo/auth-js
Version:
Asgardeo Auth JS SDK to be used in JavaScript and TypeScript applications.
626 lines • 23 kB
JavaScript
/**
* Copyright (c) 2020, WSO2 LLC. (https://www.wso2.com). All Rights Reserved.
*
* WSO2 LLC. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
import { OIDC_SCOPE, OP_CONFIG_INITIATED, ResponseMode, SIGN_OUT_SUCCESS_PARAM, STATE } from "./constants";
import { AuthenticationCore } from "./core";
import { DataLayer } from "./data";
/**
* Default configurations.
*/
const DefaultConfig = {
clockTolerance: 300,
enablePKCE: true,
responseMode: ResponseMode.query,
scope: [OIDC_SCOPE],
sendCookiesInRequests: true,
validateIDToken: true,
validateIDTokenIssuer: true
};
/**
* This class provides the necessary methods needed to implement authentication.
*/
export class AsgardeoAuthClient {
/**
* This is the constructor method that returns an instance of the .
*
* @param store - The store object.
*
* @example
* ```
* const _store: Store = new DataStore();
* const auth = new AsgardeoAuthClient<CustomClientConfig>(_store);
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#constructor}
*
* @preserve
*/
constructor() { }
/**
*
* This method initializes the SDK with the config data.
*
* @param config - The config object to initialize with.
*
* @example
* const config = \{
* signInRedirectURL: "http://localhost:3000/sign-in",
* clientID: "client ID",
* baseUrl: "https://localhost:9443"
* \}
*
* await auth.initialize(config);
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#initialize}
*
* @preserve
*/
initialize(config, store, cryptoUtils, instanceID) {
var _a, _b, _c;
return __awaiter(this, void 0, void 0, function* () {
const clientId = config.clientID;
if (!AsgardeoAuthClient._instanceID) {
AsgardeoAuthClient._instanceID = 0;
}
else {
AsgardeoAuthClient._instanceID += 1;
}
if (instanceID) {
AsgardeoAuthClient._instanceID = instanceID;
}
if (!clientId) {
this._dataLayer = new DataLayer(`instance_${AsgardeoAuthClient._instanceID}`, store);
}
else {
this._dataLayer = new DataLayer(`instance_${AsgardeoAuthClient._instanceID}-${clientId}`, store);
}
this._authenticationCore = new AuthenticationCore(this._dataLayer, cryptoUtils);
AsgardeoAuthClient._authenticationCore = new AuthenticationCore(this._dataLayer, cryptoUtils);
yield this._dataLayer.setConfigData(Object.assign(Object.assign(Object.assign({}, DefaultConfig), config), { scope: [
...((_a = DefaultConfig.scope) !== null && _a !== void 0 ? _a : []),
...((_c = (_b = config.scope) === null || _b === void 0 ? void 0 : _b.filter((scope) => { var _a; return !((_a = DefaultConfig === null || DefaultConfig === void 0 ? void 0 : DefaultConfig.scope) === null || _a === void 0 ? void 0 : _a.includes(scope)); })) !== null && _c !== void 0 ? _c : [])
] }));
});
}
/**
* This method returns the `DataLayer` object that allows you to access authentication data.
*
* @returns - The `DataLayer` object.
*
* @example
* ```
* const data = auth.getDataLayer();
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getDataLayer}
*
* @preserve
*/
getDataLayer() {
return this._dataLayer;
}
/**
* This method returns the `instanceID` variable of the given instance.
*
* @returns - The `instanceID` number.
*
* @example
* ```
* const instanceId = auth.getInstanceID();
* ```
*
* @preserve
*/
getInstanceID() {
return AsgardeoAuthClient._instanceID;
}
/**
* This is an async method that returns a Promise that resolves with the authorization URL parameters.
*
* @param config - (Optional) A config object to force initialization and pass
* custom path parameters such as the `fidp` parameter.
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* @returns - A promise that resolves with the authorization URL parameters.
*
* @example
* ```
* auth.getAuthorizationURLParams().then((params)=>{
* // console.log(params);
* }).catch((error)=>{
* // console.error(error);
* });
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getAuthorizationURLParams}
*
* @preserve
*/
getAuthorizationURLParams(config, userID) {
return __awaiter(this, void 0, void 0, function* () {
const authRequestConfig = Object.assign({}, config);
authRequestConfig === null || authRequestConfig === void 0 ? true : delete authRequestConfig.forceInit;
if (yield this._dataLayer.getTemporaryDataParameter(OP_CONFIG_INITIATED)) {
return this._authenticationCore.getAuthorizationURLParams(authRequestConfig, userID);
}
return this._authenticationCore
.getOIDCProviderMetaData(config === null || config === void 0 ? void 0 : config.forceInit)
.then(() => {
return this._authenticationCore.getAuthorizationURLParams(authRequestConfig, userID);
});
});
}
/**
* This is an async method that returns a Promise that resolves with the authorization URL.
*
* @param config - (Optional) A config object to force initialization and pass
* custom path parameters such as the fidp parameter.
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* @returns - A promise that resolves with the authorization URL.
*
* @example
* ```
* auth.getAuthorizationURL().then((url)=>{
* // console.log(url);
* }).catch((error)=>{
* // console.error(error);
* });
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getAuthorizationURL}
*
* @preserve
*/
getAuthorizationURL(config, userID) {
return __awaiter(this, void 0, void 0, function* () {
const authRequestConfig = Object.assign({}, config);
authRequestConfig === null || authRequestConfig === void 0 ? true : delete authRequestConfig.forceInit;
if (yield this._dataLayer.getTemporaryDataParameter(OP_CONFIG_INITIATED)) {
return this._authenticationCore.getAuthorizationURL(authRequestConfig, userID);
}
return this._authenticationCore.getOIDCProviderMetaData(config === null || config === void 0 ? void 0 : config.forceInit).then(() => {
return this._authenticationCore.getAuthorizationURL(authRequestConfig, userID);
});
});
}
/**
* This is an async method that sends a request to obtain the access token and returns a Promise
* that resolves with the token and other relevant data.
*
* @param authorizationCode - The authorization code.
* @param sessionState - The session state.
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* @returns - A Promise that resolves with the token response.
*
* @example
* ```
* auth.requestAccessToken(authCode, sessionState).then((token)=>{
* // console.log(token);
* }).catch((error)=>{
* // console.error(error);
* });
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#requestAccessToken}
*
*
* @preserve
*/
requestAccessToken(authorizationCode, sessionState, state, userID, tokenRequestConfig) {
return __awaiter(this, void 0, void 0, function* () {
if (yield this._dataLayer.getTemporaryDataParameter(OP_CONFIG_INITIATED)) {
return this._authenticationCore.requestAccessToken(authorizationCode, sessionState, state, userID, tokenRequestConfig);
}
return this._authenticationCore.getOIDCProviderMetaData(false).then(() => {
return this._authenticationCore.requestAccessToken(authorizationCode, sessionState, state, userID, tokenRequestConfig);
});
});
}
/**
* This method returns the sign-out URL.
*
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* **This doesn't clear the authentication data.**
*
* @returns - A Promise that resolves with the sign-out URL.
*
* @example
* ```
* const signOutUrl = await auth.getSignOutURL();
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getSignOutURL}
*
* @preserve
*/
getSignOutURL(userID) {
return __awaiter(this, void 0, void 0, function* () {
return this._authenticationCore.getSignOutURL(userID);
});
}
/**
* This method returns OIDC service endpoints that are fetched from the `.well-known` endpoint.
*
* @returns - A Promise that resolves with an object containing the OIDC service endpoints.
*
* @example
* ```
* const endpoints = await auth.getOIDCServiceEndpoints();
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getOIDCServiceEndpoints}
*
* @preserve
*/
getOIDCServiceEndpoints() {
return __awaiter(this, void 0, void 0, function* () {
return this._authenticationCore.getOIDCServiceEndpoints();
});
}
/**
* This method decodes the payload of the ID token and returns it.
*
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* @returns - A Promise that resolves with the decoded ID token payload.
*
* @example
* ```
* const decodedIdToken = await auth.getDecodedIDToken();
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getDecodedIDToken}
*
* @preserve
*/
getDecodedIDToken(userID) {
return __awaiter(this, void 0, void 0, function* () {
return this._authenticationCore.getDecodedIDToken(userID);
});
}
/**
* This method returns the ID token.
*
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* @returns - A Promise that resolves with the ID token.
*
* @example
* ```
* const idToken = await auth.getIDToken();
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getIDToken}
*
* @preserve
*/
getIDToken(userID) {
return __awaiter(this, void 0, void 0, function* () {
return this._authenticationCore.getIDToken(userID);
});
}
/**
* This method returns the basic user information obtained from the ID token.
*
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* @returns - A Promise that resolves with an object containing the basic user information.
*
* @example
* ```
* const userInfo = await auth.getBasicUserInfo();
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getBasicUserInfo}
*
* @preserve
*/
getBasicUserInfo(userID) {
return __awaiter(this, void 0, void 0, function* () {
return this._authenticationCore.getBasicUserInfo(userID);
});
}
/**
* This method returns the crypto helper object.
*
* @returns - A Promise that resolves with a CryptoHelper object.
*
* @example
* ```
* const cryptoHelper = await auth.CryptoHelper();
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getCryptoHelper}
*
* @preserve
*/
getCryptoHelper() {
return __awaiter(this, void 0, void 0, function* () {
return this._authenticationCore.getCryptoHelper();
});
}
/**
* This method revokes the access token.
*
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* **This method also clears the authentication data.**
*
* @returns - A Promise that returns the response of the revoke-access-token request.
*
* @example
* ```
* auth.revokeAccessToken().then((response)=>{
* // console.log(response);
* }).catch((error)=>{
* // console.error(error);
* });
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#revokeAccessToken}
*
* @preserve
*/
revokeAccessToken(userID) {
return this._authenticationCore.revokeAccessToken(userID);
}
/**
* This method refreshes the access token and returns a Promise that resolves with the new access
* token and other relevant data.
*
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* @returns - A Promise that resolves with the token response.
*
* @example
* ```
* auth.refreshAccessToken().then((response)=>{
* // console.log(response);
* }).catch((error)=>{
* // console.error(error);
* });
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#refreshAccessToken}
*
* @preserve
*/
refreshAccessToken(userID) {
return this._authenticationCore.refreshAccessToken(userID);
}
/**
* This method returns the access token.
*
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* @returns - A Promise that resolves with the access token.
*
* @example
* ```
* const accessToken = await auth.getAccessToken();
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getAccessToken}
*
* @preserve
*/
getAccessToken(userID) {
return __awaiter(this, void 0, void 0, function* () {
return this._authenticationCore.getAccessToken(userID);
});
}
/**
* This method sends a custom-grant request and returns a Promise that resolves with the response
* depending on the config passed.
*
* @param config - A config object containing the custom grant configurations.
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* @returns - A Promise that resolves with the response depending
* on your configurations.
*
* @example
* ```
* const config = {
* attachToken: false,
* data: {
* client_id: "{{clientID}}",
* grant_type: "account_switch",
* scope: "{{scope}}",
* token: "{{token}}",
* },
* id: "account-switch",
* returnResponse: true,
* returnsSession: true,
* signInRequired: true
* }
*
* auth.requestCustomGrant(config).then((response)=>{
* // console.log(response);
* }).catch((error)=>{
* // console.error(error);
* });
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#requestCustomGrant}
*
* @preserve
*/
requestCustomGrant(config, userID) {
return this._authenticationCore.requestCustomGrant(config, userID);
}
/**
* This method returns if the user is authenticated or not.
*
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* @returns - A Promise that resolves with `true` if the user is authenticated, `false` otherwise.
*
* @example
* ```
* await auth.isAuthenticated();
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#isAuthenticated}
*
* @preserve
*/
isAuthenticated(userID) {
return __awaiter(this, void 0, void 0, function* () {
return this._authenticationCore.isAuthenticated(userID);
});
}
/**
* This method returns the PKCE code generated during the generation of the authentication URL.
*
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
* @param state - The state parameter that was passed in the authentication URL.
*
* @returns - A Promise that resolves with the PKCE code.
*
* @example
* ```
* const pkce = await getPKCECode();
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getPKCECode}
*
* @preserve
*/
getPKCECode(state, userID) {
return __awaiter(this, void 0, void 0, function* () {
return this._authenticationCore.getPKCECode(state, userID);
});
}
/**
* This method sets the PKCE code to the data store.
*
* @param pkce - The PKCE code.
* @param state - The state parameter that was passed in the authentication URL.
* @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user
* scenarios where each user should be uniquely identified.
*
* @example
* ```
* await auth.setPKCECode("pkce_code")
* ```
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#setPKCECode}
*
* @preserve
*/
setPKCECode(pkce, state, userID) {
return __awaiter(this, void 0, void 0, function* () {
yield this._authenticationCore.setPKCECode(pkce, state, userID);
});
}
/**
* This method returns if the sign-out is successful or not.
*
* @param signOutRedirectUrl - The URL to which the user has been redirected to after signing-out.
*
* **The server appends path parameters to the `signOutRedirectURL` and these path parameters
* are required for this method to function.**
*
* @returns - `true` if successful, `false` otherwise.
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#isSignOutSuccessful}
*
* @preserve
*/
static isSignOutSuccessful(signOutRedirectURL) {
const url = new URL(signOutRedirectURL);
const stateParam = url.searchParams.get(STATE);
const error = Boolean(url.searchParams.get("error"));
return stateParam ? stateParam === SIGN_OUT_SUCCESS_PARAM && !error : false;
}
/**
* This method returns if the sign-out has failed or not.
*
* @param signOutRedirectUrl - The URL to which the user has been redirected to after signing-out.
*
* **The server appends path parameters to the `signOutRedirectURL` and these path parameters
* are required for this method to function.**
*
* @returns - `true` if successful, `false` otherwise.
*
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#didSignOutFail}
*
* @preserve
*/
static didSignOutFail(signOutRedirectURL) {
const url = new URL(signOutRedirectURL);
const stateParam = url.searchParams.get(STATE);
const error = Boolean(url.searchParams.get("error"));
return stateParam ? stateParam === SIGN_OUT_SUCCESS_PARAM && error : false;
}
/**
* This method updates the configuration that was passed into the constructor when instantiating this class.
*
* @param config - A config object to update the SDK configurations with.
*
* @example
* ```
* const config = {
* signInRedirectURL: "http://localhost:3000/sign-in",
* clientID: "client ID",
* baseUrl: "https://localhost:9443"
* }
*
* await auth.updateConfig(config);
* ```
* {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#updateConfig}
*
* @preserve
*/
updateConfig(config) {
return __awaiter(this, void 0, void 0, function* () {
yield this._authenticationCore.updateConfig(config);
});
}
static clearUserSessionData(userID) {
return __awaiter(this, void 0, void 0, function* () {
yield this._authenticationCore.clearUserSessionData(userID);
});
}
}
//# sourceMappingURL=client.js.map