UNPKG

@asgardeo/auth-js

Version:

Asgardeo Auth JS SDK to be used in JavaScript and TypeScript applications.

626 lines 23 kB
/** * Copyright (c) 2020, WSO2 LLC. (https://www.wso2.com). All Rights Reserved. * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except * in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; import { OIDC_SCOPE, OP_CONFIG_INITIATED, ResponseMode, SIGN_OUT_SUCCESS_PARAM, STATE } from "./constants"; import { AuthenticationCore } from "./core"; import { DataLayer } from "./data"; /** * Default configurations. */ const DefaultConfig = { clockTolerance: 300, enablePKCE: true, responseMode: ResponseMode.query, scope: [OIDC_SCOPE], sendCookiesInRequests: true, validateIDToken: true, validateIDTokenIssuer: true }; /** * This class provides the necessary methods needed to implement authentication. */ export class AsgardeoAuthClient { /** * This is the constructor method that returns an instance of the . * * @param store - The store object. * * @example * ``` * const _store: Store = new DataStore(); * const auth = new AsgardeoAuthClient<CustomClientConfig>(_store); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#constructor} * * @preserve */ constructor() { } /** * * This method initializes the SDK with the config data. * * @param config - The config object to initialize with. * * @example * const config = \{ * signInRedirectURL: "http://localhost:3000/sign-in", * clientID: "client ID", * baseUrl: "https://localhost:9443" * \} * * await auth.initialize(config); * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#initialize} * * @preserve */ initialize(config, store, cryptoUtils, instanceID) { var _a, _b, _c; return __awaiter(this, void 0, void 0, function* () { const clientId = config.clientID; if (!AsgardeoAuthClient._instanceID) { AsgardeoAuthClient._instanceID = 0; } else { AsgardeoAuthClient._instanceID += 1; } if (instanceID) { AsgardeoAuthClient._instanceID = instanceID; } if (!clientId) { this._dataLayer = new DataLayer(`instance_${AsgardeoAuthClient._instanceID}`, store); } else { this._dataLayer = new DataLayer(`instance_${AsgardeoAuthClient._instanceID}-${clientId}`, store); } this._authenticationCore = new AuthenticationCore(this._dataLayer, cryptoUtils); AsgardeoAuthClient._authenticationCore = new AuthenticationCore(this._dataLayer, cryptoUtils); yield this._dataLayer.setConfigData(Object.assign(Object.assign(Object.assign({}, DefaultConfig), config), { scope: [ ...((_a = DefaultConfig.scope) !== null && _a !== void 0 ? _a : []), ...((_c = (_b = config.scope) === null || _b === void 0 ? void 0 : _b.filter((scope) => { var _a; return !((_a = DefaultConfig === null || DefaultConfig === void 0 ? void 0 : DefaultConfig.scope) === null || _a === void 0 ? void 0 : _a.includes(scope)); })) !== null && _c !== void 0 ? _c : []) ] })); }); } /** * This method returns the `DataLayer` object that allows you to access authentication data. * * @returns - The `DataLayer` object. * * @example * ``` * const data = auth.getDataLayer(); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getDataLayer} * * @preserve */ getDataLayer() { return this._dataLayer; } /** * This method returns the `instanceID` variable of the given instance. * * @returns - The `instanceID` number. * * @example * ``` * const instanceId = auth.getInstanceID(); * ``` * * @preserve */ getInstanceID() { return AsgardeoAuthClient._instanceID; } /** * This is an async method that returns a Promise that resolves with the authorization URL parameters. * * @param config - (Optional) A config object to force initialization and pass * custom path parameters such as the `fidp` parameter. * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * @returns - A promise that resolves with the authorization URL parameters. * * @example * ``` * auth.getAuthorizationURLParams().then((params)=>{ * // console.log(params); * }).catch((error)=>{ * // console.error(error); * }); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getAuthorizationURLParams} * * @preserve */ getAuthorizationURLParams(config, userID) { return __awaiter(this, void 0, void 0, function* () { const authRequestConfig = Object.assign({}, config); authRequestConfig === null || authRequestConfig === void 0 ? true : delete authRequestConfig.forceInit; if (yield this._dataLayer.getTemporaryDataParameter(OP_CONFIG_INITIATED)) { return this._authenticationCore.getAuthorizationURLParams(authRequestConfig, userID); } return this._authenticationCore .getOIDCProviderMetaData(config === null || config === void 0 ? void 0 : config.forceInit) .then(() => { return this._authenticationCore.getAuthorizationURLParams(authRequestConfig, userID); }); }); } /** * This is an async method that returns a Promise that resolves with the authorization URL. * * @param config - (Optional) A config object to force initialization and pass * custom path parameters such as the fidp parameter. * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * @returns - A promise that resolves with the authorization URL. * * @example * ``` * auth.getAuthorizationURL().then((url)=>{ * // console.log(url); * }).catch((error)=>{ * // console.error(error); * }); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getAuthorizationURL} * * @preserve */ getAuthorizationURL(config, userID) { return __awaiter(this, void 0, void 0, function* () { const authRequestConfig = Object.assign({}, config); authRequestConfig === null || authRequestConfig === void 0 ? true : delete authRequestConfig.forceInit; if (yield this._dataLayer.getTemporaryDataParameter(OP_CONFIG_INITIATED)) { return this._authenticationCore.getAuthorizationURL(authRequestConfig, userID); } return this._authenticationCore.getOIDCProviderMetaData(config === null || config === void 0 ? void 0 : config.forceInit).then(() => { return this._authenticationCore.getAuthorizationURL(authRequestConfig, userID); }); }); } /** * This is an async method that sends a request to obtain the access token and returns a Promise * that resolves with the token and other relevant data. * * @param authorizationCode - The authorization code. * @param sessionState - The session state. * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * @returns - A Promise that resolves with the token response. * * @example * ``` * auth.requestAccessToken(authCode, sessionState).then((token)=>{ * // console.log(token); * }).catch((error)=>{ * // console.error(error); * }); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#requestAccessToken} * * * @preserve */ requestAccessToken(authorizationCode, sessionState, state, userID, tokenRequestConfig) { return __awaiter(this, void 0, void 0, function* () { if (yield this._dataLayer.getTemporaryDataParameter(OP_CONFIG_INITIATED)) { return this._authenticationCore.requestAccessToken(authorizationCode, sessionState, state, userID, tokenRequestConfig); } return this._authenticationCore.getOIDCProviderMetaData(false).then(() => { return this._authenticationCore.requestAccessToken(authorizationCode, sessionState, state, userID, tokenRequestConfig); }); }); } /** * This method returns the sign-out URL. * * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * **This doesn't clear the authentication data.** * * @returns - A Promise that resolves with the sign-out URL. * * @example * ``` * const signOutUrl = await auth.getSignOutURL(); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getSignOutURL} * * @preserve */ getSignOutURL(userID) { return __awaiter(this, void 0, void 0, function* () { return this._authenticationCore.getSignOutURL(userID); }); } /** * This method returns OIDC service endpoints that are fetched from the `.well-known` endpoint. * * @returns - A Promise that resolves with an object containing the OIDC service endpoints. * * @example * ``` * const endpoints = await auth.getOIDCServiceEndpoints(); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getOIDCServiceEndpoints} * * @preserve */ getOIDCServiceEndpoints() { return __awaiter(this, void 0, void 0, function* () { return this._authenticationCore.getOIDCServiceEndpoints(); }); } /** * This method decodes the payload of the ID token and returns it. * * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * @returns - A Promise that resolves with the decoded ID token payload. * * @example * ``` * const decodedIdToken = await auth.getDecodedIDToken(); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getDecodedIDToken} * * @preserve */ getDecodedIDToken(userID) { return __awaiter(this, void 0, void 0, function* () { return this._authenticationCore.getDecodedIDToken(userID); }); } /** * This method returns the ID token. * * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * @returns - A Promise that resolves with the ID token. * * @example * ``` * const idToken = await auth.getIDToken(); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getIDToken} * * @preserve */ getIDToken(userID) { return __awaiter(this, void 0, void 0, function* () { return this._authenticationCore.getIDToken(userID); }); } /** * This method returns the basic user information obtained from the ID token. * * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * @returns - A Promise that resolves with an object containing the basic user information. * * @example * ``` * const userInfo = await auth.getBasicUserInfo(); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getBasicUserInfo} * * @preserve */ getBasicUserInfo(userID) { return __awaiter(this, void 0, void 0, function* () { return this._authenticationCore.getBasicUserInfo(userID); }); } /** * This method returns the crypto helper object. * * @returns - A Promise that resolves with a CryptoHelper object. * * @example * ``` * const cryptoHelper = await auth.CryptoHelper(); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getCryptoHelper} * * @preserve */ getCryptoHelper() { return __awaiter(this, void 0, void 0, function* () { return this._authenticationCore.getCryptoHelper(); }); } /** * This method revokes the access token. * * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * **This method also clears the authentication data.** * * @returns - A Promise that returns the response of the revoke-access-token request. * * @example * ``` * auth.revokeAccessToken().then((response)=>{ * // console.log(response); * }).catch((error)=>{ * // console.error(error); * }); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#revokeAccessToken} * * @preserve */ revokeAccessToken(userID) { return this._authenticationCore.revokeAccessToken(userID); } /** * This method refreshes the access token and returns a Promise that resolves with the new access * token and other relevant data. * * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * @returns - A Promise that resolves with the token response. * * @example * ``` * auth.refreshAccessToken().then((response)=>{ * // console.log(response); * }).catch((error)=>{ * // console.error(error); * }); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#refreshAccessToken} * * @preserve */ refreshAccessToken(userID) { return this._authenticationCore.refreshAccessToken(userID); } /** * This method returns the access token. * * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * @returns - A Promise that resolves with the access token. * * @example * ``` * const accessToken = await auth.getAccessToken(); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getAccessToken} * * @preserve */ getAccessToken(userID) { return __awaiter(this, void 0, void 0, function* () { return this._authenticationCore.getAccessToken(userID); }); } /** * This method sends a custom-grant request and returns a Promise that resolves with the response * depending on the config passed. * * @param config - A config object containing the custom grant configurations. * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * @returns - A Promise that resolves with the response depending * on your configurations. * * @example * ``` * const config = { * attachToken: false, * data: { * client_id: "{{clientID}}", * grant_type: "account_switch", * scope: "{{scope}}", * token: "{{token}}", * }, * id: "account-switch", * returnResponse: true, * returnsSession: true, * signInRequired: true * } * * auth.requestCustomGrant(config).then((response)=>{ * // console.log(response); * }).catch((error)=>{ * // console.error(error); * }); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#requestCustomGrant} * * @preserve */ requestCustomGrant(config, userID) { return this._authenticationCore.requestCustomGrant(config, userID); } /** * This method returns if the user is authenticated or not. * * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * @returns - A Promise that resolves with `true` if the user is authenticated, `false` otherwise. * * @example * ``` * await auth.isAuthenticated(); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#isAuthenticated} * * @preserve */ isAuthenticated(userID) { return __awaiter(this, void 0, void 0, function* () { return this._authenticationCore.isAuthenticated(userID); }); } /** * This method returns the PKCE code generated during the generation of the authentication URL. * * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * @param state - The state parameter that was passed in the authentication URL. * * @returns - A Promise that resolves with the PKCE code. * * @example * ``` * const pkce = await getPKCECode(); * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#getPKCECode} * * @preserve */ getPKCECode(state, userID) { return __awaiter(this, void 0, void 0, function* () { return this._authenticationCore.getPKCECode(state, userID); }); } /** * This method sets the PKCE code to the data store. * * @param pkce - The PKCE code. * @param state - The state parameter that was passed in the authentication URL. * @param userID - (Optional) A unique ID of the user to be authenticated. This is useful in multi-user * scenarios where each user should be uniquely identified. * * @example * ``` * await auth.setPKCECode("pkce_code") * ``` * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#setPKCECode} * * @preserve */ setPKCECode(pkce, state, userID) { return __awaiter(this, void 0, void 0, function* () { yield this._authenticationCore.setPKCECode(pkce, state, userID); }); } /** * This method returns if the sign-out is successful or not. * * @param signOutRedirectUrl - The URL to which the user has been redirected to after signing-out. * * **The server appends path parameters to the `signOutRedirectURL` and these path parameters * are required for this method to function.** * * @returns - `true` if successful, `false` otherwise. * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#isSignOutSuccessful} * * @preserve */ static isSignOutSuccessful(signOutRedirectURL) { const url = new URL(signOutRedirectURL); const stateParam = url.searchParams.get(STATE); const error = Boolean(url.searchParams.get("error")); return stateParam ? stateParam === SIGN_OUT_SUCCESS_PARAM && !error : false; } /** * This method returns if the sign-out has failed or not. * * @param signOutRedirectUrl - The URL to which the user has been redirected to after signing-out. * * **The server appends path parameters to the `signOutRedirectURL` and these path parameters * are required for this method to function.** * * @returns - `true` if successful, `false` otherwise. * * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#didSignOutFail} * * @preserve */ static didSignOutFail(signOutRedirectURL) { const url = new URL(signOutRedirectURL); const stateParam = url.searchParams.get(STATE); const error = Boolean(url.searchParams.get("error")); return stateParam ? stateParam === SIGN_OUT_SUCCESS_PARAM && error : false; } /** * This method updates the configuration that was passed into the constructor when instantiating this class. * * @param config - A config object to update the SDK configurations with. * * @example * ``` * const config = { * signInRedirectURL: "http://localhost:3000/sign-in", * clientID: "client ID", * baseUrl: "https://localhost:9443" * } * * await auth.updateConfig(config); * ``` * {@link https://github.com/asgardeo/asgardeo-auth-js-sdk/tree/master#updateConfig} * * @preserve */ updateConfig(config) { return __awaiter(this, void 0, void 0, function* () { yield this._authenticationCore.updateConfig(config); }); } static clearUserSessionData(userID) { return __awaiter(this, void 0, void 0, function* () { yield this._authenticationCore.clearUserSessionData(userID); }); } } //# sourceMappingURL=client.js.map