@authlink/client
Version:
Official client SDK for integrating with the Authlink Identity Provider
79 lines (78 loc) • 3.13 kB
TypeScript
import type { AuthorizeOptions, AuthorizeResponse, TokenOptions, TokenResponse, LogoutOptions, UserInfoResponse, OpenIdConfiguration, JsonWebKeySet } from "../types";
/**
* Interface for Identity Provider Client
* This interface defines the methods that an Identity Provider Client should implement.
* It includes methods for authorization, token retrieval, logout, and optional user info and discovery.
*/
export interface IIdentityProviderClient {
/**
* Authorizes the user with the identity provider.
* @param options - Options for authorization.
* @return A promise that resolves with the authorization code or void if autoRedirect is true.
*/
authorize(options: AuthorizeOptions): Promise<string | void>;
/**
* Authorizes the user silently with the identity provider.
* @param options - Options for silent authorization.
* @returns A promise that resolves with the authorization response.
*/
authorizeSilently(options: AuthorizeOptions): Promise<AuthorizeResponse>;
/**
* Exchanges for tokens with the identity provider.
* @param options - Options for token retrieval.
* @returns A promise that resolves with the token response.
*/
token(options: TokenOptions): Promise<TokenResponse>;
/**
* Logs out the user from the identity provider.
* @param options - Options for logout.
*/
logout(options: LogoutOptions): Promise<void>;
/**
* Validates the state parameter to prevent CSRF attacks.
* @param state - The state parameter to validate.
* @return A boolean indicating whether the state is valid.
*/
validateState(state: string): boolean;
/**
* Validates the nonce parameter to prevent replay attacks.
* @param nonce - The nonce parameter to validate.
* @return A boolean indicating whether the nonce is valid.
*/
validateNonce(nonce: string): boolean;
/**
* Retrieves the JSON Web Key Set (JWKS) from the identity provider.
* @returns A promise that resolves with the JWKS.
*/
jwks(): Promise<JsonWebKeySet>;
/**
* Retrieves the OpenID configuration from the identity provider.
* @return A promise that resolves with the OpenID configuration.
*/
configuration(): Promise<OpenIdConfiguration>;
/**
* Retrieves user info from the identity provider.
* @param accessToken - The access token to use for the request.
* @returns A promise that resolves with the user info response.
*/
userInfo(accessToken: string): Promise<UserInfoResponse>;
/**
* Clears any stored values.
*/
clear(): void;
/**
* Gets the code verifier used in the PKCE flow.
* @returns The code verifier as a string.
*/
getCodeVerifier(): string | null;
/**
* Gets the state used in the authorization flow.
* @returns The state as a string or null if not set.
*/
getState(): string | null;
/**
* Gets the nonce used in the authorization flow.
* @returns The nonce as a string or null if not set.
*/
getNonce(): string | null;
}