UNPKG

@neuroequality/neuroadapt-ai

Version:

AI-powered accessibility personalization for neurodivergent users

149 lines (148 loc) 4.24 kB
import { EventEmitter } from 'eventemitter3'; import { Preferences } from '@neuroadapt/core'; export interface SSOProvider { name: string; type: 'saml' | 'oauth2' | 'oidc' | 'ldap' | 'active_directory'; config: SSOProviderConfig; enabled: boolean; } export interface SSOProviderConfig { clientId?: string; clientSecret?: string; issuer?: string; authorizationURL?: string; tokenURL?: string; userInfoURL?: string; jwksURI?: string; redirectURI: string; scopes: string[]; customClaims?: Record<string, string>; accessibilityClaimMapping?: AccessibilityClaimMapping; } export interface AccessibilityClaimMapping { preferencesClaim: string; roleClaim: string; departmentClaim: string; accessibilityNeedsClaim: string; accommodationsClaim: string; } export interface SSOUser { id: string; email: string; name: string; roles: string[]; department?: string; accessibilityNeeds?: string[]; accommodations?: string[]; preferences?: Preferences; metadata?: Record<string, any>; } export interface SSOSession { sessionId: string; userId: string; accessToken: string; refreshToken?: string; idToken?: string; expiresAt: Date; scope: string[]; provider: string; } export interface EnterprisePreferenceSync { enabled: boolean; bidirectional: boolean; syncInterval: number; conflictResolution: 'local' | 'remote' | 'merge' | 'ask_user'; encryptionEnabled: boolean; } /** * Enterprise SSO Integration Manager */ export declare class SSOManager extends EventEmitter { private config; private providers; private activeSessions; private preferenceSync; constructor(config?: { defaultProvider?: string; sessionTimeout: number; refreshThreshold: number; encryptionKey?: string; auditLogging: boolean; }); /** * Add SSO provider configuration */ addProvider(provider: SSOProvider): void; /** * Remove SSO provider */ removeProvider(providerName: string): void; /** * Initiate SSO authentication flow */ authenticate(providerName?: string): Promise<{ authUrl: string; state: string; }>; /** * Handle SSO callback and complete authentication */ handleCallback(providerName: string, authorizationCode: string, state: string): Promise<SSOSession>; /** * Refresh access token */ refreshToken(sessionId: string): Promise<SSOSession>; /** * Sign out user and cleanup session */ signOut(sessionId: string): Promise<void>; /** * Get current user session */ getSession(sessionId: string): SSOSession | undefined; /** * Validate session and check if token needs refresh */ validateSession(sessionId: string): Promise<{ valid: boolean; needsRefresh: boolean; }>; /** * Sync accessibility preferences with enterprise directory */ syncAccessibilityPreferences(user: SSOUser, session: SSOSession, direction?: 'push' | 'pull' | 'bidirectional'): Promise<void>; /** * Configure preference synchronization */ configurePreferenceSync(config: Partial<EnterprisePreferenceSync>): void; /** * Get analytics data for enterprise dashboard */ getAnalytics(): { totalSessions: number; activeSessions: number; authenticationsByProvider: Record<string, number>; preferencesSynced: number; averageSessionDuration: number; }; private initializeDefaultProviders; private startSessionMonitoring; private cleanupExpiredSessions; private getProvider; private generateState; private generateSessionId; private buildAuthorizationUrl; private validateState; private exchangeCodeForTokens; private getUserInfo; private mapUserInfo; private parseAccessibilityPreferences; private refreshAccessToken; private revokeTokens; private fetchRemotePreferences; private pushRemotePreferences; private mergePreferences; private logAuditEvent; } export default SSOManager; //# sourceMappingURL=sso-integration.d.ts.map