@neuroequality/neuroadapt-ai
Version:
AI-powered accessibility personalization for neurodivergent users
149 lines (148 loc) • 4.24 kB
TypeScript
import { EventEmitter } from 'eventemitter3';
import { Preferences } from '@neuroadapt/core';
export interface SSOProvider {
name: string;
type: 'saml' | 'oauth2' | 'oidc' | 'ldap' | 'active_directory';
config: SSOProviderConfig;
enabled: boolean;
}
export interface SSOProviderConfig {
clientId?: string;
clientSecret?: string;
issuer?: string;
authorizationURL?: string;
tokenURL?: string;
userInfoURL?: string;
jwksURI?: string;
redirectURI: string;
scopes: string[];
customClaims?: Record<string, string>;
accessibilityClaimMapping?: AccessibilityClaimMapping;
}
export interface AccessibilityClaimMapping {
preferencesClaim: string;
roleClaim: string;
departmentClaim: string;
accessibilityNeedsClaim: string;
accommodationsClaim: string;
}
export interface SSOUser {
id: string;
email: string;
name: string;
roles: string[];
department?: string;
accessibilityNeeds?: string[];
accommodations?: string[];
preferences?: Preferences;
metadata?: Record<string, any>;
}
export interface SSOSession {
sessionId: string;
userId: string;
accessToken: string;
refreshToken?: string;
idToken?: string;
expiresAt: Date;
scope: string[];
provider: string;
}
export interface EnterprisePreferenceSync {
enabled: boolean;
bidirectional: boolean;
syncInterval: number;
conflictResolution: 'local' | 'remote' | 'merge' | 'ask_user';
encryptionEnabled: boolean;
}
/**
* Enterprise SSO Integration Manager
*/
export declare class SSOManager extends EventEmitter {
private config;
private providers;
private activeSessions;
private preferenceSync;
constructor(config?: {
defaultProvider?: string;
sessionTimeout: number;
refreshThreshold: number;
encryptionKey?: string;
auditLogging: boolean;
});
/**
* Add SSO provider configuration
*/
addProvider(provider: SSOProvider): void;
/**
* Remove SSO provider
*/
removeProvider(providerName: string): void;
/**
* Initiate SSO authentication flow
*/
authenticate(providerName?: string): Promise<{
authUrl: string;
state: string;
}>;
/**
* Handle SSO callback and complete authentication
*/
handleCallback(providerName: string, authorizationCode: string, state: string): Promise<SSOSession>;
/**
* Refresh access token
*/
refreshToken(sessionId: string): Promise<SSOSession>;
/**
* Sign out user and cleanup session
*/
signOut(sessionId: string): Promise<void>;
/**
* Get current user session
*/
getSession(sessionId: string): SSOSession | undefined;
/**
* Validate session and check if token needs refresh
*/
validateSession(sessionId: string): Promise<{
valid: boolean;
needsRefresh: boolean;
}>;
/**
* Sync accessibility preferences with enterprise directory
*/
syncAccessibilityPreferences(user: SSOUser, session: SSOSession, direction?: 'push' | 'pull' | 'bidirectional'): Promise<void>;
/**
* Configure preference synchronization
*/
configurePreferenceSync(config: Partial<EnterprisePreferenceSync>): void;
/**
* Get analytics data for enterprise dashboard
*/
getAnalytics(): {
totalSessions: number;
activeSessions: number;
authenticationsByProvider: Record<string, number>;
preferencesSynced: number;
averageSessionDuration: number;
};
private initializeDefaultProviders;
private startSessionMonitoring;
private cleanupExpiredSessions;
private getProvider;
private generateState;
private generateSessionId;
private buildAuthorizationUrl;
private validateState;
private exchangeCodeForTokens;
private getUserInfo;
private mapUserInfo;
private parseAccessibilityPreferences;
private refreshAccessToken;
private revokeTokens;
private fetchRemotePreferences;
private pushRemotePreferences;
private mergePreferences;
private logAuditEvent;
}
export default SSOManager;
//# sourceMappingURL=sso-integration.d.ts.map