@obelisk/client

import { Observable } from "rxjs"; import { Endpoint, StreamEndpoint, TPageEndpoint, GraphQLEndpoint } from "../api"; import { Tokens, Token } from '../auth'; import { ClientEvent } from "./events"; export interface Client { /** * Initializes the client with the Authorization server, logging in if logged in previously. * Must be called before any authed calls can be made! * @returns Observable boolean stating whether init performed a login with the hash url. */ init(): Observable<boolean>; /** * Generates a URI to let the user logout. Typically you want to redirect the user to this url. * @param redirectUri Optional object that contains a *redirectUri* key and a *prompt* key ('none' or 'login). */ createLoginUrl(loginOptions?: { redirectUri?: string; prompt?: 'none' | 'login'; }): string; /** * Generates a URI to let the user login. Typically you want to redirect the user to this url. * The resulting token will be in the fragment of the **redirectUri**; * @param redirectUri URI to redirect to after user login occured. _Defaults to window.location.href when method is called._ */ createLogoutUrl(): string; /** * Do login, by changing the url with a client side redirect. * @param redirectUri Optional object that contains a *redirectUri* key and a *prompt* key ('none' or 'login). */ login(loginOptions?: { redirectUri?: string; prompt?: 'none' | 'login'; }): void; /** * Do logout, by changing the url with a client side redirect. * @param redirectUri Optional redirectUri to return to after logout, defaults to current url; */ logout(redirectUri?: string): void; /** * Login as client. This can be used to login as the client itself. * It will immediatly request an RPT token and return that. * @param clientId * @param clientSecret */ loginAsClient(clientId: string, clientSecret: string): Observable<Token>; /** * Construct an TPageEndpoint instance that you can query to get data. * This should be an endpoint that returns a Temporal Page. * @param uri The uri pointing to a valid - Temporal-Page-returning - Obelisk API endpoint. * @param apiversion Set the apiVersion explicitly. Optional (v1 by default) */ temporalPageEndpoint(uri: string, apiVersion?: ApiVersion): TPageEndpoint; /** * Construct a regular Endpoint instance. * This is an endpoint that does not return a Temporal Page.. * @param uri The uri pointing to a valid - non-Temporal-Page-returning - Obelisk API endpoint. * @param apiversion Set the apiVersion explicitly. Optional (v1 by default) * */ endpoint(uri: string, apiVersion?: ApiVersion): Endpoint; /** * Construct a GraphQL Endpoint instance. */ graphQLEndpoint(): GraphQLEndpoint; /** * Constructs a StreamEndpoint instance. * @param uri The uri pointing to a valid event stream (SSE) andpoint. (ends on /sse) * @param apiversion Set the apiVersion explicitly. Optional (v1 by default) */ streamEndpoint(uri: string, apiVersion?: ApiVersion): StreamEndpoint; /** * Construct a regular Endpoint instance. * This is a raw endpoint that does no checking on what datastructure is returend. * @param uri The uri pointing to a valid endpoint. * @param apiversion Set the apiVersion explicitly. Optional (v1 by default) * */ rawEndpoint(uri: string, apiVersion?: ApiVersion): Endpoint; /** * Checks locally if logInfo is present in storage and not expired. * Good condition for using in a Guard. */ isLoggedIn(): boolean; /** * Checks the decoded RPT token for the presence of the given role string * @param role String of a role to check for in the RPT token * @param targetClientId String of the targetClientId to check the roles for. **Defaults to the Obelisk API id** */ rptHasRole(role: string, targetClientId?: string): boolean; /** * Returns an observable to get a new RPT. * Call this after init() if you want to have an RPT available immediatly * @param ticket Optional ticket used for authMode 'uma' **/ getNewRpt(ticket?: string): Observable<Token>; /** * Keep logged in session alive by refreshing or re-requesting RPTs (in case of offline token present) * Subscribe to start. * * @param leeway Configurable leeway in milliseconds for when expiration and thus refresh logic is due. (Defaults to 3000) * @return Observable<boolean> of which the boolean signifies if the last refresh action succeeded. */ keepSessionAlive(leeway?: number): Observable<boolean>; /** * Once this observable returns, the authentication procedure is over. * This is usefull for any Auth checking (eg. Auth Guards) */ isAuthReady$: Observable<void>; /** * The client options used at contstruction time. */ options: ClientOptions; /** * A cache of all currently known and defined tokens. */ tokens: Tokens; /** * Returns hot observable that sends ClientEvents when they happen. */ events: Observable<ClientEvent>; } /** * General configuration properties needed for ObeliskClient setup and Keycloak instance setup. */ export interface ClientOptions { /** Url of the server (not ending in slash) */ host: string; /** * Api version of the Obelisk API * */ apiVersion: string; /** Authentication Realm */ realm: string; /** Id of your client (you should have received this) */ clientId: string; /** * Authorization mode, uma-based per resource or entitlement for all permissions. * _Defaults to entitlement_ **/ authMode?: 'entitlement' | 'uma'; /** * Flow of authentication: 'implicit' (browser apps), 'standard' (server apps). * Implicit flows have no access to refresh tokens and are better suited to 'one-off' tasks. * _Defaults to standard_ **/ flow?: 'implicit' | 'standard'; } export declare type ApiVersion = 'v1' | 'v2';