@rockcarver/frodo-lib

import { AxiosRequestConfig, AxiosResponse, AxiosInstance } from 'axios'; import { IAxiosRetryConfig } from 'axios-retry'; import { Reader } from 'properties-reader'; interface NoIdObjectSkeletonInterface { _rev?: string; [k: string]: string | number | boolean | string[] | IdObjectSkeletonInterface | object | undefined; } interface IdObjectSkeletonInterface extends NoIdObjectSkeletonInterface { _id?: string; } interface AmConfigEntityInterface extends IdObjectSkeletonInterface { _type?: EntityType; } type Readable<Type> = Type; type Writable<Type> = { inherited: boolean; value?: Type; }; type PagedResult<Type> = { result: Type[]; resultCount: number; pagedResultsCookie: string; totalPagedResultsPolicy: 'EXACT' | 'NONE'; totalPagedResults: number; remainingPagedResults: number; }; type EntityType = IdObjectSkeletonInterface & { name: string; collection: boolean; }; /** * See {@link https://backstage.forgerock.com/docs/idm/7.5/crest/crest-patch.html}. */ interface PatchOperationInterface { operation: 'add' | 'copy' | 'increment' | 'move' | 'remove' | 'replace' | 'transform'; field: string; value?: any; from?: string; } interface FeatureInterface extends IdObjectSkeletonInterface { installedVersion: string; availableVersions: string[]; } type CallbackType = 'NameCallback' | 'PasswordCallback' | 'TextInputCallback'; type CallbackKeyValuePair = { name: string; value: any; }; type Callback = { type: CallbackType; output: CallbackKeyValuePair[]; input: CallbackKeyValuePair[]; }; type CallbackHandler = (callback: Callback) => Callback; type Jose = { createJwkRsa(): Promise<JwkRsa>; getJwkRsaPublic(jwkJson: JwkRsa): Promise<JwkRsaPublic>; createJwks(...keys: JwkInterface[]): JwksInterface; createSignedJwtToken(payload: string | object, jwkJson: JwkRsa): Promise<any>; verifySignedJwtToken(jwt: string, jwkJson: JwkRsaPublic): Promise<any>; }; interface JwkInterface { kty: string; use?: string; key_ops?: string[]; alg: string; kid?: string; x5u?: string; x5c?: string; x5t?: string; 'x5t#S256'?: string; } type JwkRsa = JwkInterface & { d: string; dp: string; dq: string; e: string; n: string; p: string; q: string; qi: string; }; type JwkRsaPublic = JwkInterface & { e: string; n: string; }; interface JwksInterface { keys: JwkInterface[]; } type AccessTokenResponseType = { access_token: string; id_token?: string; scope: string; token_type: string; expires_in: number; }; type TokenInfoResponseType = { sub: string; cts: string; auditTrackingId: string; subname: string; iss: string; tokenName: string; token_type: string; authGrantId: string; access_token: string; aud: string; nbf: number; grant_type: string; scope: string[]; auth_time: number; sessionToken?: string; realm: string; exp: number; iat: number; expires_in: number; jti: string; [k: string]: string | number | string[]; }; type AccessTokenMetaType = AccessTokenResponseType & { expires: number; from_cache?: boolean; }; type OAuth2Oidc = { authorize(amBaseUrl: string, data: string, config: AxiosRequestConfig): Promise<AxiosResponse<any, any>>; accessToken(amBaseUrl: string, data: any, config: AxiosRequestConfig): Promise<AccessTokenMetaType>; accessTokenRfc7523AuthZGrant(clientId: string, jwt: string, scope: string[], config?: AxiosRequestConfig): Promise<AccessTokenMetaType>; getTokenInfo(amBaseUrl: string, config: AxiosRequestConfig): Promise<TokenInfoResponseType>; clientCredentialsGrant(amBaseUrl: string, clientId: string, clientSecret: string, scope: string): Promise<AccessTokenMetaType>; }; type Authenticate = { /** * Get tokens and store them in State * @param {boolean} forceLoginAsUser true to force login as user even if a service account is available (default: false) * @param {boolean} autoRefresh true to automatically refresh tokens before they expire (default: true) * @param {string[]} types Array of supported deployment types. The function will throw an error if an unsupported type is detected (default: ['classic', 'cloud', 'forgeops']) * @param {CallbackHandler} callbackHandler function allowing the library to collect responses from the user through callbacks * @returns {Promise<Tokens>} object containing the tokens */ getTokens(forceLoginAsUser?: boolean, autoRefresh?: boolean, types?: string[], callbackHandler?: CallbackHandler): Promise<Tokens>; /** * Get access token for service account * @param {string} saId optional service account id * @param {JwkRsa} saJwk optional service account JWK * @returns {string | null} Access token or null * @deprecated since v2.0.0 use {@link Authenticate.getTokens | getTokens} instead * ```javascript * getTokens(): Promise<boolean> * ``` * @group Deprecated */ getAccessTokenForServiceAccount(saId?: string, saJwk?: JwkRsa): Promise<string | null>; }; type UserSessionMetaType = { tokenId: string; successUrl: string; realm: string; expires: number; from_cache?: boolean; }; type Tokens = { bearerToken?: AccessTokenMetaType; userSessionToken?: UserSessionMetaType; subject?: string; host?: string; realm?: string; }; type ProgressIndicatorType = 'determinate' | 'indeterminate'; type ProgressIndicatorStatusType = 'none' | 'success' | 'warn' | 'fail'; type State = { /** * Get a clone of the full state as an object * @returns a clone of the state */ getState(): StateInterface; /** * Set the AM host base URL * @param host Access Management base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. */ setHost(host: string): void; /** * Get the AM host base URL * @returns the AM host base URL */ getHost(): string; /** * Set the IDM host base URL * @param host Identity Management base URL, e.g.: https://cdk.iam.example.com/openidm. To use a connection profile, just specify a unique substring. */ setIdmHost(host: string): void; /** * Get the IDM host base URL * @returns the IDM host base URL */ getIdmHost(): string; setUsername(username: string): void; getUsername(): string; setPassword(password: string): void; getPassword(): string; setRealm(realm: string): void; getRealm(): string; setDeploymentType(type: string): void; getDeploymentType(): string; setAdminClientId(type: string): void; getAdminClientId(): string; setAdminClientRedirectUri(type: string): void; getAdminClientRedirectUri(): string; setAllowInsecureConnection(allowInsecureConnection: boolean): void; getAllowInsecureConnection(): boolean; setCookieName(name: string): void; getCookieName(): string; setUserSessionTokenMeta(value: UserSessionMetaType): void; getCookieValue(): string; getUserSessionTokenMeta(): UserSessionMetaType; setFeatures(features: FeatureInterface[]): void; getFeatures(): FeatureInterface[]; setAuthenticationHeaderOverrides(overrides: Record<string, string>): void; getAuthenticationHeaderOverrides(): Record<string, string>; setAuthenticationService(service: string): void; getAuthenticationService(): string; setServiceAccountId(uuid: string): void; getServiceAccountId(): string; setServiceAccountJwk(jwk: JwkRsa): void; getServiceAccountJwk(): JwkRsa; setServiceAccountScope(scope: string): void; getServiceAccountScope(): string; setUseBearerTokenForAmApis(useBearerTokenForAmApis: boolean): void; getUseBearerTokenForAmApis(): boolean; setBearerTokenMeta(token: AccessTokenMetaType): void; getBearerToken(): string; getBearerTokenMeta(): AccessTokenMetaType; setLogApiKey(key: string): void; getLogApiKey(): string; setLogApiSecret(secret: string): void; getLogApiSecret(): string; setAmVersion(version: string): void; getAmVersion(): string; setFrodoVersion(version: string): void; getFrodoVersion(): string; setConnectionProfilesPath(path: string): void; getConnectionProfilesPath(): string; setUseTokenCache(useTokenCache: boolean): void; getUseTokenCache(): boolean; setTokenCachePath(path: string): void; getTokenCachePath(): string; setMasterKeyPath(path: string): void; getMasterKeyPath(): string; setOutputFile(file: string): void; getOutputFile(): string; setDirectory(directory: string): void; getDirectory(): string; setAutoRefreshTimer(timer: NodeJS.Timeout): void; getAutoRefreshTimer(): NodeJS.Timeout; setCurlirizeHandler(handler: (message: string) => void): void; getCurlirizeHandler(): (message: string) => void; setCurlirize(curlirize: boolean): void; getCurlirize(): boolean; setCreateProgressHandler(handler: (type: ProgressIndicatorType, total?: number, message?: string) => string): void; getCreateProgressHandler(): (type: ProgressIndicatorType, total?: number, message?: string) => string; setUpdateProgressHandler(handler: (id: string, message: string) => void): void; getUpdateProgressHandler(): (id: string, message: string) => void; setStopProgressHandler(handler: (id: string, message: string, status?: ProgressIndicatorStatusType) => void): void; getStopProgressHandler(): (id: string, message: string, status?: ProgressIndicatorStatusType) => void; setPrintHandler(handler: (message: string | object, type?: string, newline?: boolean) => void): void; getPrintHandler(): (message: string | object, type?: string, newline?: boolean) => void; setErrorHandler(handler: (error: Error, message?: string) => void): void; getErrorHandler(): (error: Error, message?: string) => void; setVerboseHandler(handler: (message: string | object) => void): void; getVerboseHandler(): (message: string | object) => void; setVerbose(verbose: boolean): void; getVerbose(): boolean; setDebugHandler(handler: (message: string | object) => void): void; getDebugHandler(): (message: string | object) => void; setDebug(debug: boolean): void; getDebug(): boolean; getAxiosRetryConfig(): IAxiosRetryConfig; setAxiosRetryConfig(axiosRetryConfig: IAxiosRetryConfig): void; /** * Reset the state to default values */ reset(): void; /** * @deprecated since v0.17.0 use `setHost(host: string)` instead */ setTenant(tenant: string): void; /** * @deprecated since v0.17.0 use `getHost` instead */ getTenant(): string; }; interface StateInterface { host?: string; idmHost?: string; username?: string; password?: string; realm?: string; deploymentType?: string; adminClientId?: string; adminClientRedirectUri?: string; allowInsecureConnection?: boolean; authenticationHeaderOverrides?: Record<string, string>; authenticationService?: string; cookieName?: string; userSessionToken?: UserSessionMetaType; features?: FeatureInterface[]; serviceAccountId?: string; serviceAccountJwk?: JwkRsa; serviceAccountScope?: string; useBearerTokenForAmApis?: boolean; bearerToken?: AccessTokenMetaType; logApiKey?: string; logApiSecret?: string; amVersion?: string; frodoVersion?: string; connectionProfilesPath?: string; useTokenCache?: boolean; tokenCachePath?: string; masterKeyPath?: string; outputFile?: string; directory?: string; autoRefreshTimer?: NodeJS.Timeout; printHandler?: (message: string | object, type?: string, newline?: boolean) => void; errorHandler?: (error: Error, message: string) => void; verboseHandler?: (message: string | object) => void; verbose?: boolean; debugHandler?: (message: string | object) => void; debug?: boolean; curlirizeHandler?: (message: string) => void; curlirize?: boolean; createProgressHandler?: (type: ProgressIndicatorType, total?: number, message?: string) => string; updateProgressHandler?: (id: string, message: string) => void; stopProgressHandler?: (id: string, message: string, status?: string) => void; axiosRetryConfig?: IAxiosRetryConfig; } type OAuth2ClientSkeleton = AmConfigEntityInterface & { overrideOAuth2ClientConfig?: { [k: string]: string | number | boolean | string[] | object | undefined; }; advancedOAuth2ClientConfig?: { descriptions: { inherited: boolean; value: string[]; }; grantTypes?: Readable<string[]> | Writable<string[]>; isConsentImplied?: Readable<boolean> | Writable<boolean>; tokenEndpointAuthMethod?: Readable<string> | Writable<string>; responseTypes?: Readable<string[]> | Writable<string[]>; [k: string]: string | number | boolean | string[] | object | undefined; }; signEncOAuth2ClientConfig?: { jwkSet?: Readable<string> | Writable<string>; publicKeyLocation?: Readable<string> | Writable<string>; [k: string]: string | number | boolean | string[] | object | undefined; }; coreOpenIDClientConfig?: { [k: string]: string | number | boolean | string[] | object | undefined; }; coreOAuth2ClientConfig?: { userpassword?: string; clientName?: Readable<string[]> | Writable<string[]>; clientType?: Readable<string> | Writable<string>; accessTokenLifetime?: Readable<number> | Writable<number>; scopes?: Readable<string[]> | Writable<string[]>; defaultScopes?: { value: string[]; [k: string]: string | number | boolean | string[] | object | undefined; }; [k: string]: string | number | boolean | string[] | object | undefined; }; coreUmaClientConfig?: { [k: string]: string | number | boolean | string[] | object | undefined; }; }; type OAuth2TrustedJwtIssuerSkeleton = IdObjectSkeletonInterface & { allowedSubjects?: Readable<string[]> | Writable<string[]>; jwksCacheTimeout?: Readable<number> | Writable<number>; jwkSet?: Readable<string> | Writable<string>; consentedScopesClaim?: Readable<string> | Writable<string>; issuer: Readable<string> | Writable<string>; jwkStoreCacheMissCacheTime?: Readable<number> | Writable<number>; resourceOwnerIdentityClaim?: Readable<string> | Writable<string>; jwksUri?: Readable<string> | Writable<string>; _type: { _id: 'TrustedJwtIssuer'; name: 'OAuth2 Trusted JWT Issuer'; collection: true; }; }; type Admin = { generateRfc7523AuthZGrantArtefacts(clientId: string, iss: string, jwk?: JwkRsa, sub?: string, scope?: string[], options?: { save: boolean; }): Promise<{ jwk: JwkRsa; jwks: JwksInterface; client: OAuth2ClientSkeleton; issuer: OAuth2TrustedJwtIssuerSkeleton; }>; executeRfc7523AuthZGrantFlow(clientId: string, iss: string, jwk: JwkRsa, sub: string, scope?: string[]): Promise<AccessTokenResponseType>; generateRfc7523ClientAuthNArtefacts(clientId: string, aud?: string, jwk?: JwkRsa, options?: { save: boolean; }): Promise<{ jwk: JwkRsa; jwks: JwksInterface; jwt: any; client: OAuth2ClientSkeleton; }>; trainAA(apiKey: string, apiSecret: string, customUsernames?: string[], customUserAgents?: string[], customIPs?: string[], loginsPerUser?: number, service?: string): Promise<void>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ listOAuth2CustomClients(): Promise<string[]>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ listOAuth2AdminClients(): Promise<string[]>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ listNonOAuth2AdminStaticUserMappings(showProtected: boolean): Promise<string[]>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ addAutoIdStaticUserMapping(): Promise<void>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ grantOAuth2ClientAdminPrivileges(clientId: string): Promise<void>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ revokeOAuth2ClientAdminPrivileges(clientId: string): Promise<void>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ createOAuth2ClientWithAdminPrivileges(clientId: string, clientSecret: string): Promise<void>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ createLongLivedToken(clientId: string, clientSecret: string, scope: string, secret: string | boolean, lifetime: number): Promise<any>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ removeStaticUserMapping(subject: string): Promise<void>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ hideGenericExtensionAttributes(includeCustomized: boolean, dryRun: boolean): Promise<void>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ showGenericExtensionAttributes(includeCustomized: boolean, dryRun: boolean): Promise<void>; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ repairOrgModel(excludeCustomized: boolean, extendPermissions: boolean, dryRun: boolean): Promise<void>; }; type PolicyAgentType = '2.2_Agent'; type GatewayAgentType = 'IdentityGatewayAgent'; type JavaAgentType = 'J2EEAgent'; type OAuth2ThingType = 'OAuth2Thing'; type RemoteConsentAgentType = 'RemoteConsentAgent'; type SharedAgentType = 'SharedAgent'; type SoapSTSAgentType = 'SoapSTSAgent'; type SoftwarePublisherType = 'SoftwarePublisher'; type WebAgentType = 'WebAgent'; type AgentType = PolicyAgentType | GatewayAgentType | JavaAgentType | OAuth2ThingType | RemoteConsentAgentType | SharedAgentType | SoapSTSAgentType | SoftwarePublisherType | WebAgentType | EntityType; type AgentSkeleton = AmConfigEntityInterface; type AgentGroupSkeleton = AmConfigEntityInterface; interface ExportMetaData { origin: string; originAmVersion: string; exportedBy: string; exportDate: string; exportTool: string; exportToolVersion: string; } type Agent = { /** * Create an empty agent export template * @returns {AgentExportInterface} an empty agent export template */ createAgentExportTemplate(): AgentExportInterface; /** * Read all agents. * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false. * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of agent objects */ readAgents(globalConfig: boolean): Promise<AgentSkeleton[]>; /** * Read agent * @param {string} agentId agent id/name * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false. * @returns {Promise<AgentSkeleton>} a promise that resolves to an agent object */ readAgent(agentId: string, globalConfig: boolean): Promise<AgentSkeleton>; /** * Create an empty agent group export template * @returns {AgentGroupExportInterface} an empty agent export template */ createAgentGroupExportTemplate(): AgentGroupExportInterface; /** * Read agent group by id * @param {string} groupId Group id * @returns {Promise<AgentGroupSkeleton>} a promise that resolves to a agent group object */ readAgentGroup(groupId: string): Promise<AgentGroupSkeleton>; /** * Read all agent groups. * @returns {Promise<AgentGroupSkeleton[]>} a promise that resolves to an array of agent group objects */ readAgentGroups(): Promise<AgentGroupSkeleton[]>; /** * Export a single agent group by id. The response can be saved to file as is. * @param {string} groupId Group id * @returns {Promise<AgentGroupExportInterface>} Promise resolving to a AgentGroupExportInterface object. */ exportAgentGroup(groupId: string): Promise<AgentGroupExportInterface>; /** * Export all agent groups. The response can be saved to file as is. * @returns {Promise<AgentGroupExportInterface>} Promise resolving to a AgentGroupExportInterface object. */ exportAgentGroups(): Promise<AgentGroupExportInterface>; /** * Read agent by type and id * @param {string} agentType agent type (IdentityGatewayAgent, J2EEAgent, WebAgent) * @param {string} agentId agent id/name * @returns {Promise<AgentSkeleton>} a promise that resolves to an agent object */ readAgentByTypeAndId(agentType: AgentType, agentId: string): Promise<AgentSkeleton>; /** * Read identity gateway agents * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of IdentityGatewayAgent objects */ readIdentityGatewayAgents(): Promise<AgentSkeleton[]>; /** * Read identity gateway agent * @param {string} gatewayId gateway id * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an IdentityGatewayAgent object */ readIdentityGatewayAgent(gatewayId: string): Promise<AgentSkeleton>; /** * Create identity gateway agent * @param {string} gatewayId gateway id * @param {AgentSkeleton} gatewayData IdentityGatewayAgent object * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an IdentityGatewayAgent object */ createIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise<AgentSkeleton>; /** * Update or create identity gateway agent * @param {string} gatewayId gateway id * @param {AgentSkeleton} gatewayData IdentityGatewayAgent object * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an IdentityGatewayAgent object */ updateIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise<AgentSkeleton>; /** * Read java agents * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of J2EEAgent objects */ readJavaAgents(): Promise<AgentSkeleton[]>; /** * Read java agent * @param {string} agentId java agent id * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an J2EEAgent object */ readJavaAgent(agentId: string): Promise<AgentSkeleton>; /** * Put java agent * @param {string} agentId java agent id * @param {AgentSkeleton} agentData java agent object * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an java agent object */ createJavaAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton>; /** * Put java agent * @param {string} agentId java agent id * @param {AgentSkeleton} agentData java agent object * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an java agent object */ updateJavaAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton>; /** * Read web agents * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of WebAgent objects */ readWebAgents(): Promise<AgentSkeleton[]>; /** * Read web agent * @param {string} agentId web agent id * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an WebAgent object */ readWebAgent(agentId: string): Promise<AgentSkeleton>; /** * Create web agent * @param {string} agentId web agent id * @param {AgentSkeleton} agentData WebAgent object * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an WebAgent object */ createWebAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton>; /** * Update or create web agent * @param {string} agentId web agent id * @param {AgentSkeleton} agentData WebAgent object * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an WebAgent object */ updateWebAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton>; /** * Export all agents. The response can be saved to file as is. * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false. * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object. */ exportAgents(globalConfig: boolean): Promise<AgentExportInterface>; /** * Export all identity gateway agents. The response can be saved to file as is. * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object. */ exportIdentityGatewayAgents(): Promise<AgentExportInterface>; /** * Export all java agents. The response can be saved to file as is. * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object. */ exportJavaAgents(): Promise<AgentExportInterface>; /** * Export all web agents. The response can be saved to file as is. * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object. */ exportWebAgents(): Promise<AgentExportInterface>; /** * Export agent. The response can be saved to file as is. * @param agentId agent id/name * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false. * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object. */ exportAgent(agentId: string, globalConfig: boolean): Promise<AgentExportInterface>; /** * Export identity gateway agent. The response can be saved to file as is. * @param agentId agent id/name * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object. */ exportIdentityGatewayAgent(agentId: string): Promise<AgentExportInterface>; /** * Export java agent. The response can be saved to file as is. * @param agentId agent id/name * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object. */ exportJavaAgent(agentId: string): Promise<AgentExportInterface>; /** * Export web agent. The response can be saved to file as is. * @param agentId agent id/name * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object. */ exportWebAgent(agentId: string): Promise<AgentExportInterface>; /** * Import agents. The import data is usually read from an agent export file. * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false. * @param {AgentExportInterface} importData agent import data. * @returns {Promise<AgentSkeleton[]>} The agents that were imported. */ importAgents(importData: AgentExportInterface, globalConfig: boolean): Promise<AgentSkeleton[]>; /** * Import agents groups. The import data is usually read from an agent group export file. * @param {AgentExportInterface} importData agent import data. * @returns {Promise<AgentGroupSkeleton[]>} The agent groups that were imported. */ importAgentGroups(importData: AgentGroupExportInterface): Promise<AgentGroupSkeleton[]>; /** * Import identity gateway agents. The import data is usually read from an agent export file. * @param {AgentExportInterface} importData agent import data. */ importIdentityGatewayAgents(importData: AgentExportInterface): Promise<void>; /** * Import java agents. The import data is usually read from an agent export file. * @param {AgentExportInterface} importData agent import data. */ importJavaAgents(importData: AgentExportInterface): Promise<void>; /** * Import web agents. The import data is usually read from an agent export file. * @param {AgentExportInterface} importData agent import data. */ importWebAgents(importData: AgentExportInterface): Promise<void>; /** * Import agent. The import data is usually read from an agent export file. * @param {string} agentId agent id/name * @param {AgentExportInterface} importData agent import data. * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false. * @returns {Promise<AgentSkeleton>} Promise resolving to an agent object. */ importAgent(agentId: string, importData: AgentExportInterface, globalConfig: boolean): Promise<AgentSkeleton>; /** * Import agent group. The import data is usually read from an agent group export file. * @param {string} agentGroupId agent group id/name * @param {AgentGroupExportInterface} importData agent group import data. * @returns {Promise<AgentGroupSkeleton>} Promise resolving to an agent group object. */ importAgentGroup(agentGroupId: string, importData: AgentGroupExportInterface): Promise<AgentGroupSkeleton>; /** * Import identity gateway agent. The import data is usually read from an agent export file. * @param {string} agentId agent id/name * @param {AgentExportInterface} importData agent import data. * @returns {Promise<AgentSkeleton>} Promise resolving to an agent object. */ importIdentityGatewayAgent(agentId: string, importData: AgentExportInterface): Promise<AgentSkeleton>; /** * Import java agent. The import data is usually read from an agent export file. * @param {string} agentId agent id/name * @param {AgentExportInterface} importData agent import data. * @returns {Promise<AgentSkeleton>} Promise resolving to an agent object. */ importJavaAgent(agentId: string, importData: AgentExportInterface): Promise<AgentSkeleton>; /** * Import java agent. The import data is usually read from an agent export file. * @param {string} agentId agent id/name * @param {AgentExportInterface} importData agent import data. * @returns {Promise<AgentSkeleton>} Promise resolving to an agent object. */ importWebAgent(agentId: string, importData: AgentExportInterface): Promise<AgentSkeleton>; /** * Delete all agents */ deleteAgents(): Promise<void>; /** * Delete agent * @param agentId agent id/name */ deleteAgent(agentId: string): Promise<void>; /** * Delete all identity gateway agents */ deleteIdentityGatewayAgents(): Promise<void>; /** * Delete identity gateway agent * @param agentId agent id/name */ deleteIdentityGatewayAgent(agentId: string): Promise<void>; /** * Delete all java agents */ deleteJavaAgents(): Promise<void>; /** * Delete java agent * @param agentId agent id/name */ deleteJavaAgent(agentId: string): Promise<void>; /** * Delete all web agents */ deleteWebAgents(): Promise<void>; /** * Delete web agent * @param agentId agent id/name */ deleteWebAgent(agentId: string): Promise<void>; /** * Get all agents. * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of agent objects * @deprecated since v2.0.0 use {@link Agent.readAgents | readAgents} instead * ```javascript * readAgents(): Promise<AgentSkeleton[]> * ``` * @group Deprecated */ getAgents(): Promise<AgentSkeleton[]>; /** * Get agent * @param {string} agentId agent id/name * @returns {Promise<AgentSkeleton>} a promise that resolves to an agent object * @deprecated since v2.0.0 use {@link Agent.readAgent | readAgent} instead * ```javascript * readAgent(agentId: string): Promise<AgentSkeleton> * ``` * @group Deprecated */ getAgent(agentId: string): Promise<AgentSkeleton>; /** * Get agent by type and id * @param {string} agentType agent type (IdentityGatewayAgent, J2EEAgent, WebAgent) * @param {string} agentId agent id/name * @returns {Promise<AgentSkeleton>} a promise that resolves to an agent object * @deprecated since v2.0.0 use {@link Agent.readAgentByTypeAndId | readAgentByTypeAndId} instead * ```javascript * readAgentByTypeAndId(agentType: AgentType, agentId: string): Promise<AgentSkeleton> * ``` * @group Deprecated */ getAgentByTypeAndId(agentType: AgentType, agentId: string): Promise<AgentSkeleton>; /** * Get identity gateway agents * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of IdentityGatewayAgent objects * @deprecated since v2.0.0 use {@link Agent.readIdentityGatewayAgents | readIdentityGatewayAgents} instead * ```javascript * readIdentityGatewayAgents(): Promise<AgentSkeleton[]> * ``` * @group Deprecated */ getIdentityGatewayAgents(): Promise<AgentSkeleton[]>; /** * Get identity gateway agent * @param {string} gatewayId gateway id * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an IdentityGatewayAgent object * @deprecated since v2.0.0 use {@link Agent.readIdentityGatewayAgent | readIdentityGatewayAgent} instead * ```javascript * readIdentityGatewayAgent(gatewayId: string): Promise<AgentSkeleton> * ``` * @group Deprecated */ getIdentityGatewayAgent(gatewayId: string): Promise<AgentSkeleton>; /** * Update or create identity gateway agent * @param {string} gatewayId gateway id * @param {AgentSkeleton} gatewayData IdentityGatewayAgent object * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an IdentityGatewayAgent object * @deprecated since v2.0.0 use {@link Agent.updateIdentityGatewayAgent | updateIdentityGatewayAgent} or {@link Agent.createIdentityGatewayAgent | createIdentityGatewayAgent} instead * ```javascript * updateIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise<AgentSkeleton> * createIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise<AgentSkeleton> * ``` * @group Deprecated */ putIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise<AgentSkeleton>; /** * Get java agents * @returns {romise<AgentSkeleton[]>} a promise that resolves to an array of J2EEAgent objects * @deprecated since v2.0.0 use {@link Agent.readJavaAgents | readJavaAgents} instead * ```javascript * readJavaAgents(): Promise<AgentSkeleton[]> * ``` * @group Deprecated */ getJavaAgents(): Promise<AgentSkeleton[]>; /** * Get java agent * @param {string} agentId java agent id * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an J2EEAgent object * @deprecated since v2.0.0 use {@link Agent.readJavaAgent | readJavaAgent} instead * ```javascript * readJavaAgent(agentId: string): Promise<AgentSkeleton> * ``` * @group Deprecated */ getJavaAgent(agentId: string): Promise<AgentSkeleton>; /** * Update or create java agent * @param {string} agentId java agent id * @param {AgentSkeleton} agentData java agent object * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an java agent object * @deprecated since v2.0.0 use {@link Agent.updateJavaAgent | updateJavaAgent} or {@link Agent.createJavaAgent | createJavaAgent} instead * ```javascript * updateJavaAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton> * createJavaAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton> * ``` * @group Deprecated */ putJavaAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton>; /** * Get web agents * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of WebAgent objects * @deprecated since v2.0.0 use {@link Agent.readWebAgents | readWebAgents} instead * ```javascript * readWebAgents(): Promise<AgentSkeleton[]> * ``` * @group Deprecated */ getWebAgents(): Promise<AgentSkeleton[]>; /** * Get web agent * @param {string} agentId web agent id * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an WebAgent object * @deprecated since v2.0.0 use {@link Agent.readWebAgent | readWebAgent} instead * ```javascript * readWebAgent(agentId: string): Promise<AgentSkeleton> * ``` * @group Deprecated */ getWebAgent(agentId: string): Promise<AgentSkeleton>; /** * Update or create web agent * @param {string} agentId web agent id * @param {AgentSkeleton} agentData WebAgent object * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an WebAgent object * @deprecated since v2.0.0 use {@link Agent.updateWebAgent | updateWebAgent} or {@link Agent.createWebAgent | createWebAgent} instead * ```javascript * updateWebAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton> * createWebAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton> * ``` * @group Deprecated */ putWebAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton>; }; interface AgentExportInterface { meta?: ExportMetaData; agent: Record<string, AgentSkeleton>; } interface AgentGroupExportInterface { meta?: ExportMetaData; agentGroup: Record<string, AgentGroupSkeleton>; } interface AmConfigEntitiesInterface { applicationTypes: AmConfigEntityInterface; authenticationChains: AmConfigEntityInterface; authenticationModules: AmConfigEntityInterface; authenticationTreesConfiguration: AmConfigEntityInterface; conditionTypes: AmConfigEntityInterface; decisionCombiners: AmConfigEntityInterface; secrets: AmConfigEntityInterface; serverInformation: AmConfigEntityInterface; serverVersion: AmConfigEntityInterface; subjectAttributes: AmConfigEntityInterface; subjectTypes: AmConfigEntityInterface; webhookService: AmConfigEntityInterface; wsEntity: AmConfigEntityInterface; } type ConfigSkeleton = { global: AmConfigEntitiesInterface; realm: Record<string, AmConfigEntitiesInterface>; }; type AmConfig = { /** * Create an empty config entity export template * @returns {Promise<ConfigEntityExportInterface>} an empty config entity export template */ createConfigEntityExportTemplate(realms?: string[]): Promise<ConfigEntityExportInterface$1>; /** * Export all other AM config entities * @param {boolean} includeReadOnly Include read only config in the export * @param {boolean} onlyRealm Export config only from the active realm. If onlyGlobal is also active, then it will also export the global config. * @param {boolean} onlyGlobal Export global config only. If onlyRealm is also active, then it will also export the active realm config. * @returns {Promise<ConfigEntityExportInterface>} promise resolving to a ConfigEntityExportInterface object */ exportAmConfigEntities(includeReadOnly: boolean, onlyRealm: boolean, onlyGlobal: boolean): Promise<ConfigEntityExportInterface$1>; /** * Import all other AM config entities * @param {ConfigEntityExportInterface} importData The config import data * @returns {Promise<ConfigSkeleton | null>} a promise that resolves to a config object containing global and realm config entities, or null if no import was performed */ importAmConfigEntities(importData: ConfigEntityExportInterface$1): Promise<ConfigSkeleton | null>; }; interface ConfigEntityExportInterface$1 { meta?: ExportMetaData; global: Record<string, Record<string, AmConfigEntityInterface>>; realm: Record<string, Record<string, Record<string, AmConfigEntityInterface>>>; } type ResourceConfig = { apiVersion?: string; }; type ApiFactory = { /** * Generates an AM Axios API instance * @param {ResourceConfig} resource Takes an object takes a resource object. example: * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either * add on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateAmApi(resource: ResourceConfig, requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates an OAuth2 Axios API instance * @param {ResourceConfig} resource Takes a resource object. example: * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either * add on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateOauth2Api(resource: ResourceConfig, requestOverride?: AxiosRequestConfig, authenticate?: boolean): AxiosInstance; /** * Generates an IDM Axios API instance * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateIdmApi(requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates a LogKeys API Axios instance * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateLogKeysApi(requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates a Log API Axios instance * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateLogApi(requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates an Axios instance for the Identity Cloud Environment API * @param {ResourceConfig} resource Resource config object. * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateEnvApi(resource: ResourceConfig, requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates an Axios instance for the Identity Cloud Governance API * @param {ResourceConfig} resource Resource config object. * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateGovernanceApi(resource: ResourceConfig, requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates a release (Github or Npm) Axios API instance * @param {string} baseUrl Base URL for the request * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateReleaseApi(baseUrl: string, requestOverride?: AxiosRequestConfig): AxiosInstance; }; type CircleOfTrustSkeleton = AmConfigEntityInterface & { status?: string; trustedProviders?: string[]; }; type Saml2ProiderLocation = 'hosted' | 'remote'; type Saml2ProviderStub = IdObjectSkeletonInterface & { entityId: string; location: Saml2ProiderLocation; roles: string[]; }; type Saml2ProviderSkeleton = IdObjectSkeletonInterface & { entityId: string; entityLocation: Saml2ProiderLocation; serviceProvider: unknown; identityProvider: { assertionProcessing?: { attributeMapper?: { attributeMapperScript?: string; }; }; advanced?: { idpAdapter?: { idpAdapterScript?: string; }; }; }; attributeQueryProvider: unknown; xacmlPolicyEnforcementPoint: unknown; }; type ScriptLanguage = 'GROOVY' | 'JAVASCRIPT'; type ScriptContext = 'OAUTH2_ACCESS_TOKEN_MODIFICATION' | 'AUTHENTICATION_CLIENT_SIDE' | 'AUTHENTICATION_TREE_DECISION_NODE' | 'AUTHENTICATION_SERVER_SIDE' | 'SOCIAL_IDP_PROFILE_TRANSFORMATION' | 'OAUTH2_VALIDATE_SCOPE' | 'CONFIG_PROVIDER_NODE' | 'OAUTH2_AUTHORIZE_ENDPOINT_DATA_PROVIDER' | 'OAUTH2_EVALUATE_SCOPE' | 'POLICY_CONDITION' | 'OIDC_CLAIMS' | 'SAML2_IDP_ADAPTER' | 'SAML2_IDP_ATTRIBUTE_MAPPER' | 'OAUTH2_MAY_ACT' | 'LIBRARY'; type ScriptSkeleton = IdObjectSkeletonInterface & { name: string; description: string; default: boolean; script: string | string[]; language: ScriptLanguage; context: ScriptContext; createdBy: string; creationDate: number; lastModifiedBy: string; lastModifiedDate: number; exports?: { arity?: number; id: string; type: string; }[]; }; type Mapping = { /** * Create an empty mapping export template * @returns {MappingExportInterface} an empty mapping export template */ createMappingExportTemplate(): MappingExportInterface; /** * Read mappings from sync.json (legacy) * @returns {Promise<MappingSkeleton[]>} a promise that resolves to an array of mapping objects */ readSyncMappings(): Promise<MappingSkeleton[]>; /** * Read mappings * @param {string} connectorId limit mappings to connector * @param {string} moType limit mappings to managed object type * @returns {Promise<MappingSkeleton[]>} a promise that resolves to an array of mapping objects */ readMappings(connectorId?: string, moType?: string): Promise<MappingSkeleton[]>; /** * Read mapping * @param {string} mappingId id of the mapping (new: 'mapping/\<name>', legacy: 'sync/\<name>') * @returns {Promise<MappingSkeleton>} a promise that resolves an mapping object */ readMapping(mappingId: string): Promise<MappingSkeleton>; /** * Create mapping * @param {string} mappingId id of the mapping (new: 'mapping/\<name>', legacy: 'sync/\<name>') * @param {MappingSkeleton} mappingData mapping object * @returns {Promise<MappingSkeleton>} a promise that resolves to an mapping object */ createMapping(mappingId: string, mappingData: MappingSkeleton): Promise<MappingSkeleton>; /** * Update or create mapping * @param {string} mappingId id of the mapping (new: 'mapping/\<name>', legacy: 'sync/\<name>') * @param {MappingSkeleton} mappingData mapping object * @returns {Promise<MappingSkeleton>} a promise that resolves to an mapping object */ updateMapping(mappingId: string, mappingData: MappingSkeleton): Promise<MappingSkeleton>; /** * Update or create mappings in sync.json (legacy) * @param {MappingSkeleton} mappingData mapping object * @returns {Promise<MappingSkeleton>} a promise that resolves to an mapping object */ updateSyncMappings(mappings: MappingSkeleton[]): Promise<MappingSkeleton[]>; /** * Delete all mappings * @param {string} connectorId limit mappings to connector