@rockcarver/frodo-lib/types/api/OAuth2ProviderApi.d.ts

A library to manage ForgeRock Identity Cloud tenants, ForgeOps deployments, and classic deployments.

import { State } from '../shared/State';
import { type AmConfigEntityInterface } from './ApiTypes';
export type OAuth2ProviderSkeleton = AmConfigEntityInterface & {
    advancedOIDCConfig: {
        supportedRequestParameterEncryptionEnc?: string[];
        authorisedOpenIdConnectSSOClients?: string[];
        supportedUserInfoEncryptionAlgorithms?: string[];
        supportedAuthorizationResponseEncryptionEnc?: string[];
        supportedTokenIntrospectionResponseEncryptionAlgorithms?: string[];
        useForceAuthnForPromptLogin?: boolean;
        useForceAuthnForMaxAge?: boolean;
        alwaysAddClaimsToToken?: boolean;
        supportedTokenIntrospectionResponseSigningAlgorithms?: string[];
        supportedTokenEndpointAuthenticationSigningAlgorithms?: string[];
        supportedRequestParameterSigningAlgorithms?: string[];
        includeAllKtyAlgCombinationsInJwksUri?: boolean;
        amrMappings?: any;
        loaMapping?: any;
        authorisedIdmDelegationClients?: string[];
        idTokenInfoClientAuthenticationEnabled?: boolean;
        storeOpsTokens?: boolean;
        supportedUserInfoSigningAlgorithms?: string[];
        supportedAuthorizationResponseSigningAlgorithms?: string[];
        supportedUserInfoEncryptionEnc?: string[];
        claimsParameterSupported?: boolean;
        supportedTokenIntrospectionResponseEncryptionEnc?: string[];
        supportedAuthorizationResponseEncryptionAlgorithms?: string[];
        supportedRequestParameterEncryptionAlgorithms?: string[];
        defaultACR?: string[];
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    advancedOAuth2Config?: {
        passwordGrantAuthService?: string;
        tokenCompressionEnabled?: boolean;
        tokenEncryptionEnabled?: boolean;
        requirePushedAuthorizationRequests?: boolean;
        tlsCertificateBoundAccessTokensEnabled?: boolean;
        defaultScopes?: string[];
        moduleMessageEnabledInPasswordGrant?: boolean;
        allowClientCredentialsInTokenRequestQueryParameters?: boolean;
        supportedSubjectTypes?: string[];
        refreshTokenGracePeriod?: number;
        tlsClientCertificateHeaderFormat?: string;
        hashSalt?: string;
        macaroonTokenFormat?: string;
        maxAgeOfRequestObjectNbfClaim?: number;
        tlsCertificateRevocationCheckingEnabled?: boolean;
        nbfClaimRequiredInRequestObject?: boolean;
        requestObjectProcessing?: string;
        maxDifferenceBetweenRequestObjectNbfAndExp?: number;
        responseTypeClasses?: string[];
        expClaimRequiredInRequestObject?: boolean;
        tokenValidatorClasses?: string[];
        tokenSigningAlgorithm?: string;
        codeVerifierEnforced?: string;
        displayNameAttribute?: string;
        tokenExchangeClasses?: string[];
        parRequestUriLifetime?: number;
        allowedAudienceValues?: string[];
        persistentClaims?: string[];
        supportedScopes?: string[];
        authenticationAttributes?: string[];
        grantTypes?: string[];
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    clientDynamicRegistrationConfig?: {
        dynamicClientRegistrationScope: string;
        allowDynamicRegistration: boolean;
        requiredSoftwareStatementAttestedAttributes: string[];
        dynamicClientRegistrationSoftwareStatementRequired: boolean;
        generateRegistrationAccessTokens: boolean;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    coreOIDCConfig?: {
        overrideableOIDCClaims: string[];
        oidcDiscoveryEndpointEnabled: boolean;
        supportedIDTokenEncryptionMethods: string[];
        supportedClaims: string[];
        supportedIDTokenSigningAlgorithms: string[];
        supportedIDTokenEncryptionAlgorithms: string[];
        jwtTokenLifetime: number;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    coreOAuth2Config?: {
        refreshTokenLifetime: number;
        scopesPolicySet: string;
        accessTokenMayActScript: '[Empty]' | string;
        accessTokenLifetime: number;
        macaroonTokensEnabled: boolean;
        codeLifetime: number;
        statelessTokensEnabled: boolean;
        usePolicyEngineForScope: boolean;
        issueRefreshToken: boolean;
        oidcMayActScript: '[Empty]' | string;
        issueRefreshTokenOnRefreshedToken: boolean;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    consent?: {
        supportedRcsRequestSigningAlgorithms: string[];
        supportedRcsResponseEncryptionAlgorithms: string[];
        supportedRcsRequestEncryptionMethods: string[];
        enableRemoteConsent: boolean;
        supportedRcsRequestEncryptionAlgorithms: string[];
        clientsCanSkipConsent: boolean;
        supportedRcsResponseSigningAlgorithms: string[];
        supportedRcsResponseEncryptionMethods: string[];
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    deviceCodeConfig?: {
        deviceUserCodeLength: number;
        deviceCodeLifetime: number;
        deviceUserCodeCharacterSet: string;
        devicePollInterval: number;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    pluginsConfig?: {
        evaluateScopeClass?: string;
        validateScopeScript?: '[Empty]' | string;
        accessTokenEnricherClass?: string;
        oidcClaimsPluginType?: string;
        authorizeEndpointDataProviderClass?: string;
        authorizeEndpointDataProviderPluginType?: 'JAVA' | 'SCRIPTED';
        userCodeGeneratorClass?: string;
        evaluateScopeScript?: '[Empty]' | string;
        oidcClaimsClass?: string;
        evaluateScopePluginType?: 'JAVA' | 'SCRIPTED';
        authorizeEndpointDataProviderScript?: '[Empty]' | string;
        accessTokenModifierClass?: string;
        accessTokenModificationScript?: '[Empty]' | string;
        validateScopePluginType?: 'JAVA' | 'SCRIPTED';
        accessTokenModificationPluginType?: 'JAVA' | 'SCRIPTED';
        oidcClaimsScript?: '[Empty]' | string;
        validateScopeClass?: string;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    cibaConfig?: {
        cibaMinimumPollingInterval: number;
        supportedCibaSigningAlgorithms: string[];
        cibaAuthReqIdLifetime: number;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    [k: string]: string | number | boolean | string[] | object | undefined;
};
/**
 * Get OAuth2 Provider
 * @returns {Promise<OAuth2ProviderSkeleton>} a promise that resolves to an OAuth2Provider object
 */
export declare function getOAuth2Provider({ state, }: {
    state: State;
}): Promise<OAuth2ProviderSkeleton>;
/**
 * Create OAuth2 provider
 * @param {OAuth2ProviderSkeleton} providerData (optional) oauth2 provider object
 * @returns {Promise<OAuth2ProviderSkeleton>} a promise that resolves to an oauth2 provider object
 */
export declare function createOAuth2Provider({ providerData, state, }: {
    providerData?: OAuth2ProviderSkeleton;
    state: State;
}): Promise<OAuth2ProviderSkeleton>;
/**
 * Put OAuth2 provider
 * @param {OAuth2ProviderSkeleton} providerData oauth2 provider object
 * @returns {Promise<OAuth2ProviderSkeleton>} a promise that resolves to an oauth2 provider object
 */
export declare function putOAuth2Provider({ providerData: providerData, state, }: {
    providerData: OAuth2ProviderSkeleton;
    state: State;
}): Promise<OAuth2ProviderSkeleton>;
/**
 * Delete OAuth2 Provider
 * @returns {Promise<OAuth2ProviderSkeleton>} a promise that resolves to an oauth2 provider object
 */
export declare function deleteOAuth2Provider({ state, }: {
    state: State;
}): Promise<OAuth2ProviderSkeleton>;
//# sourceMappingURL=OAuth2ProviderApi.d.ts.map