trojanhorse-js
Version:
A comprehensive JavaScript library for fetching, managing, and analyzing global threat intelligence from multiple open-source feeds and security news sources. Unlike its mythological namesake, this Trojan protects your digital fortress.
176 lines • 5.02 kB
TypeScript
/// <reference types="node" />
import { EventEmitter } from 'events';
import { CryptoEngine } from '../security/CryptoEngine';
export interface User {
id: string;
username: string;
email: string;
firstName: string;
lastName: string;
roles: string[];
permissions: string[];
department: string;
isActive: boolean;
lastLogin: Date;
mfaEnabled: boolean;
metadata?: Record<string, any>;
}
export interface AuthenticationConfig {
oauth2?: OAuth2Config;
saml?: SAMLConfig;
ldap?: LDAPConfig;
mfa?: MFAConfig;
rbac?: RBACConfig;
session?: SessionConfig;
}
export interface OAuth2Config {
clientId: string;
clientSecret: string;
callbackURL: string;
scopes: string[];
provider: 'microsoft' | 'google' | 'github' | 'okta' | 'auth0' | 'custom';
authorizationURL?: string;
tokenURL?: string;
userInfoURL?: string;
pkce?: boolean;
}
export interface SAMLConfig {
entityId: string;
ssoURL: string;
certificate: string;
privateKey?: string;
callbackURL: string;
signatureAlgorithm?: string;
}
export interface LDAPConfig {
url: string;
bindDN: string;
bindPassword: string;
baseDN: string;
usernameAttribute: string;
emailAttribute: string;
}
export interface MFAConfig {
enabled: boolean;
issuer: string;
window: number;
backupCodes: boolean;
}
export interface RBACConfig {
roles: Role[];
permissions: Permission[];
}
export interface SessionConfig {
secret: string;
maxAge: number;
secure: boolean;
httpOnly: boolean;
sameSite: 'strict' | 'lax' | 'none';
}
export interface Role {
id: string;
name: string;
description: string;
permissions: string[];
}
export interface Permission {
id: string;
name: string;
description: string;
resource: string;
action: string;
}
declare abstract class BaseAuthProvider extends EventEmitter {
protected config: any;
protected crypto: CryptoEngine;
constructor(config: any);
abstract authenticate(credentials: any): Promise<User | null>;
abstract validateToken(token: string): Promise<User | null>;
abstract refresh(refreshToken: string): Promise<{
accessToken: string;
refreshToken: string;
} | null>;
}
declare class OAuth2Provider extends BaseAuthProvider {
private clientId;
private clientSecret;
private redirectUri;
private scope;
constructor(config: OAuth2Config);
generateAuthURL(state: string, codeChallenge?: string): string;
private getAuthorizationURL;
private getTokenURL;
private getUserInfoURL;
authenticate(credentials: {
code: string;
state: string;
codeVerifier?: string;
}): Promise<User | null>;
validateToken(token: string): Promise<User | null>;
refresh(refreshToken: string): Promise<{
accessToken: string;
refreshToken: string;
} | null>;
private exchangeCodeForTokens;
private getUserInfo;
private mapUserInfo;
}
declare class SAMLProvider extends BaseAuthProvider {
constructor(config: SAMLConfig);
authenticate(credentials: {
samlResponse: string;
}): Promise<User | null>;
validateToken(token: string): Promise<User | null>;
refresh(refreshToken: string): Promise<{
accessToken: string;
refreshToken: string;
} | null>;
private validateSAMLResponse;
private parseSAMLResponse;
}
declare class MFAManager {
private totpSecrets;
private backupCodes;
enableMFA(userId: string): Promise<{
secret: string;
qrCode: string;
backupCodes: string[];
}>;
verifyMFA(userId: string, token: string): boolean;
private generateBackupCodes;
}
declare class RBACManager {
private roles;
private permissions;
private userRoles;
createRole(role: Role): void;
createPermission(permission: Permission): void;
assignRole(userId: string, roleId: string): boolean;
hasPermission(userId: string, resource: string, action: string): boolean;
}
declare class SessionManager {
private sessions;
private config;
constructor(config: SessionConfig);
createSession(userId: string, user: User): string;
getSession(sessionId: string): any | null;
destroySession(sessionId: string): boolean;
}
declare class EnterpriseAuthManager extends EventEmitter {
private config;
private oauth2Provider?;
private samlProvider?;
private mfaManager;
private rbacManager;
private sessionManager;
constructor(config: AuthenticationConfig);
authenticate(method: 'oauth2' | 'saml', credentials: any): Promise<{
user: User;
sessionId: string;
} | null>;
getMFAManager(): MFAManager;
getRBACManager(): RBACManager;
getSessionManager(): SessionManager;
}
export { BaseAuthProvider, OAuth2Provider, SAMLProvider, MFAManager, RBACManager, SessionManager, EnterpriseAuthManager };
//# sourceMappingURL=EnterpriseAuth.d.ts.map