Options
All
  • Public
  • Public/Protected
  • All
Menu

Module recipe/oauth2provider

Index

Classes

Type Aliases

Functions

Type Aliases

APIInterface

APIInterface: { authGET: undefined | ((input: { cookie: string | undefined; options: APIOptions; params: any; session: SessionContainer | undefined; shouldTryRefresh: boolean; userContext: UserContext }) => Promise<{ cookies?: string; redirectTo: string } | ErrorOAuth2 | GeneralErrorResponse>); endSessionGET: undefined | ((input: { options: APIOptions; params: Record<string, string>; session?: SessionContainer; shouldTryRefresh: boolean; userContext: UserContext }) => Promise<{ redirectTo: string } | ErrorOAuth2 | GeneralErrorResponse>); endSessionPOST: undefined | ((input: { options: APIOptions; params: Record<string, string>; session?: SessionContainer; shouldTryRefresh: boolean; userContext: UserContext }) => Promise<{ redirectTo: string } | ErrorOAuth2 | GeneralErrorResponse>); introspectTokenPOST: undefined | ((input: { options: APIOptions; scopes?: string[]; token: string; userContext: UserContext }) => Promise<InstrospectTokenResponse | GeneralErrorResponse>); loginGET: undefined | ((input: { loginChallenge: string; options: APIOptions; session?: SessionContainer; shouldTryRefresh: boolean; userContext: UserContext }) => Promise<{ cookies?: string; frontendRedirectTo: string } | ErrorOAuth2 | GeneralErrorResponse>); loginInfoGET: undefined | ((input: { loginChallenge: string; options: APIOptions; userContext: UserContext }) => Promise<{ info: LoginInfo; status: "OK" } | ErrorOAuth2 | GeneralErrorResponse>); logoutPOST: undefined | ((input: { logoutChallenge: string; options: APIOptions; session?: SessionContainer; userContext: UserContext }) => Promise<{ frontendRedirectTo: string; status: "OK" } | ErrorOAuth2 | GeneralErrorResponse>); revokeTokenPOST: undefined | ((input: { options: APIOptions; token: string; userContext: UserContext } & ({ authorizationHeader: string } | { clientId: string; clientSecret?: string })) => Promise<{ status: "OK" } | ErrorOAuth2>); tokenPOST: undefined | ((input: { authorizationHeader?: string; body: any; options: APIOptions; userContext: UserContext }) => Promise<TokenInfo | ErrorOAuth2 | GeneralErrorResponse>); userInfoGET: undefined | ((input: { accessTokenPayload: JSONObject; options: APIOptions; scopes: string[]; tenantId: string; user: User; userContext: UserContext }) => Promise<JSONObject | GeneralErrorResponse>) }

Type declaration

  • authGET: undefined | ((input: { cookie: string | undefined; options: APIOptions; params: any; session: SessionContainer | undefined; shouldTryRefresh: boolean; userContext: UserContext }) => Promise<{ cookies?: string; redirectTo: string } | ErrorOAuth2 | GeneralErrorResponse>)
  • endSessionGET: undefined | ((input: { options: APIOptions; params: Record<string, string>; session?: SessionContainer; shouldTryRefresh: boolean; userContext: UserContext }) => Promise<{ redirectTo: string } | ErrorOAuth2 | GeneralErrorResponse>)
  • endSessionPOST: undefined | ((input: { options: APIOptions; params: Record<string, string>; session?: SessionContainer; shouldTryRefresh: boolean; userContext: UserContext }) => Promise<{ redirectTo: string } | ErrorOAuth2 | GeneralErrorResponse>)
  • introspectTokenPOST: undefined | ((input: { options: APIOptions; scopes?: string[]; token: string; userContext: UserContext }) => Promise<InstrospectTokenResponse | GeneralErrorResponse>)
  • loginGET: undefined | ((input: { loginChallenge: string; options: APIOptions; session?: SessionContainer; shouldTryRefresh: boolean; userContext: UserContext }) => Promise<{ cookies?: string; frontendRedirectTo: string } | ErrorOAuth2 | GeneralErrorResponse>)
  • loginInfoGET: undefined | ((input: { loginChallenge: string; options: APIOptions; userContext: UserContext }) => Promise<{ info: LoginInfo; status: "OK" } | ErrorOAuth2 | GeneralErrorResponse>)
  • logoutPOST: undefined | ((input: { logoutChallenge: string; options: APIOptions; session?: SessionContainer; userContext: UserContext }) => Promise<{ frontendRedirectTo: string; status: "OK" } | ErrorOAuth2 | GeneralErrorResponse>)
  • revokeTokenPOST: undefined | ((input: { options: APIOptions; token: string; userContext: UserContext } & ({ authorizationHeader: string } | { clientId: string; clientSecret?: string })) => Promise<{ status: "OK" } | ErrorOAuth2>)
  • tokenPOST: undefined | ((input: { authorizationHeader?: string; body: any; options: APIOptions; userContext: UserContext }) => Promise<TokenInfo | ErrorOAuth2 | GeneralErrorResponse>)
  • userInfoGET: undefined | ((input: { accessTokenPayload: JSONObject; options: APIOptions; scopes: string[]; tenantId: string; user: User; userContext: UserContext }) => Promise<JSONObject | GeneralErrorResponse>)

APIOptions

APIOptions: { config: TypeNormalisedInput; isInServerlessEnv: boolean; recipeId: string; recipeImplementation: RecipeInterface; req: BaseRequest; res: BaseResponse }

Type declaration

RecipeInterface

RecipeInterface: { acceptConsentRequest: any; acceptLoginRequest: any; acceptLogoutRequest: any; authorization: any; buildAccessTokenPayload: any; buildIdTokenPayload: any; buildUserInfo: any; createOAuth2Client: any; deleteOAuth2Client: any; endSession: any; getConsentRequest: any; getFrontendRedirectionURL: any; getLoginRequest: any; getOAuth2Client: any; getOAuth2Clients: any; getRequestedScopes: any; introspectToken: any; rejectConsentRequest: any; rejectLoginRequest: any; rejectLogoutRequest: any; revokeToken: any; revokeTokensByClientId: any; revokeTokensBySessionHandle: any; tokenExchange: any; updateOAuth2Client: any; validateOAuth2AccessToken: any }

Type declaration

  • acceptConsentRequest:function
    • acceptConsentRequest(input: { challenge: string; context?: any; grantAccessTokenAudience?: string[]; grantScope?: string[]; handledAt?: string; initialAccessTokenPayload: JSONObject | undefined; initialIdTokenPayload: JSONObject | undefined; rsub: string; sessionHandle: string; tenantId: string; userContext: UserContext }): Promise<{ redirectTo: string }>

    • Parameters

      • input: { challenge: string; context?: any; grantAccessTokenAudience?: string[]; grantScope?: string[]; handledAt?: string; initialAccessTokenPayload: JSONObject | undefined; initialIdTokenPayload: JSONObject | undefined; rsub: string; sessionHandle: string; tenantId: string; userContext: UserContext }
        • challenge: string
        • Optional context?: any
        • Optional grantAccessTokenAudience?: string[]
        • Optional grantScope?: string[]
        • Optional handledAt?: string
        • initialAccessTokenPayload: JSONObject | undefined
        • initialIdTokenPayload: JSONObject | undefined
        • rsub: string
        • sessionHandle: string
        • tenantId: string
        • userContext: UserContext

      Returns Promise<{ redirectTo: string }>

  • acceptLoginRequest:function
    • acceptLoginRequest(input: { acr?: string; amr?: string[]; challenge: string; context?: any; extendSessionLifespan?: boolean; identityProviderSessionId?: string; subject: string; userContext: UserContext }): Promise<{ redirectTo: string }>

    • Parameters

      • input: { acr?: string; amr?: string[]; challenge: string; context?: any; extendSessionLifespan?: boolean; identityProviderSessionId?: string; subject: string; userContext: UserContext }
        • Optional acr?: string
        • Optional amr?: string[]
        • challenge: string
        • Optional context?: any
        • Optional extendSessionLifespan?: boolean
        • Optional identityProviderSessionId?: string
        • subject: string
        • userContext: UserContext

      Returns Promise<{ redirectTo: string }>

  • acceptLogoutRequest:function
    • acceptLogoutRequest(input: { challenge: string; userContext: UserContext }): Promise<ErrorOAuth2 | { redirectTo: string }>

    • Parameters

      • input: { challenge: string; userContext: UserContext }
        • challenge: string
        • userContext: UserContext

      Returns Promise<ErrorOAuth2 | { redirectTo: string }>

  • authorization:function
    • authorization(input: { cookies: string | undefined; params: Record<string, string>; session: SessionContainer | undefined; userContext: UserContext }): Promise<ErrorOAuth2 | { cookies: string | undefined; redirectTo: string }>

    • Parameters

      • input: { cookies: string | undefined; params: Record<string, string>; session: SessionContainer | undefined; userContext: UserContext }
        • cookies: string | undefined
        • params: Record<string, string>
        • session: SessionContainer | undefined
        • userContext: UserContext

      Returns Promise<ErrorOAuth2 | { cookies: string | undefined; redirectTo: string }>

  • buildAccessTokenPayload:function
    • buildAccessTokenPayload(input: { client: OAuth2Client; scopes: string[]; sessionHandle: string | undefined; user: User | undefined; userContext: UserContext }): Promise<JSONObject>

    • Parameters

      • input: { client: OAuth2Client; scopes: string[]; sessionHandle: string | undefined; user: User | undefined; userContext: UserContext }
        • client: OAuth2Client
        • scopes: string[]
        • sessionHandle: string | undefined
        • user: User | undefined
        • userContext: UserContext

      Returns Promise<JSONObject>

  • buildIdTokenPayload:function
    • buildIdTokenPayload(input: { client: OAuth2Client; scopes: string[]; sessionHandle: string | undefined; user: User | undefined; userContext: UserContext }): Promise<JSONObject>

    • Parameters

      • input: { client: OAuth2Client; scopes: string[]; sessionHandle: string | undefined; user: User | undefined; userContext: UserContext }
        • client: OAuth2Client
        • scopes: string[]
        • sessionHandle: string | undefined
        • user: User | undefined
        • userContext: UserContext

      Returns Promise<JSONObject>

  • buildUserInfo:function
    • buildUserInfo(input: { accessTokenPayload: JSONObject; scopes: string[]; tenantId: string; user: User; userContext: UserContext }): Promise<JSONObject>
  • createOAuth2Client:function
    • createOAuth2Client(input: Partial<Omit<OAuth2ClientOptions, "createdAt" | "updatedAt">> & { userContext: UserContext }): Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

    • Parameters

      • input: Partial<Omit<OAuth2ClientOptions, "createdAt" | "updatedAt">> & { userContext: UserContext }

      Returns Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

  • deleteOAuth2Client:function
    • deleteOAuth2Client(input: DeleteOAuth2ClientInput & { userContext: UserContext }): Promise<{ status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

    • Parameters

      • input: DeleteOAuth2ClientInput & { userContext: UserContext }

      Returns Promise<{ status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

  • endSession:function
    • endSession(input: { params: Record<string, string>; session?: SessionContainer; shouldTryRefresh: boolean; userContext: UserContext }): Promise<ErrorOAuth2 | { redirectTo: string }>
  • getConsentRequest:function
    • getConsentRequest(input: { challenge: string; userContext: UserContext }): Promise<ConsentRequest>
  • getFrontendRedirectionURL:function
    • getFrontendRedirectionURL(input: { forceFreshAuth: boolean; hint: string | undefined; loginChallenge: string; tenantId: string; type: "login"; userContext: UserContext } | { loginChallenge: string; type: "try-refresh"; userContext: UserContext } | { logoutChallenge: string; type: "logout-confirmation"; userContext: UserContext } | { type: "post-logout-fallback"; userContext: UserContext }): Promise<string>

    • Parameters

      • input: { forceFreshAuth: boolean; hint: string | undefined; loginChallenge: string; tenantId: string; type: "login"; userContext: UserContext } | { loginChallenge: string; type: "try-refresh"; userContext: UserContext } | { logoutChallenge: string; type: "logout-confirmation"; userContext: UserContext } | { type: "post-logout-fallback"; userContext: UserContext }

      Returns Promise<string>

  • getLoginRequest:function
    • getLoginRequest(input: { challenge: string; userContext: UserContext }): Promise<ErrorOAuth2 | LoginRequest & { status: "OK" }>

    • Parameters

      • input: { challenge: string; userContext: UserContext }
        • challenge: string
        • userContext: UserContext

      Returns Promise<ErrorOAuth2 | LoginRequest & { status: "OK" }>

  • getOAuth2Client:function
    • getOAuth2Client(input: { clientId: string; userContext: UserContext }): Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

    • Parameters

      • input: { clientId: string; userContext: UserContext }
        • clientId: string
        • userContext: UserContext

      Returns Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

  • getOAuth2Clients:function
    • getOAuth2Clients(input: GetOAuth2ClientsInput & { userContext: UserContext }): Promise<{ clients: OAuth2Client[]; nextPaginationToken?: string; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

    • Parameters

      • input: GetOAuth2ClientsInput & { userContext: UserContext }

      Returns Promise<{ clients: OAuth2Client[]; nextPaginationToken?: string; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

  • getRequestedScopes:function
    • getRequestedScopes(input: { clientId: string; recipeUserId: RecipeUserId | undefined; scopeParam: string[]; sessionHandle: string | undefined; userContext: UserContext }): Promise<string[]>

    • Parameters

      • input: { clientId: string; recipeUserId: RecipeUserId | undefined; scopeParam: string[]; sessionHandle: string | undefined; userContext: UserContext }
        • clientId: string
        • recipeUserId: RecipeUserId | undefined
        • scopeParam: string[]
        • sessionHandle: string | undefined
        • userContext: UserContext

      Returns Promise<string[]>

  • introspectToken:function
    • introspectToken(input: { scopes?: string[]; token: string; userContext: UserContext }): Promise<InstrospectTokenResponse>

    • Parameters

      • input: { scopes?: string[]; token: string; userContext: UserContext }
        • Optional scopes?: string[]
        • token: string
        • userContext: UserContext

      Returns Promise<InstrospectTokenResponse>

  • rejectConsentRequest:function
    • rejectConsentRequest(input: { challenge: string; error: ErrorOAuth2; userContext: UserContext }): Promise<{ redirectTo: string }>

    • Parameters

      • input: { challenge: string; error: ErrorOAuth2; userContext: UserContext }
        • challenge: string
        • error: ErrorOAuth2
        • userContext: UserContext

      Returns Promise<{ redirectTo: string }>

  • rejectLoginRequest:function
    • rejectLoginRequest(input: { challenge: string; error: ErrorOAuth2; userContext: UserContext }): Promise<{ redirectTo: string }>

    • Parameters

      • input: { challenge: string; error: ErrorOAuth2; userContext: UserContext }
        • challenge: string
        • error: ErrorOAuth2
        • userContext: UserContext

      Returns Promise<{ redirectTo: string }>

  • rejectLogoutRequest:function
    • rejectLogoutRequest(input: { challenge: string; userContext: UserContext }): Promise<{ status: "OK" }>
  • revokeToken:function
    • revokeToken(input: { token: string; userContext: UserContext } & { authorizationHeader: string } & { token: string; userContext: UserContext } & { clientId: string; clientSecret?: string }): Promise<ErrorOAuth2 | { status: "OK" }>

    • Parameters

      • input: { token: string; userContext: UserContext } & { authorizationHeader: string } & { token: string; userContext: UserContext } & { clientId: string; clientSecret?: string }

      Returns Promise<ErrorOAuth2 | { status: "OK" }>

  • revokeTokensByClientId:function
    • revokeTokensByClientId(input: { clientId: string; userContext: UserContext }): Promise<{ status: "OK" }>
  • revokeTokensBySessionHandle:function
    • revokeTokensBySessionHandle(input: { sessionHandle: string; userContext: UserContext }): Promise<{ status: "OK" }>
  • tokenExchange:function
    • tokenExchange(input: { authorizationHeader?: string; body: Record<string, string | undefined>; userContext: UserContext }): Promise<TokenInfo | ErrorOAuth2>

    • Parameters

      • input: { authorizationHeader?: string; body: Record<string, string | undefined>; userContext: UserContext }
        • Optional authorizationHeader?: string
        • body: Record<string, string | undefined>
        • userContext: UserContext

      Returns Promise<TokenInfo | ErrorOAuth2>

  • updateOAuth2Client:function
    • updateOAuth2Client(input: NonNullableProperties<Omit<Partial<Omit<OAuth2ClientOptions, "createdAt" | "updatedAt">>, "redirectUris" | "grantTypes" | "responseTypes" | "metadata">> & { clientId: string; grantTypes?: string[] | null; metadata?: Record<string, any> | null; redirectUris?: string[] | null; responseTypes?: string[] | null } & { userContext: UserContext }): Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

    • Parameters

      • input: NonNullableProperties<Omit<Partial<Omit<OAuth2ClientOptions, "createdAt" | "updatedAt">>, "redirectUris" | "grantTypes" | "responseTypes" | "metadata">> & { clientId: string; grantTypes?: string[] | null; metadata?: Record<string, any> | null; redirectUris?: string[] | null; responseTypes?: string[] | null } & { userContext: UserContext }

      Returns Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

  • validateOAuth2AccessToken:function
    • validateOAuth2AccessToken(input: { checkDatabase?: boolean; requirements?: { audience?: string; clientId?: string; scopes?: string[] }; token: string; userContext: UserContext }): Promise<{ payload: JSONObject; status: "OK" }>

    • Parameters

      • input: { checkDatabase?: boolean; requirements?: { audience?: string; clientId?: string; scopes?: string[] }; token: string; userContext: UserContext }
        • Optional checkDatabase?: boolean
        • Optional requirements?: { audience?: string; clientId?: string; scopes?: string[] }
          • Optional audience?: string
          • Optional clientId?: string
          • Optional scopes?: string[]
        • token: string
        • userContext: UserContext

      Returns Promise<{ payload: JSONObject; status: "OK" }>

Functions

createOAuth2Client

  • createOAuth2Client(input: Partial<Omit<OAuth2ClientOptions, "createdAt" | "updatedAt">>, userContext?: Record<string, any>): Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

  • Parameters

    • input: Partial<Omit<OAuth2ClientOptions, "createdAt" | "updatedAt">>
    • Optional userContext: Record<string, any>

    Returns Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

createTokenForClientCredentials

  • createTokenForClientCredentials(clientId: string, clientSecret: string, scope?: string[], audience?: string, userContext?: Record<string, any>): Promise<TokenInfo | ErrorOAuth2>

  • Parameters

    • clientId: string
    • clientSecret: string
    • Optional scope: string[]
    • Optional audience: string
    • Optional userContext: Record<string, any>

    Returns Promise<TokenInfo | ErrorOAuth2>

deleteOAuth2Client

  • deleteOAuth2Client(input: DeleteOAuth2ClientInput, userContext?: Record<string, any>): Promise<{ status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

  • Parameters

    • input: DeleteOAuth2ClientInput
    • Optional userContext: Record<string, any>

    Returns Promise<{ status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

getOAuth2Client

  • getOAuth2Client(clientId: string, userContext?: Record<string, any>): Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

  • Parameters

    • clientId: string
    • Optional userContext: Record<string, any>

    Returns Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

getOAuth2Clients

  • getOAuth2Clients(input: GetOAuth2ClientsInput, userContext?: Record<string, any>): Promise<{ clients: OAuth2Client[]; nextPaginationToken?: string; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

  • Parameters

    • input: GetOAuth2ClientsInput
    • Optional userContext: Record<string, any>

    Returns Promise<{ clients: OAuth2Client[]; nextPaginationToken?: string; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

init

  • init(config?: TypeInput): RecipeListFunction

revokeToken

  • revokeToken(token: string, clientId: string, clientSecret?: string, userContext?: Record<string, any>): Promise<ErrorOAuth2 | { status: "OK" }>

  • Parameters

    • token: string
    • clientId: string
    • Optional clientSecret: string
    • Optional userContext: Record<string, any>

    Returns Promise<ErrorOAuth2 | { status: "OK" }>

revokeTokensByClientId

  • revokeTokensByClientId(clientId: string, userContext?: Record<string, any>): Promise<{ status: "OK" }>

revokeTokensBySessionHandle

  • revokeTokensBySessionHandle(sessionHandle: string, userContext?: Record<string, any>): Promise<{ status: "OK" }>

updateOAuth2Client

  • updateOAuth2Client(input: UpdateOAuth2ClientInput, userContext?: Record<string, any>): Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

  • Parameters

    • input: UpdateOAuth2ClientInput
    • Optional userContext: Record<string, any>

    Returns Promise<{ client: OAuth2Client; status: "OK" } | { error: string; errorDescription: string; status: "ERROR" }>

validateOAuth2AccessToken

  • validateOAuth2AccessToken(token: string, requirements?: { audience?: string; clientId?: string; scopes?: string[] }, checkDatabase?: boolean, userContext?: Record<string, any>): Promise<{ payload: JSONObject; status: "OK" }>

  • Parameters

    • token: string
    • Optional requirements: { audience?: string; clientId?: string; scopes?: string[] }
      • Optional audience?: string
      • Optional clientId?: string
      • Optional scopes?: string[]
    • Optional checkDatabase: boolean
    • Optional userContext: Record<string, any>

    Returns Promise<{ payload: JSONObject; status: "OK" }>

validateOAuth2RefreshToken

  • validateOAuth2RefreshToken(token: string, scopes?: string[], userContext?: Record<string, any>): Promise<InstrospectTokenResponse>

Generated using TypeDoc