import { ErrorObject } from 'serialize-error'; import { ICreateCredentialFeatures } from '@passageidentity/webauthnutils'; import { IGetCredentialFeatures } from '@passageidentity/webauthnutils'; declare interface ActivateMagicLinkOperationRequest { appId: string; activateMagicLinkRequest: ActivateMagicLinkRequest; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface ActivateMagicLinkRequest */ declare interface ActivateMagicLinkRequest { /** * * @type {string} * @memberof ActivateMagicLinkRequest */ magicLink: string; } declare interface ActivateOneTimePasscodeOperationRequest { appId: string; activateOneTimePasscodeRequest: ActivateOneTimePasscodeRequest; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface ActivateOneTimePasscodeRequest */ declare interface ActivateOneTimePasscodeRequest { /** * * @type {string} * @memberof ActivateOneTimePasscodeRequest */ otp: string; /** * The ID of the one-time passcode. * @type {string} * @memberof ActivateOneTimePasscodeRequest */ otpId: string; } /** * * @export * @interface AddDeviceFinishRequest */ declare interface AddDeviceFinishRequest { /** * * @type {string} * @memberof AddDeviceFinishRequest */ handshakeId: string; /** * * @type {CredentialCreationResponse} * @memberof AddDeviceFinishRequest */ handshakeResponse: CredentialCreationResponse; /** * * @type {string} * @memberof AddDeviceFinishRequest */ userId: string; } /** * * @export * @interface AddDeviceStartResponse */ declare interface AddDeviceStartResponse { /** * * @type {CredentialCreationChallenge} * @memberof AddDeviceStartResponse */ handshake: CredentialCreationChallenge; /** * * @type {User} * @memberof AddDeviceStartResponse */ user?: User | null; } /** * * @export * @interface App */ declare interface App { /** * * @type {string} * @memberof App */ allowedIdentifier: string; /** * Deprecated Property. Please refer to `auth_methods` to view settings for individual authentication methods. * @type {string} * @memberof App * @deprecated */ authFallbackMethod: AppAuthFallbackMethodEnum; /** * Deprecated Property. Please refer to `auth_methods` to view settings for individual authentication methods. * @type {number} * @memberof App * @deprecated */ authFallbackMethodTtl: number; /** * * @type {AuthMethods} * @memberof App */ authMethods: AuthMethods; /** * * @type {string} * @memberof App */ authOrigin: string; /** * * @type {string} * @memberof App */ defaultLanguage: string; /** * * @type {ElementCustomization} * @memberof App */ elementCustomization: ElementCustomization; /** * * @type {ElementCustomization} * @memberof App */ elementCustomizationDark: ElementCustomization; /** * * @type {boolean} * @memberof App */ ephemeral: boolean; /** * * @type {string} * @memberof App */ id: string; /** * * @type {Layouts} * @memberof App */ layouts: Layouts; /** * * @type {string} * @memberof App */ loginUrl: string; /** * * @type {string} * @memberof App */ name: string; /** * * @type {boolean} * @memberof App */ passageBranding: boolean; /** * * @type {boolean} * @memberof App */ publicSignup: boolean; /** * * @type {boolean} * @memberof App */ profileManagement: boolean; /** * * @type {string} * @memberof App */ redirectUrl: string; /** * * @type {boolean} * @memberof App */ requireEmailVerification: boolean; /** * * @type {boolean} * @memberof App */ requireIdentifierVerification: boolean; /** * * @type {string} * @memberof App */ requiredIdentifier: string; /** * * @type {string} * @memberof App */ rsaPublicKey: string; /** * * @type {number} * @memberof App */ sessionTimeoutLength: number; /** * * @type {SocialConnections} * @memberof App */ socialConnections: SocialConnections; /** * * @type {Array} * @memberof App */ userMetadataSchema: Array; } /** * @export * @enum {string} */ export declare enum AppAuthFallbackMethodEnum { MagicLink = "magic_link", Otp = "otp", None = "none" } /** * @export * @enum {string} */ declare enum AppleOauth2CallbackDefaultDevErrorEnum { UserCancelledAuthorize = "user_cancelled_authorize" } declare interface AppleOauth2CallbackDefaultDevRequest { state: string; code?: string; idToken?: string; user?: string; error?: AppleOauth2CallbackDefaultDevErrorEnum; } /** * @export * @enum {string} */ declare enum AppleOauth2CallbackErrorEnum { UserCancelledAuthorize = "user_cancelled_authorize" } declare interface AppleOauth2CallbackRequest { appId: string; state: string; code?: string; idToken?: string; user?: string; error?: AppleOauth2CallbackErrorEnum; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface AppleSocialConnection */ export declare interface AppleSocialConnection { /** * The external ID of the Social Connection. * @type {string} * @memberof AppleSocialConnection */ providerId: string; /** * * @type {Date} * @memberof AppleSocialConnection */ createdAt: Date; /** * * @type {Date} * @memberof AppleSocialConnection */ lastLoginAt: Date; /** * The email of connected social user. * @type {string} * @memberof AppleSocialConnection */ providerIdentifier: string; } /** * */ declare class AppsApi extends runtime.BaseAPI { /** * Get information about an application. * Get App */ getAppRaw(requestParameters: GetAppRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Get information about an application. * Get App */ getApp(appId: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; } declare type AtLeast = Partial & Pick; /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * selects the type of authentication that will be used in this WebAuthN flow request * @export * @enum {string} */ declare enum AuthenticatorAttachment_2 { Platform = "platform", CrossPlatform = "cross-platform", Any = "any" } export { AuthenticatorAttachment_2 as AuthenticatorAttachment } /** * Denotes what methods this app is allowed to use for authentication with configurations * @export * @interface AuthMethods */ export declare interface AuthMethods { /** * * @type {object} * @memberof AuthMethods */ passkeys?: object; /** * * @type {OtpAuthMethod} * @memberof AuthMethods */ otp?: OtpAuthMethod; /** * * @type {MagicLinkAuthMethod} * @memberof AuthMethods */ magicLink?: MagicLinkAuthMethod; } /** * * @export * @interface AuthResponse */ declare interface AuthResponse { /** * * @type {AuthResult} * @memberof AuthResponse */ authResult: AuthResult; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface AuthResult */ export declare interface AuthResult { /** * * @type {string} * @memberof AuthResult */ authToken: string; /** * * @type {string} * @memberof AuthResult */ redirectUrl: string; /** * * @type {string} * @memberof AuthResult */ refreshToken?: string; /** * * @type {number} * @memberof AuthResult */ refreshTokenExpiration?: number; } /** * This is the base class for all generated API classes. */ declare class BaseAPI { protected configuration: Configuration; private static readonly jsonRegex; private middleware; constructor(configuration?: Configuration); withMiddleware(this: T, ...middlewares: Middleware[]): T; withPreMiddleware(this: T, ...preMiddlewares: Array): T; withPostMiddleware(this: T, ...postMiddlewares: Array): T; /** * Check if the given MIME is a JSON MIME. * JSON MIME examples: * application/json * application/json; charset=UTF8 * APPLICATION/JSON * application/vnd.company+json * @param mime - MIME (Multipurpose Internet Mail Extensions) * @return True if the given MIME is JSON, false otherwise. */ protected isJsonMime(mime: string | null | undefined): boolean; protected request(context: RequestOpts, initOverrides?: RequestInit | InitOverrideFunction): Promise; private createFetchParams; private fetchApi; /** * Create a shallow clone of `this` by constructing a new instance * and then shallow cloning data members. */ private clone; } /**@private */ export declare const captureEvent: (props: ICaptureEventProps) => Promise; /**@private */ export declare interface CaptureEventBody { error?: Error | string; serializedError?: ErrorObject; message?: string; project: PassageSentryProject; release?: string; dsn?: string; environment?: string; version?: string; } /**@private */ export declare const cleanSentryConfig: (config: ISentryConfig) => ISentryConfig; declare class Configuration { private configuration; constructor(configuration?: ConfigurationParameters); set config(configuration: Configuration); get basePath(): string; get fetchApi(): FetchAPI | undefined; get middleware(): Middleware[]; get queryParamsStringify(): (params: HTTPQuery) => string; get username(): string | undefined; get password(): string | undefined; get apiKey(): ((name: string) => string | Promise) | undefined; get accessToken(): ((name?: string, scopes?: string[]) => string | Promise) | undefined; get headers(): HTTPHeaders | undefined; get credentials(): RequestCredentials | undefined; } declare interface ConfigurationParameters { basePath?: string; fetchApi?: FetchAPI; middleware?: Middleware[]; queryParamsStringify?: (params: HTTPQuery) => string; username?: string; password?: string; apiKey?: string | Promise | ((name: string) => string | Promise); accessToken?: string | Promise | ((name?: string, scopes?: string[]) => string | Promise); headers?: HTTPHeaders; credentials?: RequestCredentials; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface CreateUserParams */ export declare interface CreateUserParams { /** * * @type {string} * @memberof CreateUserParams */ identifier: string; /** * * @type {object} * @memberof CreateUserParams */ userMetadata?: object; } /** * * @export * @interface Credential */ declare interface Credential_2 { /** * The first time this webAuthn device was used to authenticate the user * @type {string} * @memberof Credential */ createdAt: string; /** * The CredID for this webAuthn device (encoded to match what is stored in psg_cred_obj) * @type {string} * @memberof Credential */ credId: string; /** * The friendly name for the webAuthn device used to authenticate * @type {string} * @memberof Credential */ friendlyName: string; /** * The ID of the webAuthn device used for authentication * @type {string} * @memberof Credential */ id: string; /** * The last time this webAuthn device was used to authenticate the user * @type {string} * @memberof Credential */ lastLoginAt: string; /** * * @type {WebAuthnType} * @memberof Credential */ type: WebAuthnType; /** * The last time this webAuthn device was updated * @type {string} * @memberof Credential */ updatedAt: string; /** * How many times this webAuthn device has been used to authenticate the user * @type {number} * @memberof Credential */ usageCount: number; /** * The UserID for this webAuthn device * @type {string} * @memberof Credential */ userId: string; /** * * @type {WebAuthnIcons} * @memberof Credential */ icons: WebAuthnIcons; } export { Credential_2 as Credential } /** * * @export * @interface CredentialCreation */ declare interface CredentialCreation { /** * * @type {CredentialCreationPublicKey} * @memberof CredentialCreation */ publicKey?: CredentialCreationPublicKey; } /** * * @export * @interface CredentialCreationChallenge */ declare interface CredentialCreationChallenge { /** * * @type {CredentialCreation} * @memberof CredentialCreationChallenge */ challenge: CredentialCreation; /** * * @type {string} * @memberof CredentialCreationChallenge */ id: string; } /** * * @export * @interface CredentialCreationPublicKey */ declare interface CredentialCreationPublicKey { /** * * @type {string} * @memberof CredentialCreationPublicKey */ attestation?: string; /** * * @type {CredentialCreationPublicKeyAuthenticatorSelection} * @memberof CredentialCreationPublicKey */ authenticatorSelection?: CredentialCreationPublicKeyAuthenticatorSelection; /** * * @type {string} * @memberof CredentialCreationPublicKey */ challenge?: string; /** * * @type {Array} * @memberof CredentialCreationPublicKey */ excludeCredentials?: Array; /** * * @type {object} * @memberof CredentialCreationPublicKey */ extensions?: object; /** * * @type {Array} * @memberof CredentialCreationPublicKey */ pubKeyCredParams?: Array; /** * * @type {CredentialCreationPublicKeyRp} * @memberof CredentialCreationPublicKey */ rp?: CredentialCreationPublicKeyRp; /** * * @type {number} * @memberof CredentialCreationPublicKey */ timeout?: number; /** * * @type {CredentialCreationPublicKeyUser} * @memberof CredentialCreationPublicKey */ user?: CredentialCreationPublicKeyUser; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface CredentialCreationPublicKeyAuthenticatorSelection */ declare interface CredentialCreationPublicKeyAuthenticatorSelection { /** * AuthenticatorAttachment If this member is present, eligible authenticators are filtered to only * authenticators attached with the specified AuthenticatorAttachment enum. * @type {string} * @memberof CredentialCreationPublicKeyAuthenticatorSelection */ authenticatorAttachment?: string; /** * RequireResidentKey this member describes the Relying Party's requirements regarding resident * credentials. If the parameter is set to true, the authenticator MUST create a client-side-resident * public key credential source when creating a public key credential. * @type {boolean} * @memberof CredentialCreationPublicKeyAuthenticatorSelection */ requireResidentKey?: boolean; /** * ResidentKey this member describes the Relying Party's requirements regarding resident * credentials per Webauthn Level 2. * @type {string} * @memberof CredentialCreationPublicKeyAuthenticatorSelection */ residentKey?: string; /** * UserVerification This member describes the Relying Party's requirements regarding user verification for * the create() operation. Eligible authenticators are filtered to only those capable of satisfying this * requirement. * @type {string} * @memberof CredentialCreationPublicKeyAuthenticatorSelection */ userVerification?: string; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface CredentialCreationPublicKeyExcludeCredentialsInner */ declare interface CredentialCreationPublicKeyExcludeCredentialsInner { /** * CredentialID The ID of a credential to allow/disallow. * @type {string} * @memberof CredentialCreationPublicKeyExcludeCredentialsInner */ id?: string; /** * The authenticator transports that can be used. * @type {Array} * @memberof CredentialCreationPublicKeyExcludeCredentialsInner */ transports?: Array; /** * The valid credential types. * @type {string} * @memberof CredentialCreationPublicKeyExcludeCredentialsInner */ type?: string; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface CredentialCreationPublicKeyPubKeyCredParamsInner */ declare interface CredentialCreationPublicKeyPubKeyCredParamsInner { /** * * @type {number} * @memberof CredentialCreationPublicKeyPubKeyCredParamsInner */ alg?: number; /** * * @type {string} * @memberof CredentialCreationPublicKeyPubKeyCredParamsInner */ type?: string; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface CredentialCreationPublicKeyRp */ declare interface CredentialCreationPublicKeyRp { /** * A serialized URL which resolves to an image associated with the entity. For example, * this could be a user’s avatar or a Relying Party's logo. This URL MUST be an a priori * authenticated URL. Authenticators MUST accept and store a 128-byte minimum length for * an icon member’s value. Authenticators MAY ignore an icon member’s value if its length * is greater than 128 bytes. The URL’s scheme MAY be "data" to avoid fetches of the URL, * at the cost of needing more storage. * * Deprecated: this has been removed from the specification recommendations. * @type {string} * @memberof CredentialCreationPublicKeyRp */ icon?: string; /** * A unique identifier for the Relying Party entity, which sets the RP ID. * @type {string} * @memberof CredentialCreationPublicKeyRp */ id?: string; /** * A human-palatable name for the entity. Its function depends on what the PublicKeyCredentialEntity represents: * * When inherited by PublicKeyCredentialRpEntity it is a human-palatable identifier for the Relying Party, * intended only for display. For example, "ACME Corporation", "Wonderful Widgets, Inc." or "ОАО Примертех". * * When inherited by PublicKeyCredentialUserEntity, it is a human-palatable identifier for a user account. It is * intended only for display, i.e., aiding the user in determining the difference between user accounts with similar * displayNames. For example, "alexm", "alex.p.mueller@example.com" or "+14255551234". * @type {string} * @memberof CredentialCreationPublicKeyRp */ name?: string; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface CredentialCreationPublicKeyUser */ declare interface CredentialCreationPublicKeyUser { /** * A human-palatable name for the user account, intended only for display. * For example, "Alex P. Müller" or "田中 倫". The Relying Party SHOULD let * the user choose this, and SHOULD NOT restrict the choice more than necessary. * @type {string} * @memberof CredentialCreationPublicKeyUser */ displayName?: string; /** * A serialized URL which resolves to an image associated with the entity. For example, * this could be a user’s avatar or a Relying Party's logo. This URL MUST be an a priori * authenticated URL. Authenticators MUST accept and store a 128-byte minimum length for * an icon member’s value. Authenticators MAY ignore an icon member’s value if its length * is greater than 128 bytes. The URL’s scheme MAY be "data" to avoid fetches of the URL, * at the cost of needing more storage. * * Deprecated: this has been removed from the specification recommendations. * @type {string} * @memberof CredentialCreationPublicKeyUser */ icon?: string; /** * ID is the user handle of the user account entity. To ensure secure operation, * authentication and authorization decisions MUST be made on the basis of this id * member, not the displayName nor name members. See Section 6.1 of * [RFC8266](https://www.w3.org/TR/webauthn/#biblio-rfc8266). * @type {string} * @memberof CredentialCreationPublicKeyUser */ id?: string; /** * A human-palatable name for the entity. Its function depends on what the PublicKeyCredentialEntity represents: * * When inherited by PublicKeyCredentialRpEntity it is a human-palatable identifier for the Relying Party, * intended only for display. For example, "ACME Corporation", "Wonderful Widgets, Inc." or "ОАО Примертех". * * When inherited by PublicKeyCredentialUserEntity, it is a human-palatable identifier for a user account. It is * intended only for display, i.e., aiding the user in determining the difference between user accounts with similar * displayNames. For example, "alexm", "alex.p.mueller@example.com" or "+14255551234". * @type {string} * @memberof CredentialCreationPublicKeyUser */ name?: string; } /** * * @export * @interface CredentialCreationResponse */ declare interface CredentialCreationResponse { /** * * @type {string} * @memberof CredentialCreationResponse */ authenticatorAttachment?: string; /** * * @type {object} * @memberof CredentialCreationResponse */ clientExtensionResults?: object; /** * ID is The credential's identifier. The requirements for the * identifier are distinct for each type of credential. It might * represent a username for username/password tuples, for example. * @type {string} * @memberof CredentialCreationResponse */ id?: string; /** * * @type {string} * @memberof CredentialCreationResponse */ rawId?: string; /** * * @type {CredentialCreationResponseResponse} * @memberof CredentialCreationResponse */ response?: CredentialCreationResponseResponse; /** * * @type {Array} * @memberof CredentialCreationResponse */ transports?: Array; /** * Type is the value of the object's interface object's [[type]] slot, * which specifies the credential type represented by this object. * This should be type "public-key" for Webauthn credentials. * @type {string} * @memberof CredentialCreationResponse */ type?: string; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface CredentialCreationResponseResponse */ declare interface CredentialCreationResponseResponse { /** * AttestationObject is the byte slice version of attestationObject. * This attribute contains an attestation object, which is opaque to, and * cryptographically protected against tampering by, the client. The * attestation object contains both authenticator data and an attestation * statement. The former contains the AAGUID, a unique credential ID, and * the credential public key. The contents of the attestation statement are * determined by the attestation statement format used by the authenticator. * It also contains any additional information that the Relying Party's server * requires to validate the attestation statement, as well as to decode and * validate the authenticator data along with the JSON-serialized client data. * @type {string} * @memberof CredentialCreationResponseResponse */ attestationObject?: string; /** * From the spec https://www.w3.org/TR/webauthn/#dom-authenticatorresponse-clientdatajson * This attribute contains a JSON serialization of the client data passed to the authenticator * by the client in its call to either create() or get(). * @type {string} * @memberof CredentialCreationResponseResponse */ clientDataJSON?: string; /** * * @type {Array} * @memberof CredentialCreationResponseResponse */ transports?: Array; } /** * * @export * @interface CurrentUser */ export declare interface CurrentUser { /** * When this user was created * @type {string} * @memberof CurrentUser */ createdAt: string; /** * The user's email * @type {string} * @memberof CurrentUser */ email: string; /** * Whether or not the user's email has been verified * @type {boolean} * @memberof CurrentUser */ emailVerified: boolean; /** * The user ID * @type {string} * @memberof CurrentUser */ id: string; /** * The last time this user logged in * @type {string} * @memberof CurrentUser */ lastLoginAt: string; /** * How many times the user has successfully logged in * @type {number} * @memberof CurrentUser */ loginCount: number; /** * The user's phone * @type {string} * @memberof CurrentUser */ phone: string; /** * Whether or not the user's phone has been verified * @type {boolean} * @memberof CurrentUser */ phoneVerified: boolean; /** * * @type {UserSocialConnections} * @memberof CurrentUser */ socialConnections: UserSocialConnections; /** * * @type {UserStatus} * @memberof CurrentUser */ status: UserStatus; /** * When this user was last updated * @type {string} * @memberof CurrentUser */ updatedAt: string; /** * * @type {object} * @memberof CurrentUser */ userMetadata: object | null; /** * Whether or not the user has authenticated via webAuthn before (if len(WebAuthnDevices) > 0) * @type {boolean} * @memberof CurrentUser */ webauthn: boolean; /** * The list of devices this user has authenticated with via webAuthn * @type {Array} * @memberof CurrentUser */ webauthnDevices: Array; /** * List of credential types that user has created * @type {Array} * @memberof CurrentUser */ webauthnTypes: Array; } /** * */ declare class CurrentuserApi extends runtime.BaseAPI { /** * Revoke a device by ID for the current user. User must be authenticated via a bearer token. * Revoke Device */ deleteCurrentuserDeviceRaw(requestParameters: DeleteCurrentuserDeviceRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Revoke a device by ID for the current user. User must be authenticated via a bearer token. * Revoke Device */ deleteCurrentuserDevice(appId: string, deviceId: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Deletes a social connection for the current user. User must be authenticated via a bearer token. * Delete Social Connection */ deleteCurrentuserSocialConnectionRaw(requestParameters: DeleteCurrentuserSocialConnectionRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Deletes a social connection for the current user. User must be authenticated via a bearer token. * Delete Social Connection */ deleteCurrentuserSocialConnection(appId: string, socialConnectionType: DeleteCurrentuserSocialConnectionSocialConnectionTypeEnum, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Get information about a user that is currently authenticated via bearer token. * Get Current User */ getCurrentuserRaw(requestParameters: GetCurrentuserRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Get information about a user that is currently authenticated via bearer token. * Get Current User */ getCurrentuser(appId: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * List all WebAuthn devices for the authenticated user. User must be authenticated via bearer token. * List Devices */ getCurrentuserDevicesRaw(requestParameters: GetCurrentuserDevicesRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * List all WebAuthn devices for the authenticated user. User must be authenticated via bearer token. * List Devices */ getCurrentuserDevices(appId: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Get the user-metadata for the current user. * Get user\'s metadata */ getCurrentuserMetadataRaw(requestParameters: GetCurrentuserMetadataRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Get the user-metadata for the current user. * Get user\'s metadata */ getCurrentuserMetadata(appId: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Gets social connections for the current user. User must be authenticated via a bearer token. * Get Social Connections */ getCurrentuserSocialConnectionsRaw(requestParameters: GetCurrentuserSocialConnectionsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Gets social connections for the current user. User must be authenticated via a bearer token. * Get Social Connections */ getCurrentuserSocialConnections(appId: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Complete a WebAuthn add device operation for the current user. This endpoint accepts and verifies the response from `navigator.credential.create()` and returns the created device for the user. User must be authenticated via a bearer token. * Finish WebAuthn Add Device */ postCurrentuserAddDeviceFinishRaw(requestParameters: PostCurrentuserAddDeviceFinishRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Complete a WebAuthn add device operation for the current user. This endpoint accepts and verifies the response from `navigator.credential.create()` and returns the created device for the user. User must be authenticated via a bearer token. * Finish WebAuthn Add Device */ postCurrentuserAddDeviceFinish(appId: string, addDeviceFinishRequest: AddDeviceFinishRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Initiate a WebAuthn add device operation for the current user. This endpoint creates a WebAuthn credential creation challenge that is used to perform the registration ceremony from the browser. User must be authenticated via a bearer token. * Start WebAuthn Add Device */ postCurrentuserAddDeviceStartRaw(requestParameters: PostCurrentuserAddDeviceStartRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Initiate a WebAuthn add device operation for the current user. This endpoint creates a WebAuthn credential creation challenge that is used to perform the registration ceremony from the browser. User must be authenticated via a bearer token. * Start WebAuthn Add Device */ postCurrentuserAddDeviceStart(appId: string, currentUserDevicesStartRequest?: CurrentUserDevicesStartRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Update a device by ID for the current user. Currently the only field that can be updated is the friendly name. User must be authenticated via a bearer token. * Update Device */ updateCurrentuserDeviceRaw(requestParameters: UpdateCurrentuserDeviceRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Update a device by ID for the current user. Currently the only field that can be updated is the friendly name. User must be authenticated via a bearer token. * Update Device */ updateCurrentuserDevice(appId: string, deviceId: string, updateDeviceRequest: UpdateDeviceRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Update the metadata for the current user. Only valid metadata fields are accepted. Invalid metadata fields that are present will abort the update. User must be authenticated via a bearer token. * Update user\'s metadata */ updateCurrentuserMetadataRaw(requestParameters: UpdateCurrentuserMetadataRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Update the metadata for the current user. Only valid metadata fields are accepted. Invalid metadata fields that are present will abort the update. User must be authenticated via a bearer token. * Update user\'s metadata */ updateCurrentuserMetadata(appId: string, updateMetadataRequest: UpdateMetadataRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Initiate an email change for the authenticated user. An email change requires verification, so an email will be sent to the user which they must verify before the email change takes effect. * Change Email */ updateEmailCurrentuserRaw(requestParameters: UpdateEmailCurrentuserRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Initiate an email change for the authenticated user. An email change requires verification, so an email will be sent to the user which they must verify before the email change takes effect. * Change Email */ updateEmailCurrentuser(appId: string, updateUserEmailRequest: UpdateUserEmailRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Initiate a phone number change for the authenticated user. An phone number change requires verification, so an SMS with a link will be sent to the user which they must verify before the phone number change takes effect. * Change Phone */ updatePhoneCurrentuserRaw(requestParameters: UpdatePhoneCurrentuserRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Initiate a phone number change for the authenticated user. An phone number change requires verification, so an SMS with a link will be sent to the user which they must verify before the phone number change takes effect. * Change Phone */ updatePhoneCurrentuser(appId: string, updateUserPhoneRequest: UpdateUserPhoneRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; } /** * * @export * @interface CurrentUserDevice */ declare interface CurrentUserDevice { /** * * @type {Credential} * @memberof CurrentUserDevice */ device: Credential_2; } /** * * @export * @interface CurrentUserDevices */ declare interface CurrentUserDevices { /** * * @type {Array} * @memberof CurrentUserDevices */ devices: Array; } /** * * @export * @interface CurrentUserDevicesStartRequest */ declare interface CurrentUserDevicesStartRequest { /** * * @type {AuthenticatorAttachment} * @memberof CurrentUserDevicesStartRequest */ authenticatorAttachment?: AuthenticatorAttachment_2; } /** * * @export * @interface CurrentUserResponse */ declare interface CurrentUserResponse { /** * * @type {CurrentUser} * @memberof CurrentUserResponse */ user: CurrentUser; } declare interface CurrentuserSocialLinkAccountRequest { appId: string; code: string; verifier: string; } declare interface DeleteCurrentuserDeviceRequest { appId: string; deviceId: string; } declare interface DeleteCurrentuserSocialConnectionRequest { appId: string; socialConnectionType: DeleteCurrentuserSocialConnectionSocialConnectionTypeEnum; } /** * @export * @enum {string} */ declare enum DeleteCurrentuserSocialConnectionSocialConnectionTypeEnum { Apple = "apple", Github = "github", Google = "google" } /** * * @export * @interface ElementCustomization */ export declare interface ElementCustomization { /** * Container background color in hex. * Default is `#ffffff` in light mode & `#383838` in dark mode. * * @type {string} * @memberof ElementCustomization */ passageContainerBackgroundColor?: string; /** * Maximum width of container (px) * @type {number} * @memberof ElementCustomization */ passageContainerMaxWidth?: number; /** * Input box background color in hex. * Default is `#ffffff` in light mode & `#4b4b4b` in dark mode. * * @type {string} * @memberof ElementCustomization */ passageInputBoxBackgroundColor?: string; /** * Input box border radius (px) * @type {number} * @memberof ElementCustomization */ passageInputBoxBorderRadius?: number; /** * * @type {FontFamily} * @memberof ElementCustomization */ passageHeaderFontFamily?: FontFamily; /** * * @type {FontFamily} * @memberof ElementCustomization */ passageBodyFontFamily?: FontFamily; /** * Header text color in hex. * Default is `#222222` in light mode & `#f3f3f3` in dark mode. * * @type {string} * @memberof ElementCustomization */ passageHeaderTextColor?: string; /** * Body text color in hex. * Default is `#222222` in light mode & `#f3f3f3` in dark mode. * * @type {string} * @memberof ElementCustomization */ passageBodyTextColor?: string; /** * Primary button background colour (hex) * @type {string} * @memberof ElementCustomization */ passagePrimaryButtonBackgroundColor?: string; /** * Primary button font colour (hex) * @type {string} * @memberof ElementCustomization */ passagePrimaryButtonTextColor?: string; /** * Primary button background on hover (hex) * @type {string} * @memberof ElementCustomization */ passagePrimaryButtonHoverColor?: string; /** * Primary button border radius (px) * @type {number} * @memberof ElementCustomization */ passagePrimaryButtonBorderRadius?: number; /** * Primary button border color * @type {string} * @memberof ElementCustomization */ passagePrimaryButtonBorderColor?: string; /** * Primary button border width (px) * @type {number} * @memberof ElementCustomization */ passagePrimaryButtonBorderWidth?: number; /** * Secondary button background colour (hex) * @type {string} * @memberof ElementCustomization */ passageSecondaryButtonBackgroundColor?: string; /** * Secondary button font colour (hex) * @type {string} * @memberof ElementCustomization */ passageSecondaryButtonTextColor?: string; /** * Secondary button background on hover (hex) * @type {string} * @memberof ElementCustomization */ passageSecondaryButtonHoverColor?: string; /** * Secondary button border radius (px) * @type {number} * @memberof ElementCustomization */ passageSecondaryButtonBorderRadius?: number; /** * Secondary button border color * @type {string} * @memberof ElementCustomization */ passageSecondaryButtonBorderColor?: string; /** * Secondary button border width (px) * @type {number} * @memberof ElementCustomization */ passageSecondaryButtonBorderWidth?: number; } declare interface ErrorContext { fetch: FetchAPI; url: string; init: RequestInit; error: unknown; response?: Response; } declare interface ExchangeSocialIdTokenRequest { appId: string; idTokenRequest: IdTokenRequest; } declare interface ExchangeSocialTokenRequest { appId: string; code: string; verifier: string; } declare type FetchAPI = WindowOrWorkerGlobalScope['fetch']; declare interface FetchParams { url: string; init: RequestInit; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * Body font family * @export * @enum {string} */ declare enum FontFamily { Helvetica = "Helvetica", Arial = "Arial", ArialBlack = "Arial Black", Verdana = "Verdana", Tahoma = "Tahoma", TrebuchetMs = "Trebuchet MS", Impact = "Impact", GillSans = "Gill Sans", TimesNewRoman = "Times New Roman", Georgia = "Georgia", Palatino = "Palatino", Baskerville = "Baskerville", AndalMono = "Andal\u00E9 Mono", Courier = "Courier", Lucida = "Lucida", Monaco = "Monaco", BradleyHand = "Bradley Hand", BrushScriptMt = "Brush Script MT", Luminari = "Luminari", ComicSansMs = "Comic Sans MS" } declare type GeneratedApplicationFnSignature = (appId: string, ...args: Args) => Promise; declare interface GetAppRequest { appId: string; } /** * * @export * @interface GetAppResponse */ declare interface GetAppResponse { /** * * @type {App} * @memberof GetAppResponse */ app: App; } /** * @export * @enum {string} */ declare enum GetAuthorizeConnectionTypeEnum { Apple = "apple", Github = "github", Google = "google", Passage = "passage" } declare interface GetAuthorizeRequest { appId: string; redirectUri: string; codeChallenge: string; codeChallengeMethod: string; connectionType: GetAuthorizeConnectionTypeEnum; state?: string; } declare interface GetCurrentuserDevicesRequest { appId: string; } declare interface GetCurrentuserMetadataRequest { appId: string; } declare interface GetCurrentuserRequest { appId: string; } declare interface GetCurrentuserSocialConnectionsRequest { appId: string; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface GetMagicLinkStatusRequest */ declare interface GetMagicLinkStatusRequest { /** * * @type {string} * @memberof GetMagicLinkStatusRequest */ id: string; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface GithubSocialConnection */ export declare interface GithubSocialConnection { /** * The external ID of the Social Connection. * @type {string} * @memberof GithubSocialConnection */ providerId: string; /** * * @type {Date} * @memberof GithubSocialConnection */ createdAt: Date; /** * * @type {Date} * @memberof GithubSocialConnection */ lastLoginAt: Date; /** * The email of connected social user. * @type {string} * @memberof GithubSocialConnection */ providerIdentifier: string; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface GoogleSocialConnection */ export declare interface GoogleSocialConnection { /** * The external ID of the Social Connection. * @type {string} * @memberof GoogleSocialConnection */ providerId: string; /** * * @type {Date} * @memberof GoogleSocialConnection */ createdAt: Date; /** * * @type {Date} * @memberof GoogleSocialConnection */ lastLoginAt: Date; /** * The email of connected social user. * @type {string} * @memberof GoogleSocialConnection */ providerIdentifier: string; } declare type HTTPBody = Json | FormData | URLSearchParams; declare type HTTPHeaders = { [key: string]: string; }; declare type HTTPMethod = 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE' | 'OPTIONS' | 'HEAD'; declare type HTTPQuery = { [key: string]: string | number | null | boolean | Array | Set | HTTPQuery; }; declare type HTTPRequestInit = { headers?: HTTPHeaders; method: HTTPMethod; credentials?: RequestCredentials; body?: HTTPBody; }; declare interface IAPIWrapHandler { onStart?: IAPIWrapperOnStart; onBeforeRequest?: IAPIWrapperOnBeforeRequest; onResponseSuccess?: IAPIWrapperOnResponseSuccess; onError?: IAPIWrapperOnError; onFinish?: IAPIWrapperOnFinish; } declare type IAPIWrapperOnBeforeRequest = (config: HandlerConfig, fn: EndpointFn, ...args: IncomingArgs) => Promise; declare type IAPIWrapperOnError = (config: HandlerConfig, fn: EndpointFn, error: ResponseError | Error) => Promise; declare type IAPIWrapperOnFinish = (config: HandlerConfig, fn: EndpointFn) => Promise; declare type IAPIWrapperOnResponseSuccess = (config: HandlerConfig, fn: EndpointFn, reponse: APIResponse) => Promise; declare type IAPIWrapperOnStart = (config: HandlerConfig, fn: EndpointFn) => Promise; /**@private */ export declare interface ICaptureEventProps { error?: Error | string; message?: string; sentryConfig?: ISentryConfig; } export declare enum Identifier { email = "email", phone = "phone", both = "both" } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface IdTokenRequest */ declare interface IdTokenRequest { /** * The code given from the native mobile OS to create a token * @type {string} * @memberof IdTokenRequest */ code: string; /** * The identity JWT token with security claims for validation * @type {string} * @memberof IdTokenRequest */ idToken: string; /** * Connection type; google or apple * @type {string} * @memberof IdTokenRequest */ connectionType: IdTokenRequestConnectionTypeEnum; } /** * @export * @enum {string} */ declare enum IdTokenRequestConnectionTypeEnum { Apple = "apple", Google = "google" } declare type InitOverrideFunction = (requestContext: { init: HTTPRequestInit; context: RequestOpts; }) => Promise; declare interface IPassageAPIHandlerConfigBase { responseDataKey?: string; } declare interface IPassageAPIHandlerConfiguration extends IPassageAPIHandlerConfigBase { requestNormalizer?: RequestNormalizer; responseSerializer?: ResponseSerializer; onResponseSuccess?: OnResponseSuccessCallback; requiresAppId?: boolean; } /**@private */ export declare interface ISentryConfig { url?: string; project?: PassageSentryProject; dsn?: string; environment?: string; release?: string; version?: string; } export declare function isFullTokenStore(store: ReadOnlyTokenStore | TokenStore): store is TokenStore; declare type Json = any; /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface LayoutConfig */ export declare interface LayoutConfig { /** * * @type {number} * @memberof LayoutConfig */ h: number; /** * * @type {string} * @memberof LayoutConfig */ id: string; /** * * @type {number} * @memberof LayoutConfig */ w: number; /** * * @type {number} * @memberof LayoutConfig */ x: number; /** * * @type {number} * @memberof LayoutConfig */ y: number; } /** * * @export * @interface Layouts */ export declare interface Layouts { /** * * @type {Array} * @memberof Layouts */ profile: Array; /** * * @type {Array} * @memberof Layouts */ registration: Array; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface MagicLink */ export declare interface MagicLink { /** * the magic link id * @type {string} * @memberof MagicLink */ id: string; } /** * */ declare class MagicLinkApi extends runtime.BaseAPI { /** * Authenticate a magic link for a user. This endpoint checks that the magic link is valid, then returns an authentication token for the user. * Authenticate Magic Link */ activateMagicLinkRaw(requestParameters: ActivateMagicLinkOperationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Authenticate a magic link for a user. This endpoint checks that the magic link is valid, then returns an authentication token for the user. * Authenticate Magic Link */ activateMagicLink(appId: string, activateMagicLinkRequest: ActivateMagicLinkRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Check if a magic link has been activated yet or not. Once the magic link has been activated, this endpoint will return an authentication token for the user. This endpoint can be used to initiate a login on one device and then poll and wait for the login to complete on another device. * Magic Link Status */ magicLinkStatusRaw(requestParameters: MagicLinkStatusRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Check if a magic link has been activated yet or not. Once the magic link has been activated, this endpoint will return an authentication token for the user. This endpoint can be used to initiate a login on one device and then poll and wait for the login to complete on another device. * Magic Link Status */ magicLinkStatus(appId: string, getMagicLinkStatusRequest: GetMagicLinkStatusRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; } /** * * @export * @interface MagicLinkAuthMethod */ export declare interface MagicLinkAuthMethod { /** * Maximum time (IN SECONDS) for the auth to expire. * @type {number} * @memberof MagicLinkAuthMethod */ ttl?: number; /** * * @type {TtlDisplayUnit} * @memberof MagicLinkAuthMethod * @deprecated */ ttlDisplayUnit?: TtlDisplayUnit; } /** * * @export * @interface MagicLinkResponse */ declare interface MagicLinkResponse { /** * * @type {MagicLink} * @memberof MagicLinkResponse */ magicLink: MagicLink; } declare interface MagicLinkStatusRequest { appId: string; getMagicLinkStatusRequest: GetMagicLinkStatusRequest; } export declare interface Metadata { [key: string]: boolean | string | number; } declare interface Middleware { pre?(context: RequestContext): Promise; post?(context: ResponseContext): Promise; onError?(context: ErrorContext): Promise; } /** * */ declare class OAuth2Api extends runtime.BaseAPI { /** * Handle Apple\'s OAuth2 callback */ appleOauth2CallbackRaw(requestParameters: AppleOauth2CallbackRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Handle Apple\'s OAuth2 callback */ appleOauth2Callback(appId: string, state: string, code?: string, idToken?: string, user?: string, error?: AppleOauth2CallbackErrorEnum, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Handle Apple\'s OAuth2 callback for the default developer credentials */ appleOauth2CallbackDefaultDevRaw(requestParameters: AppleOauth2CallbackDefaultDevRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Handle Apple\'s OAuth2 callback for the default developer credentials */ appleOauth2CallbackDefaultDev(state: string, code?: string, idToken?: string, user?: string, error?: AppleOauth2CallbackDefaultDevErrorEnum, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Link an existing account to an OAuth2 connection. */ currentuserSocialLinkAccountRaw(requestParameters: CurrentuserSocialLinkAccountRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Link an existing account to an OAuth2 connection. */ currentuserSocialLinkAccount(appId: string, code: string, verifier: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Exchange native mobile identity token for an auth token. */ exchangeSocialIdTokenRaw(requestParameters: ExchangeSocialIdTokenRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Exchange native mobile identity token for an auth token. */ exchangeSocialIdToken(appId: string, idTokenRequest: IdTokenRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Exchange OAuth2 connection data for an auth token. */ exchangeSocialTokenRaw(requestParameters: ExchangeSocialTokenRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Exchange OAuth2 connection data for an auth token. */ exchangeSocialToken(appId: string, code: string, verifier: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Kick off OAuth2 flow with connection provider request params described in https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest * Kick off OAuth2 flow */ getAuthorizeRaw(requestParameters: GetAuthorizeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Kick off OAuth2 flow with connection provider request params described in https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest * Kick off OAuth2 flow */ getAuthorize(appId: string, redirectUri: string, codeChallenge: string, codeChallengeMethod: string, connectionType: GetAuthorizeConnectionTypeEnum, state?: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Handle OAuth2 callback */ oauth2CallbackRaw(requestParameters: Oauth2CallbackRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Handle OAuth2 callback */ oauth2Callback(appId: string, code: string, state?: string, error?: Oauth2CallbackErrorEnum, errorDescription?: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Handle OAuth2 callback for the default developer credentials */ oauth2CallbackDefaultDevRaw(requestParameters: Oauth2CallbackDefaultDevRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Handle OAuth2 callback for the default developer credentials */ oauth2CallbackDefaultDev(code: string, state?: string, error?: Oauth2CallbackDefaultDevErrorEnum, errorDescription?: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; } /** * @export * @enum {string} */ declare enum Oauth2CallbackDefaultDevErrorEnum { InteractionRequired = "interaction_required", LoginRequired = "login_required", AccountSelectionRequired = "account_selection_required", ConsentRequired = "consent_required", InvalidRequestUri = "invalid_request_uri", InvalidRequestObject = "invalid_request_object", RequestNotSupported = "request_not_supported", RequestUriNotSupported = "request_uri_not_supported", RegistrationNotSupported = "registration_not_supported" } declare interface Oauth2CallbackDefaultDevRequest { code: string; state?: string; error?: Oauth2CallbackDefaultDevErrorEnum; errorDescription?: string; } /** * @export * @enum {string} */ declare enum Oauth2CallbackErrorEnum { InteractionRequired = "interaction_required", LoginRequired = "login_required", AccountSelectionRequired = "account_selection_required", ConsentRequired = "consent_required", InvalidRequestUri = "invalid_request_uri", InvalidRequestObject = "invalid_request_object", RequestNotSupported = "request_not_supported", RequestUriNotSupported = "request_uri_not_supported", RegistrationNotSupported = "registration_not_supported" } declare interface Oauth2CallbackRequest { appId: string; code: string; state?: string; error?: Oauth2CallbackErrorEnum; errorDescription?: string; } export declare type OneTimePasscode = OneTimePasscodeResponse; /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface OneTimePasscodeResponse */ declare interface OneTimePasscodeResponse { /** * The ID of the one-time passcode. Provide it when activating. * @type {string} * @memberof OneTimePasscodeResponse */ otpId: string; } declare type OnResponseSuccessCallback = (response: EndpointResponse, returnValue: OutputReturnValue) => Promise; /** * */ declare class OTPApi extends runtime.BaseAPI { /** * Authenticate a one-time passcode for a user. This endpoint checks that the one-time passcode is valid, then returns an authentication token for the user. * Authenticate OTP */ activateOneTimePasscodeRaw(requestParameters: ActivateOneTimePasscodeOperationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Authenticate a one-time passcode for a user. This endpoint checks that the one-time passcode is valid, then returns an authentication token for the user. * Authenticate OTP */ activateOneTimePasscode(appId: string, activateOneTimePasscodeRequest: ActivateOneTimePasscodeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; } /** * * @export * @interface OtpAuthMethod */ export declare interface OtpAuthMethod { /** * Maximum time (IN SECONDS) for the auth to expire. * @type {number} * @memberof OtpAuthMethod */ ttl?: number; /** * * @type {TtlDisplayUnit} * @memberof OtpAuthMethod * @deprecated */ ttlDisplayUnit?: TtlDisplayUnit; } /** * The Passage class used to perform register and login operations. * The only parameter is the app handle for the application. * * @example * ``` * import Passage from '@passageidentity/passage-js'; * const passage = new Passage(app_id); * ``` */ export declare class Passage { private appID; private tokenStore; private extraHeaders; /** * PassageApp class contains functions that operate on the Passage app level. */ app: PassageApp; /** * PassagePasskey class contains functions that use passkeys for authentication and utilities to help with passkey UX decisions. */ passkey: PassagePasskey; /** * PassageMagicLink class contains functions that use magic links for authentication, identitfy verification, and handling identifier changes. */ magicLink: PassageMagicLink; /** * PassageOneTimePasscode class contains functions that use one-time passcodes for authentication. */ oneTimePasscode: PassageOneTimePasscode; /** * PassageSocial class contains functions that use social providers for authentication. */ social: PassageSocial; /** * The PassageSession class used to manage Passage sessions using refresh tokens. */ session: PassageSession; /** * The PassageCurrentUser class contains functions to get information about the currently authenticated user. */ currentUser: PassageCurrentUser; /** * Constructor configuring the Passage class' attributes * @param {string} appID the App's corresponding AppID * @param {PassageConfig | undefined} config An optional parameter to pass in configurable properties. * The tokenStore property is an object that implements ReadOnlyTokenStore or TokenStore to manage retrieval and storage of tokens. * If no tokenStore is provided by default Passage will store tokens in a combination of localstorage and cookies. */ constructor(appID: string, config?: PassageConfig); } /** * PassageApp class contains functions that operate on the Passage app level. */ export declare class PassageApp extends PassageBase { private userInternal; private cachedAppInfo; /** * Constructor configuring the App class' attributes * @param {PassageInstanceConfig} instanceConfig the config of the current Passage instance */ constructor(instanceConfig: PassageInstanceConfig); /** * Get information about an app. * * @return {Promise} a data object containing app information and the authentication policy * * @example * ```javascript * import Passage from '@passageidentity/passage-js'; * * const passage = new Passage(appId); * * await passage.app.info() * .then(data => { * // look at information regarding a particular app * }).catch(e => console.log(e)); * ``` */ info(): Promise; /** * Look-up a user and return the user properties if the user exists * @param {string} identifier email address / phone for user * @return {Promise} */ userExists(identifier: string): Promise; /** * createUser creates a user in a 'pending' state. * @param {string} identifier the email or phone number of the user * @param {Metadata} userMetadata optional metadata to associate with the user * @return {Promise} */ createUser(identifier: string, userMetadata?: Metadata): Promise; } export declare type PassageAppInfo = App; /** * Base class for Passage API classes that do not require authentication. */ declare abstract class PassageBase extends PassageBaseCommon { /** * Constructor configuring the Passage class' attributes * @param {PassageInstanceConfig} instanceConfig the config of the current Passage instance * @param {typeof BaseAPI} Service The API service to be used. */ constructor(instanceConfig: PassageInstanceConfig, Service: typeof BaseAPI); } /** * Base class for Passage API classes that require authentication. */ declare abstract class PassageBaseAuthenticated extends PassageBaseCommon { /** * Constructor configuring the Passage class' attributes * @param {PassageInstanceConfig} instanceConfig the config of the current Passage instance * @param {typeof BaseAPI} Service The API service to be used. */ constructor(instanceConfig: PassageInstanceConfig, Service: typeof BaseAPI, authToken: () => Promise); } /** * Base class for Passage API classes. */ declare abstract class PassageBaseCommon { private instanceConfig; protected wrapPassageApplicationEndpoint: WrapPassageApplicationOrOrganizationEndpoint; protected service: ServiceType; /** * Constructor configuring the Passage class' attributes * @param {PassageInstanceConfig} instanceConfig the config of the current Passage instance * @param {typeof BaseAPI} Service The API service to be used. * @param {boolean} authenticated Whether the API requires authentication. */ constructor(instanceConfig: PassageInstanceConfig, Service: typeof BaseAPI, authToken?: () => Promise); protected storeTokens(authResult: AuthResult): Promise; } export declare interface PassageConfig { /** A custom TokenStore implementation that handles custom management of tokens */ tokenStore?: ReadOnlyTokenStore | TokenStore; /** @private Additional headers passed about consuming package information.*/ extraHeaders?: Record; } /** * The PassageCurrentUser class contains functions to get information about the currently authenticated user. */ export declare class PassageCurrentUser extends PassageBaseAuthenticated { /** * constructor for the CurrentUser class. * @param {PassageInstanceConfig} instanceConfig the config of the current Passage instance */ constructor(instanceConfig: PassageInstanceConfig, session: PassageSession); /** * userInfo returns the user information for the currently authenticated user. If the user is not authenticated, an error is thrown. * @return {CurrentUser | undefined} the current Passage user's info * current Passage user's authentication token could not be validated. */ userInfo(): Promise; /** * changeEmail initiates an email change for the authenticated user. An email change requires verification, so an email will be sent to the user which they must verify before the email change takes effect. * @param {string} newEmail * @param {string?} language the language string for localizing emails, if no lanuage or an invalid language is provided the application default lanuage will be used * @return {MagicLink} the magicLink response on success. */ changeEmail(newEmail: string, language?: string): Promise; /** * changePhone initiates a phone number change for the authenticated user. An phone number change requires verification, so an SMS with a link will be sent to the user which they must verify before the phone number change takes effect. * @param {string} newPhone * @param {string?} language the language string for localizing emails, if no lanuage or an invalid language is provided the application default lanuage will be used * @return {MagicLink} the magicLink response on success. */ changePhone(newPhone: string, language?: string): Promise; /** * Get the list of the current users's passkeys. * @return {Passkey[]} the array of passkeys. */ passkeys(): Promise; /** * editPasskey allows the passkey's friendly name to be changed. * @param {string} passkeyId * @param {string} friendlyName * @return {Passkey} the edited device after applying the requested device attribute changes. */ editPasskey(passkeyId: string, friendlyName: string): Promise; /** * addPasskey register a new passkey for the current user. * @param {PasskeyCreationOptions} options Optional configuration for passkey creation * @return {Passkey} the new passkey regsitered for the current user. */ addPasskey(options?: PasskeyCreationOptions): Promise; /** * deletePasskey deletes an existing passkey for the current user. * @param {Passkey} passkey the passkey to be deleted * @return {boolean} true if the device has been deleted successfully. */ deletePasskey(passkey: Passkey): Promise; /** * listSocialConnections is used to list the current user's social connections. * @return {Promise } the current social connections and their properties. */ listSocialConnections(): Promise; /** * deleteSocialConnection deletes an existing social connection for the current user. * @param {SocialConnection} socialConnectionType the social connection to be deleted * @return {boolean} true if the social connection has been deleted successfully. */ deleteSocialConnection(socialConnectionType: SocialConnection): Promise; /** * getMetadata returns the metadata for the currently authenticated user. * @return {Metadata} the current Passage user's info, or undefined if the * current Passage user's authentication token could not be validated. */ metadata(): Promise; /** * updateMetadata updates the metadata for the currentuser. Note that only metadata fields set for the app can be updated. * @param {Metadata} metadata * @return {CurrentUser} the current user with their newly updated metadata field. */ updateMetadata(metadata: Metadata): Promise; } /** * PassageError assists with error handling. */ export declare class PassageError extends Error { statusCode: number; statusText: string; message: string; name: string; /** * @param {string} psgErrorResponse a custom Passage error message. * @param {RequiredResponse} res response or status and statusText used to generate error. */ constructor(psgErrorResponse: string, res: RequiredResponse); /** * _parsePsgErrorResponse parses the custom Passage error response message. * @param {any} psgErrorResponse the custom Passage error response. * @return {string} the Passage error response from server or input string. */ private _parsePsgErrorResponse; } export declare enum PassageErrorCode { /** The request has more than one possible response. The user agent or user should choose one of them. */ MultipleChoice = 300, /** The URL of the requested resource has been changed permanently. The new URL is given in the response. */ MovedPermanantly = 301, /** This response code means that the URI of requested resource has been changed temporarily. Further changes in the URI might be made in the future. Therefore, this same URI should be used by the client in future requests. */ Found = 302, /** The server sent this response to direct the client to get the requested resource at another URI with a GET request. */ SeeOther = 303, /** This is used for caching purposes. It tells the client that the response has not been modified, so the client can continue to use the same cached version of the response. */ NotModified = 304, /** The server sends this response to direct the client to get the requested resource at another URI with same method that was used in the prior request. This has the same semantics as the 302 Found HTTP response code, with the exception that the user agent must not change the HTTP method used: if a POST was used in the first request, a POST must be used in the second request. */ TemporaryRedirect = 307, /** This means that the resource is now permanently located at another URI, specified by the Location: HTTP Response header. This has the same semantics as the 301 Moved Permanently HTTP response code, with the exception that the user agent must not change the HTTP method used: if a POST was used in the first request, a POST must be used in the second request. */ PermanentRedirect = 308, /** The server could not understand the request due to invalid syntax. */ BadRequest = 400, /** Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */ Unauthorized = 401, /** This response code is reserved for future use. The initial aim for creating this code was using it for digital payment systems, however this status code is used very rarely and no standard convention exists. */ PaymentRequired = 402, /** The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */ Forbidden = 403, /** The server can not find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. */ NotFound = 404, /** The request method is known by the server but is not supported by the target resource. For example, an API may not allow calling DELETE to remove a resource. */ MethodNotAllowed = 405, /** This response is sent when the web server, after performing server-driven content negotiation, doesn't find any content that conforms to the criteria given by the user agent. */ NotAcceptable = 406, /** This is similar to 401 Unauthorized but authentication is needed to be done by a proxy. */ ProxyAuthenticationRequired = 407, /** This response is sent on an idle connection by some servers, even without any previous request by the client. It means that the server would like to shut down this unused connection. This response is used much more since some browsers, like Chrome, Firefox 27+, or IE9, use HTTP pre-connection mechanisms to speed up surfing. Also note that some servers merely shut down the connection without sending this message. */ RequestTimeout = 408, /** This response is sent when a request conflicts with the current state of the server. */ Conflict = 409, /** This response is sent when the requested content has been permanently deleted from server, with no forwarding address. Clients are expected to remove their caches and links to the resource. The HTTP specification intends this status code to be used for "limited-time, promotional services". APIs should not feel compelled to indicate resources that have been deleted with this status code. */ Gone = 410, /** Server rejected the request because the Content-Length header field is not defined and the server requires it. */ LengthRequired = 411, /** The client has indicated preconditions in its headers which the server does not meet. */ PreconditionFailed = 412, /** Request entity is larger than limits defined by server. The server might close the connection or return an Retry-After header field. */ PayloadTooLarge = 413, /** The URI requested by the client is longer than the server is willing to interpret. */ URITooLong = 414, /** The media format of the requested data is not supported by the server, so the server is rejecting the request. */ UnsupportedMediaType = 415, /** The range specified by the Range header field in the request cannot be fulfilled. It's possible that the range is outside the size of the target URI's data. */ RangeNotSatisfiable = 416, /** This response code means the expectation indicated by the Expect request header field cannot be met by the server. */ ExpectationFailed = 417, /** The request was directed at a server that is not able to produce a response. This can be sent by a server that is not configured to produce responses for the combination of scheme and authority that are included in the request URI. */ MisdirectedRequest = 421, /** The request was well-formed but was unable to be followed due to semantic errors. */ UnprocessableEntity = 422, /** The resource that is being accessed is locked. */ Locked = 423, /** The request failed due to failure of a previous request. */ FailedDependency = 424, /** Indicates that the server is unwilling to risk processing a request that might be replayed. */ TooEarly = 425, /** The server refuses to perform the request using the current protocol but might be willing to do so after the client upgrades to a different protocol. The server sends an Upgrade header in a 426 response to indicate the required protocol(s). */ UpgradeRequired = 426, /** The origin server requires the request to be conditional. This response is intended to prevent the 'lost update' problem, where a client GETs a resource's state, modifies it and PUTs it back to the server, when meanwhile a third party has modified the state on the server, leading to a conflict. */ PreconditionRequired = 428, /** The user has sent too many requests in a given amount of time ("rate limiting"). */ TooManyRequests = 429, /** The server is unwilling to process the request because its header fields are too large. The request may be resubmitted after reducing the size of the request header fields. */ RequestHeaderFieldsTooLarge = 431, /** The user agent requested a resource that cannot legally be provided, such as a web page censored by a government. */ UnavailableForLegalReasons = 451, /** The server has encountered a situation it does not know how to handle. */ InternalServerError = 500, /** The request method is not supported by the server and cannot be handled. The only methods that servers are required to support (and therefore that must not return this code) are GET and HEAD. */ NotImplemented = 501, /** This error response means that the server, while working as a gateway to get a response needed to handle the request, got an invalid response. */ BadGateway = 502, /** The server is not ready to handle the request. */ ServiceUnavailable = 503, /** This error response is given when the server is acting as a gateway and cannot get a response in time. */ GatewayTimeout = 504, /** The HTTP version used in the request is not supported by the server. */ HTTPVersionNotSupported = 505, /** The server has an internal configuration error: the chosen variant resource is configured to engage in transparent content negotiation itself, and is therefore not a proper end point in the negotiation process. */ VariantAlsoNegotiates = 506, /** The method could not be performed on the resource because the server is unable to store the representation needed to successfully complete the request. */ InsufficientStorage = 507, /** The server detected an infinite loop while processing the request. */ LoopDetected = 508, /** Further extensions to the request are required for the server to fulfill it. */ NotExtended = 510, /** Indicates that the client needs to authenticate to gain network access. */ NetworkAuthenticationRequired = 511, /** The psg_cred_obj does not exist in the webAuthn allow list */ PSGCredObjectDoesNotExist = 700, /** Parsing the public key for new device has failed */ PSGParsePublicKeyForNewDeviceFailed = 701, /** Parsing the public key for login has failed */ PSGParsePublicKeyForLoginFailed = 702, /** Could not get user's credential */ PSGCouldNotGetUserCredential = 703, /** Indicates that the user needs to authenticate */ PSGLoginRequired = 704, /** Indicates that the function needs to be run from a secure context */ PSGSecureContextRequired = 705, /** Indicates that the social session storage data is incorrect or missing*/ PSGSocialSessionStorageError = 706, /** Parsing public key for registration has failed*/ PSGParsePublicKeyForRegistrationFailed = 707, /** Checking browser for passkey authentication available failed*/ PSGCanAuthenticateWithPasskeyFailed = 708, /** Checking browser for passkey registration available failed*/ PSGCanRegisterWithPasskeyFailed = 709, /** Checking browser for conditional mediation available failed*/ PSGCanUseConditionalMediationFailed = 710, /** The auth origin configured for webauthn in app settings does not match origin of current URL*/ PSGAuthOriginConfigurationError = 711, /** The method being invoked requires browser APIs that cannot be found. Make sure the method is being invoked within a browser. */ PSGMustRunInBrowserContext = 712 } declare interface PassageInstanceConfig { appId: string; basePath: string; tokenStore: ReadOnlyTokenStore | TokenStore; additionalHeaders: HTTPHeaders; } /** * PassageMagicLink class contains functions that use magic links for authentication, identitfy verification, and handling identifier changes. */ export declare class PassageMagicLink extends PassageBase { private registerInternal; private loginInternal; /** * Constructor configuring the PassageMagicLink class' attributes * @param {PassageInstanceConfig} instanceConfig the config of the current Passage instance */ constructor(instanceConfig: PassageInstanceConfig); /** * Create a new magic link for registration. Will throw an error if the user has already logged into their account at least once. * @param {string} identifier The Passage User's identifier * @param {string} language the language string for localizing emails, if no lanuage or an invalid language is provided the application default lanuage will be used * @return {Promise} MagicLink JSON payload */ register(identifier: string, language?: string): Promise; /** * Creates a new magic link for login. Will throw an error if the user does not exist. * @param {string} identifier The Passage User's identifier * @param {string} language the language string for localizing emails, if no lanuage or an invalid language is provided the application default lanuage will be used * @return {Promise} MagicLink JSON payload */ login(identifier: string, language?: string): Promise; /** * Activates a magic link. Handles login, registration, identifier verification, and identifier change magic links. * Will throw an error if the magic link is invalid, expired, or has already been activated. * * @param {string} magicLink The magic link to activate * @return {Promise} */ activate(magicLink: string): Promise; /** * Look up a magic link by ID and check if it has been verified. This function is most commonly used to * iteratively check if a user has clicked a magic link to login. Once the link has been verified, * Passage will return authentication information via this endpoint. This enables cross-device login. * This will throw an error if the magic link is not activated. * * @param {string} id unique ID for an magic link which is returned by functions that create a magic link * @return {Promise} */ status(id: string): Promise; /** * Get the path relative to the app's auth_origin * @returns {string} */ private getMagicLinkPath; } /** * PassageOneTimePasscode class contains functions that use one-time passcodes for authentication. */ export declare class PassageOneTimePasscode extends PassageBase { private registerInternal; private loginInternal; /** * Constructor configuring the PassageOneTimePasscode class' attributes * @param {PassageInstanceConfig} instanceConfig the config of the current Passage instance */ constructor(instanceConfig: PassageInstanceConfig); /** * Create a new one-time passcode for registration. Will throw an error if the user has already logged into their account at least once. * @param {string} identifier The Passage User's identifier * @param {string} language the language string for localizing emails, if no lanuage or an invalid language is provided the application default lanuage will be used * @return {Promise} One-time passcode object */ register(identifier: string, language?: string): Promise; /** * Create a new one-time passcode for login. Will throw an error if the user does not exist. * @param {string} identifier The Passage User's identifier * @param {string} language the language string for localizing emails, if no lanuage or an invalid language is provided the application default lanuage will be used * @return {Promise} One-time passcode object */ login(identifier: string, language?: string): Promise; /** * Activates a one-time passcode. Handles login and registration one-time passcodes. * Will throw an error if the one-time passcode is invalid, expired, or has already been activated. * @param {string} oneTimePasscode The one-time passcode provided by the user from their email or text message. * @param {string} id The id associated with the one-time passcode. * @returns */ activate(oneTimePasscode: string, id: string): Promise; } /** * PassagePasskey class contains functions that use passkeys for authentication and utilities to help with passkey UX decisions. */ export declare class PassagePasskey { private app; private registerInternal; private loginInternal; private psgCredObjHelper; /** * Constructor configuring the Passkey class' attributes * @param {PassageInstanceConfig} instanceConfig the config of the current Passage instance */ constructor(instanceConfig: PassageInstanceConfig, app: PassageApp); /** * Registers a new user with a passkey. Will throw an error if the user has already logged into their account at lesst once. * @param {string} identifier * @param {PasskeyCreationOptions | undefined} options * @returns {AuthResult} The authentication token, redirect URL, and refresh token, if configured for the application. */ register(identifier: string, options?: PasskeyCreationOptions): Promise; /** * Logs in an existing user with a passkey. Will throw an error if the user does not exist, has no passkeys, or if the operation is cancelled with an abort signal. * If no identifier is provided, the user will be prompted to select an identifier, formally known as WebAuthn discoverable credentials. * If implementing passkey autocomplete, formally known as WebAuthn conditional mediation, no identifier should be provided and the isConditionalMediation option should be set to true. * @param {string} identifier * @param {PasskeyLoginOptions | undefined} options * @returns {AuthResult} The authentication token, redirect URL, and refresh token, if configured for the application. */ login(identifier?: string, options?: PasskeyLoginOptions): Promise; /** * Uses information about the user's current browser to determine what features are availble for getting credentials via WebAuthn. * NOTE: Do not call this from an event handler where navigator.get or navigator.create is invoked or it will break the required user gesture on iOS web browsers. * @return {Promise} The set of features supported by the browser. */ getCredentialAvailable(): Promise; /** * Uses information about the user's current browser to determine what features are availble for creating credentials via WebAuthn. * NOTE: Do not call this from an event handler where navigator.get or navigator.create is invoked or it will break the required user gesture on iOS web browsers. * @return {Promise} The set of features supported by the browser. */ createCredentialAvailable(): Promise; /** * Checks to see if the user has any platform passkeys. * This happens by checking to see if we have the userID and an associated passkey credential stored in localStorage via * the key psg_cred_obj. * @param {string} userId the Passage User's userID * @return {boolean} returns true if psg_cred_obj exists in localstorage, false if not */ hasLocalPasskey(userId: string): boolean; /** * Checks if an application's auth origin matches the current origin on an end user's browser. * If this function returns false, passkeys will not work properly on this domain. * @returns {boolean} */ checkPasskeyOrigin(): Promise; } /**@private */ export declare type PassageSentryProject = 'passage-js' | 'passage-elements'; /** * The PassageSession class used to manage Passage sessions using refresh tokens. */ export declare class PassageSession extends PassageBase { private tokenStore; /** * Constructor configuring the PassageOneTimePasscode class' attributes * @param {PassageInstanceConfig} instanceConfig the config of the current Passage instance */ constructor(instanceConfig: PassageInstanceConfig); /** * authGuard checks if the current user has a JWT that is valid and potentially verifiable. * IMPORTANT: this is not verifying the JWT, it is only checking if the JWT is formatted properly. * @return {boolean} true if the user has a valid (but unverified) JWT, false if not. */ authGuard(): Promise; /** * Sign out a user by deleting their AuthToken from local storage and revoking their refresh token. * @return {boolean} true if the device has been deleted successfully. */ signOut(): Promise; /** * getAuthToken gets the current authToken for the currently authenticated user. * @return {string} returns the user's authToken if it exists or fetches a new one with a refresh token if it exists */ getAuthToken(): Promise; /** * refresh gets and saves a new authToken for the currently authenticated user using their refresh token * @return {AuthResult} returns the user's authToken if successful */ refresh(): Promise; /** * _validJWTPayload checks to see if the current JWT is valid (formatted as expected and isn't expired). * @param {JwtPayload} payload the payload from the JWT. * @return {boolean} true if the JWT payload is valid, false if not. */ private _validJWTPayload; /** * _validJWTHeader checkts to see if the JWT header is valid (formatted as expected). * @param {JwtHeader} header the header from the JWT. * @return {boolean} true if the JWT header is valid, false if not. */ private _validJWTHeader; /** * _getMutex gets or creates a global mutex for the given key * @param {string} key the key to use for the mutex * @return {Mutex} the mutex for the given key */ private _getMutex; } /** * PassageSocial class contains functions that use social providers for authentication. */ export declare class PassageSocial extends PassageBase { private apiUrl; /** * Constructor configuring the PassageSocial class' attributes * @param {PassageInstanceConfig} instanceConfig the config of the current Passage instance */ constructor(instanceConfig: PassageInstanceConfig); /** * Initiates authorization via a supported third-party social provider. * This must be run from a secure context (HTTPS or localhost). * @param {SocialConnection} connection The social connection to use for login. */ authorize(connection: SocialConnection): Promise; /** * Finishes a social login by exchanging the social login provider code for Passage tokens. * @param {string} code The code returned from the social login provider */ finish(code: string): Promise; /** Helper function to build query params * @param {SocialConnection} connection The social connection to use for login. */ private _getQueryParams; /** Helper function to generate code challenge */ private _getCodeChallenge; /** Helper function to generate random string * @param {number} characters The number of characters to generate. * @return {string} The random string. */ private _getRandomString; /** Heplper function to get a SHA256 has for a string. This must be run from a secure context (HTTPS or localhost). * @param {string} str The string to hash. */ private _sha256Hash; } /** PassageTokenStore class provides the Passage default token storage mechanism. * The auth token is stored in localStorage and cookies. * The refresh token is stored in localStorage only. */ export declare class PassageTokenStore extends TokenStore { /** * Gets the current auth token * @returns {Promise} The current auth token */ getAuthToken(): Promise; /** * Gets the current refresh token * @returns {Promise} The current refresh token */ getRefreshToken(): Promise; /** * Sets the auth token and refresh token, if used * @param {AuthResult} authResult * @returns {Promise} */ setTokens(authResult: AuthResult): Promise; /** * Clears the auth token from localstorage and cookies and refresh token from localstorage * @returns {Promise} */ clearTokens(): Promise; /** * Private method to set auth token in localstorage and cookies * @param {string} authToken * @returns */ private _setAuthToken; /** * Private method to set refresh token in localstorage * @param {string} refreshToken * @returns */ private _setRefreshToken; /** * Determines if localhost * @return {boolean} The sum of the two numbers. */ private _isLocalHost; /** * Determines if protocol being used is HTTPS * @return {boolean} */ private _isHttps; /** * Checks if localStorage is available, if not throws and error instructing users to run this code in the browser. * Mostly would only fail if run in an server-side rendered context or in a unit test environment. */ private _checkLocalStorage; } export declare type Passkey = Credential_2; export declare interface PasskeyCreationOptions { /** authenticatorAttachment controls what kind of passkey the browser prompts the user to create */ authenticatorAttachment?: AuthenticatorAttachment_2; } export declare interface PasskeyLoginOptions { isConditionalMediation?: boolean; abortSignal?: AbortSignal; } declare interface PostCurrentuserAddDeviceFinishRequest { appId: string; addDeviceFinishRequest: AddDeviceFinishRequest; } declare interface PostCurrentuserAddDeviceStartRequest { appId: string; currentUserDevicesStartRequest?: CurrentUserDevicesStartRequest; } export declare type PublicUserInfo = User; /** * Base class for implementing read-only token stores. getAuthToken() is the only required function to implement. * If a Passage object is built with a read-only token store it will not handle any token storage. */ export declare abstract class ReadOnlyTokenStore { /** * This method returns a token to be used for authenticated operations on the User class. * @returns {Promise} Passage-issued JWT */ abstract getAuthToken(): Promise; /** * This method retrieves a Passage refresh token from storage for use with the Session class for refreshing Passage sessions. * If this method returns undefined then Session will not handle any refresh token logic. * @return {Promise} refresh token, or undefined if not using refresh tokens. */ getRefreshToken(): Promise; } declare interface RefreshAuthTokenOperationRequest { appId: string; refreshAuthTokenRequest: RefreshAuthTokenRequest; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface RefreshAuthTokenRequest */ declare interface RefreshAuthTokenRequest { /** * * @type {string} * @memberof RefreshAuthTokenRequest */ refreshToken: string; } declare interface RequestContext { fetch: FetchAPI; url: string; init: RequestInit; } declare type RequestNormalizer = (args: IncomingArgs) => OutputArgs; declare interface RequestOpts { path: string; method: HTTPMethod; headers: HTTPHeaders; query?: HTTPQuery; body?: HTTPBody; } export declare enum RequiredIdentifier { Phone = "phone", Email = "email", Both = "both", Either = "either" } declare type RequiredResponse = Partial & AtLeast; declare interface ResponseContext { fetch: FetchAPI; url: string; init: RequestInit; response: Response; } declare class ResponseError extends Error { response: Response; name: 'ResponseError'; constructor(response: Response, msg?: string); } declare type ResponseSerializer = (data: InData) => Promise; declare interface RevokeRefreshTokenRequest { appId: string; refreshToken: string; } declare namespace runtime { { querystring, mapValues, canConsumeForm, BASE_PATH, ConfigurationParameters, Configuration, DefaultConfig, BaseAPI, ResponseError, FetchError, RequiredError, COLLECTION_FORMATS, FetchAPI, Json, HTTPMethod, HTTPHeaders, HTTPQuery, HTTPBody, HTTPRequestInit, ModelPropertyNaming, InitOverrideFunction, FetchParams, RequestOpts, Consume, RequestContext, ResponseContext, ErrorContext, Middleware, ApiResponse, ResponseTransformer, JSONApiResponse, VoidApiResponse, BlobApiResponse, TextApiResponse } } export declare enum SocialConnection { Apple = "apple", Github = "github", Google = "google" } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface SocialConnections */ export declare interface SocialConnections { /** * * @type {object} * @memberof SocialConnections */ apple?: object; /** * * @type {object} * @memberof SocialConnections */ google?: object; /** * * @type {object} * @memberof SocialConnections */ github?: object; } /** * * @export * @interface SocialConnectionsResponse */ declare interface SocialConnectionsResponse { /** * * @type {UserSocialConnections} * @memberof SocialConnectionsResponse */ socialConnections: UserSocialConnections; } /** * */ declare class TokensApi extends runtime.BaseAPI { /** * Creates and returns a new auth token and a new refresh token * Creates new auth and refresh token */ refreshAuthTokenRaw(requestParameters: RefreshAuthTokenOperationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Creates and returns a new auth token and a new refresh token * Creates new auth and refresh token */ refreshAuthToken(appId: string, refreshAuthTokenRequest: RefreshAuthTokenRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; /** * Revokes the refresh token * Revokes refresh token */ revokeRefreshTokenRaw(requestParameters: RevokeRefreshTokenRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; /** * Revokes the refresh token * Revokes refresh token */ revokeRefreshToken(appId: string, refreshToken: string, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; } /** * Base class for implementing full read-write token stores. */ export declare abstract class TokenStore extends ReadOnlyTokenStore { /** * This method is responsible for hanlding the storage of Passage-issued JWTs and refresh tokens. * @param {authResult} authResult The authResult object returned from Passage Login, Register, Magic Link, and token refresh operations. */ abstract setTokens(authResult: AuthResult): Promise; /** * This method is responsible for clearing tokens from storage when a sign-out operation is executed on the Session class. * @return {Promise} */ clearTokens(): Promise; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * Deprecated Property. The preferred unit for displaying the TTL. This value is for display only. * * `s` - seconds * * `m` - minutes * * `h` - hours * * `d` - days * * @export * @enum {string} */ export declare enum TtlDisplayUnit { S = "s", M = "m", H = "h", D = "d" } declare interface UpdateCurrentuserDeviceRequest { appId: string; deviceId: string; updateDeviceRequest: UpdateDeviceRequest; } declare interface UpdateCurrentuserMetadataRequest { appId: string; updateMetadataRequest: UpdateMetadataRequest; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface UpdateDeviceRequest */ declare interface UpdateDeviceRequest { /** * * @type {string} * @memberof UpdateDeviceRequest */ friendlyName: string; } declare interface UpdateEmailCurrentuserRequest { appId: string; updateUserEmailRequest: UpdateUserEmailRequest; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface UpdateMetadataRequest */ declare interface UpdateMetadataRequest { /** * * @type {object} * @memberof UpdateMetadataRequest */ userMetadata?: object; } declare interface UpdatePhoneCurrentuserRequest { appId: string; updateUserPhoneRequest: UpdateUserPhoneRequest; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface UpdateUserEmailRequest */ declare interface UpdateUserEmailRequest { /** * language of the email to send (optional) * @type {string} * @memberof UpdateUserEmailRequest */ language?: string; /** * * @type {string} * @memberof UpdateUserEmailRequest */ magicLinkPath?: string; /** * * @type {string} * @memberof UpdateUserEmailRequest */ newEmail: string; /** * * @type {string} * @memberof UpdateUserEmailRequest */ redirectUrl?: string; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface UpdateUserPhoneRequest */ declare interface UpdateUserPhoneRequest { /** * language of the email to send (optional) * @type {string} * @memberof UpdateUserPhoneRequest */ language?: string; /** * * @type {string} * @memberof UpdateUserPhoneRequest */ magicLinkPath?: string; /** * * @type {string} * @memberof UpdateUserPhoneRequest */ newPhone?: string; /** * * @type {string} * @memberof UpdateUserPhoneRequest */ redirectUrl?: string; } /** * * @export * @interface User */ declare interface User { /** * * @type {string} * @memberof User */ email: string; /** * Whether or not the user's email has been verified * @type {boolean} * @memberof User */ emailVerified: boolean; /** * * @type {string} * @memberof User */ id: string; /** * * @type {string} * @memberof User */ phone: string; /** * Whether or not the user's phone has been verified * @type {boolean} * @memberof User */ phoneVerified: boolean; /** * * @type {UserStatus} * @memberof User */ status: UserStatus; /** * * @type {object} * @memberof User */ userMetadata: object | null; /** * * @type {boolean} * @memberof User */ webauthn: boolean; /** * * @type {Array} * @memberof User */ webauthnTypes: Array; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface UserMetadataField */ export declare interface UserMetadataField { /** * * @type {string} * @memberof UserMetadataField */ fieldName: string; /** * * @type {string} * @memberof UserMetadataField */ friendlyName: string; /** * * @type {string} * @memberof UserMetadataField */ id: string; /** * * @type {boolean} * @memberof UserMetadataField */ profile: boolean; /** * * @type {boolean} * @memberof UserMetadataField */ registration: boolean; /** * * @type {string} * @memberof UserMetadataField */ type: string; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * * @export * @interface UserMetadataResponse */ declare interface UserMetadataResponse { /** * * @type {object} * @memberof UserMetadataResponse */ userMetadata: object; } export declare enum UserMetadataType { STRING = "string", BOOLEAN = "boolean", INTEGER = "integer", DATE = "date", PHONE = "phone", EMAIL = "email" } export declare type UserSocialConnection = AppleSocialConnection | GithubSocialConnection | GoogleSocialConnection; /** * * @export * @interface UserSocialConnections */ export declare interface UserSocialConnections { /** * * @type {AppleSocialConnection} * @memberof UserSocialConnections */ apple?: AppleSocialConnection; /** * * @type {GithubSocialConnection} * @memberof UserSocialConnections */ github?: GithubSocialConnection; /** * * @type {GoogleSocialConnection} * @memberof UserSocialConnections */ google?: GoogleSocialConnection; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * User status: active, inactive, pending * @export * @enum {string} */ export declare enum UserStatus { Active = "active", Inactive = "inactive", Pending = "pending" } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * Contains the light and dark SVG icons that represent the brand of those devices * Values can be null or base64 encoded SVG. Example of SVG output: * data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGVuYWJsZS1iYWNrZ3JvdW5kPSJuZXcgMCAwIDE5MiAxOTIiIGhlaWdodD0iMjRweCIgdmlld0JveD0iMCAwIDE5MiAxOTIiIHdpZHRoPSIyNHB4Ij48cmVjdCBmaWxsPSJub25lIiBoZWlnaHQ9IjE5MiIgd2lkdGg9IjE5MiIgeT0iMCIvPjxnPjxwYXRoIGQ9Ik02OS4yOSwxMDZjLTMuNDYsNS45Ny05LjkxLDEwLTE3LjI5LDEwYy0xMS4wMywwLTIwLTguOTctMjAtMjBzOC45Ny0yMCwyMC0yMCBjNy4zOCwwLDEzLjgzLDQuMDMsMTcuMjksMTBoMjUuNTVDOTAuMyw2Ni41NCw3Mi44Miw1Miw1Miw1MkMyNy43NCw1Miw4LDcxLjc0LDgsOTZzMTkuNzQsNDQsNDQsNDRjMjAuODIsMCwzOC4zLTE0LjU0LDQyLjg0LTM0IEg2OS4yOXoiIGZpbGw9IiM0Mjg1RjQiLz48cmVjdCBmaWxsPSIjRkJCQzA0IiBoZWlnaHQ9IjI0IiB3aWR0aD0iNDQiIHg9Ijk0IiB5PSI4NCIvPjxwYXRoIGQ9Ik05NC4zMiw4NEg2OHYwLjA1YzIuNSwzLjM0LDQsNy40Nyw0LDExLjk1cy0xLjUsOC42MS00LDExLjk1VjEwOGgyNi4zMiBjMS4wOC0zLjgyLDEuNjgtNy44NCwxLjY4LTEyUzk1LjQxLDg3LjgyLDk0LjMyLDg0eiIgZmlsbD0iI0VBNDMzNSIvPjxwYXRoIGQ9Ik0xODQsMTA2djI2aC0xNnYtOGMwLTQuNDItMy41OC04LTgtOHMtOCwzLjU4LTgsOHY4aC0xNnYtMjZIMTg0eiIgZmlsbD0iIzM0QTg1MyIvPjxyZWN0IGZpbGw9IiMxODgwMzgiIGhlaWdodD0iMjQiIHdpZHRoPSI0OCIgeD0iMTM2IiB5PSI4NCIvPjwvZz48L3N2Zz4= * @export * @interface WebAuthnIcons */ declare interface WebAuthnIcons { /** * * @type {string} * @memberof WebAuthnIcons */ light: string | null; /** * * @type {string} * @memberof WebAuthnIcons */ dark: string | null; } /** * Passage Authentication API * Passage\'s authentication API to enable passwordless authentication. * * The version of the OpenAPI document: 1 * Contact: support@passage.id * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ /** * The type of this credential * @export * @enum {string} */ export declare enum WebAuthnType { Passkey = "passkey", SecurityKey = "security_key", Platform = "platform" } declare type WrapPassageApplicationOrOrganizationEndpoint = = IPassageAPIHandlerConfiguration>(endpointFn: GeneratedApplicationFnSignature, handlerConfig: HandlerConfig, handler?: IAPIWrapHandler, Args, EndpointResponse, EndpointArgs, ReturnType>) => (...args: Args) => Promise; export { }