@cto.ai/ops/lib/services/Keycloak.d.ts

import { Server } from '@hapi/hapi';
import { UserCredentials, Tokens, OpsGrant, Config } from '../types';
export declare class KeycloakService {
    protected grantManager: any;
    KEYCLOAK_SIGNIN_FILEPATH: string;
    KEYCLOAK_SIGNUP_FILEPATH: string;
    KEYCLOAK_ERROR_FILEPATH: string;
    KEYCLOAK_REALM: string;
    CALLBACK_HOST: string;
    CALLBACK_ENDPOINT: string;
    CLIENT_ID: string;
    CONFIDENTIAL_CLIENT_ID: string;
    CALLBACK_PORT: number | null;
    CALLBACK_URL: string | null;
    POSSIBLE_PORTS: number[];
    hapiServer: Server;
    constructor(grantManager?: any);
    init(): Promise<void>;
    /**
     * Generates the required query string params for standard flow
     */
    _buildStandardFlowParams: () => string;
    /**
     * Generates the initial URL with qury string parameters fire of to Keycloak
     * e.g.
     * http://localhost:8080/auth/realms/ops/protocol/openid-connect/auth?
     *  client_id=cli&
     *  redirect_uri=http%3A%2F%2Flocalhost%3A10234%2Fcallback&
     *  response_type=code&
     *  scope=openid%20token&
     *  nonce=12345678-1234-1234 -1234-12345678&
     *  state=12345678-1234-1234-1234-12345678
     */
    _buildAuthorizeUrl: () => string;
    /**
     * Converts the Keycloak Grant object to Tokens
     */
    _formatGrantToTokens: (grant: OpsGrant) => Tokens;
    /**
     * Opens the signin URL and sets up the server for callback
     */
    keycloakSignInFlow: () => Promise<Tokens>;
    /**
     * Generates the initial URL with qury string parameters fire of to Keycloak
     * e.g.
     *   http://localhost:8080/auth/realms/ops/protocol/openid-connect/registrations?
     *     client_id=www-dev
     *     response_type=code
     */
    _buildRegisterUrl: () => string;
    /**
     * Opens the signup link in the browser, and listen for it's response
     */
    keycloakSignUpFlow: () => Promise<Tokens>;
    /**
     * Generates the initial URL with query string parameters fired off to Keycloak
     * e.g.
     * http://localhost:8080/auth/realms/ops/login-actions/reset-credentials?client_id=cli
     */
    _buildResetUrl: () => string;
    keycloakResetFlow: (isUserSignedIn: boolean) => void;
    includeClientSecret: (clientName: string) => {
        client_secret?: undefined;
    } | {
        client_secret: string;
    };
    refreshAccessToken: (oldConfig: Config, refreshToken: string) => Promise<Tokens>;
    getTokenFromPasswordGrant: ({ user, password, }: Pick<UserCredentials, "password" | "user">) => Promise<Tokens>;
    /**
     * Spins up a hapi server, that listens to the callback from Keycloak
     * Once it receive a response, the promise is fulfilled and data is returned
     */
    _setupCallbackServerForGrant: (caller: any) => Promise<OpsGrant>;
    /**
     * Returns the URL used to invalidate the current user's session
     */
    buildInvalidateSessionUrl: () => string;
    /**
     * Returns the necessary headers to invalidate the session
     */
    buildInvalidateSessionHeaders: (sessionState: string, accessToken: string) => {
        Cookie: string;
    };
}