1 | import { Server } from '@hapi/hapi';
|
2 | import { UserCredentials, Tokens, OpsGrant, Config } from '../types';
|
3 | export declare class KeycloakService {
|
4 | protected grantManager: any;
|
5 | KEYCLOAK_SIGNIN_FILEPATH: string;
|
6 | KEYCLOAK_SIGNUP_FILEPATH: string;
|
7 | KEYCLOAK_ERROR_FILEPATH: string;
|
8 | KEYCLOAK_REALM: string;
|
9 | CALLBACK_HOST: string;
|
10 | CALLBACK_ENDPOINT: string;
|
11 | CLIENT_ID: string;
|
12 | CONFIDENTIAL_CLIENT_ID: string;
|
13 | CALLBACK_PORT: number | null;
|
14 | CALLBACK_URL: string | null;
|
15 | POSSIBLE_PORTS: number[];
|
16 | hapiServer: Server;
|
17 | constructor(grantManager?: any);
|
18 | init(): Promise<void>;
|
19 | /**
|
20 | * Generates the required query string params for standard flow
|
21 | */
|
22 | _buildStandardFlowParams: () => string;
|
23 | /**
|
24 | * Generates the initial URL with qury string parameters fire of to Keycloak
|
25 | * e.g.
|
26 | * http://localhost:8080/auth/realms/ops/protocol/openid-connect/auth?
|
27 | * client_id=cli&
|
28 | * redirect_uri=http%3A%2F%2Flocalhost%3A10234%2Fcallback&
|
29 | * response_type=code&
|
30 | * scope=openid%20token&
|
31 | * nonce=12345678-1234-1234 -1234-12345678&
|
32 | * state=12345678-1234-1234-1234-12345678
|
33 | */
|
34 | _buildAuthorizeUrl: () => string;
|
35 | /**
|
36 | * Converts the Keycloak Grant object to Tokens
|
37 | */
|
38 | _formatGrantToTokens: (grant: OpsGrant) => Tokens;
|
39 | /**
|
40 | * Opens the signin URL and sets up the server for callback
|
41 | */
|
42 | keycloakSignInFlow: () => Promise<Tokens>;
|
43 | /**
|
44 | * Generates the initial URL with qury string parameters fire of to Keycloak
|
45 | * e.g.
|
46 | * http://localhost:8080/auth/realms/ops/protocol/openid-connect/registrations?
|
47 | * client_id=www-dev
|
48 | * response_type=code
|
49 | */
|
50 | _buildRegisterUrl: () => string;
|
51 | /**
|
52 | * Opens the signup link in the browser, and listen for it's response
|
53 | */
|
54 | keycloakSignUpFlow: () => Promise<Tokens>;
|
55 | /**
|
56 | * Generates the initial URL with query string parameters fired off to Keycloak
|
57 | * e.g.
|
58 | * http://localhost:8080/auth/realms/ops/login-actions/reset-credentials?client_id=cli
|
59 | */
|
60 | _buildResetUrl: () => string;
|
61 | keycloakResetFlow: (isUserSignedIn: boolean) => void;
|
62 | includeClientSecret: (clientName: string) => {
|
63 | client_secret?: undefined;
|
64 | } | {
|
65 | client_secret: string;
|
66 | };
|
67 | refreshAccessToken: (oldConfig: Config, refreshToken: string) => Promise<Tokens>;
|
68 | getTokenFromPasswordGrant: ({ user, password, }: Pick<UserCredentials, "password" | "user">) => Promise<Tokens>;
|
69 | |
70 |
|
71 |
|
72 |
|
73 | _setupCallbackServerForGrant: (caller: any) => Promise<OpsGrant>;
|
74 | |
75 |
|
76 |
|
77 | buildInvalidateSessionUrl: () => string;
|
78 | |
79 |
|
80 |
|
81 | buildInvalidateSessionHeaders: (sessionState: string, accessToken: string) => {
|
82 | Cookie: string;
|
83 | };
|
84 | }
|