@salesforce/core/lib/authInfo.d.ts

import { AsyncCreatable } from '@salesforce/kit';
import { AnyFunction, Nullable, Optional } from '@salesforce/ts-types';
import { OAuth2, OAuth2Options, TokenResponse } from 'jsforce';
import { Connection } from './connection';
/**
 * Fields for authorization, org, and local information.
 */
export interface AuthFields {
    accessToken?: string;
    alias?: string;
    authCode?: string;
    clientId?: string;
    clientSecret?: string;
    created?: string;
    createdOrgInstance?: string;
    devHubUsername?: string;
    instanceUrl?: string;
    instanceApiVersion?: string;
    instanceApiVersionLastRetrieved?: string;
    isDevHub?: boolean;
    loginUrl?: string;
    orgId?: string;
    password?: string;
    privateKey?: string;
    refreshToken?: string;
    scratchAdminUsername?: string;
    snapshot?: string;
    userId?: string;
    username?: string;
    usernames?: string[];
    userProfileName?: string;
    expirationDate?: string;
}
export declare type Authorization = {
    alias: Optional<string>;
    username: Optional<string>;
    orgId: Optional<string>;
    instanceUrl: Optional<string>;
    accessToken?: string;
    oauthMethod?: 'jwt' | 'web' | 'token' | 'unknown';
    error?: string;
};
/**
 * Options for access token flow.
 */
export interface AccessTokenOptions {
    accessToken?: string;
    loginUrl?: string;
    instanceUrl?: string;
}
/**
 * A function to update a refresh token when the access token is expired.
 */
export declare type RefreshFn = (conn: Connection, callback: (err: Nullable<Error>, accessToken?: string, res?: Record<string, unknown>) => Promise<void>) => Promise<void>;
/**
 * Options for {@link Connection}.
 */
export declare type ConnectionOptions = AuthFields & {
    /**
     * OAuth options.
     */
    oauth2?: Partial<OAuth2Options>;
    /**
     * Refresh token callback.
     */
    refreshFn?: RefreshFn;
};
/**
 * Extend OAuth2 to add code verifier support for the auth code (web auth) flow
 * const oauth2 = new OAuth2WithVerifier({ loginUrl, clientSecret, clientId, redirectUri });
 *
 * const authUrl = oauth2.getAuthorizationUrl({
 *    state: 'foo',
 *    prompt: 'login',
 *    scope: 'api web'
 * });
 * console.log(authUrl);
 * const authCode = await retrieveCode();
 * const authInfo = await AuthInfo.create({ oauth2Options: { clientId, clientSecret, loginUrl, authCode }, oauth2});
 * console.log(`access token: ${authInfo.getFields().accessToken}`);
 */
export declare class OAuth2WithVerifier extends OAuth2 {
    readonly codeVerifier: string;
    constructor(options: OAuth2Options);
    /**
     * Overrides jsforce.OAuth2.getAuthorizationUrl.  Get Salesforce OAuth2 authorization page
     * URL to redirect user agent, adding a verification code for added security.
     *
     * @param params
     */
    getAuthorizationUrl(params: Record<string, unknown>): string;
    requestToken(code: string, callback?: (err: Error, tokenResponse: TokenResponse) => void): Promise<TokenResponse>;
    /**
     * Overrides jsforce.OAuth2._postParams because jsforce's oauth impl doesn't support
     * coder_verifier and code_challenge. This enables the server to disallow trading a one-time auth code
     * for an access/refresh token when the verifier and challenge are out of alignment.
     *
     * See https://github.com/jsforce/jsforce/issues/665
     */
    protected _postParams(params: Record<string, unknown>, callback: AnyFunction): Promise<any>;
}
export declare const DEFAULT_CONNECTED_APP_INFO: {
    clientId: string;
    legacyClientId: string;
    legacyClientSecret: string;
};
/**
 * Handles persistence and fetching of user authentication information using
 * JWT, OAuth, or refresh tokens. Sets up the refresh flows that jsForce will
 * use to keep tokens active. An AuthInfo can also be created with an access
 * token, but AuthInfos created with access tokens can't be persisted to disk.
 *
 * **See** [Authorization](https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_auth.htm)
 *
 * **See** [Salesforce DX Usernames and Orgs](https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_cli_usernames_orgs.htm)
 *
 * ```
 * // Creating a new authentication file.
 * const authInfo = await AuthInfo.create({
 *   username: myAdminUsername,
 *   oauth2Options: {
 *     loginUrl, authCode, clientId, clientSecret
 *   }
 * );
 * authInfo.save();
 *
 * // Creating an authorization info with an access token.
 * const authInfo = await AuthInfo.create({
 *   username: accessToken
 * });
 *
 * // Using an existing authentication file.
 * const authInfo = await AuthInfo.create({
 *   username: myAdminUsername
 * });
 *
 * // Using the AuthInfo
 * const connection = await Connection.create({ authInfo });
 * ```
 */
export declare class AuthInfo extends AsyncCreatable<AuthInfo.Options> {
    private static authFilenameFilterRegEx;
    private static cache;
    private fields;
    private usingAccessToken;
    private logger;
    private authInfoCrypto;
    private options;
    /**
     * Constructor
     * **Do not directly construct instances of this class -- use {@link AuthInfo.create} instead.**
     *
     * @param options The options for the class instance
     */
    constructor(options: AuthInfo.Options);
    /**
     * Returns the default instance url
     *
     * @returns {string}
     */
    static getDefaultInstanceUrl(): string;
    /**
     * Get a list of all auth files stored in the global directory.
     *
     * @returns {Promise<string[]>}
     *
     * @deprecated Removed in v3 {@link https://github.com/forcedotcom/sfdx-core/blob/v3/MIGRATING_V2-V3.md#globalinfo}
     */
    static listAllAuthFiles(): Promise<string[]>;
    /**
     * Get a list of all authorizations based on auth files stored in the global directory.
     *
     * @returns {Promise<Authorization[]>}
     */
    static listAllAuthorizations(): Promise<Authorization[]>;
    /**
     * Returns true if one or more authentications are persisted.
     */
    static hasAuthentications(): Promise<boolean>;
    /**
     * Get the authorization URL.
     *
     * @param options The options to generate the URL.
     */
    static getAuthorizationUrl(options: OAuth2Options & {
        scope?: string;
    }, oauth2?: OAuth2WithVerifier): string;
    /**
     * Forces the auth file to be re-read from disk for a given user. Returns `true` if a value was removed.
     *
     * @param username The username for the auth info to re-read.
     *
     * @deprecated Removed in v3 {@link https://github.com/forcedotcom/sfdx-core/blob/v3/MIGRATING_V2-V3.md#configstore-configfile-authinfo-and-encrypting-values}
     */
    static clearCache(username: string): boolean;
    /**
     * Parse a sfdx auth url, usually obtained by `authInfo.getSfdxAuthUrl`.
     *
     * @example
     * ```
     * await AuthInfo.create(AuthInfo.parseSfdxAuthUrl(sfdxAuthUrl));
     * ```
     * @param sfdxAuthUrl
     */
    static parseSfdxAuthUrl(sfdxAuthUrl: string): Pick<AuthFields, 'clientId' | 'clientSecret' | 'refreshToken' | 'loginUrl'>;
    /**
     * Get the username.
     */
    getUsername(): Optional<string>;
    /**
     * Returns true if `this` is using the JWT flow.
     */
    isJwt(): boolean;
    /**
     * Returns true if `this` is using an access token flow.
     */
    isAccessTokenFlow(): boolean;
    /**
     * Returns true if `this` is using the oauth flow.
     */
    isOauth(): boolean;
    /**
     * Returns true if `this` is using the refresh token flow.
     */
    isRefreshTokenFlow(): boolean;
    /**
     * Updates the cache and persists the authentication fields (encrypted).
     *
     * @param authData New data to save.
     */
    save(authData?: AuthFields): Promise<AuthInfo>;
    /**
     * Update the authorization fields, encrypting sensitive fields, but do not persist.
     * For convenience `this` object is returned.
     *
     * @param authData Authorization fields to update.
     * @param encrypt Encrypt the fields.
     */
    update(authData?: AuthFields, encrypt?: boolean): AuthInfo;
    /**
     * Get the auth fields (decrypted) needed to make a connection.
     */
    getConnectionOptions(): ConnectionOptions;
    /**
     * Get the authorization fields.
     *
     * @param decrypt Decrypt the fields.
     */
    getFields(decrypt?: boolean): AuthFields;
    /**
     * Get the org front door (used for web based oauth flows)
     */
    getOrgFrontDoorUrl(): string;
    /**
     * Returns true if this org is using access token auth.
     */
    isUsingAccessToken(): boolean;
    /**
     * Get the SFDX Auth URL.
     *
     * **See** [SFDX Authorization](https://developer.salesforce.com/docs/atlas.en-us.sfdx_cli_reference.meta/sfdx_cli_reference/cli_reference_force_auth.htm#cli_reference_force_auth)
     */
    getSfdxAuthUrl(): string;
    /**
     * Set the defaultusername or the defaultdevhubusername to the alias if
     * it exists otherwise to the username. Method will try to set the local
     * config first but will default to global config if that fails.
     *
     * @param options
     */
    setAsDefault(options: {
        defaultUsername?: boolean;
        defaultDevhubUsername?: boolean;
    }): Promise<void>;
    /**
     * Sets the provided alias to the username
     *
     * @param alias alias to set
     */
    setAlias(alias: string): Promise<void>;
    /**
     * Initializes an instance of the AuthInfo class.
     */
    init(): Promise<void>;
    private getInstanceUrl;
    /**
     * Initialize this AuthInfo instance with the specified options. If options are not provided, initialize it from cache
     * or by reading from the persistence store. For convenience `this` object is returned.
     *
     * @param options Options to be used for creating an OAuth2 instance.
     *
     * **Throws** *{@link SfdxError}{ name: 'NamedOrgNotFound' }* Org information does not exist.
     * @returns {Promise<AuthInfo>}
     */
    private initAuthOptions;
    private loadAuthFromConfig;
    private isTokenOptions;
    private refreshFn;
    private buildJwtConfig;
    private buildRefreshTokenConfig;
    /**
     * Performs an authCode exchange but the Oauth2 feature of jsforce is extended to include a code_challenge
     *
     * @param options The oauth options
     * @param oauth2 The oauth2 extension that includes a code_challenge
     */
    private exchangeToken;
    private retrieveUserInfo;
    /**
     * Given an error while getting the User object, handle different possibilities of response.body.
     *
     * @param response
     * @private
     */
    private throwUserGetException;
}
export declare namespace AuthInfo {
    /**
     * Constructor options for AuthInfo.
     */
    interface Options {
        /**
         * Org signup username.
         */
        username?: string;
        /**
         * OAuth options.
         */
        oauth2Options?: OAuth2Options;
        /**
         * Options for the access token auth.
         */
        accessTokenOptions?: AccessTokenOptions;
        oauth2?: OAuth2;
        /**
         * In certain situations, a new auth info wants to use the connected app
         * information from another parent org. Typically for scratch org or sandbox
         * creation.
         */
        parentUsername?: string;
        isDevHub?: boolean;
    }
}