| 1 | {"version":3,"file":"AppAuth.types.js","sourceRoot":"","sources":["../src/AppAuth.types.ts"],"names":[],"mappings":"","sourcesContent":["export type OAuthServiceConfiguration = {\n revocationEndpoint?: string;\n authorizationEndpoint?: string;\n registrationEndpoint?: string;\n tokenEndpoint: string;\n};\n\n/* ASCII string value that specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User. */\nexport type OAuthDisplayParameter = 'page' | 'popup' | 'touch' | 'wap';\n\n/*\n * Space delimited, case sensitive list of ASCII string values that specifies whether the Authorization\n * Server prompts the End-User for reauthentication and consent.\n */\nexport type OAuthPromptParameter = 'none' | 'login' | 'consent' | 'select_account';\n\n/*\n * String value used to associate a Client session with an ID Token, and to mitigate replay attacks.\n * The value is passed through unmodified from the Authentication Request to the ID Token.\n * Sufficient entropy MUST be present in the nonce values used to prevent attackers from guessing values.\n * For implementation notes, see: https://openid.net/specs/openid-connect-core-1_0.html#NonceNotes\n */\nexport type OAuthNonceParameter = string;\n\n/*\n * End-User's preferred languages and scripts for the user interface,\n * represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.\n * For instance, the value \"fr-CA fr en\" represents a preference for French as spoken in Canada, then French (without a region designation),\n * followed by English (without a region designation).\n * An error SHOULD NOT result if some or all of the requested locales are not supported by the OpenID Provider.\n */\nexport type OAuthUILocalesParameter = string;\n\n/*\n * ID Token previously issued by the Authorization Server being passed as a\n * hint about the End-User's current or past authenticated session with the Client.\n * If the End-User identified by the ID Token is logged in or is logged in by the\n * request, then the Authorization Server returns a positive response; otherwise,\n * it SHOULD return an error, such as login_required.\n * When possible, an id_token_hint SHOULD be present when prompt=none is used and an\n * invalid_request error MAY be returned if it is not; however, the server\n * SHOULD respond successfully when possible, even if it is not present.\n * The Authorization Server need not be listed as an audience of the ID\n * Token when it is used as an id_token_hint value.\n * If the ID Token received by the RP from the OP is encrypted, to use it as an\n * `id_token_hint`, the Client MUST decrypt the signed ID Token contained within the\n * encrypted ID Token.\n * The Client MAY re-encrypt the signed ID token to the Authentication Server using\n * a key that enables the server to decrypt the ID Token, and use the re-encrypted\n * ID token as the `id_token_hint` value.\n */\nexport type OAuthIDTokenHintParameter = string;\n\n/*\n * Maximum Authentication Age.\n * Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated by the OP.\n * If the elapsed time is greater than this value, the OP MUST attempt to actively re-authenticate the End-User.\n * (The max_age request parameter corresponds to the OpenID 2.0\n * https://openid.net/specs/openid-connect-core-1_0.html#OpenID.PAPE `max_auth_age` request parameter.)\n * When max_age is used, the ID Token returned MUST include an auth_time Claim Value.\n */\nexport type OAuthMaxAgeParameter = string;\n\n/*\n * Hint to the Authorization Server about the login identifier the End-User\n * might use to log in (if necessary).\n * This hint can be used by an RP if it first asks the End-User for their\n * e-mail address (or other identifier) and then wants to pass that value\n * as a hint to the discovered authorization service.\n * It is RECOMMENDED that the hint value match the value used for discovery.\n * This value MAY also be a phone number in the format specified for the\n * `phone_number` Claim.\n * The use of this parameter is left to the OP's discretion.\n */\nexport type OAuthLoginHintParameter = string;\n\n/*\n * Requested Authentication Context Class Reference values.\n * Space-separated string that specifies the acr values that the Authorization Server\n * is being requested to use for processing this Authentication Request, with the\n * values appearing in order of preference.\n * The Authentication Context Class satisfied by the authentication performed is\n * returned as the acr Claim Value, as specified in Section 2.\n * The acr Claim is requested as a Voluntary Claim by this parameter.\n */\nexport type OAuthACRValuesParameter = string;\n\nexport type OAuthParameters = {\n nonce?: OAuthNonceParameter;\n display?: OAuthDisplayParameter;\n prompt?: OAuthPromptParameter;\n max_age?: OAuthMaxAgeParameter;\n ui_locales?: OAuthUILocalesParameter;\n id_token_hint?: OAuthIDTokenHintParameter;\n login_hint?: OAuthLoginHintParameter;\n acr_values?: OAuthACRValuesParameter;\n [key: string]: any;\n};\n\nexport type OAuthBaseProps = {\n clientId: string;\n issuer: string;\n serviceConfiguration?: OAuthServiceConfiguration;\n};\n\nexport type OAuthProps = OAuthBaseProps & {\n redirectUrl?: string;\n clientSecret?: string;\n scopes?: Array<string>;\n additionalParameters?: OAuthParameters;\n canMakeInsecureRequests?: boolean;\n isRefresh?: boolean;\n refreshToken?: string;\n};\n\nexport type OAuthRevokeOptions = {\n token: string;\n isClientIdProvided?: boolean;\n};\n\nexport type TokenResponse = {\n accessToken: string | null;\n accessTokenExpirationDate: string | null;\n additionalParameters: { [key: string]: any } | null;\n idToken: string | null;\n tokenType: string | null;\n refreshToken: string | null;\n};\n"]} |