-
Notifications
You must be signed in to change notification settings - Fork 118
/
Copy pathIOAuth2.ts
134 lines (126 loc) · 3.87 KB
/
IOAuth2.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
import { IConfigurationExtend, IHttp, IModify, IPersistence, IRead } from '../accessors';
import { IUser } from '../users/IUser';
/**
* Authorization data as provided after
* token exchange
*/
export interface IAuthData {
/**
* Access token from application
*/
token: string;
/**
* The token's expiration time in seconds
*/
expiresAt: number;
/**
* Scope(s) authorized by the user.
*
* Format can change depending on provider, but usually
* when there are more than one scope, they are separated
* by a white-space caracter
*/
scope: string;
/**
* A token that can be used to request a new access token
* when the current one has expired.
*
* Not all providers have a refresh token.
*/
refreshToken?: string;
}
/**
* Options passed to the OAuth2Client object during instantiation.
* Describes URLs of the authorization service and optional behavior
* for when user responds to the authorization prompt
*/
export interface IOAuth2ClientOptions {
/**
* Alias for the client. This is used to identify the client's resources.
* It is used to avoid overwriting other clients' settings or endpoints
* when there are multiple.
*/
alias: string;
/**
* URI to request an access token from
*/
accessTokenUri: string;
/**
* URI to redirect user for them to authorize access
* by the application
*/
authUri: string;
/**
* URI to request a refreshed access token for user
*/
refreshTokenUri: string;
/**
* URI to revoke an access token for the user
*/
revokeTokenUri: string;
/**
* Default scopes to be used when requesting access
*/
defaultScopes?: Array<string>;
/**
* A function that will be executed when the auth
* service redirects the user back to our endpoint.
*/
authorizationCallback?: (
token: IAuthData | undefined,
user: IUser,
read: IRead,
modify: IModify,
http: IHttp,
persis: IPersistence,
) => Promise<{ responseContent?: string } | undefined>;
}
export interface IOAuth2Client {
/**
* This method will set all necessary configuration for the client
*
* Please note that you will need to provide the i18n strings for the
* settings created. For instance, if you're connecting to Github APIs
* and your `alias = 'github'`, you will need to provide the following
* translations:
*
* ```
* {
* "github-oauth-client-id": "Client ID to connect to Github",
* "github-oauth-clientsecret": "Client secret to connect to Github"
* }
* ```
*
* @param configuration - Configuration extend to set all settings and API endpoints
*/
setup(configuration: IConfigurationExtend): Promise<void>;
/**
* Returns the authorization URL to which the user must
* be redirected to in order to authorize access by the
* application
*
* @param user - User to authenticate
* @param scopes - Scopes that your app needs access to
*/
getUserAuthorizationUrl(user: IUser, scopes?: Array<string>): Promise<URL>;
/**
* Gets the token information for a specific user, if available.
*
* @param user
*/
getAccessTokenForUser(user: IUser): Promise<IAuthData | undefined>;
/**
* Refreshes the user's access token
*
* @param user The user whose token will be refreshed
* @param persis Persistence object dependency
*/
refreshUserAccessToken(user: IUser, persis: IPersistence): Promise<IAuthData | undefined>;
/**
* Revokes user's access token in the service provider
*
* @param user The user whose token will be revoked
* @param persis Persistence object dependency
*/
revokeUserAccessToken(user: IUser, persis: IPersistence): Promise<boolean>;
}