* Updating clients with new domain and APIs

voidmain · voidmain · commit 25d8e04b00ee · 2022-08-09T13:09:38.000-06:00
* Removing "Servlet" references
  * Removing Prime Mock (not needed now)
  * Java client now uses the client and domain from fusionauth-app with some removal of internal junk
diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2019, FusionAuth, All Rights Reserved
+* Copyright (c) 2019-2022, FusionAuth, All Rights Reserved
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@@ -154,9 +154,9 @@ export class FusionAuthClient {
   /**
    * Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
    * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
-   * your password, you must obtain a Truest Token by completing a Two-Factor Step-Up authentication.
+   * your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication.
    * 
-   * An HTTP status code of 412 indicates that a Trust Token is required to make a POST request to this API.
+   * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
    *
    * @param {string} changePasswordId The change password Id used to find the user. This value is generated by FusionAuth once the change password workflow has been initiated.
    * @returns {Promise<ClientResponse<void>>}
@@ -172,9 +172,9 @@ export class FusionAuthClient {
   /**
    * Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
    * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
-   * your password, you must obtain a Truest Token by completing a Two-Factor Step-Up authentication.
+   * your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication.
    * 
-   * An HTTP status code of 412 indicates that a Trust Token is required to make a POST request to this API.
+   * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
    *
    * @param {string} encodedJWT The encoded JWT (access token).
    * @returns {Promise<ClientResponse<void>>}
@@ -190,9 +190,9 @@ export class FusionAuthClient {
   /**
    * Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
    * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
-   * your password, you must obtain a Truest Request Id by completing a Two-Factor Step-Up authentication.
+   * your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication.
    * 
-   * An HTTP status code of 412 indicates that a Trust Token is required to make a POST request to this API.
+   * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
    *
    * @param {string} loginId The loginId of the User that you intend to change the password for.
    * @returns {Promise<ClientResponse<void>>}
@@ -1728,6 +1728,23 @@ export class FusionAuthClient {
         .go();
   }
 
+  /**
+   * Sends a ping to FusionAuth indicating that the user was automatically logged into an application. When using
+   * FusionAuth's SSO or your own, you should call this if the user is already logged in centrally, but accesses an
+   * application where they no longer have a session. This helps correctly track login counts, times and helps with
+   * reporting.
+   *
+   * @param {LoginPingRequest} request The login request that contains the user credentials used to log them in.
+   * @returns {Promise<ClientResponse<LoginResponse>>}
+   */
+  loginPingWithRequest(request: LoginPingRequest): Promise<ClientResponse<LoginResponse>> {
+    return this.start<LoginResponse, Errors>()
+        .withUri('/api/login')
+        .withJSONBody(request)
+        .withMethod("PUT")
+        .go();
+  }
+
   /**
    * The Logout API is intended to be used to remove the refresh token and access token cookies if they exist on the
    * client and revoke the refresh token stored. This API does nothing if the request does not contain an access
@@ -3364,6 +3381,27 @@ export class FusionAuthClient {
         .go();
   }
 
+  /**
+   * Retrieve a user's two-factor status.
+   * 
+   * This can be used to see if a user will need to complete a two-factor challenge to complete a login,
+   * and optionally identify the state of the two-factor trust across various applications.
+   *
+   * @param {UUID} userId The user Id to retrieve the Two-Factor status.
+   * @param {UUID} applicationId The optional applicationId to verify.
+   * @param {string} twoFactorTrustId The optional two-factor trust Id to verify.
+   * @returns {Promise<ClientResponse<TwoFactorStatusResponse>>}
+   */
+  retrieveTwoFactorStatus(userId: UUID, applicationId: UUID, twoFactorTrustId: string): Promise<ClientResponse<TwoFactorStatusResponse>> {
+    return this.start<TwoFactorStatusResponse, Errors>()
+        .withUri('/api/two-factor/status')
+        .withParameter('userId', userId)
+        .withParameter('applicationId', applicationId)
+        .withUriSegment(twoFactorTrustId)
+        .withMethod("GET")
+        .go();
+  }
+
   /**
    * Retrieves the user for the given Id.
    *
@@ -4879,6 +4917,7 @@ export interface AccessToken {
   expires_in?: number;
   id_token?: string;
   refresh_token?: string;
+  refresh_token_id?: UUID;
   scope?: string;
   token_type?: TokenType;
   userId?: UUID;
@@ -4929,6 +4968,9 @@ export enum Algorithm {
   HS256 = "HS256",
   HS384 = "HS384",
   HS512 = "HS512",
+  PS256 = "PS256",
+  PS384 = "PS384",
+  PS512 = "PS512",
   RS256 = "RS256",
   RS384 = "RS384",
   RS512 = "RS512",
@@ -5011,6 +5053,7 @@ export interface Application {
   cleanSpeakConfiguration?: CleanSpeakConfiguration;
   data?: Record<string, any>;
   emailConfiguration?: ApplicationEmailConfiguration;
+  externalIdentifierConfiguration?: ApplicationExternalIdentifierConfiguration;
   formConfiguration?: ApplicationFormConfiguration;
   id?: UUID;
   insertInstant?: number;
@@ -5060,11 +5103,10 @@ export interface ApplicationEmailConfiguration {
 }
 
 /**
- * Events that are bound to applications.
- *
- * @author Brian Pontarelli
+ * @author Daniel DeGroff
  */
-export interface ApplicationEvent {
+export interface ApplicationExternalIdentifierConfiguration {
+  twoFactorTrustIdTimeToLiveInSeconds?: number;
 }
 
 /**
@@ -5080,7 +5122,18 @@ export interface ApplicationFormConfiguration {
  */
 export interface ApplicationMultiFactorConfiguration {
   email?: MultiFactorEmailTemplate;
+  loginPolicy?: MultiFactorLoginPolicy;
   sms?: MultiFactorSMSTemplate;
+  trustPolicy?: ApplicationMultiFactorTrustPolicy;
+}
+
+/**
+ * @author Daniel DeGroff
+ */
+export enum ApplicationMultiFactorTrustPolicy {
+  Any = "Any",
+  This = "This",
+  None = "None"
 }
 
 /**
@@ -5100,7 +5153,6 @@ export interface ApplicationRegistrationDeletePolicy {
 export interface ApplicationRequest extends BaseEventRequest {
   application?: Application;
   role?: ApplicationRole;
-  webhookIds?: Array<UUID>;
 }
 
 /**
@@ -5278,6 +5330,7 @@ export interface BaseElasticSearchCriteria extends BaseSearchCriteria {
  * @author Brian Pontarelli
  */
 export interface BaseEvent {
+  applicationIds?: Array<UUID>;
   createInstant?: number;
   id?: UUID;
   info?: EventInfo;
@@ -5706,6 +5759,7 @@ export interface EmailAddress {
  */
 export interface EmailConfiguration {
   additionalHeaders?: Array<EmailHeader>;
+  debug?: boolean;
   defaultFromEmail?: string;
   defaultFromName?: string;
   emailUpdateEmailTemplateId?: UUID;
@@ -6800,6 +6854,7 @@ export interface IdentityProviderLink {
  */
 export enum IdentityProviderLinkingStrategy {
   CreatePendingLink = "CreatePendingLink",
+  Disabled = "Disabled",
   LinkAnonymously = "LinkAnonymously",
   LinkByEmail = "LinkByEmail",
   LinkByEmailForExistingUser = "LinkByEmailForExistingUser",
@@ -7141,7 +7196,6 @@ export interface JWTConfiguration extends Enableable {
  * @author Brian Pontarelli
  */
 export interface JWTPublicKeyUpdateEvent extends BaseEvent {
-  applicationIds?: Array<UUID>;
 }
 
 /**
@@ -7160,12 +7214,14 @@ export interface JWTRefreshEvent extends BaseEvent {
 /**
  * API response for refreshing a JWT with a Refresh Token.
  * <p>
- * Using a different response object from RefreshTokenResponse because the retrieve response will return an object for refreshToken, and this is a string.
+ * Using a different response object from RefreshTokenResponse because the retrieve response will return an object for refreshToken, and this is a
+ * string.
  *
  * @author Daniel DeGroff
  */
 export interface JWTRefreshResponse {
   refreshToken?: string;
+  refreshTokenId?: UUID;
   token?: string;
 }
 
@@ -7178,6 +7234,7 @@ export interface JWTRefreshResponse {
 export interface JWTRefreshTokenRevokeEvent extends BaseEvent {
   applicationId?: UUID;
   applicationTimeToLiveInSeconds?: Record<UUID, number>;
+  refreshToken?: RefreshToken;
   user?: User;
   userId?: UUID;
 }
@@ -7479,6 +7536,15 @@ export enum LoginIdType {
   username = "username"
 }
 
+/**
+ * Login Ping API request object.
+ *
+ * @author Daniel DeGroff
+ */
+export interface LoginPingRequest extends BaseLoginRequest {
+  userId?: UUID;
+}
+
 /**
  * The summary of the action that is preventing login to be returned on the login response.
  *
@@ -7569,6 +7635,7 @@ export interface LoginResponse {
   methods?: Array<TwoFactorMethod>;
   pendingIdPLinkId?: string;
   refreshToken?: string;
+  refreshTokenId?: UUID;
   registrationVerificationId?: string;
   state?: Record<string, any>;
   threatsDetected?: Array<AuthenticationThreats>;
@@ -7761,6 +7828,14 @@ export interface MultiFactorEmailTemplate {
   templateId?: UUID;
 }
 
+/**
+ * @author Daniel DeGroff
+ */
+export enum MultiFactorLoginPolicy {
+  Disabled = "Disabled",
+  Enabled = "Enabled"
+}
+
 export interface MultiFactorSMSMethod extends Enableable {
   messengerId?: UUID;
   templateId?: UUID;
@@ -8225,11 +8300,13 @@ export interface ReactorStatus {
   advancedLambdas?: ReactorFeatureStatus;
   advancedMultiFactorAuthentication?: ReactorFeatureStatus;
   advancedRegistration?: ReactorFeatureStatus;
+  applicationMultiFactorAuthentication?: ReactorFeatureStatus;
   applicationThemes?: ReactorFeatureStatus;
   breachedPasswordDetection?: ReactorFeatureStatus;
   connectors?: ReactorFeatureStatus;
   entityManagement?: ReactorFeatureStatus;
   expiration?: string;
+  licenseAttributes?: Record<string, string>;
   licensed?: boolean;
   scimServer?: ReactorFeatureStatus;
   threatDetection?: ReactorFeatureStatus;
@@ -8899,6 +8976,7 @@ export interface TenantLoginConfiguration {
 export interface TenantMultiFactorConfiguration {
   authenticator?: MultiFactorAuthenticatorMethod;
   email?: MultiFactorEmailMethod;
+  loginPolicy?: MultiFactorLoginPolicy;
   sms?: MultiFactorSMSMethod;
 }
 
@@ -8931,6 +9009,7 @@ export interface TenantRegistrationConfiguration {
 export interface TenantRequest extends BaseEventRequest {
   sourceTenantId?: UUID;
   tenant?: Tenant;
+  webhookIds?: Array<UUID>;
 }
 
 /**
@@ -9239,6 +9318,20 @@ export interface TwoFactorStartResponse {
   twoFactorId?: string;
 }
 
+/**
+ * @author Daniel DeGroff
+ */
+export interface TwoFactorStatusResponse {
+  trusts?: Array<TwoFactorTrust>;
+  twoFactorTrustId?: string;
+}
+
+export interface TwoFactorTrust {
+  applicationId?: UUID;
+  expiration?: number;
+  startInstant?: number;
+}
+
 export interface UIConfiguration {
   headerColor?: string;
   logoURL?: string;
@@ -9330,7 +9423,6 @@ export interface UserActionEvent extends BaseEvent {
   actioneeUserId?: UUID;
   actionerUserId?: UUID;
   actionId?: UUID;
-  applicationIds?: Array<UUID>;
   comment?: string;
   email?: Email;
   emailedUser?: boolean;
@@ -10036,7 +10128,6 @@ export interface VersionResponse {
  * @author Brian Pontarelli
  */
 export interface Webhook {
-  applicationIds?: Array<UUID>;
   connectTimeout?: number;
   data?: Record<string, any>;
   description?: string;
@@ -10050,6 +10141,7 @@ export interface Webhook {
   lastUpdateInstant?: number;
   readTimeout?: number;
   sslCertificate?: string;
+  tenantIds?: Array<UUID>;
   url?: string;
 }
 
