/** * An interface for establishing and persistenting an authenticated AIMS session. * * @author Kevin Nielsen * @author Barry Skidmore * @author Robert Parker * * @copyright 2019 Alert Logic, Inc. */ import { AIMSUser, AIMSAccount, AIMSAuthentication, AIMSSessionDescriptor, FortraSession } from "../aims-client"; import { AlApiClient, AlClientBeforeRequestEvent } from "../client"; import { AlBehaviorPromise } from "../common/promises"; import { AlCabinet, AlTriggerStream } from "../common/utility"; import { AlEntitlementCollection } from "../subscriptions-client/types"; import { AlActingAccountResolvedEvent } from './events'; interface AuthenticationOptions { actingAccount?: AIMSAccount | string; locationId?: string; } /** * AlSessionInstance maintains session data for a specific session. */ export declare class AlSessionInstance { /** * A stream of events that occur over the lifespan of a user session */ notifyStream: AlTriggerStream; /** * Protected state properties */ protected sessionIsActive: boolean; protected client: AlApiClient; protected sessionData: AIMSSessionDescriptor; /** * Tracks when the acting account is changing (measured as interval between AlActingAccountChangedEvent and AlActingAccountResolvedEvent) * and allows systematic access to the last set of resolved data. */ protected resolvedAccount: AlActingAccountResolvedEvent; protected managedAccounts: AIMSAccount[]; protected resolutionGuard: AlBehaviorPromise; protected detectionGuard: AlBehaviorPromise; protected activeDetectionCycles: number; protected _storage?: AlCabinet; protected get storage(): AlCabinet; /** * List of base locations ("service_stack") that should automatically have X-AIMS-Auth-Token headers added. */ protected authenticatedStacks: string[]; constructor(client?: AlApiClient); reset(flushClientCache?: boolean): void; authenticate(username: string, passphrase: string, options?: AuthenticationOptions): Promise; authenticateWithSessionToken(sessionToken: string, mfaCode: string, options?: AuthenticationOptions): Promise; authenticateWithAccessToken(accessToken: string, options?: AuthenticationOptions): Promise; /** * Sets and persists session data and begins account metadata resolution. * * Successful completion of this action triggers an AlSessionStartedEvent so that non-causal elements of an application can respond to * the change of state. */ setAuthentication(proposal: AIMSSessionDescriptor): Promise; /** * Sets the session's acting account. * * Successful completion of this action triggers an AlActingAccountChangedEvent so that non-causal elements of an application can respond to * the change of effective account and entitlements. * * @param account {string|AIMSAccount} The AIMSAccount object representating the account to focus on. * * @returns A promise that resolves */ setActingAccount(account: string | AIMSAccount): Promise; /** * Sets the 'active' datacenter. This provides a default residency and API stack to interact with. */ setActiveDatacenter(insightLocationId: string): void; /** * Retrieves the 'active' datacenter, falling back on the acting account's or primary account's default_location * as necessary. */ getActiveDatacenter(): string; /** * Convenience function to set token and expiry values * Modelled on /aims/v1/:account_id/account * To be called by AIMS Service */ setTokenInfo(token: string, tokenExpiration: number, fortraIdToken?: string | boolean, fortraRefreshToken?: string): void; /** * Activate Session */ activateSession(): boolean; /** * Deactivate Session */ deactivateSession(): boolean; /** * Is the Session Active? */ isActive(): boolean; /** * Get Session */ getSession(): AIMSSessionDescriptor; /** * Get Fortra IdP Session Descriptor, if present */ getFortraSession(): FortraSession | undefined; /** * Get Authentication */ getAuthentication(): AIMSAuthentication; getPrimaryAccountId(): string; getPrimaryAccount(): AIMSAccount; /** * Get the ID of the acting account (account the user is currently working in) */ getActingAccountId(): string; /** * Get acting Account Name - (account the user is currently working in) */ getActingAccountName(): string; /** * Get Default Location for the acting account */ getActingAccountDefaultLocation(): string; /** * Get Accessible Locations for the acting account */ getActingAccountAccessibleLocations(): string[]; /** * Get the acting account entity in its entirety */ getActingAccount(): AIMSAccount; /** * Get Token */ getToken(): string; /** * Get Token Expiry */ getTokenExpiry(): number; getUser(): AIMSUser; /** * Get User ID */ getUserId(): string; /** * Get User Name */ getUserName(): string; /** * Get User Email */ getUserEmail(): string; /** * @deprecated * Alias for getActingAccountId */ getActingAccountID(): string; getUserID(): string; /** * @deprecated * Please use `getPrimaryAccountId()` instead */ getUserAccountID(): string; /** * @deprecated * Get Accessible Locations for the users account */ getUserAccessibleLocations(): string[]; /** * Convenience method to defer logic until ALSession has reached a stable state. * For the purposes of this service, "ready" is defined as having completed one or more session detection * cycles AND ( user is unauthenticated OR acting account is resolved ). */ ready(): Promise; /** * Convenience method to wait until authentication status and metadata have been resolved. * * PLEASE NOTE: that this async function will not resolve until authentication is complete and subscriptions metadata * has been retrieved and collated; in an unauthenticated context, it will never resolve! */ resolved(): Promise; /** * Retrieves the primary account's entitlements, or null if there is no session. */ getPrimaryEntitlementsSync(): AlEntitlementCollection | null; /** * Convenience method to retrieve the entitlements for the primary account. * See caveats for `AlSession.authenticated` method, which also apply to this method. */ getPrimaryEntitlements(): Promise; /** * Sets primary entitlements. */ setPrimaryEntitlements(collection: AlEntitlementCollection): void; /** * Retrieves the acting account's entitlements, or null if there is no session. */ getEffectiveEntitlementsSync(): AlEntitlementCollection | null; /** * Convenience method to retrieve the entitlements for the current acting account. * See caveats for `AlSession.authenticated` method, which also apply to this method. */ getEffectiveEntitlements(): Promise; /** * Sets effective entitlements. */ setEffectiveEntitlements(collection: AlEntitlementCollection): void; /** * Get the data retention period in months based on the product's entitlement. * If the entitlement is not available or the unit is unrecognized, the default value is used. * @returns {number} The data retention period in months. */ getDataRetetionPeriod(): number; /** * Convenience method to retrieve the array of accounts managed by the current acting account (or a specific * other account, if specified).. * See caveats for `AlSession.authenticated` method, which also apply to this method. */ getManagedAccounts(accountId?: string): Promise; /** * Allows an external mechanism to indicate that it is detecting a session. */ startDetection(): void; /** * Allows an external mechanism to indicate that it is done detecting a session. */ endDetection(): void; /** * Private Internal/Utility Methods */ protected restoreSession(session: AIMSSessionDescriptor): Promise; protected mergeSessionOptions(session: AIMSSessionDescriptor, options: AuthenticationOptions): Promise; protected onBeforeRequest: (event: AlClientBeforeRequestEvent) => void; /** * Get the current timestamp (seconds since the epoch) */ protected getCurrentTimestamp(): number; /** * A utility method to resolve a partially populated AlActingAccountResolvedEvent instance. * * This method will retrieve the full account details, managed accounts, and entitlements for this account * and then emit an AlActingAccountResolvedEvent through the session's notifyStream. */ protected resolveActingAccount(account: AIMSAccount): Promise; } export declare const AlSession: AlSessionInstance; export {};