import { ExchangeAuthorizationCodeResult, ExchangeRefreshTokenResult } from './oidc-functions.js'; import { RefreshTokenManager } from './refresh-token-manager.js'; import { AxiosInstance } from 'axios'; import { FlowClient } from './flow-client.js'; import { JWTPayload } from 'jose'; import { JwtVerifier } from './jwt-helper.js'; /** * Base configuration options for AuthorizationCodeFlow. */ export interface BaseAuthorizationCodeFlowConfig { /** * The domain to use for making requests. */ readonly authSureDomain: string; /** * The client to use for making requests. If not specified, a new client will be created. */ readonly client?: AxiosInstance; /** * The client ID to use. */ readonly clientId: string; /** * The state to use. If not specified, a random state will be generated. */ readonly state?: string; /** * The redirect URI to use. If not specified the default redirect URI configured for the client or flow will be used. */ readonly redirectUri?: string; /** * The provider to use. If not specified, the user will be prompted to select a provider. */ readonly provider?: string; /** * The login hint to use. This is used by Google and Microsoft providers to prefill in the email address. */ readonly loginHint?: string; /** * The prompt to use. This is used by Google and Microsoft providers to prevent account selection when set to 'none'. */ readonly prompt?: string; /** * The flow to use. If not specified, the client configured flow or the default flow will be used. */ readonly flow?: string; /** * The number of seconds before the access token expires to refresh the access token. Default is 60 seconds. * * @default 60 */ readonly refreshBufferSeconds?: number; /** * Disable the background refresh of the access token. Default is false. * * @default false */ readonly disableBackgroundRefresh?: boolean; /** * The scopes to use. */ readonly scope?: string | string[]; /** * The jwt verifier to use or the properties to create a new jwt verifier. */ readonly jwtVerifier?: JwtVerifier; } /** * Configuration options enable AuthorizationCodeFlow. */ export interface AuthorizationCodeFlowConfig extends BaseAuthorizationCodeFlowConfig { /** * The client secret to use. */ readonly clientSecret: string; } /** * Returns true if the config is for an authorization code flow. * * @param config the config to check */ export declare function isAuthorizationCodeFlowConfig(config: AuthorizationCodeFlowConfig | AuthorizationCodeFlowPkceConfig): config is AuthorizationCodeFlowPkceConfig; /** * Configuration options enable AuthorizationCodeFlow with PKCE. */ export type AuthorizationCodeFlowPkceConfig = BaseAuthorizationCodeFlowConfig; /** * Returns true if the config is for an authorization code flow with PKCE. * * @param config the config to check */ export declare function isAuthorizationCodeFlowPkceConfig(config: AuthorizationCodeFlowConfig | AuthorizationCodeFlowPkceConfig): config is AuthorizationCodeFlowPkceConfig; /** * Client for the Authorization Code flow. */ export declare class AuthorizationCodeFlowClient extends FlowClient { protected config: AuthorizationCodeFlowConfig | AuthorizationCodeFlowPkceConfig; protected state?: string; protected nonce?: string; protected scope?: string | string[]; protected codeVerifier?: string; protected result?: ExchangeAuthorizationCodeResult | ExchangeRefreshTokenResult; protected idToken?: string; protected payload?: JWTPayload; protected refreshTokenManager?: RefreshTokenManager; protected jwtVerifier: JwtVerifier; constructor(config: AuthorizationCodeFlowConfig | AuthorizationCodeFlowPkceConfig); getAuthorizationUrl(): string; exchange(queryString: URLSearchParams): Promise; refresh(): Promise; getIdTokenPayload(): JWTPayload; getTokens(): ExchangeAuthorizationCodeResult; close(): void; } //# sourceMappingURL=authorization-code-flow-client.d.ts.map