import { GetConfigQuery, GetConnectionsQuery, DelConnectionsQuery, IConnectionAPIController, SAMLSSOConnectionWithEncodedMetadata, SAMLSSOConnectionWithRawMetadata, OIDCSSOConnectionWithDiscoveryUrl, OIDCSSOConnectionWithMetadata, SAMLSSORecord, OIDCSSORecord, GetIDPEntityIDBody, UpdateSAMLConnectionParams, UpdateOIDCConnectionParams, GetByProductParams, Index } from '../typings'; export declare class ConnectionAPIController implements IConnectionAPIController { private connectionStore; private opts; private eventController; constructor({ connectionStore, opts, eventController }: { connectionStore: any; opts: any; eventController: any; }); /** * @openapi * components: * schemas: * Connection: * type: object * properties: * clientID: * type: string * description: Connection clientID * clientSecret: * type: string * description: Connection clientSecret * name: * type: string * description: Connection name * label: * type: string * description: Connection label * description: * type: string * description: Connection description * redirectUrl: * type: array * items: * type: string * description: A list of allowed redirect URLs * defaultRedirectUrl: * type: string * description: The redirect URL to use in the IdP login flow * tenant: * type: string * description: Connection tenant * product: * type: string * description: Connection product * idpMetadata: * type: object * properties: {} * description: SAML IdP metadata * oidcProvider: * type: object * properties: {} * description: OIDC IdP metadata * deactivated: * type: boolean * description: Connection status * sortOrder: * type: number * description: Connection sort order * acsUrlOverride: * type: string * description: Override the global ACS URL on a per connection basis * samlAudienceOverride: * type: string * description: Override the global SAML Audience on a per connection basis * example: * idpMetadata: * sso: * postUrl: https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxsso/saml * redirectUrl: https://dev-20901260.okta.com/app/dev-20901260_jacksonnext_1/xxxxxxxxxxxsso/saml * entityID: http://www.okta.com/xxxxxxxxxxxxx * thumbprint: Eo+eUi3UM3XIMkFFtdVK3yJ5vO9f7YZdasdasdad * loginType: idp * provider: okta.com * defaultRedirectUrl: http://localhost:3000/default * redirectUrl: * - http://localhost:3000/default * tenant: example.com * product: API Engine * name: Hoppscotch-SP * description: SP for example.com * clientID: Xq8AJt3yYAxmXizsCWmUBDRiVP1iTC8Y/otnvFIMitk * clientSecret: 00e3e11a3426f97d8000000738300009130cd45419c5943 * deactivated: false * validationErrorsPost: * description: Please provide rawMetadata or encodedRawMetadata | Please provide a defaultRedirectUrl | Please provide redirectUrl | redirectUrl is invalid | Exceeded maximum number of allowed redirect urls | defaultRedirectUrl is invalid | Please provide tenant | Please provide product | Please provide a friendly name | Description should not exceed 100 characters | Strategy: xxxx not supported | Please provide the clientId from OpenID Provider | Please provide the clientSecret from OpenID Provider | Please provide the discoveryUrl for the OpenID Provider * validationErrorsPatch: * description: Please provide clientID/clientSecret | clientSecret mismatch | Tenant/Product config mismatch with IdP metadata | Description should not exceed 100 characters| redirectUrl is invalid | Exceeded maximum number of allowed redirect urls | defaultRedirectUrl is invalid | Tenant/Product config mismatch with OIDC Provider metadata * responses: * 200Get: * description: Success * content: * application/json: * schema: * type: array * items: * $ref: "#/components/schemas/Connection" * 400Get: * description: Please provide a `product`. * content: {} * 401Get: * description: Unauthorized * content: {} * 200GetByProduct: * description: Success * content: * application/json: * schema: * type: array * items: * $ref: "#/components/schemas/Connection" * parameters: * tenantParamGet: * name: tenant * in: query * description: Tenant * required: true * schema: * type: string * productParamGet: * name: product * in: query * description: Product * required: true * schema: * type: string * clientIDParamGet: * name: clientID * in: query * description: Client ID (Optional if tenant/product provided) * schema: * type: string * strategyParamGet: * name: strategy * in: query * description: Strategy which can help to filter connections with tenant/product query * schema: * type: string * sortParamGet: * name: sort * in: query * description: If present, the connections will be sorted by `sortOrder`. It won't consider if pagination is used. * schema: * type: string * clientIDDel: * name: clientID * in: query * description: Client ID (Optional if tenant/product provided) * schema: * type: string * clientSecretDel: * name: clientSecret * in: query * description: Client Secret (Optional if tenant/product provided) * schema: * type: string * tenantDel: * name: tenant * in: query * description: Tenant (Optional if clientID/Secret provided) * schema: * type: string * productDel: * name: product * in: query * description: Product (Optional if clientID/Secret provided) * schema: * type: string * strategyDel: * name: strategy * in: query * description: Strategy which can help to filter connections with tenant/product query * schema: * type: string * securitySchemes: * apiKey: * type: apiKey * name: Authorization * in: header * */ /** * * @openapi * /api/v1/sso: * post: * tags: * - Single Sign-On * summary: Create SSO connection * operationId: create-sso-connection * requestBody: * content: * application/json: * schema: * required: * - defaultRedirectUrl * - product * - redirectUrl * - tenant * type: object * properties: * name: * type: string * description: Name of connection * label: * type: string * description: An internal label to identify the connection * description: * type: string * description: A short description for the connection not more than 100 characters * encodedRawMetadata: * type: string * description: Base64 encoding of the XML metadata * rawMetadata: * type: string * description: Raw XML metadata * metadataUrl: * type: string * description: URL containing raw XML metadata * defaultRedirectUrl: * type: string * description: The redirect URL to use in the IdP login flow * redirectUrl: * type: array * items: * type: string * description: JSON encoded array containing a list of allowed redirect URLs * tenant: * type: string * description: Tenant * product: * type: string * description: Product * oidcDiscoveryUrl: * type: string * description: well-known URL where the OpenID Provider configuration is exposed * oidcMetadata: * type: string * description: metadata (JSON) for the OpenID Provider in the absence of discoveryUrl * oidcClientId: * type: string * description: clientId of the application set up on the OpenID Provider * oidcClientSecret: * type: string * description: clientSecret of the application set up on the OpenID Provider * sortOrder: * type: number * description: Indicate the position of the connection in the IdP selection screen * acsUrlOverride: * type: string * description: Override the global ACS URL on a per connection basis * samlAudienceOverride: * type: string * description: Override the global SAML Audience on a per connection basis * forceAuthn: * type: boolean * description: Require a new authentication instead of reusing an existing session. * required: true * responses: * "200": * description: Success * content: * application/json: * schema: * $ref: "#/components/schemas/Connection" * "400": * $ref: "#/components/schemas/validationErrorsPost" * "401": * description: Unauthorized * x-ory-ratelimit-bucket: polis-public-medium */ createSAMLConnection(body: SAMLSSOConnectionWithEncodedMetadata | SAMLSSOConnectionWithRawMetadata): Promise; config(...args: Parameters): Promise; createOIDCConnection(body: OIDCSSOConnectionWithDiscoveryUrl | OIDCSSOConnectionWithMetadata): Promise; /** * @openapi * /api/v1/sso: * patch: * tags: * - Single Sign-On * summary: Update SSO Connection * operationId: update-sso-connection * requestBody: * content: * application/json: * schema: * required: * - clientID * - clientSecret * - product * - tenant * type: object * properties: * clientID: * type: string * description: Client ID for the connection * clientSecret: * type: string * description: Client Secret for the connection * name: * type: string * description: Name/identifier for the connection * label: * type: string * description: An internal label to identify the connection * description: * type: string * description: A short description for the connection not more than 100 characters * encodedRawMetadata: * type: string * description: Base64 encoding of the XML metadata * rawMetadata: * type: string * description: Raw XML metadata * metadataUrl: * type: string * description: URL containing raw XML metadata * oidcDiscoveryUrl: * type: string * description: well-known URL where the OpenID Provider configuration is exposed * oidcMetadata: * type: string * description: metadata (JSON) for the OpenID Provider in the absence of discoveryUrl * oidcClientId: * type: string * description: clientId of the application set up on the OpenID Provider * oidcClientSecret: * type: string * description: clientSecret of the application set up on the OpenID Provider * defaultRedirectUrl: * type: string * description: The redirect URL to use in the IdP login flow * redirectUrl: * type: array * items: * type: string * description: JSON encoded array containing a list of allowed redirect URLs * tenant: * type: string * description: Tenant * product: * type: string * description: Product * deactivated: * type: boolean * description: Connection status * sortOrder: * type: number * description: Indicate the position of the connection in the IdP selection screen * acsUrlOverride: * type: string * description: Override the global ACS URL on a per connection basis * samlAudienceOverride: * type: string * description: Override the global SAML Audience on a per connection basis * forceAuthn: * type: boolean * description: Require a new authentication instead of reusing an existing session. * required: true * responses: * "200": * description: Success * content: * application/json: * schema: * $ref: "#/components/schemas/Connection" * "204": * description: Success * content: {} * "400": * $ref: "#/components/schemas/validationErrorsPatch" * "401": * description: Unauthorized * content: {} * "500": * description: Please set OpenID response handler path (oidcPath) on Jackson * content: {} * x-ory-ratelimit-bucket: polis-public-medium */ updateSAMLConnection(body: UpdateSAMLConnectionParams): Promise; updateConfig(...args: Parameters): Promise; updateOIDCConnection(body: UpdateOIDCConnectionParams): Promise; getIDPEntityID(body: GetIDPEntityIDBody): string; /** * @openapi * /api/v1/sso: * get: * tags: * - Single Sign-On * summary: Get SSO Connections * operationId: get-connections * parameters: * - name: tenant * in: query * description: Tenant * required: true * schema: * type: string * - name: product * in: query * description: Product * required: true * schema: * type: string * - name: clientID * in: query * description: Client ID (Optional if tenant/product provided) * schema: * type: string * - name: strategy * in: query * description: Strategy which can help to filter connections with tenant/product query * schema: * type: string * - name: sort * in: query * description: If present, the connections will be sorted by `sortOrder`. It won't consider if pagination is used. * schema: * type: string * responses: * "200": * $ref: '#/components/responses/200Get' * "400": * $ref: '#/components/responses/400Get' * "401": * $ref: '#/components/responses/401Get' * x-ory-ratelimit-bucket: polis-public-low */ getConnections(body: GetConnectionsQuery): Promise>; getConfig(body: GetConfigQuery): Promise>; /** * @openapi * /api/v1/sso: * delete: * tags: * - Single Sign-On * summary: Delete SSO Connections * operationId: delete-sso-connection * parameters: * - name: clientID * in: query * description: Client ID (Optional if tenant/product provided) * schema: * type: string * - name: clientSecret * in: query * description: Client Secret (Optional if tenant/product provided) * schema: * type: string * - name: tenant * in: query * description: Tenant (Optional if clientID/Secret provided) * schema: * type: string * - name: product * in: query * description: Product (Optional if clientID/Secret provided) * schema: * type: string * - name: strategy * in: query * description: Strategy which can help to filter connections with tenant/product query * schema: * type: string * responses: * '200': * description: Success * '400': * description: clientSecret mismatch | Please provide `clientID` and `clientSecret` or `tenant` and `product`. * '401': * description: Unauthorized * x-ory-ratelimit-bucket: polis-public-medium */ deleteConnections(body: DelConnectionsQuery): Promise; deleteConfig(body: DelConnectionsQuery): Promise; /** * @openapi * /api/v1/sso/product: * get: * tags: * - Single Sign-On * summary: Get SSO Connections by product * operationId: get-connections-by-product * parameters: * - $ref: '#/components/parameters/productParamGet' * - $ref: '#/components/parameters/pageOffset' * - $ref: '#/components/parameters/pageLimit' * - $ref: '#/components/parameters/pageToken' * responses: * '200': * $ref: '#/components/responses/200GetByProduct' * '400': * $ref: '#/components/responses/400Get' * '401': * $ref: '#/components/responses/401Get' * x-ory-ratelimit-bucket: polis-public-low */ getConnectionsByProduct(body: GetByProductParams): Promise<{ data: (SAMLSSORecord | OIDCSSORecord)[]; pageToken?: string; }>; getCount(idx?: Index): Promise; }