import { NonNullablePaths } from '@wix/sdk-types'; interface RefreshToken { token?: string; } /** * AuthorizeRequest is sent by the client to the authorization server to initiate * the authorization process. */ interface AuthorizeRequest { /** * ID of the Wix OAuth app requesting authorization. * @format GUID */ clientId?: string; /** * Desired authorization [grant type](https://auth0.com/docs/authenticate/protocols/oauth#grant-types). * * Supported values: * + `code`: The endpoint returns an authorization code that can be used to obtain an access token. * @minLength 1 */ responseType?: string; /** * URI to redirect the browser to after authentication and authorization. The browser is redirected to this URI whether the authentication and authorization process is successful or not. * @minLength 1 */ redirectUri?: string | null; /** * Desired scope of access. If this field is left empty, only an access token is granted. * To received a refresh token, pass `offline_access` as the value of this field. */ scope?: string | null; /** * A value used to confirm the state of an application before and after it makes an authorization * request. If a value for this field is set in the request, it's added to the `redirectUri` when the browser * is redirected there. * Learn more about [using the state parameter](https://auth0.com/docs/secure/attack-protection/state-parameters). * @minLength 1 */ state?: string; /** * esired response format. * * Supported values: * + `query`: The response parameters are encoded as query string parameters and added to the `redirectUri` when redirecting. * + `fragment`: The response parameters are encoded as URI fragment parameters and added to the `redirectUri` when redirecting. * + `web_message`: The response parameters are encoded as a JSON object and added to the body of a [web message response](https://datatracker.ietf.org/doc/html/draft-sakimura-oauth-wmrm-00). * * Default value: `query` */ responseMode?: string | null; /** * Code challenge to use for PKCE verification. * This field is only used if `responseType` is set to `code`. */ codeChallenge?: string | null; /** * Code challenge method to use for PKCE verification. * This field is only used if `responseType` is set to `code`. * * Supported values: * + `S256`: The code challenge is transformed using SHA-256 encyption. * + `S512`: The code challenge is transformed using SHA-512 encyption. */ codeChallengeMethod?: string | null; /** Session token of the site visitor to authorize. */ sessionToken?: string | null; /** * URL to redirect user to sign in * @format SECURE_WEB_URL */ signInUrl?: string | null; /** Indicates whether the user has consented to the requested scopes */ userConsented?: boolean | null; /** Indicates whether login is optional. If true, will not redirect to the sign_in_url if user is not logged in. */ optionalLogin?: boolean | null; /** * The site id the authorization is requested for. * @format GUID */ metaSiteId?: string | null; } interface RawHttpResponse { body?: Uint8Array; statusCode?: number | null; headers?: HeadersEntry[]; } interface HeadersEntry { key?: string; value?: string; } interface RawHttpRequest { body?: Uint8Array; pathParams?: PathParametersEntry[]; queryParams?: QueryParametersEntry[]; headers?: HeadersEntry[]; method?: string; rawPath?: string; rawQuery?: string; } interface PathParametersEntry { key?: string; value?: string; } interface QueryParametersEntry { key?: string; value?: string; } interface DeviceCodeRequest { /** The ID of the application that asks for authorization. */ clientId?: string; /** * scope is a space-delimited string that specifies the requested scope of the * access request. */ scope?: string | null; } interface DeviceCodeResponse { /** is the unique code for the device. When the user goes to the verification_uri in their browser-based device, this code will be bound to their session. */ deviceCode?: string; /** contains the code that should be input at the verification_uri to authorize the device. */ userCode?: string; /** contains the URL the user should visit to authorize the device. */ verificationUri?: string; /** indicates the lifetime (in seconds) of the device_code and user_code. */ expiresIn?: number; /** indicates the interval (in seconds) at which the app should poll the token URL to request a token. clients MUST use 5 as the default */ interval?: number | null; } interface DeviceVerifyRequest { /** User code representing a currently authorizing device. */ userCode?: string; } interface DeviceVerifyResponse { } interface DeviceVerifyV2Request { /** * User code representing a currently authorizing device. * @minLength 8 * @maxLength 8 */ userCode?: string; } interface DeviceVerifyV2Response { } interface InvalidateUserCodeRequest { /** user code to invalidate. Only the authorizing identity is able to invalidate it. */ userCode?: string; } interface InvalidateUserCodeResponse { } interface RevokeRefreshTokenRequest { /** The refresh token itself. Anyone with the token itself is able to revoke it. */ token?: string; /** The client id that issued the refresh token. */ clientId?: string | null; } interface RevokeRefreshTokenResponse { } interface TokenInfoResponse { active?: boolean; /** subject type. */ subjectType?: SubjectTypeWithLiterals; /** subject id */ subjectId?: string; /** Expiration time of the token */ exp?: string | null; /** Issued time of the token */ iat?: string | null; /** Client id */ clientId?: string; /** Account id */ accountId?: string | null; /** Site id */ siteId?: string | null; /** Instance Id */ instanceId?: string | null; /** * Vendor Product Id * @maxLength 100 */ vendorProductId?: string | null; } declare enum SubjectType { /** unknown subject type */ UNKNOWN = "UNKNOWN", /** user subject type */ USER = "USER", /** visitor subject type */ VISITOR = "VISITOR", /** member subject type */ MEMBER = "MEMBER", /** app subject type */ APP = "APP" } /** @enumType */ type SubjectTypeWithLiterals = SubjectType | 'UNKNOWN' | 'USER' | 'VISITOR' | 'MEMBER' | 'APP'; interface Empty { } interface DomainEvent extends DomainEventBodyOneOf { createdEvent?: EntityCreatedEvent; updatedEvent?: EntityUpdatedEvent; deletedEvent?: EntityDeletedEvent; actionEvent?: ActionEvent; /** Event ID. With this ID you can easily spot duplicated events and ignore them. */ _id?: string; /** * Fully Qualified Domain Name of an entity. This is a unique identifier assigned to the API main business entities. * For example, `wix.stores.catalog.product`, `wix.bookings.session`, `wix.payments.transaction`. */ entityFqdn?: string; /** * Event action name, placed at the top level to make it easier for users to dispatch messages. * For example: `created`/`updated`/`deleted`/`started`/`completed`/`email_opened`. */ slug?: string; /** ID of the entity associated with the event. */ entityId?: string; /** Event timestamp in [ISO-8601](https://en.wikipedia.org/wiki/ISO_8601) format and UTC time. For example, `2020-04-26T13:57:50.699Z`. */ eventTime?: Date | null; /** * Whether the event was triggered as a result of a privacy regulation application * (for example, GDPR). */ triggeredByAnonymizeRequest?: boolean | null; /** If present, indicates the action that triggered the event. */ originatedFrom?: string | null; /** * A sequence number that indicates the order of updates to an entity. For example, if an entity was updated at 16:00 and then again at 16:01, the second update will always have a higher sequence number. * You can use this number to make sure you're handling updates in the right order. Just save the latest sequence number on your end and compare it to the one in each new message. If the new message has an older (lower) number, you can safely ignore it. */ entityEventSequence?: string | null; } /** @oneof */ interface DomainEventBodyOneOf { createdEvent?: EntityCreatedEvent; updatedEvent?: EntityUpdatedEvent; deletedEvent?: EntityDeletedEvent; actionEvent?: ActionEvent; } interface EntityCreatedEvent { entity?: string; } interface RestoreInfo { deletedDate?: Date | null; } interface EntityUpdatedEvent { /** * Since platformized APIs only expose PATCH and not PUT we can't assume that the fields sent from the client are the actual diff. * This means that to generate a list of changed fields (as opposed to sent fields) one needs to traverse both objects. * We don't want to impose this on all developers and so we leave this traversal to the notification recipients which need it. */ currentEntity?: string; } interface EntityDeletedEvent { /** Entity that was deleted. */ deletedEntity?: string | null; } interface ActionEvent { body?: string; } interface UserDeletedEvent { /** * User ID from the deletion event. * @format GUID */ userId?: string; } interface UserBlockedEvent { /** * User ID from the deletion event. * @format GUID */ userId?: string; } interface UserInfoRequest { } /** UserInfo endpoint response for OpenID Connect */ interface UserInfoResponse { /** * The unique identifier for the user. * @format GUID */ _id?: string; /** * The user's given name. * @maxLength 20 */ givenName?: string | null; /** * The user's family name. * @maxLength 20 */ familyName?: string | null; /** * The user's email address. * @format EMAIL */ email?: string | null; /** Indicates whether the user's email address has been verified. */ emailVerified?: boolean | null; /** * The URL of the user's profile picture. * @format WEB_URL */ picture?: string | null; /** * The user's preferred language, if available. * @format LANGUAGE */ language?: string | null; } /** * Creates an access token. * * * The endpoint accepts raw HTTP requests. You must pass the request's body * parameters formatted as bytes in the raw HTTP request's `body` field, * following this template: * `{"grantType": "client_credentials", "client_id": "", "client_secret": "", "instance_id": ""}`. * * When the call succeeds, Wix returns `{"statusCode": 200}` and the created access * token in the `body` field of the raw HTTP response. * * In case the call fails, Wix returns the relevant `4XX` error code in the raw * HTTP response's `statusCode` field and details * about the error in `body`. Error details follow the * [conventions of the Internet Engineering Task Force (IETF)](https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.7). * @public * @fqn wix.identity.oauth2.v1.Oauth2Ng.Token */ declare function token(options?: TokenOptions): Promise>; interface TokenOptions { body?: Uint8Array; pathParams?: PathParametersEntry[]; queryParams?: QueryParametersEntry[]; headers?: HeadersEntry[]; method?: string; rawPath?: string; rawQuery?: string; } /** * Token Introspection Endpoint. * @public * @fqn wix.identity.oauth2.v1.Oauth2Ng.TokenInfo */ declare function tokenInfo(options?: TokenInfoOptions): Promise>; interface TokenInfoOptions { body?: Uint8Array; pathParams?: PathParametersEntry[]; queryParams?: QueryParametersEntry[]; headers?: HeadersEntry[]; method?: string; rawPath?: string; rawQuery?: string; } export { type ActionEvent, type AuthorizeRequest, type DeviceCodeRequest, type DeviceCodeResponse, type DeviceVerifyRequest, type DeviceVerifyResponse, type DeviceVerifyV2Request, type DeviceVerifyV2Response, type DomainEvent, type DomainEventBodyOneOf, type Empty, type EntityCreatedEvent, type EntityDeletedEvent, type EntityUpdatedEvent, type HeadersEntry, type InvalidateUserCodeRequest, type InvalidateUserCodeResponse, type PathParametersEntry, type QueryParametersEntry, type RawHttpRequest, type RawHttpResponse, type RefreshToken, type RestoreInfo, type RevokeRefreshTokenRequest, type RevokeRefreshTokenResponse, SubjectType, type SubjectTypeWithLiterals, type TokenInfoOptions, type TokenInfoResponse, type TokenOptions, type UserBlockedEvent, type UserDeletedEvent, type UserInfoRequest, type UserInfoResponse, token, tokenInfo };