import { AuthenticationTokenProvider } from './AuthenticationTokenProvider'; import { GraphqlClient } from '../common/GraphqlClient'; import { AuthenticationClientOptions, ICasParams, ILogoutParams, IOauthParams, IOidcParams, PasswordSecurityLevel, ProviderType, SecurityLevel } from './types'; import { CheckPasswordStrengthResult, CommonMessage, EmailScene, JwtTokenStatus, PaginatedAuthorizedResources, RefreshToken, RegisterProfile, ResourceType, UpdateUserInput, User, UserDefinedData } from '../../types/graphql.v2'; import { QrCodeAuthenticationClient } from './QrCodeAuthenticationClient'; import { MfaAuthenticationClient } from './MfaAuthenticationClient'; import { HttpClient, NaiveHttpClient } from '../common/HttpClient'; import { SocialAuthenticationClient } from './SocialAuthenticationClient'; import { KeyValuePair } from '../../types'; import { EnterpriseAuthenticationClient } from './EnterpriseAuthenticationClient'; import { BaseAuthenticationClient } from './BaseAuthenticationClient'; import { ApplicationPublicDetail } from '../management/types'; /** * @class AuthenticationClient * @description This client contains methods such as registeration and login, resetting the phone number and email, and modifying account information. These methods need to be requested by end users after they have been verified. * * @example * * How to use it: * * \`\`\`javascript * import { AuthenticationClient } from "approw-js-sdk" * const authenticationClient = new AuthenticationClient({ * appId: "YOUR_APP_ID", * }) * authenticationClient.registerByEmail // register by email * authenticationClient.loginByEmail // login by email * \`\`\` * * * @name AuthenticationClient */ export declare class AuthenticationClient { options: AuthenticationClientOptions; baseClient: BaseAuthenticationClient; graphqlClient: GraphqlClient; httpClient: HttpClient; naiveHttpClient: NaiveHttpClient; tokenProvider: AuthenticationTokenProvider; wxqrcode: QrCodeAuthenticationClient; qrcode: QrCodeAuthenticationClient; mfa: MfaAuthenticationClient; social: SocialAuthenticationClient; enterprise: EnterpriseAuthenticationClient; private publicKeyManager; constructor(options: AuthenticationClientOptions); checkLoggedIn(): string; setCurrentUser(user: User): void; setToken(token: string): void; /** * @name registerByEmail * @name_zh * @description Use email registration, this interface does not require the user to verify the email, the emailVerified field will be false after the user registers. If you want users with unauthenticated email to be unable to log in, you can use the pipeline to intercept such requests. * * @param {string} email * @param {string} password * @param {RegisterProfile} [profile] * @param {Object} [options] * @param {boolean} [options.forceLogin] Whether to go through the complete login process. The pipeline function before and after login and the login event webhook will be triggered.The cumulative login times of the user will be increased by 1. The default value is false. * @param {boolean} [options.generateToken] Whether to generate a token for the user. It will not trigger the complete process after login. The user's cumulative login times will not increase by 1. The default value is false. * @param {string} [options.clientIp] The real IP of the client. If you call this interface on the server side, be sure to set this parameter to the real IP of the end user. * * @example * * authenticationClient.registerByEmail( * 'test@example.com', * 'passw0rd', * { * nickname: 'Nick' * }, * { * generateToken: true * } * ) * * @example * authenticationClient.registerByEmail('test@example.com', 'passw0rd') * * * @returns {Promise} * @memberof AuthenticationClient */ registerByEmail(email: string, password: string, profile?: RegisterProfile, options?: { forceLogin?: boolean; generateToken?: boolean; clientIp?: string; /** * @deprecated use customData instead */ params?: Array<{ key: string; value: any; }>; /** * @description will input udv */ customData?: { [x: string]: any; }; /** * @description request context, will be parsed into Pipeline */ context?: { [x: string]: any; }; }): Promise; /** * @name registerByUsername * @name_zh * @description Register by username * * @param {string} username * @param {string} password * @param {RegisterProfile} [profile] * @param {Object} [options] * @param {boolean} [options.forceLogin] Whether to go through the complete login process. The pipeline function before and after login and the login event webhook will be triggered.The cumulative login times of the user will be increased by 1. The default value is false. * @param {boolean} [options.generateToken] Whether to generate a token for the user. It will not trigger the complete process after login. The user's cumulative login times will not increase by 1. The default value is false. * @param {string} [options.clientIp] The real IP of the client. If you call this interface on the server side, be sure to set this parameter to the real IP of the end user. * * * @example * * authenticationClient.registerByUsername( * 'bob', * 'passw0rd', * { * nickname: 'Nick' * }, * { * generateToken: true * } * ) * * @example * authenticationClient.registerByUsername('bob', 'passw0rd') * * * @returns {Promise} * @memberof AuthenticationClient */ registerByUsername(username: string, password: string, profile?: RegisterProfile, options?: { forceLogin?: boolean; generateToken?: boolean; clientIp?: string; /** * @deprecated use customData instead */ params?: Array<{ key: string; value: any; }>; /** * @description will write in udv field */ customData?: { [x: string]: any; }; /** * @description request context and will be parsed into Pipeline */ context?: { [x: string]: any; }; }): Promise; /** * @name registerByPhoneCode * @name_zh * @description Register with your mobile phone number, and you can set the initial password of the account. You can find the send SMS interface in sendSmsCode. * * @param {string} phone * @param {string} code SMS verification code * @param {string} password initial password of the account * @param {RegisterProfile} [profile] * @param {Object} [options] * @param {boolean} [options.forceLogin] Whether to go through the complete login process. The pipeline function before and after login and the login event webhook will be triggered.The cumulative login times of the user will be increased by 1. The default value is false. * @param {boolean} [options.generateToken] Whether to generate a token for the user. It will not trigger the complete process after login. The user's cumulative login times will not increase by 1. The default value is false. * @param {string} [options.clientIp] The real IP of the client. If you call this interface on the server side, be sure to set this parameter to the real IP of the end user. * * @example * * authenticationClient.registerByPhoneCode( * '176xxxx7041', * '1234', * 'passw0rd', * { * nickname: 'Nick' * }, * { * generateToken: true * } * ) * * @example * authenticationClient.registerByPhoneCode('176xxxx7041', '1234') * * * @returns {Promise} * @memberof AuthenticationClient */ registerByPhoneCode(phone: string, code: string, password?: string, profile?: RegisterProfile, options?: { forceLogin?: boolean; generateToken?: boolean; clientIp?: string; /** * @deprecated use customData instead */ params?: Array<{ key: string; value: any; }>; /** * @description will input udv field */ customData?: { [x: string]: any; }; /** * @description request context and will be parsed into Pipeline */ context?: { [x: string]: any; }; }): Promise; /** * @name checkPasswordStrength * @name_zh * @description * * @param {string} password * @example * authenticationClient.checkPasswordStrength('weak') * * @example * authenticationClient.checkPasswordStrength('strongPassw0rd!') * * @returns {Promise} * @memberof AuthenticationClient */ checkPasswordStrength(password: string): Promise; /** * @name sendSmsCode * @name_zh * @description Send SMS verification code. Code valid time is 60s by default. * * @param {string} phone * @example * authenticationClient.sendSmsCode('176xxxx6754') * * @returns {Promise} * @memberof AuthenticationClient */ sendSmsCode(phone: string): Promise; /** * @name loginByEmail * @name_zh * @description Login by email. By default, this interface does not restrict logins to unverified emails. If you want users with unverified emails to not be able to log in, you can use the pipeline to intercept such requests. * * If your user pool is configured with login failure detection, the user will be asked to enter a CAPTCHA code (code 2000) when the login fails multiple times under the same IP. * * @param {string} email * @param {string} password * @param {Object} [options] * @param {boolean} [options.autoRegister] Whether to register automatically.If it detects that the user does not exist, an account will be automatically created based on the login account password. * @param {string} [options.captchaCode] CAPTCHA code * @param {string} [options.clientIp] The real IP of the client. If you call this interface on the server side, be sure to set this parameter to the real IP of the end user. * * @example * * authenticationClient.loginByEmail( * 'test@example.com', * 'passw0rd', * { * autoRegister: true, * captchaCode: 'xj72' * } * ) * * @example * authenticationClient.loginByEmail('test@example.com', 'passw0rd') * * * @returns {Promise} * @memberof AuthenticationClient */ loginByEmail(email: string, password: string, options?: { autoRegister?: boolean; captchaCode?: string; clientIp?: string; /** * @deprecated use customData instead */ params?: Array<{ key: string; value: any; }>; /** * @description will input udv field */ customData?: { [x: string]: any; }; /** * @description request context and will be parsed into Pipeline */ context?: { [x: string]: any; }; }): Promise; /** * @name loginByUsername * @name_zh * @description * * If your user pool is configured with login failure detection, the user will be asked to enter a CAPTCHA verification code (code 2000) when the login fails multiple times under the same IP. * * @param {string} username * @param {string} password * @param {Object} [options] * @param {boolean} [options.autoRegister] Whether to register automatically.If it detects that the user does not exist, an account will be automatically created based on the login account password. * @param {string} [options.captchaCode] CAPTCHA code. * @param {string} [options.clientIp] The real IP of the client. If you call this interface on the server side, be sure to set this parameter to the real IP of the end user. * * * @example * * authenticationClient.loginByEmail( * 'test@example.com', * 'passw0rd', * { * autoRegister: true, * captchaCode: 'xj72' * } * ) * * @example * authenticationClient.loginByEmail('test@example.com', 'passw0rd') * * * @returns {Promise} * @memberof AuthenticationClient */ loginByUsername(username: string, password: string, options?: { autoRegister?: boolean; captchaCode?: string; clientIp?: string; /** * @deprecated use customData instead */ params?: Array<{ key: string; value: any; }>; /** * @description will input udv field */ customData?: { [x: string]: any; }; /** * @description request context and will be parsed into Pipeline */ context?: { [x: string]: any; }; }): Promise; /** * @name loginByPhoneCode * @name_zh * @description Login by phone number and SMS code. * * * @param {string} phone * @param {string} code SMS verification code * @param {string} [options.clientIp] The real IP of the client. If you call this interface on the server side, be sure to set this parameter to the real IP of the end user. * * @example * * authenticationClient.loginByPhoneCode( * '176xxxx7041', * '1234', * ) * * * @returns {Promise} * @memberof AuthenticationClient */ loginByPhoneCode(phone: string, code: string, options?: { clientIp?: string; /** * @deprecated use customData instead */ params?: Array<{ key: string; value: any; }>; /** * @description request context and will be parsed into Pipeline */ context?: { [x: string]: any; }; /** * @description will input udv field */ customData?: { [x: string]: any; }; }): Promise; /** * @name loginByPhonePassword * @name_zh * @description * * * @param {string} phone * @param {string} password * @param {Object} [options] * @param {string} [options.captchaCode] CAPTCHA code * @param {string} [options.clientIp] The real IP of the client. If you call this interface on the server side, be sure to set this parameter to the real IP of the end user. * * @example * * authenticationClient.loginByPhonePassword( * '176xxxx7041', * 'passw0rd', * { * captchaCode: 'xj72' * } * ) * * @example * authenticationClient.loginByPhonePassword('176xxxx7041', 'passw0rd') * * * @returns {Promise} * @memberof AuthenticationClient */ loginByPhonePassword(phone: string, password: string, options?: { captchaCode?: string; autoRegister?: boolean; clientIp?: string; /** * @deprecated use customData instead */ params?: Array<{ key: string; value: any; }>; /** * @description will input udv field */ customData?: { [x: string]: any; }; /** * @description request context and will be parsed into Pipeline */ context?: { [x: string]: any; }; }): Promise; loginBySubAccount(account: string, password: string, options?: { captchaCode?: string; clientIp?: string; }): Promise; /** * @name checkLoginStatus * @name_zh * @description check login token status * * @param {string} token The user's login credentials token. * * @example * * authenticationClient.checkLoginStatus('TOKEN') * * @returns {Promise} * @memberof AuthenticationClient */ checkLoginStatus(token?: string): Promise; /** * @name sendEmail * @name_zh * @description * * @param {string} email * @param {EmailScene} scene Sending scene, optional values are RESET_PASSWORD (send a reset password email, the email contains the verification code), VerifyEmail (send the email to verify the mailbox), ChangeEmail (send the modified email, the email contains the verification code) * * @example * * import { EmailScene } from "approw-js-sdk" * authenticationClient.sendEmail('test@example.com', EmailScene.RESET_PASSWORD) * * @returns {Promise} * @memberof AuthenticationClient */ sendEmail(email: string, scene: EmailScene): Promise; /** * @name resetPasswordByPhoneCode * @name_zh * @description To reset the password via SMS verification code, you need to call the sendSmsCode interface to send the reset password email. * * @param {string} phone * @param {string} code SMS verification code * @param {string} newPassword new password * * @example * * authenticationClient.resetPasswordByPhoneCode('176xxxx7041', '1234', 'passw0rd') * * @returns {Promise} * @memberof AuthenticationClient */ resetPasswordByPhoneCode(phone: string, code: string, newPassword: string): Promise; /** * @name resetPasswordByEmailCode * @name_zh * @description To reset the password through the email, you need to call the sendEmail interface to send the reset password email. * * @param {string} phone * @param {string} code verification code * @param {string} newPassword new password * * @example * * authenticationClient.resetPasswordByEmailCode('test@example.com', '1234', 'passw0rd') * * @returns {Promise} * @memberof AuthenticationClient */ resetPasswordByEmailCode(email: string, code: string, newPassword: string): Promise; /** * @name updateProfile * @name_zh * @description Update user information. This interface cannot be used to update the phone number, email address, and password. If necessary, please call the updatePhone, updateEmail, and updatePassword interfaces. * * @param {UpdateUserInput} updates * @param {string} updates.username * @param {string} updates.nickname * @param {string} updates.photo * @param {string} updates.company * @param {string} updates.browser * @param {string} updates.device * @param {string} updates.lastIP last login IP * @param {string} updates.name Name * @param {string} updates.givenName Given Name * @param {string} updates.familyName Family Name * @param {string} updates.middleName Middle Name * @param {string} updates.profile Profile Url * @param {string} updates.preferredUsername Preferred Name * @param {string} updates.website personal website * @param {string} updates.gender Gender, M means male, F means female, U means unknown. * @param {string} updates.birthdate * @param {string} updates.zoneinfo timezone * @param {string} updates.locale language * @param {string} updates.address * @param {string} updates.streetAddress * @param {string} updates.locality * @param {string} updates.region * @param {string} updates.postalCode * @param {string} updates.city * @param {string} updates.province * @param {string} updates.country * * @example * * authenticationClient.updateProfile({ * nickname: "Nick", * lastIp: "111.111.111.111" * }) * * @returns {Promise} * @memberof AuthenticationClient */ updateProfile(updates: UpdateUserInput): Promise; /** * @name updatePassword * @name_zh * @description * * @param {string} newPassword new password * @param {string} [oldPassword] Old password, if the user has not set a password, it can be left blank. * * @example * * authenticationClient.updatePassword('passw0rd') // oldPassword should be empty for those accounts registered by social login or phone number because they don't set password in first login * * @example * * authenticationClient.updatePassword('passw0rd', 'oldPassw0rd') // user set a password before * * @returns {Promise} * @memberof AuthenticationClient */ updatePassword(newPassword: string, oldPassword?: string): Promise; /** * @name updatePhone * @name_zh * @description > * Update the user's phone number. Same as update the email, by default, if the user has already bound a phone number, the original phone number (the phone number bound to the current account) and the current email (the phone number to be bound) need to be verified at the same time. * In other words, the phone number currently bound to user A is 15888888888, and if you want to change it to 15899999999, you need to verify both phone numbers at the same time. * Developers can also choose not to turn on "Verify original phone number", which can be turned off in the security information client under the settings directory of the {{$localeConfig.brandName}} console. * To bind a phone number for the first time, please use bindPhone interface. * * @param {string} phone New phone number * @param {string} phoneCode The verification code of the new phone number * @param {string} [oldPhone] Old phone number * @param {string} [oldPhoneCode] The verification code of the old phone number * * @example * * authenticationClient.updatePhone('176xxxx7041', '1234') // verify old phone number function disabled * * @example * * authenticationClient.updatePhone('176xxxx7041', '1234', '156xxxx9876', '1234') // verify old phone number function enabled * * * @returns {Promise} * @memberof AuthenticationClient */ updatePhone(phone: string, phoneCode: string, oldPhone?: string, oldPhoneCode?: string): Promise; /** * @name updateEmail * @name_zh * @description If the user has already bound the email, by default, the original email (the email bound to the current account) and the current email (the email to be bound) need to be verified at the same time. If the currently email bound to user A is 123456@gmail.com, and user A wants to change it to 1234567@gmail.com, then both email need to be verified at the same time. * Developers can also choose not to turn on "Verify original mailbox", which can be turned off in the security information client under the settings directory of the {{$localeConfig.brandName}} console. * To bind an email for the first time, please use the bindEmail interface. * * @param {string} email new email * @param {string} emailCode new email verification code * @param {string} [oldEmail] * @param {string} [oldEmailCode] * * @example * * authenticationClient.updateEmail('test@example.com', '1234') // verify old email disabled * * @example * * authenticationClient.updateEmail('test@example.com', '1234', 'test2@example.com', '1234') // verify old email enabled * * * @returns {Promise} * @memberof AuthenticationClient */ updateEmail(email: string, emailCode: string, oldEmail?: string, oldEmailCode?: string): Promise; /** * @name refreshToken * @name_zh * @description Refresh the token of the current user.Login is required when calling this interface. * * @example * * authenticationClient.updateEmail() * * @returns {Promise} * @memberof AuthenticationClient */ refreshToken(): Promise; /** * @name linkAccount * @name_zh * @description Bind a social account to main account (phone number or email address). * * @param {Object} options * @param {string} options.primaryUserToken main account Token * @param {string} options.secondaryUserToken social account Token * * @example * * authenticationClient.linkAccount({ primaryUserToken: '', secondaryUserToken: '' }) * * @returns {{code: 200, message: "binding success"}} * @memberof AuthenticationClient */ linkAccount(options: { primaryUserToken: string; secondaryUserToken: string; }): Promise<{ code: number; message: string; }>; /** * @name unLinkAccount * @name_zh * @description unbind social account from main account * * @param {Object} options * @param {string} options.primaryUserToken main account Token * @param {string} options.provider social account IDP * * @example * * authenticationClient.unLinkAccount({ primaryUserToken: '', provider: 'wechat:pc' }) * * @returns {{code: 200, message: "unbind success"}} * @memberof AuthenticationClient */ unLinkAccount(options: { primaryUserToken: string; provider: ProviderType; }): Promise<{ code: number; message: string; }>; /** * @name bindPhone * @name_zh * @description The user binds the phone number for the first time. If you need to update the phone number, please use the updatePhone interface. * * @param {string} phone * @param {string} phoneCode * * @example * * authenticationClient.bindPhone('176xxxx7041', '1234') * * @returns {Promise} * @memberof AuthenticationClient */ bindPhone(phone: string, phoneCode: string): Promise; /** * @name unbindPhone * @name_zh * @description User unbind phone number. * * @example * * authenticationClient.unbindPhone() * * @returns {Promise} * @memberof AuthenticationClient */ unbindPhone(): Promise; /** * @name bindEmail * @name_zh * @description * * @param {string} email * @param {string} emailCode * * @example * * authenticationClient.bindEmail('test@example.com', '1234') * * @returns {Promise} * @memberof AuthenticationClient */ bindEmail(email: string, emailCode: string): Promise; /** * @name unbindEmail * @name_zh * @description * * @example * * authenticationClient.unbindPhone() * * @returns {Promise} * @memberof AuthenticationClient */ unbindEmail(): Promise; /** * @name getCurrentUser * @name_zh * @description Get the information of the current user. * * @example * * authenticationClient.getCurrentUser() * * @returns {Promise} * @memberof AuthenticationClient */ getCurrentUser(): Promise; /** * @name logout * @name_zh * @description Logout, clear user and token in localStorage. * * @example * * authenticationClient.logout() * * @returns {null} * @memberof AuthenticationClient */ logout(): Promise; /** * @name listUdv * @name_zh get udv list of current user * @description get udv list of current user * @deprecated use getUdfValue instead * * @example * * authenticationClient.listUdv() * * @returns {Promise>} * @memberof AuthenticationClient */ listUdv(): Promise>; /** * @name setUdv * @name_zh * @description add user-defined value * * @param {string} key user-defined value field key * @param {any} value user-defined data value * * @example * * authenticationClient.setUdv('school', 'MIT') // user must have defined field "school" * * @returns {Promise>} * @memberof AuthenticationClient */ setUdv(key: string, value: any): Promise>; /** * @name removeUdv * @name_zh * @description * * @param key user-defined field key * * @example * * authenticationClient.removeUdv('school') * * * @returns {Promise>} * @memberof AuthenticationClient */ removeUdv(key: string): Promise>; /** * @name listOrg * @name_zh * @description get org of the current user and all nodes in this org * * @example * * const data = await authenticationClient.listOrgs(); * * @returns {Promise} * * @memberof AuthenticationClient */ listOrgs(): Promise; /** * @name loginByLdap * @name_zh login by LDAP username * @description * * If your user pool is configured with login failure detection, the user will be asked to enter a CAPTCHA code (code 2000) when the login fails multiple times under the same IP. * * @param {string} username * @param {string} password * @param {Object} [options] * @param {boolean} [options.autoRegister] Whether to register automatically.If it detects that the user does not exist, an account will be automatically created based on the login account password. * @param {string} [options.captchaCode] CAPTCHA code * @param {string} [options.clientIp] The real IP of the client. If you call this interface on the server side, be sure to set this parameter to the real IP of the end user. * * * @example * const authenticationClient = new AuthenticationClient({ * appId: 'APP ID' * }) * * authenticationClient.loginByLdap( * 'admin', * 'admin', * ) * * * @returns {Promise} * @memberof AuthenticationClient */ loginByLdap(username: string, password: string, options?: { autoRegister?: boolean; captchaCode?: string; clientIp?: string; }): Promise; /** * @name loginByAd * @name_zh * @description Login by AD username. * * @param {string} username * @param {string} password * * * @example * const authenticationClient = new AuthenticationClient({ * appId: 'APP ID' * }) * * authenticationClient.loginByAd( * 'admin', * 'admin', * ) * * @returns {Promise} * @memberof AuthenticationClient */ loginByAd(username: string, password: string): Promise; /** * @description upload picture */ private uploadPhoto; /** * @deprecated use uploadAvatar instead * @description update user avatar */ updateAvatar(options?: { accept?: string; }): Promise; /** * @description one click to upload picture and update avatar * * @param {Object} options * @param {string} options.accept supported picture format, default is 'image/*' * * @example * const authenticationClient = new AuthenticationClient({ * appId: 'APP_ID', * appHost: 'https://xxx.approw.com' * }) * * // will open a dialog in browser automatically and upload images to CDN/modify avatar * authenticationClient.uploadAvatar() * * // only support png format * authenticationClient.uploadAvatar({ * accept: '.png' * }) * * @returns */ uploadAvatar(options?: { accept?: string; }): Promise; /** * @description acquire all udv of current user * */ getUdfValue(): Promise; /** * @description set udv value * */ setUdfValue(data: KeyValuePair): Promise; /** * @description delete udv */ removeUdfValue(key: string): Promise; /** * @name getSecurityLevel * @name_zh user security level * @description get user security level * * @example * * const data = await authenticationClient.getSecurityLevel(); * * @returns {Promise} * * @memberof AuthenticationClient */ getSecurityLevel(): Promise; /** * @description get all authorized resources of current user * * @param userId * @param namespace */ listAuthorizedResources(namespace: string, options?: { resourceType?: ResourceType; }): Promise; /** * @name computedPasswordSecurityLevel * @name_zh calculate password security level * @description calculate password security level * * @example * * const data = authenticationClient.computedPasswordSecurityLevel('xxxxxxxx'); * * @returns {PasswordSecurityLevel} * * @memberof AuthenticationClient */ computedPasswordSecurityLevel(password: string): PasswordSecurityLevel; _generateTokenRequest(params: { [x: string]: string; }): string; _generateBasicAuthToken(appId?: string, secret?: string): string; /** * @param {string} code authorization code * @param {string} codeVerifier */ _getAccessTokenByCodeWithClientSecretPost(code: string, codeVerifier?: string): Promise; /** * @param {string} code authorization code * @param {string} codeVerifier */ _getAccessTokenByCodeWithClientSecretBasic(code: string, codeVerifier?: string): Promise; /** * @param {string} code authorization code * @param {string} codeVerifier = */ _getAccessTokenByCodeWithNone(code: string, codeVerifier?: string): Promise; getAccessTokenByCode(code: string, options?: { codeVerifier?: string; }): Promise; generateCodeChallenge(): string; getCodeChallengeDigest(options: { codeChallenge: string; method: 'S256' | 'plain'; }): string; getAccessTokenByClientCredentials(scope: string, options?: { accessKey: string; accessSecret: string; }): Promise; getUserInfoByAccessToken(accessToken: string, options?: { method?: 'POST' | 'GET'; tokenPlace?: 'query' | 'header' | 'body'; }): Promise; buildAuthorizeUrl(options?: IOidcParams | IOauthParams | ICasParams): string; _buildOidcAuthorizeUrl(options: IOidcParams): string; _buildOauthAuthorizeUrl(options: IOauthParams): string; _buildSamlAuthorizeUrl(): string; _buildCasAuthorizeUrl(options: ICasParams): string; _buildCasLogoutUrl(options: ILogoutParams): string; _buildOidcLogoutUrl(options: ILogoutParams): string; _buildEasyLogoutUrl(options?: ILogoutParams): string; buildLogoutUrl(options?: ILogoutParams): string; _getNewAccessTokenByRefreshTokenWithClientSecretPost(refreshToken: string): Promise; _getNewAccessTokenByRefreshTokenWithClientSecretBasic(refreshToken: string): Promise; _getNewAccessTokenByRefreshTokenWithNone(refreshToken: string): Promise; getNewAccessTokenByRefreshToken(refreshToken: string): Promise; _revokeTokenWithClientSecretPost(token: string): Promise; _revokeTokenWithClientSecretBasic(token: string): Promise; _revokeTokenWithNone(token: string): Promise; revokeToken(token: string): Promise; _introspectTokenWithClientSecretPost(token: string): Promise; _introspectTokenWithClientSecretBasic(token: string): Promise; _introspectTokenWithNone(token: string): Promise; introspectToken(token: string): Promise; validateTicketV1(ticket: string, service: string): Promise<{ message: string; username: any; valid: boolean; }>; /** * judge if "I" have some specific role * @param roleCode role Code * @param namespace privilege group ID */ hasRole(roleCode: string, namespace?: string): Promise; /** * @description Get apps the current user can access */ listApplications(params?: { page: number; limit: number; }): Promise<{ totalCount: number; list: ApplicationPublicDetail[]; }>; /** * @description validate idToken or accessToken */ validateToken(options: { accessToken?: string; idToken?: string; }): Promise; }