import { Org } from '../../types/graphql.v2'; import { GraphqlClient } from '../common/GraphqlClient'; import { HttpClient } from '../common/HttpClient'; import { Lang } from '../../types'; /** * 初始化 appow SDK 的参数,secret 和 accessToken 必须传其中一个。 */ export interface ManagementClientOptions { /** user pool ID **/ userPoolId?: string; /** application ID */ appId?: string; /** user pool/application key **/ secret?: string; /** User pool accessToken, if it is passed in, please pay attention to the expired status of the token, you need to maintain the status of this token yourself, the SDK will not update **/ accessToken?: string; /** time out **/ timeout?: number; /** Error callback function, the default is (err: Error) => {throw err} throws an error directly **/ onError?: (code: number, message: string, data?: any) => void; /** appow server address */ host?: string; /** Request source */ requestFrom?: string; /** Encryption function */ encryptFunction?: (plainText: string, publicKey: string) => Promise; /** Password transmission encryption public key */ publicKey?: string; httpClient?: typeof HttpClient; graphqlClient?: typeof GraphqlClient; /** * language */ lang?: Lang; } /** * Decoded user pool accessToken */ export interface DecodedAccessToken { /** user ID */ sub: string; /** Issuance time **/ iat: number; /** expect time **/ exp: number; data?: { /** User pool administrator mailbox **/ email: string; /** User pool administrator ID **/ id: string; }; } /** * * appow grooup * @export * @interface appowGroup */ export interface appowGroup { _id: string; name: string; description?: string; createdAt: string; updatedAt: string; } export interface OIDCProviderCustomStylesInput { forceLogin?: boolean; hideQRCode?: boolean; hideUP?: boolean; hideUsername?: boolean; hideRegister?: boolean; hidePhone?: boolean; hideSocial?: boolean; hideClose?: boolean; placeholder?: OIDCProviderCustomStylesPlaceholderInput; qrcodeScanning?: OIDCProviderCustomStylesQrcodeScanningInput; } export interface OIDCProviderCustomStylesPlaceholderInput { username?: string; email?: string; password?: string; confirmPassword?: string; verfiyCode?: string; newPassword?: string; phone?: string; phoneCode?: string; } export interface OIDCProviderCustomStylesQrcodeScanningInput { redirect?: boolean; interval?: number; tips?: string; } export interface CreateOIDCProviderInput { name: string; domain: string; redirect_uris: [string]; grant_types?: [string]; response_types?: [string]; clientId?: string; token_endpoint_auth_method?: string; image?: string; isDefault: boolean; id_token_signed_response_alg?: string; id_token_encrypted_response_alg?: string; id_token_encrypted_response_enc?: string; userinfo_signed_response_alg?: string; userinfo_encrypted_response_alg?: string; userinfo_encrypted_response_enc?: string; request_object_signing_alg?: string; request_object_encryption_alg?: string; request_object_encryption_enc?: string; jwks_uri?: string; _jwks_uri?: string; jwks?: string; _jwks?: string; custom_jwks?: string; description?: string; homepageURL?: string; authorization_code_expire?: string; id_token_expire?: string; access_token_expire?: string; cas_expire?: string; customStyles?: OIDCProviderCustomStylesInput; } export interface ExtendedOrg extends Org { tree: any; } /** * Enumeration of operation log types supported by users */ export declare enum SupportedUserActionEnum { /** * login */ LOGIN = "login", /** * register */ REGISTER = "register", /** * delete account */ DELETE_ACCOUNT = "deleteAccount", /** * update user information */ UPDATE_USER_INFO = "updateUserinfo", /** * update token */ REFRESH_TOKEN = "refreshToken", /** * update email */ UPDATE_EMAIL = "updateEmail", /** * update phone number */ UPDATE_PHONE = "updatePhone", /** * update password */ UPDATE_PASSWORD = "updatePassword", /** * vertify MFA */ VERIFY_MFA = "verifyMfa" } /** * Enumeration of operation log types supported by the administrator */ export declare enum SupportedAdminActionEnum { /** * delete user */ DELETE_USER = "deleteUser", /** * delete users in bulk */ DELETE_USERS = "deleteUsers", /** * create user */ CREATE_USER = "createUser", /** * update Token */ REFRESH_TOKEN = "refreshToken", /** * import user */ IMPORT_USER = "importUser", /** * 导出user */ EXPORT_USER = "exportUser", /** * refresh passwod */ REFRESH_SECRET = "refreshSecret", /** * delete user pool */ DELETE_USERPOOL = "deleteUserpool", /** * create user pool */ CREATE_USERPOOL = "createUserpool", /** * update user pool config */ USERPOOL_UPDATE_CONFIG = "userpool:UpdateConfig", /** * refresh user secret */ REFRESH_USERPOOL_SECRET = "refreshUserpoolSecret" } /** * User log information */ export interface UserLogsInfo { /** * user pool ID */ userpoolId: string; /** *user ID */ userId: string; /** * user name */ username: string; /** * city name */ cityName: string; /** * area name */ regionName: string; /** * client IP */ clientIp: string; /** * Operation type description */ operationDesc: string; /** * operating type */ operationName: string; /** * time stamp */ timestamp: string; /** * application ID */ appId: string; /** * application name */ appName: string; } /** * Administrator operation log information */ export interface AdminLogsInfo { /** * user pool ID */ userpoolId: string; /** * operator type */ operatorType: string; /** * operator ID */ operatorId: string; /** * operator name */ operatorName: string; /** * operating type */ operationName: string; /** * city name */ cityName: string; /** * area name */ regionName: string; /** * client IP */ clientIp: string; /** * resoruce type */ resourceType: string; /** * resoruce type name */ resourceDesc: string; resource_arn: string; /** * time stamp */ timestamp: string; } export declare type UserMfaType = 'OTP' | 'FACE'; export interface Application { qrcodeScanning: { redirect: boolean; interval: number; }; id: string; userPoolId: string; protocol: string; name: string; secret: string; identifier: string; jwks: { keys: { [key: string]: string; }[]; }; redirectUris: string[]; css: string; oidcConfig: { id: string; client_secret: string; redirect_uris: string[]; grants: string[]; access_token_lifetime: number; refresh_token_lifetime: number; introspection_endpoint_auth_method: string; revocation_endpoint_auth_method: string; }; oauthConfig: { grant_types: string[]; response_types: string[]; id_token_signed_response_alg: string; jwks_uri?: any; token_endpoint_auth_method: string; request_object_encryption_enc?: any; request_object_encryption_alg?: any; request_object_signing_alg?: any; userinfo_encrypted_response_enc?: any; userinfo_encrypted_response_alg?: any; userinfo_signed_response_alg?: any; id_token_encrypted_response_enc?: any; id_token_encrypted_response_alg?: any; jwks?: any; authorization_code_expire: number; id_token_expire: number; access_token_expire: number; refresh_token_expire: number; cas_expire: number; skip_consent: boolean; }; createdAt: string; updatedAt: string; description?: any; ssoPageCustomizationSettings?: any; logo: string; logoutRedirectUris?: any; loginTabs?: any; defaultLoginTab: string; registerTabs?: any; defaultRegisterTab: string; ldapConnections?: any; adConnections?: any; disabledSocialConnections?: any; disabledOidcConnections?: any; disabledSamlConnections?: any; disabledOauth2Connections?: any; disabledCasConnections?: any; disabledAzureAdConnections?: any; extendsFields?: any; ext?: any; samlConfig?: any; casConfig?: any; skipMfa: boolean; permissionStrategy: { allowPolicyId?: string; denyPolicyId?: string; enabled: boolean; defaultStrategy: string; }; isOfficial: boolean; isDeleted: boolean; isDefault: boolean; oidcProviderEnabled: boolean; oauthProviderEnabled: boolean; samlProviderEnabled: boolean; casProviderEnabled: boolean; registerDisabled: boolean; extendsFieldsEnabled: boolean; showAuthorizationPage: boolean; enableSubAccount: boolean; loginRequireEmailVerified: boolean; agreementEnabled: boolean; } export interface ApplicationList { totalCount: number; list: Application[]; } export interface ProgrammaticAccessAccount { id: string; createdAt: string; updatedAt: string; appId: string; secret: string; remarks: string; tokenLifetime: number; enabled: boolean; userId: string; } export interface ProgrammaticAccessAccountList { totalCount: number; list: ProgrammaticAccessAccount[]; } export interface AccessControl { assignedAt: string; inheritByChildren?: any; enabled: boolean; policyId: string; code: string; policy: { id: string; createdAt: string; updatedAt: string; userPoolId: string; isDefault: boolean; isAuto: boolean; hidden: boolean; code: string; description: string; statements: { resource: string; actions: string[]; effect: string; condition: any[]; resourceType?: any; }[]; namespaceId: number; }; targetType: string; targetIdentifier: string; target: { id: string; createdAt: string; updatedAt: string; userPoolId: string; orgId: string; name: string; nameI18n?: any; description?: any; descriptionI18n?: any; order?: any; code?: any; __id?: any; __parentid?: any; __groupid?: any; }; namespace: string; } export interface AccessControlList { totalCount: number; list: AccessControl[]; } export interface ActiveUser { thirdPartyIdentity: { provider: string; refreshToken: string; accessToken: string; scope: string; expiresIn: string; updatedAt: string; }[]; id: string; createdAt: string; updatedAt: string; userPoolId: string; isRoot: boolean; status: string; oauth?: string; email?: string; phone?: string; username: string; unionid?: string; openid?: string; nickname?: string; company?: string; photo: string; browser?: string; device?: string; password: string; salt?: string; token: string; tokenExpiredAt: string; loginsCount: number; lastIp: string; name?: string; givenName?: string; familyName?: string; middleName?: string; profile?: string; preferredUsername?: string; website?: string; gender: string; birthdate?: string; zoneinfo?: string; locale?: string; address?: string; formatted?: boolean; streetAddress?: string; locality?: string; region?: string; postalCode?: string; city?: string; province?: string; country?: string; registerSource: string[]; secretInfo?: string; emailVerified: boolean; phoneVerified: boolean; lastLogin: string; blocked: boolean; isDeleted: boolean; sendSmsCount: number; sendSmsLimitCount: number; signedUp: string; externalId?: string; mainDepartmentId?: string; mainDepartmentCode?: string; lastMfaTime?: string; passwordSecurityLevel: number; } export interface ActiveUsers { totalCount: number; list: ActiveUser[]; } export interface UserAction { operator_arn: string; '@timestamp': string; user_agent: string; geoip: { continent_code: string; country_code2: string; region_name: string; city_name: string; ip: string; latitude: number; region_code: string; timezone: string; country_code3: string; longitude: number; country_name: string; location: { lon: number; lat: number; }; }; message: string; ua: { build: string; os: string; device: string; patch: string; os_minor: string; os_major: string; os_name: string; minor: string; name: string; major: string; }; userpool_id: string; host: string; timestamp: string; '@version': string; app_id: string; operation_name: string; clientip: string; extra_data: string; request_id: string; path: string; user: { userPoolId: string; displayName: string; id: string; photo: string; }; app: { qrcodeScanning: { [key: string]: any; }; id: string; name: string; description?: any; identifier: string; logo: string; loginTabs: string[]; registerTabs: string[]; adConnections: any[]; disabledOidcConnections: any[]; disabledSamlConnections: any[]; extendsFields: any[]; disabledAzureAdConnections: any[]; disabledOauth2Connections: any[]; disabledCasConnections: any[]; }; operation_desc: string; } export interface UserActions { totalCount: number; list: UserAction[]; } export interface Resource { id: string; createdAt: string; updatedAt: string; userPoolId: string; code: string; actions: { name: string; description: string; }[]; type: string; description: string; namespaceId: number; apiIdentifier?: string; namespace: string; } export interface Resources { totalCount: number; list: Resource[]; } export interface Namespace { id: number; name: string; code: string; description: string; status: number; appId: string; appName: string; } export interface Namespaces { total: number; list: Namespace[]; } export declare type BatchFetchUserTypes = 'id' | 'username' | 'phone' | 'email' | 'externalId'; export interface IResourceQueryFilter { page?: number; limit?: number; type?: 'DATA' | 'API' | 'MENU' | 'UI' | 'BUTTON'; /** * @deprecated please use namespace */ namespaceCode?: string; namespace?: string; } export interface IResourceDto { code: string; type: 'DATA' | 'API' | 'MENU' | 'UI' | 'BUTTON'; description?: string; actions: Array<{ name: string; description: string; }>; namespace: string; } export interface IResourceUpdateDto { type?: 'DATA' | 'API' | 'MENU' | 'UI' | 'BUTTON'; description?: string; actions?: Array<{ name: string; description: string; }>; namespace: string; } export interface IResourceResponse { userPoolId: string; code: string; actions: Array<{ name: string; description: string; }>; type: string; description: string; namespaceId: number; createdAt: Date; updatedAt: Date; id: string; apiIdentifier?: string; } export interface IAppAccessPolicyQueryFilter { page?: number; limit?: number; appId: string; } export interface IAppAccessPolicy { appId: string; targetType: 'USER' | 'ROLE' | 'GROUP' | 'ORG'; targetIdentifiers: string[]; namespace?: string; inheritByChildren?: boolean; } export interface Statement { resource: string; actions: string[]; effect: string; condition: any[]; resourceType?: 'DATA' | 'API' | 'MENU' | 'UI' | 'BUTTON'; } export interface IPolicy { id: string; createdAt: Date; updatedAt: Date; userPoolId: string; isDefault: boolean; isAuto: boolean; hidden: boolean; code: string; description: string; statements: Statement[]; namespaceId: number; } export interface IUser { id: string; createdAt: Date; updatedAt: Date; userPoolId: string; isRoot: boolean; status: string; oauth?: any; email?: any; phone?: any; username: string; unionid?: any; openid?: any; nickname?: any; company?: any; photo: string; browser?: any; device?: any; password: string; salt: string; token?: any; tokenExpiredAt?: any; loginsCount: number; lastIp?: any; name?: any; givenName?: any; familyName?: any; middleName?: any; profile?: any; preferredUsername?: any; website?: any; gender: string; birthdate?: any; zoneinfo?: any; locale?: any; address?: any; formatted?: any; streetAddress?: any; locality?: any; region?: any; postalCode?: any; city?: any; province?: any; country?: any; registerSource: string[]; secretInfo?: any; emailVerified: boolean; phoneVerified: boolean; lastLogin?: any; blocked: boolean; isDeleted: boolean; sendSmsCount: number; sendSmsLimitCount: number; dataVersion?: any; encryptedPassword: string; signedUp: Date; externalId?: any; mainDepartmentId?: any; mainDepartmentCode?: any; lastMfaTime?: any; passwordSecurityLevel: number; source?: any; identities: any[]; } export interface IList { assignedAt: Date; inheritByChildren?: boolean; enabled: boolean; policyId: string; code: string; policy: IPolicy; targetType: string; targetIdentifier: string; target: IUser; namespace: string; } export interface IApplicationAccessPolicies { list: IList[]; totalCount: number; } /** * application public setting */ export interface ApplicationPublicDetail { id: string; createdAt: string; updatedAt: string; name: string; logo: string; domain: string; description: string; protocol: string; } export interface ApplicationDetail { id: string; createdAt: string; updatedAt: string; name: string; logo: string; domain: string; description: string; protocol: string; secret: string; jwks: any; ssoPageCustomizationSettings: any; redirectUris: string[]; logoutRedirectUris: string[]; oidcProviderEnabled: boolean; oauthProviderEnabled: boolean; samlProviderEnabled: boolean; casProviderEnabled: boolean; registerDisabled: boolean; oidcConfig: { [x: string]: any; }; samlConfig: { [x: string]: any; }; oauthConfig: { [x: string]: any; }; casConfig: { [x: string]: any; }; showAuthorizationPage: boolean; enableSubAccount: boolean; loginRequireEmailVerified: boolean; agreementEnabled: boolean; } export interface QrcodeScanning { redirect: boolean; interval: number; } export interface Key { e: string; n: string; d: string; p: string; q: string; dp: string; dq: string; qi: string; kty: string; kid: string; alg: string; use: string; } export interface Jwks { keys: Key[]; } export interface OidcConfig { grant_types: string[]; response_types: string[]; id_token_signed_response_alg: string; token_endpoint_auth_method: string; authorization_code_expire: number; id_token_expire: number; access_token_expire: number; refresh_token_expire: number; cas_expire: number; skip_consent: boolean; redirect_uris: string[]; post_logout_redirect_uris: any[]; client_id: string; introspection_endpoint_auth_method: string; revocation_endpoint_auth_method: string; } export interface OauthConfig { id: string; redirect_uris: string[]; grants: string[]; access_token_lifetime: number; refresh_token_lifetime: number; introspection_endpoint_auth_method: string; revocation_endpoint_auth_method: string; } export interface PermissionStrategy { enabled: boolean; defaultStrategy: string; allowPolicyId: string; denyPolicyId: string; } export interface IApplication { qrcodeScanning: QrcodeScanning; id: string; createdAt: Date; updatedAt: Date; userPoolId: string; protocol: string; isOfficial: boolean; isDeleted: boolean; isDefault: boolean; name: string; description?: any; identifier: string; jwks: Jwks; ssoPageCustomizationSettings?: any; logo: string; redirectUris: string[]; logoutRedirectUris: any[]; oidcProviderEnabled: boolean; oauthProviderEnabled: boolean; samlProviderEnabled: boolean; casProviderEnabled: boolean; registerDisabled: boolean; loginTabs: string[]; defaultLoginTab: string; registerTabs: string[]; defaultRegisterTab: string; ldapConnections?: any; adConnections: any[]; disabledSocialConnections?: any; disabledOidcConnections: any[]; disabledSamlConnections: any[]; disabledOauth2Connections: any[]; disabledCasConnections: any[]; disabledAzureAdConnections: any[]; extendsFieldsEnabled: boolean; extendsFields: any[]; ext?: any; css: string; oidcConfig: OidcConfig; samlConfig?: any; oauthConfig: OauthConfig; casConfig?: any; showAuthorizationPage: boolean; enableSubAccount: boolean; loginRequireEmailVerified: boolean; agreementEnabled: boolean; skipMfa: boolean; permissionStrategy: PermissionStrategy; } export interface AgreementInput { title: string; required?: boolean; lang?: Lang; } export interface AgreementDetail extends Required { appId: string; order: number; userPoolId: string; id: number; } export interface AgreementList { list: AgreementDetail[]; totalCount: number; }