import Base, { MaybeRaw } from "../../../Base"; import { OAuthMetadata, OAuthToken, OAuthTokenRequest } from "../../../interfaces/idp/oauth"; import { OAuthAppPublicInfo } from "../../../interfaces/idp/organization/settings/oauthApp"; import IdpOAuthDevice from "./device"; export declare class IdpOAuth extends Base { get device(): IdpOAuthDevice; private _device?; /** * getAuthorizationCodeInsideRedirectUrl throws for an invalid request (query params do not match OAuthApp). * It returns the redirect URL with the code, which is used to redirect to the client application, * which can use the code for a back-channel request to get the access token. * @param queryString expect the user's / browser's query string, containing the response_type, client_id, * redirect_uri, scopes and optionally state. * @returns the entire redirect uri including the authorization code if successful */ getAuthorizationCodeInsideRedirectUrl(queryString: string, doNotRedirect?: boolean, raw?: { raw: R; }): Promise>; /** * Check if the user has consented to specified scopes. If the user has already consented this request * will return the redirect URL, otherwise, it will be a consent.not.given error. * * To consent the createScopesAndGetAuthorizationCodeInsideRedirectUrl method should be used. * @see IdpOAuth.createScopesAndGetAuthorizationCodeInsideRedirectUrl * * @param queryString {string} - Query string containing the OAuth parameters: response_type, client_id, scope, state * @param doNotRedirect [boolean] - Flag to make the request return a 200 instead of a 3xx status code * @returns A string with the redirect URL if the user already consented to the specificied scope. Otherwise, an OAuthApp * @see OAuthApp */ getInfoOrAuthorizationCodeInsideRedirectUrl(queryString: string, doNotRedirect?: boolean, raw?: { raw: R; }): Promise>; /** * createScopesAndGetAuthorizationCodeInsideRedirectUrl throws for an invalid request (query params do not match OAuthApp). * It returns the redirect URL with the code, which is used to redirect to the client application, * which can use the code for a back-channel request to get the access token. It also adds the scopes for the user. * @param queryString expect the user's / browser's query string, containing the response_type, client_id, * redirect_uri, scopes and optionally state. * @returns the entire redirect uri including the authorization code if successful */ createScopesAndGetAuthorizationCodeInsideRedirectUrl(queryString: string, doNotRedirect?: boolean, raw?: { raw: R; }): Promise>; /** * A valid code can be used to request a new API token. * @param tokenRequest contains the code, client_id, client_secret and redirect_uri */ exchangeCodeForToken(tokenRequest: OAuthTokenRequest, raw?: { raw: R; }): Promise>; /** * Get OAuth app public information via client ID * * @param clientId {string} - Client ID of the OAuth app * @returns Public OAuth app information */ getOAuthAppInfo(clientId: string, raw?: { raw: R; }): Promise>; /** * Retrieves the OAuth 2.0 authorization server metadata * This method enables dynamic discovery of endpoint locations and server capabilities as defined in RFC 8414 * @returns Authorization server metadata */ getMetadata(raw?: { raw: R; }): Promise>; protected getEndpoint(endpoint: string): string; }