import { Subscription } from 'rxjs'; import { AuthSettings } from '../../models/authSettings.model'; import { Service } from '../../services/service'; import { MultiFactorAuthFeatureInfo, MultiFactorAuthInformation, MultiFactorAuthPolicy, MultiFactorAuthVerifInfo } from '../../models/rainbow-auth.model'; export declare const AUTH_SVC = "AuthService"; export declare enum AUTO_AUTH_TYPES { CommandLine = "CommandLine", AuthToken = "AuthToken", KeyChain = "KeyChain", NoAuth = "NoAuth" } export declare enum AUTH_STATUS { Failure = "Failure", Success = "Success" } export declare enum AUTH_TYPE { RAINBOW = "RAINBOW", SAML = "SAML", OIDC = "OIDC", TOTP = "TOTP", PASSWORDLESS = "PASSWORDLESS" } export interface AutoAuthResult { type: AUTO_AUTH_TYPES; status?: AUTH_STATUS; error?: Error; errorCode?: string; authInfo?: any; } /** * @eventProperty */ export declare enum AuthServiceEvents { /** * @eventProperty * This RB event is send when a conversation has been removed from the user (or from another client) */ RAINBOW_ON_AUTH_TOKEN_EXPIRE = "RAINBOW_ON_AUTH_TOKEN_EXPIRE", /** * @eventProperty * This RB event is send when a conversation has been removed from the user (or from another client) */ RAINBOW_ON_AUTH_TOKEN_WILL_EXPIRE = "RAINBOW_ON_AUTH_TOKEN_WILL_EXPIRE", /** * @eventProperty * This RB event is send when a conversation has been removed from the user (or from another client) */ RAINBOW_ON_AUTH_SESSION_SHOULD_RENEW = "RAINBOW_ON_AUTH_SESSION_SHOULD_RENEW", /** * @eventProperty * This RB event is send when a conversation has been removed from the user (or from another client) */ RAINBOW_ON_AUTH_TOKEN_RENEW = "RAINBOW_ON_AUTH_TOKEN_RENEW", /** * @eventProperty * This RB event is sent when the redirection from external browser to rainbow is done for the backchannel authent (used for Azure Cond Access) */ RAINBOW_ON_AUTH_BACKCHANNEL_REDIRECT_COMMAND = "RAINBOW_ON_AUTH_BACKCHANNEL_REDIRECT_COMMAND", /** * @eventProperty * This RB event is sent when a successful token is retrieved by backchannel authent (used for Azure Cond Access) */ RAINBOW_ON_AUTH_BACKCHANNEL_SUCCESS = "RAINBOW_ON_AUTH_BACKCHANNEL_SUCCESS", /** * @eventProperty * This RB event is sent when a failure occurs in token retrieval in backchannel authent (used for Azure Cond Access) */ RAINBOW_ON_AUTH_BACKCHANNEL_FAILURE = "RAINBOW_ON_AUTH_BACKCHANNEL_FAILURE" } export declare class AuthService extends Service { SSO_LOGIN_POPUP_WINDOW_NAME: string; token: string; login: string; userId: string; jidIm: string; jidTel: string; jidPwd: string; xmppDomain: string; companyId: string; firstUseNewVersion: boolean; initialized: boolean; isGuest: boolean; loggedInUser: any; authType: AUTH_TYPE; sessionShouldBeUpdated: boolean; sessionExpirationTimestamp: number; private authSettings; browserFingerprint: string; private renewTokenTimer?; private renewSessionTimer?; private tokenSurveyTimer?; private win; private globalSSOSettings; private rxSubject; private logger; private settingsService; private errorHelperService; private mainService; private backChannelPollingTimeout; private backChannelRenewSession; private rememberMe; private randomFullJid; static getInstance(): AuthService; static build(): AuthService; private constructor(); subscribe(handler: any): Subscription; sendEvent(eventName: AuthServiceEvents, data?: any): void; logon(login: string, password: string, rememberMe?: boolean, authSettings?: AuthSettings): Promise<{ mfaPolicy: MultiFactorAuthPolicy; authType: AUTH_TYPE.TOTP; token: string; } | null>; getRandomFullJid(jid?: string): string; logonOneTimeGuest(login: string, password: string): Promise<{ mfaPolicy: MultiFactorAuthPolicy; authType: AUTH_TYPE.TOTP; token: string; } | null>; logonWithToken(token?: string): Promise; sdkLogOn(login: string, password: string, host: string, appToken: any, token: string): Promise; setRenewedToken(token?: string): Promise; logout(): Promise; getGlobalSSOConfiguration(): Promise; getUserAuthenticationSettings(login?: string, inAppAuth?: boolean, country?: string, isDesktopApp?: boolean): Promise; removeCredentials(): void; resetUserEnvironment(): void; getRequestHeader(accept?: string): any; getRequestHeaderWithRange(range: any): any; getPostHeader(contentType?: string, accept?: string): any; getPostHeaderWithRange(range: any, contentType: string): any; setInformationHeaders(headers: any): void; getInformationHeadersApp(): string; getInformationHeadersAppVersion(): string; startTokenSurvey(): Promise; private sendAuthSessionShouldRenewEvent; suspendRenewSessionEventing(): void; stopTokenSurvey(): void; getRainbowAppAuth(appId: string, appSecret: string, password?: string): string; private getMajorVersion; getServerApiUrls(): void; renewAuthToken(restartTokenSurvey?: boolean): Promise; getUserData(): Promise; getUserEnvironments(login: string): Promise; getSAMLConfiguration(companyId: string, ssoId: string): Promise; getFingerPrint(): Promise; private formatDuration; private createError; private extractUserInfo; autoAuth(noAutoLoginPatterns?: string[], commandLineInfo?: any): Promise; getMainProcessArguments(): Promise; getKeyChainDesktopAuthInfo(): Promise; getCommandLine(): Promise; handleAuthCommandLine(commandLine: string): any; handleAuthBackChannelCommandLine(commandLine: string): void; getLocationSearchParameters(): any; /** * Retrieve multifactor authentication information from server */ retrieveMfaInformation(): Promise; /** * This API allows Rainbow users to verify that rainbow multifactor authentication is operational * @param token - 6-digits TOTP code */ verifyMFAInformation(token: string): Promise; /** * Allows Rainbow users to enable Multifactor Authentication in order to finalize activation process */ enableMFA(): Promise; /** * This API allows Rainbow users to login during a short duration for executing some specific operation concerning a feature given in body content * If login is successful, the API returns a JSON Web Token (JWT) which has to be provided by clients for all Rainbow APIs * requiring this user authentication with short duration: * The JWT is valid only for a given time period. * The JWT cannot be renewed. * Once the JWT expired, user must login again using this API. * @param login - loginEmail of user trying to authenticate * @param password - password of user trying to authenticate * @param feature - feature for which the login is for. Default: 'mfa' * @param duration - duration in seconds of the limited login. Default: 600 seconds */ loginCheck(login: string, password: string, feature?: string, duration?: number): Promise; /** * Allows Rainbow users to disable multifactor authentication * @param token - to be used for disable API call */ disableMFA(token: string): Promise; /** * Realize the second authication with a totp code as second factor using * @param mfaToken - A valid JWT token is generated by the API and returned as answer of a call to the route GET /api/rainbow/authentication/v1.0/login giving a valid user & password * @param mfaTotpCode -TOTP code * @param trustedApp - indicates if MFA policy is configured to authorize trusted app to not ask for totp code at next login */ loginUsingToTp(mfaToken: string, mfaTotpCode: number, trustedApp?: boolean): Promise; /** * Realize the second authication with a recovery code as second factor using * @param mfaToken - A valid JWT token is generated by the API and returned as answer of a call to the route GET /api/rainbow/authentication/v1.0/login giving a valid user & password * @param mfaRecoveryCode - recovery code */ loginUsingRecoveryCode(mfaToken: string, mfaRecoveryCode: string): Promise; /** * Allows Rainbow users to reset recovery code for multifactor authentication * @param token - to be used for reset API call */ resetRecoveryCode(token: string): Promise; /** * Allows Rainbow users to delete all trusted applications using * @param token - to be used for disable API call */ disableAllMfaTrustedApps(token: string): Promise; /** * Allows Rainbow users to delete a trusted application * @param token - to be used for disable API call * @param appId - application unique id */ disableMfaTrustedApp(token: string, appId: string): Promise; /** * Get a "standard" Rainbow JWT from a temporary microsoft token. * This API can only be used by the "Rainbow official Desktop application". * @param temporaryToken - a temporary microsoft token */ getRainbowTokenFromTemporaryToken(temporaryToken: string): Promise; /** * Ask the backend to send a verification code by email or sms to the identified user. * @param uid - User identifier (loginEmail or loginPhone) * @param country - country code (alpha3) of the loginPhone 'used for passwordless by phone number authentication method */ sendPasswordlessCodeToUser(uid: string, country?: string): Promise<{ codeLength: number; codeDuration: number; expirationDate: string; smsSent: boolean; emailSent: boolean; smsSentTo?: string; emailSentTo?: string; }>; /** * This API allows Rainbow users to login without password, but with a verification code sent by mail or sms * @param uid - User identifier (loginEmail or loginPhone) * @param code - OTP code * @param challenge - for autorized application identification * @param rememberMe - Indicates wether the browser must memorize the token and do auto token renewals */ loginUsingPasswordlessLogin(uid: string, code: string, challenge: string, rememberMe: boolean): Promise; retrieveBackChannelUserToken(authSettings: AuthSettings, rememberMe: boolean, renewSession?: boolean): Promise; private startSsoCondAccessTokenPolling; stopPollingBackChannelUserToken(): void; private startSsoCondAccessPoll; /** * This API allows Rainbow users to login without password, but with a verification code sent by mail or sms * @param uid - User identifier (loginEmail or loginPhone) * @param code - OTP code * @param challenge - for autorized application identification * @param rememberMe - Indicates wether the browser must memorize the token and do auto token renewals */ private pollingBackChannelUserToken; } //# sourceMappingURL=auth.service.d.ts.map