-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpostLoginApi.ts
More file actions
112 lines (109 loc) · 3.66 KB
/
postLoginApi.ts
File metadata and controls
112 lines (109 loc) · 3.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
// https://auth0.com/docs/customize/actions/explore-triggers/signup-and-login-triggers/login-trigger/post-login-api-object
// types from examples in https://auth0.com/docs/customize/forms/render
import type {
ApiAccessDeny,
ApiAuthenticationChallenge,
ApiCache,
ApiMfaFactor,
ApiRedirect,
ApiSetCustomClaim,
ApiUser,
Dictionary,
} from "./shared";
type SamlValue = string | number | boolean | null | SamlValue[];
export type PostLoginApi = {
access: {
deny: ApiAccessDeny<PostLoginApi>;
};
accessToken: {
setCustomClaim: ApiSetCustomClaim<PostLoginApi>;
addScope: (scope: string) => PostLoginApi;
removeScope: (scope: string) => PostLoginApi;
};
authentication: ApiAuthenticationChallenge & {
/** Only available from within the onContinuePostLogin function */
recordMethod: (providerUrl: string) => PostLoginApi;
enrollWith: (
factor: ApiMfaFactor,
options?: { additionalFactors?: ApiMfaFactor[] },
) => void;
enrollWithAny: (factors: ApiMfaFactor[]) => void;
setPrimaryUser: (primaryUserId: string) => void;
};
cache: ApiCache;
idToken: {
setCustomClaim: ApiSetCustomClaim<PostLoginApi>;
};
multifactor: {
enable: (
provider: "any" | "duo" | "google-authenticator" | "guardian" | "none",
options?: {
allowRememberBrowser?: boolean;
providerOptions?: {
host: string;
ikey: string;
skey: string;
username?: string;
};
},
) => PostLoginApi;
};
prompt: {
render: (
formId: string,
options?: { fields?: Dictionary; vars?: Dictionary },
) => void;
};
user: ApiUser<PostLoginApi>;
redirect: ApiRedirect<PostLoginApi>;
rules: {
wasExecuted: (ruleId: string) => boolean;
};
samlResponse: {
setAttribute: (attribute: string, value: SamlValue) => void;
setAudience: (audience: string) => void;
setIssuer: (issuer: string) => void;
setEncryptionPublicKey: (publicKey: string) => void;
setRecipient: (recipient: string) => void;
setCreateUpnClaim: (createUpnClaim: boolean) => void;
setPassthroughClaimsWithNoMapping: (
passthroughClaimsWithNoMapping: boolean,
) => void;
setMapUnknownClaimsAsIs: (mapUnknownClaimsAsIs: boolean) => void;
setMapIdentities: (mapIdentities: boolean) => void;
setDestination: (destination: string) => void;
setRelayState: (relayState: string) => void;
setLifetimeInSeconds: (lifetimeInSeconds: number) => void;
setSignResponse: (signResponse: boolean) => void;
setNameIdentifierFormat: (nameIdentifierFormat: string) => void;
setNameIdentifierProbes: (nameIdentifierProbes: string[]) => void;
setAuthnContextClassRef: (authnContextClassRef: string) => void;
setSigningCert: (signingCert?: string) => void;
setIncludeAttributeNameFormat: (
includeAttributeNameFormat: boolean,
) => void;
setTypedAttributes: (typedAttributes: boolean) => void;
setEncryptionCert: (encryptionCert?: string) => void;
setCert: (cert?: string) => void;
setKey: (key?: string) => void;
/** @deprecated */
setSignatureAlgorithm: (
signatureAlgorithm: "rsa-sha256" | "rsa-sha1",
) => void;
/** @deprecated */
setDigestAlgorithm: (digestAlgorithm: "sha256" | "sha1") => void;
};
session: {
revoke: (
reason: string,
options?: { preserveRefreshTokens?: boolean },
) => PostLoginApi;
setExpiresAt: (absolute: number) => PostLoginApi;
setIdleExpiresAt: (idle: number) => PostLoginApi;
};
refreshToken: {
revoke: (reason: string) => PostLoginApi;
setExpiresAt: (absolute: number) => PostLoginApi;
setIdleExpiresAt: (idle: number) => PostLoginApi;
};
};