@axinom/mosaic-user-auth-utils
This is a supporting library of @axinom/mosaic-user-auth which exports common types, so they may be shared between the Frontends and Backends
during authentication & authorization flows (end-user facing).
Enumerations
The @axinom/mosaic-user-auth-utils library exposes the following enumerations
in order to expressively define the response codes related to the
@axinom/mosaic-user-auth library operations.
| Interface Name | Description |
|---|---|
| TokenResponseCode | Token response code from User Service Auth API. |
| SignOutResponseCode | Sign out response code from User Service Auth API. |
| IdpConfigurationResponseCode | IDP Configuration response code from User Service Auth API. |
| SignInResponseCode | Sign In Response Code for sign in with username/password flow from User Service Auth API. |
| ResetPasswordResponseCode | Password Reset/Complete Password Reset Code from User Service Auth API. |
| UserSignUpResponseCode | Sign Up Response Code from User Service Auth API. |
| CompleteUserSignUpResponseCode | Verify Sign Up Response Code from User Service Auth API. |
| CheckOtpResponseCode | OTP Check Response Code from User Service Auth API. This response type is used for both Sign Up OTP check and Reset Password OTP check. |
| DeviceAuthorizationResponseCode | Device Authorization response code from User Service Auth API. |
| DevicePollResponseCode | Device poll response code from User Service Auth API. |
| DeviceVerificationResponseCode | Device verification response code from User Service Auth API. |
| DeviceApprovalResponseCode | Device approval/denial response code from User Service Auth API. |
| DeviceAuthorizationStatus | The current status of a device authorization. |
TokenResponseCode
enum TokenResponseCode {
SUCCESS = 'SUCCESS',
NEEDS_LOGIN = 'NEEDS_LOGIN',
ACCOUNT_NOT_ACTIVE = 'ACCOUNT_NOT_ACTIVE',
AUTH_FLOW_ERROR = 'AUTH_FLOW_ERROR',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}
SignOutResponseCode
enum SignOutResponseCode {
SUCCESS = 'SUCCESS',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}
IdpConfigurationResponseCode
enum IdpConfigurationResponseCode {
SUCCESS = 'SUCCESS',
APPLICATION_NOT_ACTIVE = 'APPLICATION_NOT_ACTIVE',
NO_ACTIVE_IDPS = 'NO_ACTIVE_IDPS',
ACCOUNT_NOT_ACTIVE = 'ACCOUNT_NOT_ACTIVE',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}
SignInResponseCode
enum SignInResponseCode {
SUCCESS = 'SUCCESS',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
BAD_REQUEST = 'BAD_REQUEST',
AUTH_FLOW_ERROR = 'AUTH_FLOW_ERROR',
SERVICE_CONFIGURATION_ERROR = 'SERVICE_CONFIGURATION_ERROR',
}
ResetPasswordResponseCode
enum ResetPasswordResponseCode {
SUCCESS = 'SUCCESS',
ERROR = 'ERROR',
SERVICE_CONFIGURATION_ERROR = 'SERVICE_CONFIGURATION_ERROR',
}
UserSignUpResponseCode
enum UserSignUpResponseCode {
SUCCESS = 'SUCCESS',
ERROR = 'ERROR',
SERVICE_CONFIGURATION_ERROR = 'SERVICE_CONFIGURATION_ERROR',
}
CompleteUserSignUpResponseCode
enum CompleteUserSignUpResponseCode {
SUCCESS = 'SUCCESS',
ERROR = 'ERROR',
SERVICE_CONFIGURATION_ERROR = 'SERVICE_CONFIGURATION_ERROR',
}
CheckOtpResponseCode
enum CheckOtpResponseCode {
SUCCESS = 'SUCCESS',
ERROR = 'ERROR',
SERVICE_CONFIGURATION_ERROR = 'SERVICE_CONFIGURATION_ERROR',
}
DeviceAuthorizationResponseCode
enum DeviceAuthorizationResponseCode {
SUCCESS = 'SUCCESS',
DEVICE_FLOW_NOT_ENABLED = 'DEVICE_FLOW_NOT_ENABLED',
APPLICATION_NOT_ACTIVE = 'APPLICATION_NOT_ACTIVE',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}
DevicePollResponseCode
enum DevicePollResponseCode {
SUCCESS = 'SUCCESS',
AUTHORIZATION_PENDING = 'AUTHORIZATION_PENDING',
SLOW_DOWN = 'SLOW_DOWN',
ACCESS_DENIED = 'ACCESS_DENIED',
EXPIRED = 'EXPIRED',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}
DeviceVerificationResponseCode
enum DeviceVerificationResponseCode {
SUCCESS = 'SUCCESS',
NOT_FOUND = 'NOT_FOUND',
EXPIRED = 'EXPIRED',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}
DeviceApprovalResponseCode
enum DeviceApprovalResponseCode {
SUCCESS = 'SUCCESS',
NOT_FOUND = 'NOT_FOUND',
EXPIRED = 'EXPIRED',
ALREADY_USED = 'ALREADY_USED',
ACCESS_TOKEN_EXPIRED = 'ACCESS_TOKEN_EXPIRED',
NEEDS_LOGIN = 'NEEDS_LOGIN',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}
DeviceAuthorizationStatus
enum DeviceAuthorizationStatus {
PENDING = 'PENDING',
APPROVED = 'APPROVED',
DENIED = 'DENIED',
EXPIRED = 'EXPIRED',
REDEEMED = 'REDEEMED',
}
Interfaces
The @axinom/mosaic-user-auth-utils library exposes the following interfaces.
| Interface Name | Description |
|---|---|
| UserToken | Represents a user token. |
| User | Represents an authenticated user. |
| TokenResponse | Token response from User Service Auth API. |
| SignOutResponse | Sign out response from User Service Auth API. |
| IdpConfiguration | Represents an IDP Configuration. |
| IdpConfigurationResponse | IDP Configuration response from User Service Auth API. |
| WellKnownEndpointResponse | The well known endpoints exposed by ax-user-service. |
| SignInResponse | Response for a Sign In with username/password flow. |
| UserSignUpResponse | Represents the response for a User Sign Up request. |
| CompleteUserSignUpResponse | Represents the response for a Complete User Sign Up request. |
| InitiatePasswordResetResponse | Represents the response for InitiatePasswordReset request. |
| CompletePasswordResetResponse | Represents the response for a CompletePasswordReset request. |
| CheckPasswordResetOtpResponse | Represents the response for a Check Password Reset OTP Request. |
| CheckUserSignUpOtpResponse | Represents the response for a User Sign Up OTP Request. |
| DeviceAuthorizationRequest | Represents the information required to start the Device Authorization flow. |
| DeviceAuthorizationResponse | Response for a Device Authorization request. |
| DevicePollRequest | Represents the information required to poll for device approval. |
| DevicePollResponse | Response for a device poll request. |
| DeviceVerificationResponse | Response for a device verification (user code lookup) request. |
| DeviceApprovalRequest | Represents the information required to approve or deny a device. |
| DeviceApprovalResponse | Response for a device approval or denial request. |
UserToken
interface UserToken {
accessToken: string;
expiresInSeconds: number;
expiresAt: Date;
}
UserServiceConfig
interface UserServiceConfig {
userServiceBaseUrl: string;
}
User
interface User {
id: string;
name: string | null;
email: string | null;
profileId: string;
token: UserToken;
}
TokenResponse
interface TokenResponse {
code: TokenResponseCode;
message?: string;
tenantId?: string;
environmentId?: string;
applicationId?: string;
extensions?: unknown;
user?: User;
}
SignOutResponse
interface SignOutResponse {
code: SignOutResponseCode;
message?: string;
}
IdpConfiguration
interface IdpConfiguration {
idpConnectionId: string;
providerId: string;
clientId: string;
providerIconUrl: string | null;
title: string;
sortOrder: number | null;
authUrl?: string;
}
IdpConfigurationResponse
interface IdpConfigurationResponse {
code: IdpConfigurationResponseCode;
message?: string;
tenantId?: string;
environmentId?: string;
applicationId?: string;
availableIdentityProviders?: IdpConfiguration[];
}
WellKnownEndpointResponse
interface WellKnownEndpointResponse {
jwks: string;
userServiceAdminGQL: string;
userServiceEndUserGQL: string;
axAuthManagementGQL: string;
axAuthEndpoint: string;
}
SignInResponse
interface SignInResponse {
code: SignInResponseCode;
message?: string;
details?: Record<string, unknown>;
}
UserSignUpResponse
interface UserSignUpResponse {
code: UserSignUpResponseCode;
idpUserId?: string;
message?: string;
}
CompleteUserSignUpResponse
interface CompleteUserSignUpResponse {
code: CompleteUserSignUpResponseCode;
idpUserId?: string;
message?: string;
}
InitiatePasswordResetResponse
interface InitiatePasswordResetResponse {
code: ResetPasswordResponseCode;
message?: string;
details?: Record<string, unknown>;
}
CompletePasswordResetResponse
interface CompletePasswordResetResponse {
code: ResetPasswordResponseCode;
message?: string;
details?: Record<string, unknown>;
}
CheckPasswordResetOtpResponse
interface CheckPasswordResetOtpResponse {
code: CheckOtpResponseCode;
message?: string;
isOtpValid?: boolean;
}
CheckUserSignUpOtpResponse
interface CheckUserSignUpOtpResponse {
code: CheckOtpResponseCode;
message?: string;
isOtpValid?: boolean;
}
DeviceAuthorizationRequest
interface DeviceAuthorizationRequest {
// Optional human-friendly label supplied by the device; display-only.
deviceLabel?: string;
}
DeviceAuthorizationResponse
interface DeviceAuthorizationResponse {
code: DeviceAuthorizationResponseCode;
message?: string;
// Secret the device polls with.
deviceCode?: string;
// Short code the user types on the activation page.
userCode?: string;
// Activation page URL the user opens.
verificationUri?: string;
// verificationUri with the user code embedded (for a QR code).
verificationUriComplete?: string;
// Seconds until the device code expires.
expiresIn?: number;
// Minimum seconds between polls.
interval?: number;
}
DevicePollRequest
interface DevicePollRequest {
deviceCode: string;
}
DevicePollResponse
interface DevicePollResponse {
code: DevicePollResponseCode;
message?: string;
// The device's refresh token — present only on SUCCESS.
refreshToken?: string;
}
DeviceVerificationResponse
interface DeviceVerificationResponse {
code: DeviceVerificationResponseCode;
message?: string;
deviceLabel?: string;
status?: DeviceAuthorizationStatus;
}
DeviceApprovalRequest
interface DeviceApprovalRequest {
userCode: string;
}
DeviceApprovalResponse
interface DeviceApprovalResponse {
code: DeviceApprovalResponseCode;
message?: string;
}