Skip to main content

@axinom/mosaic-user-auth-utils

This is a supporting library of @axinom/mosaic-user-auth which exports common types, so they may be shared between the Frontends and Backends during authentication & authorization flows (end-user facing).

Enumerations

The @axinom/mosaic-user-auth-utils library exposes the following enumerations in order to expressively define the response codes related to the @axinom/mosaic-user-auth library operations.

Interface NameDescription
TokenResponseCodeToken response code from User Service Auth API.
SignOutResponseCodeSign out response code from User Service Auth API.
IdpConfigurationResponseCodeIDP Configuration response code from User Service Auth API.
SignInResponseCodeSign In Response Code for sign in with username/password flow from User Service Auth API.
ResetPasswordResponseCodePassword Reset/Complete Password Reset Code from User Service Auth API.
UserSignUpResponseCodeSign Up Response Code from User Service Auth API.
CompleteUserSignUpResponseCodeVerify Sign Up Response Code from User Service Auth API.
CheckOtpResponseCodeOTP Check Response Code from User Service Auth API. This response type is used for both Sign Up OTP check and Reset Password OTP check.
DeviceAuthorizationResponseCodeDevice Authorization response code from User Service Auth API.
DevicePollResponseCodeDevice poll response code from User Service Auth API.
DeviceVerificationResponseCodeDevice verification response code from User Service Auth API.
DeviceApprovalResponseCodeDevice approval/denial response code from User Service Auth API.
DeviceAuthorizationStatusThe current status of a device authorization.

TokenResponseCode

enum TokenResponseCode {
SUCCESS = 'SUCCESS',
NEEDS_LOGIN = 'NEEDS_LOGIN',
ACCOUNT_NOT_ACTIVE = 'ACCOUNT_NOT_ACTIVE',
AUTH_FLOW_ERROR = 'AUTH_FLOW_ERROR',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}

SignOutResponseCode

enum SignOutResponseCode {
SUCCESS = 'SUCCESS',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}

IdpConfigurationResponseCode

enum IdpConfigurationResponseCode {
SUCCESS = 'SUCCESS',
APPLICATION_NOT_ACTIVE = 'APPLICATION_NOT_ACTIVE',
NO_ACTIVE_IDPS = 'NO_ACTIVE_IDPS',
ACCOUNT_NOT_ACTIVE = 'ACCOUNT_NOT_ACTIVE',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}

SignInResponseCode

enum SignInResponseCode {
SUCCESS = 'SUCCESS',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
BAD_REQUEST = 'BAD_REQUEST',
AUTH_FLOW_ERROR = 'AUTH_FLOW_ERROR',
SERVICE_CONFIGURATION_ERROR = 'SERVICE_CONFIGURATION_ERROR',
}

ResetPasswordResponseCode

enum ResetPasswordResponseCode {
SUCCESS = 'SUCCESS',
ERROR = 'ERROR',
SERVICE_CONFIGURATION_ERROR = 'SERVICE_CONFIGURATION_ERROR',
}

UserSignUpResponseCode

enum UserSignUpResponseCode {
SUCCESS = 'SUCCESS',
ERROR = 'ERROR',
SERVICE_CONFIGURATION_ERROR = 'SERVICE_CONFIGURATION_ERROR',
}

CompleteUserSignUpResponseCode

enum CompleteUserSignUpResponseCode {
SUCCESS = 'SUCCESS',
ERROR = 'ERROR',
SERVICE_CONFIGURATION_ERROR = 'SERVICE_CONFIGURATION_ERROR',
}

CheckOtpResponseCode

enum CheckOtpResponseCode {
SUCCESS = 'SUCCESS',
ERROR = 'ERROR',
SERVICE_CONFIGURATION_ERROR = 'SERVICE_CONFIGURATION_ERROR',
}

DeviceAuthorizationResponseCode

enum DeviceAuthorizationResponseCode {
SUCCESS = 'SUCCESS',
DEVICE_FLOW_NOT_ENABLED = 'DEVICE_FLOW_NOT_ENABLED',
APPLICATION_NOT_ACTIVE = 'APPLICATION_NOT_ACTIVE',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}

DevicePollResponseCode

enum DevicePollResponseCode {
SUCCESS = 'SUCCESS',
AUTHORIZATION_PENDING = 'AUTHORIZATION_PENDING',
SLOW_DOWN = 'SLOW_DOWN',
ACCESS_DENIED = 'ACCESS_DENIED',
EXPIRED = 'EXPIRED',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}

DeviceVerificationResponseCode

enum DeviceVerificationResponseCode {
SUCCESS = 'SUCCESS',
NOT_FOUND = 'NOT_FOUND',
EXPIRED = 'EXPIRED',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}

DeviceApprovalResponseCode

enum DeviceApprovalResponseCode {
SUCCESS = 'SUCCESS',
NOT_FOUND = 'NOT_FOUND',
EXPIRED = 'EXPIRED',
ALREADY_USED = 'ALREADY_USED',
ACCESS_TOKEN_EXPIRED = 'ACCESS_TOKEN_EXPIRED',
NEEDS_LOGIN = 'NEEDS_LOGIN',
BAD_REQUEST = 'BAD_REQUEST',
INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR',
}

DeviceAuthorizationStatus

enum DeviceAuthorizationStatus {
PENDING = 'PENDING',
APPROVED = 'APPROVED',
DENIED = 'DENIED',
EXPIRED = 'EXPIRED',
REDEEMED = 'REDEEMED',
}

Interfaces

The @axinom/mosaic-user-auth-utils library exposes the following interfaces.

Interface NameDescription
UserTokenRepresents a user token.
UserRepresents an authenticated user.
TokenResponseToken response from User Service Auth API.
SignOutResponseSign out response from User Service Auth API.
IdpConfigurationRepresents an IDP Configuration.
IdpConfigurationResponseIDP Configuration response from User Service Auth API.
WellKnownEndpointResponseThe well known endpoints exposed by ax-user-service.
SignInResponseResponse for a Sign In with username/password flow.
UserSignUpResponseRepresents the response for a User Sign Up request.
CompleteUserSignUpResponseRepresents the response for a Complete User Sign Up request.
InitiatePasswordResetResponseRepresents the response for InitiatePasswordReset request.
CompletePasswordResetResponseRepresents the response for a CompletePasswordReset request.
CheckPasswordResetOtpResponseRepresents the response for a Check Password Reset OTP Request.
CheckUserSignUpOtpResponseRepresents the response for a User Sign Up OTP Request.
DeviceAuthorizationRequestRepresents the information required to start the Device Authorization flow.
DeviceAuthorizationResponseResponse for a Device Authorization request.
DevicePollRequestRepresents the information required to poll for device approval.
DevicePollResponseResponse for a device poll request.
DeviceVerificationResponseResponse for a device verification (user code lookup) request.
DeviceApprovalRequestRepresents the information required to approve or deny a device.
DeviceApprovalResponseResponse for a device approval or denial request.

UserToken

interface UserToken {
accessToken: string;
expiresInSeconds: number;
expiresAt: Date;
}

UserServiceConfig

interface UserServiceConfig {
userServiceBaseUrl: string;
}

User

interface User {
id: string;
name: string | null;
email: string | null;
profileId: string;
token: UserToken;
}

TokenResponse

interface TokenResponse {
code: TokenResponseCode;
message?: string;
tenantId?: string;
environmentId?: string;
applicationId?: string;
extensions?: unknown;
user?: User;
}

SignOutResponse

interface SignOutResponse {
code: SignOutResponseCode;
message?: string;
}

IdpConfiguration

interface IdpConfiguration {
idpConnectionId: string;
providerId: string;
clientId: string;
providerIconUrl: string | null;
title: string;
sortOrder: number | null;
authUrl?: string;
}

IdpConfigurationResponse

interface IdpConfigurationResponse {
code: IdpConfigurationResponseCode;
message?: string;
tenantId?: string;
environmentId?: string;
applicationId?: string;
availableIdentityProviders?: IdpConfiguration[];
}

WellKnownEndpointResponse

interface WellKnownEndpointResponse {
jwks: string;
userServiceAdminGQL: string;
userServiceEndUserGQL: string;
axAuthManagementGQL: string;
axAuthEndpoint: string;
}

SignInResponse

interface SignInResponse {
code: SignInResponseCode;
message?: string;
details?: Record<string, unknown>;
}

UserSignUpResponse

interface UserSignUpResponse {
code: UserSignUpResponseCode;
idpUserId?: string;
message?: string;
}

CompleteUserSignUpResponse

interface CompleteUserSignUpResponse {
code: CompleteUserSignUpResponseCode;
idpUserId?: string;
message?: string;
}

InitiatePasswordResetResponse

interface InitiatePasswordResetResponse {
code: ResetPasswordResponseCode;
message?: string;
details?: Record<string, unknown>;
}

CompletePasswordResetResponse

interface CompletePasswordResetResponse {
code: ResetPasswordResponseCode;
message?: string;
details?: Record<string, unknown>;
}

CheckPasswordResetOtpResponse

interface CheckPasswordResetOtpResponse {
code: CheckOtpResponseCode;
message?: string;
isOtpValid?: boolean;
}

CheckUserSignUpOtpResponse

interface CheckUserSignUpOtpResponse {
code: CheckOtpResponseCode;
message?: string;
isOtpValid?: boolean;
}

DeviceAuthorizationRequest

interface DeviceAuthorizationRequest {
// Optional human-friendly label supplied by the device; display-only.
deviceLabel?: string;
}

DeviceAuthorizationResponse

interface DeviceAuthorizationResponse {
code: DeviceAuthorizationResponseCode;
message?: string;
// Secret the device polls with.
deviceCode?: string;
// Short code the user types on the activation page.
userCode?: string;
// Activation page URL the user opens.
verificationUri?: string;
// verificationUri with the user code embedded (for a QR code).
verificationUriComplete?: string;
// Seconds until the device code expires.
expiresIn?: number;
// Minimum seconds between polls.
interval?: number;
}

DevicePollRequest

interface DevicePollRequest {
deviceCode: string;
}

DevicePollResponse

interface DevicePollResponse {
code: DevicePollResponseCode;
message?: string;
// The device's refresh token — present only on SUCCESS.
refreshToken?: string;
}

DeviceVerificationResponse

interface DeviceVerificationResponse {
code: DeviceVerificationResponseCode;
message?: string;
deviceLabel?: string;
status?: DeviceAuthorizationStatus;
}

DeviceApprovalRequest

interface DeviceApprovalRequest {
userCode: string;
}

DeviceApprovalResponse

interface DeviceApprovalResponse {
code: DeviceApprovalResponseCode;
message?: string;
}

Was this page helpful?