auth/index.js

  1. /** @module auth **/
  3. var util = require('util');
  5. var pkg = require('../../package.json');
  6. var utils = require('../utils');
  7. var jsonToBase64 = utils.jsonToBase64;
  8. var ArgumentError = require('../exceptions').ArgumentError;
  10. // Authenticators.
  11. var OAuthAuthenticator = require('./OAuthAuthenticator');
  12. var DatabaseAuthenticator = require('./DatabaseAuthenticator');
  13. var PasswordlessAuthenticator = require('./PasswordlessAuthenticator');
  15. // Managers
  16. var UsersManager = require('./UsersManager');
  17. var TokensManager = require('./TokensManager');
  19. var BASE_URL_FORMAT = 'https://%s';
  22. /**
  23.  * @class
  24.  * Authentication API SDK.
  25.  *
  26.  * This client must used to access Auth0's
  27.  * <a href="https://auth0.com/docs/auth-api">Authentication API</a>.
  28.  * @constructor
  29.  * @memberOf module:auth
  30.  *
  31.  * @example <caption>
  32.  *   The <b>AuthenticationClient</b> constructor takes an <i>optional</i> client
  33.  *   ID, if specified it will be used as default value for all endpoints that
  34.  *   accept a client ID.
  35.  * </caption>
  36.  *
  37.  * var AuthenticationClient = require('auth0'). AuthenticationClient;
  38.  * var auth0 = new AuthenticationClient({
  39.  *   domain: '{YOUR_ACCOUNT}.auth0.com',
  40.  *   clientId: '{OPTIONAL_CLIENT_ID}'
  41.  * });
  42.  *
  43.  * @param   {Object}  options             Options for the Authentication Client
  44.  *                                        SDK.
  45.  * @param   {String}  options.domain      AuthenticationClient server domain.
  46.  * @param   {String}  [options.clientId]  Default client ID.
  47.  */
  48. var AuthenticationClient = function (options) {
  49.   if (!options || typeof options !== 'object') {
  50.     throw new ArgumentError(
  51.       'Authentication Client SDK options must be an object'
  52.     );
  53.   }
  55.   if (!options.domain || options.domain.length === 0) {
  56.     throw new ArgumentError('Must provide a domain');
  57.   }
  59.   var managerOptions = {
  60.     clientId: options.clientId,
  61.     headers: {
  62.       'User-agent': 'node.js/' + process.version.replace('v', ''),
  63.       'Content-Type': 'application/json'
  64.     },
  65.     baseUrl: util.format(BASE_URL_FORMAT, options.domain)
  66.   };
  68.   if (options.telemetry !== false) {
  69.     var telemetry = jsonToBase64(options.clientInfo || this.getClientInfo());
  70.     managerOptions.headers['Auth0-Client'] = telemetry;
  71.   }
  73.   /**
  74.    * OAuth authenticator.
  75.    *
  76.    * @type {OAuthAuthenticator}
  77.    */
  78.   this.oauth = new OAuthAuthenticator(managerOptions);
  80.   /**
  81.    * Database authenticator.
  82.    *
  83.    * @type {DatabaseAuthenticator}
  84.    */
  85.   this.database = new DatabaseAuthenticator(managerOptions, this.oauth);
  87.   /**
  88.    * Passwordless authenticator.
  89.    *
  90.    * @type {PasswordlessAuthenticator}
  91.    */
  92.   this.passwordless = new PasswordlessAuthenticator(managerOptions, this.oauth);
  94.   /**
  95.    * Users manager.
  96.    *
  97.    * @type {UsersManager}
  98.    */
  99.   this.users = new UsersManager(managerOptions);
  101.   /**
  102.    * Tokens manager.
  103.    *
  104.    * @type {TokensManager}
  105.    */
  106.   this.tokens = new TokensManager(managerOptions);
  107. };
  110. /**
  111.  * Return an object with information about the current client,
  112.  *
  113.  * @method    getClientInfo
  114.  * @memberOf  module:auth.AuthenticationClient.prototype
  115.  *
  116.  * @return {Object}   Object containing client information.
  117.  */
  118. AuthenticationClient.prototype.getClientInfo = function () {
  119.   var clientInfo = {
  120.     name: 'node-auth0',
  121.     version: pkg.version,
  122.     dependencies: [],
  123.     environment: [{
  124.       name: 'node.js',
  125.       version: process.version.replace('v', '')
  126.     }]
  127.   };
  129.   // Add the dependencies to the client info object.
  130.   Object
  131.     .keys(pkg.dependencies)
  132.     .forEach(function (name) {
  133.       clientInfo.dependencies.push({
  134.         name: name,
  135.         version: pkg.dependencies[name]
  136.       });
  137.     });
  139.   return clientInfo;
  140. };
  143. /**
  144.  * Start passwordless flow sending an email.
  145.  *
  146.  * @method    requestMagicLink
  147.  * @memberOf  module:auth.AuthenticationClient.prototype
  148.  *
  149.  * @example <caption>
  150.  *   Given the user `email` address, it will send an email with a link. You can
  151.  *   then authenticate with this user opening the link and he will be
  152.  *   automatically logged in to the application. Optionally, you can
  153.  *   append/override parameters to the link (like `scope`, `redirect_uri`,
  154.  *   `protocol`, `response_type`, etc.) using `authParams` object.
  155.  *
  156.  *   Find more information in the
  157.  *   <a href="https://auth0.com/docs/auth-api#!#post--with_email">API Docs</a>
  158.  * </caption>
  159.  *
  160.  * var data = {
  161.  *   email: '{EMAIL}',
  162.  *   authParams: {} // Optional auth params.
  163.  * };
  164.  *
  165.  * auth0.requestMagicLink(data, function (err) {
  166.  *   if (err) {
  167.  *     // Handle error.
  168.  *   }
  169.  * };
  170.  *
  171.  * @param   {Object}  data              User data object.
  172.  * @param   {String}  data.email        User email address.
  173.  * @param   {Object}  [data.authParams] Authentication parameters.
  174.  *
  175.  * @return  {Promise|undefined}
  176.  */
  177. AuthenticationClient.prototype.requestMagicLink = function (data, cb) {
  178.   data.send = 'link';
  180.   return this.passwordless.sendEmail(data, cb);
  181. };
  184. /**
  185.  * Start passwordless flow sending an email.
  186.  *
  187.  * @method    requestEmailCode
  188.  * @memberOf  module:auth.AuthenticationClient.prototype
  189.  *
  190.  * @example <caption>
  191.  *   Given the user `email` address, it will send an email with a verification
  192.  *   code. You can then authenticate with this user using the `/oauth/ro`
  193.  *   endpoint using the email as username and the code as password.
  194.  *
  195.  *   Find more information in the
  196.  *   <a href="https://auth0.com/docs/auth-api#!#post--with_email">API Docs</a>
  197.  * </caption>
  198.  *
  199.  * var data = {
  200.  *   email: '{EMAIL}',
  201.  *   authParams: {} // Optional auth params.
  202.  * };
  203.  *
  204.  * auth0.requestEmailCode(data, function (err) {
  205.  *   if (err) {
  206.  *     // Handle error.
  207.  *   }
  208.  * };
  209.  *
  210.  * @param   {Object}  data              User data object.
  211.  * @param   {String}  data.email        User email address.
  212.  * @param   {Object}  [data.authParams] Authentication parameters.
  213.  *
  214.  * @return  {Promise|undefined}
  215.  */
  216. AuthenticationClient.prototype.requestEmailCode = function (data, cb) {
  217.   data.send = 'code';
  219.   return this.passwordless.sendEmail(data, cb);
  220. };
  223. /**
  224.  * Start passwordless flow sending an SMS.
  225.  *
  226.  * @method    requestSMSCode
  227.  * @memberOf  module:auth.AuthenticationClient.prototype
  228.  *
  229.  * @example <caption>
  230.  *   Given the user `phone_number`, it will send a SMS message with a
  231.  *   verification code. You can then authenticate with this user using the
  232.  *   `/oauth/ro` endpoint specifying `phone_number` as `username` and `code` as
  233.  *   `password`:
  234.  * </caption>
  235.  *
  236.  * var data = {
  237.  *   phone_number: '{PHONE}'
  238.  * };
  239.  *
  240.  * auth0.requestSMSCode(data, function (err) {
  241.  *   if (err) {
  242.  *     // Handle error.
  243.  *   }
  244.  *
  245.  * });
  246.  *
  247.  * @param   {Object}  data                User data object.
  248.  * @param   {String}  data.phone_number   The user phone number.
  249.  *
  250.  * @return  {Promise|undefined}
  251.  */
  252. AuthenticationClient.prototype.requestSMSCode = function (data, cb) {
  253.   var translatedData = {
  254.     phone_number: data.phoneNumber || data.phone_number
  255.   };
  257.   return this.passwordless.sendSMS(translatedData, cb);
  258. };
  261. /**
  262.  * Sign in with the given user credentials.
  263.  *
  264.  * @method    verifySMSCode
  265.  * @memberOf  module:auth.AuthenticationClient.prototype
  266.  *
  267.  * @example <caption>
  268.  *   Given the user credentials (`phone_number` and `code`), it will do the
  269.  *   authentication on the provider and return a JSON with the `access_token`
  270.  *   and `id_token`.
  271.  * </caption>
  272.  *
  273.  * var data = {
  274.  *   username: '{PHONE_NUMBER}',
  275.  *   password: '{VERIFICATION_CODE}'
  276.  * };
  277.  *
  278.  * auth0.verifySMSCode(data, function (err) {
  279.  *   if (err) {
  280.  *     // Handle error.
  281.  *   }
  282.  * });
  283.  *
  284.  * @example <caption>
  285.  *   The user data object has the following structure.
  286.  * </caption>
  287.  *
  288.  * {
  289.  *   id_token: String,
  290.  *   access_token: String,
  291.  *   token_type: String
  292.  * }
  293.  *
  294.  * @param   {Object}  data              Credentials object.
  295.  * @param   {String}  data.username     Phone number.
  296.  * @param   {String}  data.password     Verification code.
  297.  * @param   {String}  data.target       Target client ID.
  298.  * @param   {String}  data.grant_type   Grant type.
  299.  *
  300.  * @return  {Promise|undefined}
  301.  */
  302. AuthenticationClient.prototype.verifySMSCode = function (data, cb) {
  303.   var translatedData = {
  304.     username: data.phoneNumber || data.phone_number || data.username,
  305.     password: data.code || data.password
  306.   };
  308.   return this.passwordless.signIn(translatedData, cb);
  309. };
  312. /**
  313.  * Exchange the token of the logged in user with a token that is valid to call
  314.  * the API (signed with the API secret).
  315.  *
  316.  * @method    getDelegationToken
  317.  * @memberOf  module:auth.AuthenticationClient.prototype
  318.  *
  319.  * @example <caption>
  320.  *   Given an existing token, this endpoint will generate a new token signed
  321.  *   with the target client secret. This is used to flow the identity of the
  322.  *   user from the application to an API or across different APIs that are
  323.  *   protected with different secrets. Find more information in the
  324.  *   <a href="https://auth0.com/docs/auth-api#!#post--delegation">API Docs</a>.
  325.  * </caption>
  326.  *
  327.  * var data = {
  328.  *   id_token: '{ID_TOKEN}',
  329.  *   api_type: 'app',
  330.  *   target: '{TARGET}',
  331.  *   grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer'
  332.  * };
  333.  *
  334.  * auth0.getDelegationToken(data, function (err, token) {
  335.  *   if (err) {
  336.  *     // Handle error.
  337.  *   }
  338.  *
  339.  *   console.log(token);
  340.  * });
  341.  *
  342.  * @param   {Object}  data              Token data object.
  343.  * @param   {String}  data.id_token     The user ID token.
  344.  * @param   {String}  data.api_type     The API type (aws, firebase, etc).
  345.  * @param   {String}  data.target       The target client ID.
  346.  * @param   {String}  data.grant_type   The grant type.
  347.  *
  348.  * @return  {Promise|undefined}
  349.  */
  350. AuthenticationClient.prototype.getDelegationToken = function (data, cb) {
  351.   var translatedData = {
  352.     id_token: data.id_token,
  353.     api_type: data.api || data.api_type,
  354.     scope: data.scope,
  355.     target: data.targetClientId || data.target,
  356.     grant_type: data.grant_type
  357.   };
  359.   return this.tokens.getDelegationToken(translatedData, cb);
  360. };
  363. /**
  364.  * Change password using a database or active directory service.
  365.  *
  366.  * @method    changePassword
  367.  * @memberOf  module:auth.AuthenticationClient.prototype
  368.  *
  369.  * @example <caption>
  370.  *   Given the user email, the connection specified and the new password to
  371.  *   use, Auth0 will send a forgot password email. Once the user clicks on the
  372.  *   confirm password change link, the new password specified in this POST will
  373.  *   be set to this user. Find more information in the
  374.  *   <a href="https://auth0.com/docs/auth-api#!#post--dbconnections-change_password">
  375.  *   API Docs</a>.
  376.  * </caption>
  377.  *
  378.  * var data = {
  379.  *   email: '{EMAIL}',
  380.  *   password: '{PASSWORD}',
  381.  *   connection: 'Username-Password-Authentication'
  382.  * };
  383.  *
  384.  * auth0.changePassword(data, function (err, message) {
  385.  *   if (err) {
  386.  *     // Handle error.
  387.  *   }
  388.  *
  389.  *   console.log(message);
  390.  * });
  391.  *
  392.  * @param   {Object}    data            User data object.
  393.  * @param   {String}    data.email      User email.
  394.  * @param   {String}    data.password   User password.
  395.  * @param   {String}    data.connection Identity provider for the user.
  396.  *
  397.  * @return  {Promise|undefined}
  398.  */
  399. AuthenticationClient.prototype.changePassword = function (data, cb) {
  400.   var translatedData = {
  401.     connection: data.connection,
  402.     email: data.email || data.username,
  403.     password: data.password
  404.   };
  406.   return this.database.changePassword(data, cb);
  407. };
  410. /**
  411.  * Request a change password email using a database or active directory service.
  412.  *
  413.  * @method    requestChangePasswordEmail
  414.  * @memberOf  module:auth.AuthenticationClient.prototype
  415.  *
  416.  * @example <caption>
  417.  *   Given the user email, the connection specified, Auth0 will send a change
  418.  *   password email. once the user clicks on the confirm password change link,
  419.  *   the new password specified in this POST will be set to this user. Find more
  420.  *   information in the <a href="https://auth0.com/docs/auth-api#!#post--dbconnections-change_password>
  421.  *   API Docs</a>.
  422.  * </caption>
  423.  *
  424.  * var data = {
  425.  *   email: '{EMAIL}',
  426.  *   connection: 'Username-Password-Authentication'
  427.  * };
  428.  *
  429.  * auth0.requestChangePasswordEmail(data, function (err, message) {
  430.  *   if (err) {
  431.  *     // Handle error.
  432.  *   }
  433.  *
  434.  *   console.log(message);
  435.  * });
  436.  *
  437.  * @param   {Object}    data            User data object.
  438.  * @param   {String}    data.email      User email.
  439.  * @param   {String}    data.connection Identity provider for the user.
  440.  *
  441.  * @return  {Promise|undefined}
  442.  */
  443. AuthenticationClient.prototype.requestChangePasswordEmail = function (data, cb) {
  444.   var translatedData = {
  445.     connection: data.connection,
  446.     email: data.email || data.username
  447.   };
  449.   return this.database.requestChangePasswordEmail(data, cb);
  450. };
  453. /**
  454.  * Given an access token get the user profile linked to it.
  455.  *
  456.  * @method    getProfile
  457.  * @memberOf  module:auth.AuthenticationClient.prototype
  458.  *
  459.  * @example <caption>
  460.  *   Get the user information based on the Auth0 access token (obtained during
  461.  *   login). Find more information in the
  462.  *   <a href="https://auth0.com/docs/auth-api#!#get--userinfo">API Docs</a>.
  463.  * </caption>
  464.  *
  465.  * auth0.getProfile(data, function (err, userInfo) {
  466.  *   if (err) {
  467.  *     // Handle error.
  468.  *   }
  469.  *
  470.  *   console.log(userInfo);
  471.  * });
  472.  *
  473.  * @param     {String}  accessToken   The user access token.
  474.  *
  475.  * @return    {Promise|undefined}
  476.  */
  477. utils.wrapPropertyMethod(AuthenticationClient, 'getProfile', 'users.getInfo');
  480. module.exports = AuthenticationClient;