Added Support for SS-SSO-FF for Node Auth0 (#1093)

Author: tanya732

src/management/__generated/managers/connections-manager.ts

@@ -13,6 +13,7 @@ import type {
   PostScimToken201Response,
   PostScimTokenRequest,
   GetConnections200ResponseOneOf,
+  ConnectionForList,
   DeleteConnectionsByIdRequest,
   DeleteScimConfigurationRequest,
   DeleteTokensByTokenIdRequest,
@@ -148,24 +149,26 @@ export class ConnectionsManager extends BaseAPI {
   }
 
   /**
-   * Retrieves every connection matching the specified strategy. All connections are retrieved if no strategy is being specified. Accepts a list of fields to include or exclude in the resulting list of connection objects.
+   * Retrieves detailed list of all <a href="https://auth0.com/docs/authenticate/identity-providers">connections</a> that match the specified strategy. If no strategy is provided, all connections within your tenant are retrieved. This action can accept a list of fields to include or exclude from the resulting list of connections.
+   *
    * This endpoint supports two types of pagination:
-   * - Offset pagination
-   * - Checkpoint pagination
+   * <ul>
+   * <li>Offset pagination</li>
+   * <li>Checkpoint pagination</li>
+   * </ul>
    *
-   * Checkpoint pagination should be used if you need to retrieve more than 1000 connections.
+   * Checkpoint pagination must be used if you need to retrieve more than 1000 connections.
    *
    * <h2>Checkpoint Pagination</h2>
    *
    * To search by checkpoint, use the following parameters:
-   * - from: Optional id from which to start selection.
-   * - take: The total amount of entries to retrieve when using the from parameter. Defaults to 50.
+   * <ul>
+   * <li><code>from</code>: Optional id from which to start selection.</li>
+   * <li><code>take</code>: The total amount of entries to retrieve when using the from parameter. Defaults to 50.</li>
+   * </ul>
    *
-   * The first time you call this endpoint using Checkpoint Pagination, you should omit the <code>from</code> parameter.
-   * If there are more results, a <code>next</code> value will be included in the response. You can use this for subsequent API calls.
-   * When <code>next</code> is no longer included in the response, this indicates there are no more pages remaining.
+   * <b>Note</b>: The first time you call this endpoint using checkpoint pagination, omit the <code>from</code> parameter. If there are more results, a <code>next</code> value is included in the response. You can use this for subsequent API calls. When <code>next</code> is no longer included in the response, no pages are remaining.
    *
-   * Note: The <code>include_totals</code> parameter is not supported when using checkpoint pagination.
    * Get all connections
    *
    * @throws {RequiredError}
@@ -177,7 +180,7 @@ export class ConnectionsManager extends BaseAPI {
   async getAll(
     requestParameters?: GetConnectionsRequest,
     initOverrides?: InitOverride
-  ): Promise<ApiResponse<Array<Connection>>>;
+  ): Promise<ApiResponse<Array<ConnectionForList>>>;
   async getAll(
     requestParameters: GetConnectionsRequest = {},
     initOverrides?: InitOverride
@@ -237,8 +240,7 @@ export class ConnectionsManager extends BaseAPI {
   }
 
   /**
-   * Retrieves a connection by its <code>ID</code>.
-   *
+   * Retrieve details for a specified <a href="https://auth0.com/docs/authenticate/identity-providers">connection</a> along with options that can be used for identity provider configuration.
    * Get a connection
    *
    * @throws {RequiredError}
@@ -380,8 +382,9 @@ export class ConnectionsManager extends BaseAPI {
   }
 
   /**
-   * <b>Note:</b> if you use the options parameter, the whole options object will be overridden, so ensure that all parameters are present
+   * Update details for a specific <a href="https://auth0.com/docs/authenticate/identity-providers">connection</a>, including option properties for identity provider configuration.
    *
+   * <b>Note</b>: If you use the <code>options</code> parameter, the entire <code>options</code> object is overriden. To avoid partial data or other issues, ensure all parameters are present when using this option.
    * Update a connection
    *
    * @throws {RequiredError}

src/management/__generated/models/index.ts

@@ -3003,6 +3003,11 @@ export interface Connection {
    *
    */
   is_domain_connection: boolean;
+  /**
+   * Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD.
+   *
+   */
+  show_as_button: boolean;
   /**
    * Metadata associated with the connection in the form of an object with string values (max 255 chars).  Maximum of 10 metadata properties allowed.
    *
@@ -3039,6 +3044,11 @@ export interface ConnectionCreate {
   /**
    */
   is_domain_connection?: boolean;
+  /**
+   * Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to <code>false</code>.)
+   *
+   */
+  show_as_button?: boolean;
   /**
    * Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm.
    *
@@ -3405,6 +3415,56 @@ export interface ConnectionCreateOptionsValidationUsername {
    */
   max: number;
 }
+/**
+ *
+ */
+export interface ConnectionForList {
+  /**
+   * The name of the connection
+   *
+   */
+  name?: string;
+  /**
+   * Connection name used in login screen
+   *
+   */
+  display_name?: string;
+  /**
+   * In order to return options in the response, the `read:connections_options` scope must be present
+   *
+   */
+  options?: { [key: string]: any };
+  /**
+   * The connection's identifier
+   *
+   */
+  id?: string;
+  /**
+   * The type of the connection, related to the identity provider
+   *
+   */
+  strategy?: string;
+  /**
+   * Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm.
+   *
+   */
+  realms?: Array<string>;
+  /**
+   * True if the connection is domain level
+   *
+   */
+  is_domain_connection?: boolean;
+  /**
+   * Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD.
+   *
+   */
+  show_as_button?: boolean;
+  /**
+   * Metadata associated with the connection in the form of an object with string values (max 255 chars).  Maximum of 10 metadata properties allowed.
+   *
+   */
+  metadata?: { [key: string]: any };
+}
 /**
  *
  */
@@ -3430,6 +3490,11 @@ export interface ConnectionUpdate {
    *
    */
   realms?: Array<string>;
+  /**
+   * Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to <code>false</code>.)
+   *
+   */
+  show_as_button?: boolean;
   /**
    * Metadata associated with the connection in the form of an object with string values (max 255 chars).  Maximum of 10 metadata properties allowed.
    *
@@ -5325,7 +5390,7 @@ export interface GetClients200ResponseOneOf1 {
 /**
  *
  */
-export type GetConnections200Response = Array<Connection> | GetConnections200ResponseOneOf;
+export type GetConnections200Response = Array<ConnectionForList> | GetConnections200ResponseOneOf;
 /**
  *
  */
@@ -5341,7 +5406,7 @@ export interface GetConnections200ResponseOneOf {
   total: number;
   /**
    */
-  connections: Array<Connection>;
+  connections: Array<ConnectionForList>;
 }
 /**
  *
@@ -14230,6 +14295,9 @@ export interface PostSsoTicketRequest {
    *
    */
   ttl_sec?: number;
+  /**
+   */
+  domain_aliases_config?: PostSsoTicketRequestDomainAliasesConfig;
 }
 /**
  * If provided, this will create a new connection for the SSO flow with the given configuration
@@ -14246,8 +14314,15 @@ export interface PostSsoTicketRequestConnectionConfig {
    */
   display_name?: string;
   /**
+   * <code>true</code> promotes to a domain-level connection so that third-party applications can use it. <code>false</code> does not promote the connection, so only first-party applications with the connection enabled can use it. (Defaults to <code>false</code>.)
+   *
    */
   is_domain_connection?: boolean;
+  /**
+   * Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to <code>false</code>.)
+   *
+   */
+  show_as_button?: boolean;
   /**
    * Metadata associated with the connection in the form of an object with string values (max 255 chars).  Maximum of 10 metadata properties allowed.
    *
@@ -14271,13 +14346,69 @@ export interface PostSsoTicketRequestConnectionConfigOptions {
    *
    */
   domain_aliases?: Array<string>;
+  /**
+   */
+  idpinitiated?: PostSsoTicketRequestConnectionConfigOptionsIdpinitiated | null;
+}
+/**
+ * Allows IdP-initiated login
+ */
+export interface PostSsoTicketRequestConnectionConfigOptionsIdpinitiated {
+  /**
+   * Enables IdP-initiated login for this connection
+   *
+   */
+  enabled?: boolean;
+  /**
+   * Default application <code>client_id</code> user is redirected to after validated SAML response
+   *
+   */
+  client_id?: string;
+  /**
+   * The protocol used to connect to the the default application
+   *
+   */
+  client_protocol?: PostSsoTicketRequestConnectionConfigOptionsIdpinitiatedClientProtocolEnum;
+  /**
+   * Query string options to customize the behaviour for OpenID Connect when <code>idpinitiated.client_protocol</code> is <code>oauth2</code>. Allowed parameters: <code>redirect_uri</code>, <code>scope</code>, <code>response_type</code>. For example, <code>redirect_uri=https://jwt.io&scope=openid email&response_type=token</code>
+   *
+   */
+  client_authorizequery?: string;
 }
+
+export const PostSsoTicketRequestConnectionConfigOptionsIdpinitiatedClientProtocolEnum = {
+  samlp: 'samlp',
+  wsfed: 'wsfed',
+  oauth2: 'oauth2',
+} as const;
+export type PostSsoTicketRequestConnectionConfigOptionsIdpinitiatedClientProtocolEnum =
+  (typeof PostSsoTicketRequestConnectionConfigOptionsIdpinitiatedClientProtocolEnum)[keyof typeof PostSsoTicketRequestConnectionConfigOptionsIdpinitiatedClientProtocolEnum];
+
+/**
+ * Configuration for the setup of the connection’s domain_aliases in the self-service SSO flow.
+ */
+export interface PostSsoTicketRequestDomainAliasesConfig {
+  /**
+   * Whether the end user should complete the domain verification step. Possible values are 'none' (the step is not shown to the user), 'optional' (the user may add a domain alias in the domain verification step) or 'required' (the user must add a domain alias in order to enable the connection). Defaults to 'none'.
+   *
+   */
+  domain_verification: PostSsoTicketRequestDomainAliasesConfigDomainVerificationEnum;
+}
+
+export const PostSsoTicketRequestDomainAliasesConfigDomainVerificationEnum = {
+  none: 'none',
+  optional: 'optional',
+  required: 'required',
+} as const;
+export type PostSsoTicketRequestDomainAliasesConfigDomainVerificationEnum =
+  (typeof PostSsoTicketRequestDomainAliasesConfigDomainVerificationEnum)[keyof typeof PostSsoTicketRequestDomainAliasesConfigDomainVerificationEnum];
+
 /**
  *
  */
 export interface PostSsoTicketRequestEnabledOrganizationsInner {
   /**
-   * Organization identifier
+   * Organization identifier.
    *
    */
   organization_id: string;
@@ -17861,7 +17992,7 @@ export type GetConnectionsStrategyEnum =
  */
 export interface GetConnectionsRequest {
   /**
-   * The amount of entries per page. Default: no paging is used, all connections are returned
+   * The amount of entries per page. Defaults to 100 if not provided
    *
    */
   per_page?: number;
@@ -17971,7 +18102,7 @@ export interface GetStatusRequest {
  */
 export interface PatchConnectionsByIdRequest {
   /**
-   * The id of the connection to retrieve
+   * The id of the connection to update
    *
    */
   id: string;

test/management/connections.test.ts

@@ -98,8 +98,6 @@ describe('ConnectionsManager', () => {
         expect(connections.data[0].realms?.[0]).toBe(response[0].realms[0]);
         expect(connections.data[0].is_domain_connection).toBe(response[0].is_domain_connection);
         expect(connections.data[0].metadata?.test).toBe(response[0].metadata.test);
-        expect(connections.data[0].enabled_clients[0]).toBe(response[0].enabled_clients[0]);
-
         done();
       });
     });