kernel-node-sdk/src/resources/credentials.ts at main · kernel/kernel-node-sdk · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.

import { APIResource } from '../core/resource';
import { APIPromise } from '../core/api-promise';
import { OffsetPagination, type OffsetPaginationParams, PagePromise } from '../core/pagination';
import { buildHeaders } from '../internal/headers';
import { RequestOptions } from '../internal/request-options';
import { path } from '../internal/utils/path';

/**
 * Create and manage credentials for authentication.
 */
export class Credentials extends APIResource {
  /**
   * Create a new credential for storing login information.
   *
   * @example
   * ```ts
   * const credential = await client.credentials.create({
   *   domain: 'netflix.com',
   *   name: 'my-netflix-login',
   *   values: {
   *     username: 'user@example.com',
   *     password: 'mysecretpassword',
   *   },
   * });
   * ```
   */
  create(body: CredentialCreateParams, options?: RequestOptions): APIPromise<Credential> {
    return this._client.post('/credentials', { body, ...options });
  }

  /**
   * Retrieve a credential by its ID or name. Credential values are not returned.
   *
   * @example
   * ```ts
   * const credential = await client.credentials.retrieve(
   *   'id_or_name',
   * );
   * ```
   */
  retrieve(idOrName: string, options?: RequestOptions): APIPromise<Credential> {
    return this._client.get(path`/credentials/${idOrName}`, options);
  }

  /**
   * Update a credential's name or values. When values are provided, they are merged
   * with existing values (new keys are added, existing keys are overwritten).
   *
   * @example
   * ```ts
   * const credential = await client.credentials.update(
   *   'id_or_name',
   * );
   * ```
   */
  update(idOrName: string, body: CredentialUpdateParams, options?: RequestOptions): APIPromise<Credential> {
    return this._client.patch(path`/credentials/${idOrName}`, { body, ...options });
  }

  /**
   * List credentials owned by the caller's organization. Credential values are not
   * returned.
   *
   * @example
   * ```ts
   * // Automatically fetches more pages as needed.
   * for await (const credential of client.credentials.list()) {
   *   // ...
   * }
   * ```
   */
  list(
    query: CredentialListParams | null | undefined = {},
    options?: RequestOptions,
  ): PagePromise<CredentialsOffsetPagination, Credential> {
    return this._client.getAPIList('/credentials', OffsetPagination<Credential>, { query, ...options });
  }

  /**
   * Delete a credential by its ID or name.
   *
   * @example
   * ```ts
   * await client.credentials.delete('id_or_name');
   * ```
   */
  delete(idOrName: string, options?: RequestOptions): APIPromise<void> {
    return this._client.delete(path`/credentials/${idOrName}`, {
      ...options,
      headers: buildHeaders([{ Accept: '*/*' }, options?.headers]),
    });
  }

  /**
   * Returns the current 6-digit TOTP code for a credential with a configured
   * totp_secret. Use this to complete 2FA setup on sites or when you need a fresh
   * code.
   *
   * @example
   * ```ts
   * const response = await client.credentials.totpCode(
   *   'id_or_name',
   * );
   * ```
   */
  totpCode(idOrName: string, options?: RequestOptions): APIPromise<CredentialTotpCodeResponse> {
    return this._client.get(path`/credentials/${idOrName}/totp-code`, options);
  }
}

export type CredentialsOffsetPagination = OffsetPagination<Credential>;

/**
 * Request to create a new credential
 */
export interface CreateCredentialRequest {
  /**
   * Target domain this credential is for
   */
  domain: string;

  /**
   * Unique name for the credential within the organization
   */
  name: string;

  /**
   * Field name to value mapping (e.g., username, password)
   */
  values: { [key: string]: string };

  /**
   * If set, indicates this credential should be used with the specified SSO provider
   * (e.g., google, github, microsoft). When the target site has a matching SSO
   * button, it will be clicked first before filling credential values on the
   * identity provider's login page.
   */
  sso_provider?: string;

  /**
   * Base32-encoded TOTP secret for generating one-time passwords. Used for automatic
   * 2FA during login.
   */
  totp_secret?: string;
}

/**
 * A stored credential for automatic re-authentication
 */
export interface Credential {
  /**
   * Unique identifier for the credential
   */
  id: string;

  /**
   * When the credential was created
   */
  created_at: string;

  /**
   * Target domain this credential is for
   */
  domain: string;

  /**
   * Unique name for the credential within the organization
   */
  name: string;

  /**
   * When the credential was last updated
   */
  updated_at: string;

  /**
   * Whether this credential has a TOTP secret configured for automatic 2FA
   */
  has_totp_secret?: boolean;

  /**
   * Whether this credential has stored values (email, password, etc.)
   */
  has_values?: boolean;

  /**
   * If set, indicates this credential should be used with the specified SSO provider
   * (e.g., google, github, microsoft). When the target site has a matching SSO
   * button, it will be clicked first before filling credential values on the
   * identity provider's login page.
   */
  sso_provider?: string | null;

  /**
   * Current 6-digit TOTP code. Only included in create/update responses when
   * totp_secret was just set.
   */
  totp_code?: string;

  /**
   * When the totp_code expires. Only included when totp_code is present.
   */
  totp_code_expires_at?: string;
}

/**
 * Request to update an existing credential
 */
export interface UpdateCredentialRequest {
  /**
   * New name for the credential
   */
  name?: string;

  /**
   * If set, indicates this credential should be used with the specified SSO
   * provider. Set to empty string or null to remove.
   */
  sso_provider?: string | null;

  /**
   * Base32-encoded TOTP secret for generating one-time passwords. Spaces and
   * formatting are automatically normalized. Set to empty string to remove.
   */
  totp_secret?: string;

  /**
   * Field name to value mapping. Values are merged with existing values (new keys
   * added, existing keys overwritten).
   */
  values?: { [key: string]: string };
}

export interface CredentialTotpCodeResponse {
  /**
   * Current 6-digit TOTP code
   */
  code: string;

  /**
   * When this code expires (ISO 8601 timestamp)
   */
  expires_at: string;
}

export interface CredentialCreateParams {
  /**
   * Target domain this credential is for
   */
  domain: string;

  /**
   * Unique name for the credential within the organization
   */
  name: string;

  /**
   * Field name to value mapping (e.g., username, password)
   */
  values: { [key: string]: string };

  /**
   * If set, indicates this credential should be used with the specified SSO provider
   * (e.g., google, github, microsoft). When the target site has a matching SSO
   * button, it will be clicked first before filling credential values on the
   * identity provider's login page.
   */
  sso_provider?: string;

  /**
   * Base32-encoded TOTP secret for generating one-time passwords. Used for automatic
   * 2FA during login.
   */
  totp_secret?: string;
}

export interface CredentialUpdateParams {
  /**
   * New name for the credential
   */
  name?: string;

  /**
   * If set, indicates this credential should be used with the specified SSO
   * provider. Set to empty string or null to remove.
   */
  sso_provider?: string | null;

  /**
   * Base32-encoded TOTP secret for generating one-time passwords. Spaces and
   * formatting are automatically normalized. Set to empty string to remove.
   */
  totp_secret?: string;

  /**
   * Field name to value mapping. Values are merged with existing values (new keys
   * added, existing keys overwritten).
   */
  values?: { [key: string]: string };
}

export interface CredentialListParams extends OffsetPaginationParams {
  /**
   * Filter by domain
   */
  domain?: string;
}

export declare namespace Credentials {
  export {
    type CreateCredentialRequest as CreateCredentialRequest,
    type Credential as Credential,
    type UpdateCredentialRequest as UpdateCredentialRequest,
    type CredentialTotpCodeResponse as CredentialTotpCodeResponse,
    type CredentialsOffsetPagination as CredentialsOffsetPagination,
    type CredentialCreateParams as CredentialCreateParams,
    type CredentialUpdateParams as CredentialUpdateParams,
    type CredentialListParams as CredentialListParams,
  };
}