File

src/auth/client/client.provider.ts

Index

Methods

Abstract addClient
Abstract getClient
Abstract getClientById
Abstract getClients
Abstract importForTenant
Abstract removeClient
Abstract rotateClientSecret
Abstract updateClient
Optional validateClientCredentials

Constructor

constructor(configImportOrchestrator: ConfigImportOrchestratorService)

Defined in src/auth/client/client.provider.ts:54

Parameters :

Name	Type	Optional
configImportOrchestrator	`ConfigImportOrchestratorService`	No

Methods

Abstract addClient

addClient(tenantId: string, dto: CreateClientDto)

Defined in src/auth/client/client.provider.ts:43

Parameters :

Name	Type	Optional
tenantId	`string`	No
dto	`CreateClientDto`	No

Returns : Promise<ClientEntity>

Abstract getClient

getClient(tenantId: string, clientId: string)

Defined in src/auth/client/client.provider.ts:30

Parameters :

Name	Type	Optional
tenantId	`string`	No
clientId	`string`	No

Returns : Promise<ClientEntity>

Abstract getClientById

getClientById(clientId: string)

Defined in src/auth/client/client.provider.ts:41

Get a client by its clientId only (without tenant context). Used for JWT validation where we need to fetch the client's restrictions.

Parameters :

Name	Type	Optional	Description
clientId	`string`	No	The client ID (may be namespaced with tenant prefix for Keycloak)

Returns : Promise<ClientEntity | null>

The client entity or null if not found

Abstract getClients

getClients(tenantId: string)

Defined in src/auth/client/client.provider.ts:29

Parameters :

Name	Type	Optional
tenantId	`string`	No

Returns : Promise<ClientEntity[]>

Abstract importForTenant

importForTenant(tenantId: string)

Defined in src/auth/client/client.provider.ts:48

Parameters :

Name	Type	Optional
tenantId	`string`	No

Returns : Promise<void>

Abstract removeClient

removeClient(tenantId: string, clientId: string)

Defined in src/auth/client/client.provider.ts:47

Parameters :

Name	Type	Optional
tenantId	`string`	No
clientId	`string`	No

Returns : Promise<void>

Abstract rotateClientSecret

rotateClientSecret(tenantId: string | null, clientId: string)

Defined in src/auth/client/client.provider.ts:24

Rotate (regenerate) a client's secret. Returns the new plain secret for one-time display.

Parameters :

Name	Type	Optional	Description
tenantId	`string \| null`	No	The tenant ID (optional for tenant managers who can rotate any client's secret)
clientId	`string`	No	The client ID to rotate the secret for

Returns : Promise<string>

Abstract updateClient

updateClient(tenantId: string, clientId: string, updateClientDto: UpdateClientDto)

Defined in src/auth/client/client.provider.ts:12

Parameters :

Name	Type	Optional
tenantId	`string`	No
clientId	`string`	No
updateClientDto	`UpdateClientDto`	No

Returns : unknown

Optional validateClientCredentials

validateClientCredentials(clientId: string, clientSecret: string)

Defined in src/auth/client/client.provider.ts:51

Parameters :

Name	Type	Optional
clientId	`string`	No
clientSecret	`string`	No

Returns : Promise<ClientEntity | null>

import {
    ConfigImportOrchestratorService,
    ImportPhase,
} from "../../shared/utils/config-import/config-import-orchestrator.service";
import { CreateClientDto } from "./dto/create-client.dto";
import { UpdateClientDto } from "./dto/update-client.dto";
import { ClientEntity } from "./entities/client.entity";

export const CLIENTS_PROVIDER = "CLIENTS_PROVIDER";

export abstract class ClientsProvider {
    abstract updateClient(
        tenantId: string,
        clientId: string,
        updateClientDto: UpdateClientDto,
    ): unknown;

    /**
     * Rotate (regenerate) a client's secret.
     * Returns the new plain secret for one-time display.
     * @param tenantId - The tenant ID (optional for tenant managers who can rotate any client's secret)
     * @param clientId - The client ID to rotate the secret for
     */
    abstract rotateClientSecret(
        tenantId: string | null,
        clientId: string,
    ): Promise<string>;

    abstract getClients(tenantId: string): Promise<ClientEntity[]>;
    abstract getClient(
        tenantId: string,
        clientId: string,
    ): Promise<ClientEntity>;

    /**
     * Get a client by its clientId only (without tenant context).
     * Used for JWT validation where we need to fetch the client's restrictions.
     * @param clientId The client ID (may be namespaced with tenant prefix for Keycloak)
     * @returns The client entity or null if not found
     */
    abstract getClientById(clientId: string): Promise<ClientEntity | null>;

    abstract addClient(
        tenantId: string,
        dto: CreateClientDto,
    ): Promise<ClientEntity>;
    abstract removeClient(tenantId: string, clientId: string): Promise<void>;
    abstract importForTenant(tenantId: string): Promise<void>;

    // Only for internal backend (not used with KC; you’ll validate JWTs instead)
    validateClientCredentials?(
        clientId: string,
        clientSecret: string,
    ): Promise<ClientEntity | null>;

    constructor(configImportOrchestrator: ConfigImportOrchestratorService) {
        configImportOrchestrator.register(
            "clients",
            ImportPhase.CORE,
            (tenantId) => this.importForTenant(tenantId),
        );
    }
}

File

Index

Methods

Constructor

Methods

results matching ""

No results matching ""