-
-
Notifications
You must be signed in to change notification settings - Fork 5
/
userTokens.ts
139 lines (130 loc) · 3.22 KB
/
userTokens.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
/* SPDX-FileCopyrightText: 2022-present Kriasoft */
/* SPDX-License-Identifier: MIT */
import { baseUrl, createFetch, HttpMethod, type Credentials } from "./fetch.js";
// #region TypeScript
export type Token = {
/**
* Token identifier tag
* @maximum 32
*/
readonly id: string;
/**
* Token name
* @maximum 120
*/
readonly name: string;
/**
* Status of the token
*/
readonly status: "active" | "disabled" | "expired";
/**
* The time on which the token was created
* @example "2018-07-01T05:20:00+00:00"
*/
readonly issued_on: string;
/**
* @example "2018-07-01T05:20:00+00:00"
*/
readonly last_used_on: string;
/**
* Last time the token was modified
* @example "2018-07-02T05:20:00+00:00"
*/
readonly modified_on: string;
/**
* The time before which the token MUST NOT be accepted for processing
* @example "2018-07-01T05:20:00+00:00"
*/
readonly not_before: string;
/**
* The expiration time on or after which the JWT MUST NOT be accepted for processing
* @example "2020-01-01T00:00:00+00:00"
*/
readonly expires_on: string;
/**
* List of access policies assigned to the token
*/
readonly policies: TokenPolicy[];
readonly condition: TokenCondition;
};
export type TokenPolicy = {
/**
* Policy identifier
* @example "f267e341f3dd4697bd3b9f71dd96247f"
*/
readonly id: string;
/**
* Allow or deny operations against the resources
*/
readonly effect: "allow" | "deny";
/**
* A list of resource names that the policy applies to
* @example
* {
* "com.cloudflare.api.account.zone.eb78d65290b24279ba6f44721b3ea3c4": "*",
* "com.cloudflare.api.account.zone.22b1de5f1c0e4b3ea97bb1e963b06a43": "*"
* }
*/
readonly resources: string[];
/**
* A set of permission groups that are specified to the policy
* @example
* [
* {
* "id": "c8fed203ed3043cba015a93ad1616f1f",
* "name": "Zone Read"
* },
* {
* "id": "82e64a83756745bbbb1c9c2701bf816b",
* "name": "DNS Read"
* }
* ]
*/
readonly permission_groups: {
/**
* Identifier of the group
* @example "6d7f2f5f5b1d4a0e9081fdc98d432fd1"
*/
readonly id: string;
/**
* Name of the group
* @example "Load Balancers Write"
*/
readonly name: string;
};
};
type TokenCondition = {
request_ip: {
in: string[];
not_in: string[];
};
};
// #endregion
/**
* User API Tokens. Tokens that cab be used to access Cloudflare v4 APIs.
* @see https://api.cloudflare.com/#user-api-tokens-properties
*/
export function userTokens(credentials: Credentials) {
const url = `${baseUrl}/user/tokens`;
return {
/**
* Token Details
* @see https://api.cloudflare.com/#user-api-tokens-token-details
*/
get: createFetch((id: string) => ({
method: HttpMethod.GET,
url: `${url}/${id}`,
credentials,
})).response<Token>(),
/**
* Verify Token
* @see https://api.cloudflare.com/#user-api-tokens-verify-token
* @throws {FetchError}
*/
verify: createFetch(() => ({
method: HttpMethod.GET,
url: `${url}/verify`,
credentials,
})).response<Pick<Token, "id" | "status">>(),
};
}