diff --git a/CLAUDE.md b/CLAUDE.md index 46b15eb49..0e8b53ffa 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -113,6 +113,8 @@ Many files are auto-generated (marked with `// WARNING: This file is auto-genera - Filter classes in `filters/` - Wrapper code in `ts-wrapper/`, `python-wrapper/`, `dart-wrapper/` +The code generation is a two steps process: JSON files that describe the syntax and semantics of the entities and APIs are maintained in `build/generated/ksp/jvm/jvmMain/resources/.../Class.json` and then the `sdk-codegen` tool generates the actual Kotlin/JS/Python/Dart code. + **Do not manually edit auto-generated files.** Generation is done by the external `sdk-codegen` tool. ### Key Annotations @@ -134,4 +136,4 @@ Many files are auto-generated (marked with `// WARNING: This file is auto-genera - Max line length: 140 - Trailing commas: enabled - Wildcard imports: allowed -- Style: ktlint_official \ No newline at end of file +- Style: ktlint_official diff --git a/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/auth/AuthSecretDetails.kt b/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/auth/AuthSecretDetails.kt index aa68c1b4c..f64cbbfae 100644 --- a/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/auth/AuthSecretDetails.kt +++ b/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/auth/AuthSecretDetails.kt @@ -53,8 +53,8 @@ sealed interface AuthSecretDetails { * @param secret the token or another secret that will be used for authentication. * @param minimumAuthenticationClass only consider configurations that can provide at least this authentication class. The actual * authentication class obtained for the token may be higher. - * @param doNotUseProjectIdForGroupSelection only use the project id specified in the initialize method to choose the configuration of - * the external token, but not the group where to log in. + * @param doNotUseProjectIdForGroupSelection (INTERNAL USE ONLY) only use the project id specified in the initialize method to choose the configuration of + * the external token, but not the group where to log in. This is probably not the option you are looking for. */ data class ConfiguredExternalAuthenticationDetails( val configId: String, diff --git a/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/auth/Credentials.kt b/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/auth/Credentials.kt index 33bd246ff..a9f608c1a 100644 --- a/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/auth/Credentials.kt +++ b/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/auth/Credentials.kt @@ -54,8 +54,8 @@ data class ExternalAuthenticationToken( */ val minimumAuthenticationClass: AuthenticationClass = AuthenticationClass.ExternalAuthentication, /** - * If set to true, the project id specified in the initialize method will be used to find the external configuration for the external - * token but not to restrict the group where to log in. + * (INTERNAL USE ONLY) only use the project id specified in the initialize method to choose the configuration of + * the external token, but not the group where to log in. This is probably not the option you are looking for. */ val doNotUseProjectIdForGroupSelection: Boolean = false ) : Credentials diff --git a/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/options/AuthenticationMethod.kt b/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/options/AuthenticationMethod.kt index 2ba01d85a..23ff1e971 100644 --- a/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/options/AuthenticationMethod.kt +++ b/cardinal-sdk/src/commonMain/kotlin/com/icure/cardinal/sdk/options/AuthenticationMethod.kt @@ -119,7 +119,7 @@ sealed interface AuthenticationMethod { @Serializable data class LongLivedToken(val token: String) : InitialSecret @Serializable - data class ExternalAuthenticationToken(val token: String, val configId: String) : InitialSecret + data class ExternalAuthenticationToken(val token: String, val configId: String, val doNotUseProjectIdForGroupSelection: Boolean?) : InitialSecret } } } @@ -176,7 +176,7 @@ suspend fun AuthenticationMethod.getAuthProvider( is AuthenticationMethod.UsingSecretProvider.InitialSecret.LongLivedToken -> AuthSecretDetails.LongLivedTokenDetails(initialSecret.token) is AuthenticationMethod.UsingSecretProvider.InitialSecret.ExternalAuthenticationToken -> - AuthSecretDetails.ConfiguredExternalAuthenticationDetails(initialSecret.configId, initialSecret.token) + AuthSecretDetails.ConfiguredExternalAuthenticationDetails(initialSecret.configId, initialSecret.token, AuthenticationClass.ExternalAuthentication, initialSecret.doNotUseProjectIdForGroupSelection ?: false) is AuthenticationMethod.UsingSecretProvider.InitialSecret.Password -> AuthSecretDetails.PasswordDetails(initialSecret.password) null -> null diff --git a/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/AuthenticationMethod.kt b/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/AuthenticationMethod.kt index dda301875..354040b6d 100644 --- a/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/AuthenticationMethod.kt +++ b/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/AuthenticationMethod.kt @@ -41,6 +41,7 @@ import kotlinx.coroutines.GlobalScope import kotlinx.coroutines.await import kotlinx.coroutines.promise import kotlin.js.Promise +import kotlin.js.json @OptIn(InternalIcureApi::class) @@ -85,7 +86,8 @@ private fun InitialSecretJs.toKt(): AuthenticationMethod.UsingSecretProvider.Ini is ExternalAuthenticationTokenJs -> AuthenticationMethod.UsingSecretProvider.InitialSecret.ExternalAuthenticationToken( token = token, - configId = configId + configId = configId, + doNotUseProjectIdForGroupSelection = doNotUseProjectIdForGroupSelection ) is InitialSecretLongLivedTokenJs -> AuthenticationMethod.UsingSecretProvider.InitialSecret.LongLivedToken(token) @@ -125,20 +127,28 @@ private fun AuthSecretDetailsJs.toKt(): AuthSecretDetails = when (this) { else -> throw IllegalArgumentException("Unrecognised auth secret details: ${this::class.simpleName}") } private fun AuthSecretDetails.toJs(): AuthSecretDetailsJs = when (this) { - is AuthSecretDetails.ConfiguredExternalAuthenticationDetails -> + is AuthSecretDetails.ConfiguredExternalAuthenticationDetails -> { ConfiguredExternalAuthenticationDetailsJs( secret = secret, configId = configId, - minimumAuthenticationClass = minimumAuthenticationClass.name + props = json( + "minimumAuthenticationClass" to minimumAuthenticationClass.name, + "doNotUseProjectIdForGroupSelection" to doNotUseProjectIdForGroupSelection + ) ) - is AuthSecretDetails.LongLivedTokenDetails -> + } + is AuthSecretDetails.LongLivedTokenDetails -> { LongLivedTokenDetailsJs(secret = secret) - is AuthSecretDetails.PasswordDetails -> + } + is AuthSecretDetails.PasswordDetails -> { PasswordDetailsJs(secret = secret) - is AuthSecretDetails.ShortLivedTokenDetails -> + } + is AuthSecretDetails.ShortLivedTokenDetails -> { ShortLivedTokenDetailsJs(secret = secret, authenticationProcessInfo = authenticationProcessInfo.toJs()) - is AuthSecretDetails.TwoFactorAuthTokenDetails -> + } + is AuthSecretDetails.TwoFactorAuthTokenDetails -> { TwoFactorAuthTokenDetailsJs(secret = secret) + } } @OptIn(InternalIcureApi::class) private fun AuthenticationProcessRequest.toJs(): AuthenticationProcessRequestJs = AuthenticationProcessRequestJs( @@ -181,4 +191,4 @@ internal fun AuthenticationProcessTemplateParametersJs.toKt() = AuthenticationProcessTemplateParameters( firstName = this.firstName, lastName = this.lastName - ) \ No newline at end of file + ) diff --git a/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/external/AuthSecretDetailsJs.kt b/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/external/AuthSecretDetailsJs.kt index d27dade87..f6e322263 100644 --- a/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/external/AuthSecretDetailsJs.kt +++ b/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/external/AuthSecretDetailsJs.kt @@ -35,9 +35,12 @@ external class LongLivedTokenDetailsJs( external class ConfiguredExternalAuthenticationDetailsJs( configId: String, secret: String, - minimumAuthenticationClass: String?, + // minimumAuthenticationClass: String?, + // doNotUseProjectIdForGroupSelection: Boolean?, + props: dynamic ) : AuthSecretDetailsJs { val configId: String val secret: String val minimumAuthenticationClass: String? + val doNotUseProjectIdForGroupSelection: Boolean? } diff --git a/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/external/SecretProviderAuthenticationOptionsInitialSecretJs.kt b/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/external/SecretProviderAuthenticationOptionsInitialSecretJs.kt index c7da5a04e..252767a2e 100644 --- a/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/external/SecretProviderAuthenticationOptionsInitialSecretJs.kt +++ b/ts-wrapper/src/jsMain/kotlin/com/icure/cardinal/sdk/js/options/external/SecretProviderAuthenticationOptionsInitialSecretJs.kt @@ -15,4 +15,5 @@ external class InitialSecretLongLivedTokenJs : InitialSecretJs { external class ExternalAuthenticationTokenJs : InitialSecretJs { val token: String val configId: String + val doNotUseProjectIdForGroupSelection: Boolean? } diff --git a/ts-wrapper/src/jsMain/typescript/options/AuthenticationMethod.mts b/ts-wrapper/src/jsMain/typescript/options/AuthenticationMethod.mts index c5f887433..544454e95 100644 --- a/ts-wrapper/src/jsMain/typescript/options/AuthenticationMethod.mts +++ b/ts-wrapper/src/jsMain/typescript/options/AuthenticationMethod.mts @@ -51,6 +51,17 @@ export namespace AuthenticationMethod { } export class ExternalAuthenticationToken { + + /** + * During login consider only configurations that can provide at least this authentication class + */ + readonly minimumAuthenticationClass: AuthenticationClass | undefined + /** + * (INTERNAL USE ONLY) only use the project id specified in the initialize method to choose the configuration of + * the external token, but not the group where to log in. This is probably not the option you are looking for. + */ + readonly doNotUseProjectIdForGroupSelection: boolean | undefined + constructor( /** * The id of the configuration that specifies how the token should be validated and how it should be used to find @@ -63,11 +74,14 @@ export namespace AuthenticationMethod { * A token used to perform the external authentication */ readonly token: string, - /** - * During login consider only configurations that can provide at least this authentication class - */ - readonly minimumAuthenticationClass?: AuthenticationClass, - ) {} + props: { + minimumAuthenticationClass?: AuthenticationClass, + doNotUseProjectIdForGroupSelection?: boolean + } = {}, + ) { + this.minimumAuthenticationClass = props.minimumAuthenticationClass + this.doNotUseProjectIdForGroupSelection = props.doNotUseProjectIdForGroupSelection + } } export class JwtCredentials { @@ -154,7 +168,13 @@ export namespace SecretProviderAuthenticationOptions { export namespace InitialSecret { export class Password { constructor(readonly password: string) {} } export class LongLivedToken { constructor(readonly token: string) {} } - export class ExternalAuthenticationToken { constructor(readonly token: string, readonly configId: string) {} } + export class ExternalAuthenticationToken { + readonly doNotUseProjectIdForGroupSelection: boolean | undefined + + constructor(readonly token: string, readonly configId: string, props: { doNotUseProjectIdForGroupSelection?: boolean } = {}) { + this.doNotUseProjectIdForGroupSelection = props.doNotUseProjectIdForGroupSelection + } + } } export type InitialSecret = InitialSecret.Password | InitialSecret.LongLivedToken | InitialSecret.ExternalAuthenticationToken @@ -212,7 +232,7 @@ export namespace AuthSecretDetails { */ constructor (readonly secret: String) {} } - + export class TwoFactorAuthTokenDetails { /** * @param secret the current two-factor authentication token of the user. @@ -227,15 +247,17 @@ export namespace AuthSecretDetails { */ constructor(readonly secret: String, readonly authenticationProcessInfo: AuthenticationProcessRequest) {} } - + export class LongLivedTokenDetails { /** * @param secret a long-lived token of the user. */ constructor (readonly secret: String) {} } - + export class ConfiguredExternalAuthenticationDetails { + readonly minimumAuthenticationClass: AuthenticationClass | undefined + readonly doNotUseProjectIdForGroupSelection: boolean | undefined /** * Login using a token or other secret provided by another authentication service configured for your project. * @@ -245,10 +267,16 @@ export namespace AuthSecretDetails { * * @param configId id of the configuration to use for authentication. * @param secret the token or another secret that will be used for authentication. - * @param minimumAuthenticationClass only consider configurations that can provide at least this authentication class. The actual + * @param props + * - minimumAuthenticationClass only consider configurations that can provide at least this authentication class. The actual * authentication class obtained for the token may be higher. + * - doNotUseProjectIdForGroupSelection (INTERNAL USE ONLY) only use the project id specified in the initialize method to choose the configuration of + * the external token, but not the group where to log in. This is probably not the option you are looking for. */ - constructor (readonly configId: string, readonly secret: string, readonly minimumAuthenticationClass?: AuthenticationClass) {} + constructor (readonly configId: string, readonly secret: string, props: { minimumAuthenticationClass?: AuthenticationClass, doNotUseProjectIdForGroupSelection?: boolean } = {}) { + this.minimumAuthenticationClass = props.minimumAuthenticationClass + this.doNotUseProjectIdForGroupSelection = props.doNotUseProjectIdForGroupSelection + } } } export type AuthSecretDetails = @@ -312,4 +340,4 @@ export class AuthenticationProcessRequest { readonly specId: String, readonly requestId: String ) {} -} \ No newline at end of file +}