diff --git a/fusionauth-netcore-client/src/io/fusionauth/FusionAuthClient.cs b/fusionauth-netcore-client/src/io/fusionauth/FusionAuthClient.cs index d1cc93b9..96877729 100644 --- a/fusionauth-netcore-client/src/io/fusionauth/FusionAuthClient.cs +++ b/fusionauth-netcore-client/src/io/fusionauth/FusionAuthClient.cs @@ -133,6 +133,15 @@ public Task> ApproveDeviceAsync(string cl .goAsync(); } + /// + public Task> ApproveDeviceWithRequestAsync(DeviceApprovalRequest request) { + return buildClient() + .withUri("/oauth2/device/approve") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> CancelActionAsync(Guid? actionId, ActionRequest request) { return buildClient() @@ -235,6 +244,15 @@ public Task> ClientCredentialsGrantAsync(string clie .goAsync(); } + /// + public Task> ClientCredentialsGrantWithRequestAsync(ClientCredentialsGrantRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/token") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> CommentOnUserAsync(UserCommentRequest request) { return buildClient() @@ -976,6 +994,29 @@ public Task> DeleteWebhookAsync(Guid? webhookId) { .goAsync(); } + /// + public Task> DeviceAuthorizeAsync(string client_id, string client_secret, string scope) { + var body = new Dictionary { + { "client_id", client_id }, + { "client_secret", client_secret }, + { "scope", scope }, + }; + return buildAnonymousClient() + .withUri("/oauth2/device_authorize") + .withFormData(new FormUrlEncodedContent(body)) + .withMethod("Post") + .goAsync(); + } + + /// + public Task> DeviceAuthorizeWithRequestAsync(DeviceAuthorizationRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/device_authorize") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> DisableTwoFactorAsync(Guid? userId, string methodId, string code) { return buildClient() @@ -1040,6 +1081,24 @@ public Task> ExchangeOAuthCodeForAccessTokenUsingPKC .goAsync(); } + /// + public Task> ExchangeOAuthCodeForAccessTokenUsingPKCEWithRequestAsync(OAuthCodePKCEAccessTokenRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/token") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + + /// + public Task> ExchangeOAuthCodeForAccessTokenWithRequestAsync(OAuthCodeAccessTokenRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/token") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> ExchangeRefreshTokenForAccessTokenAsync(string refresh_token, string client_id, string client_secret, string scope, string user_code) { var body = new Dictionary { @@ -1057,6 +1116,15 @@ public Task> ExchangeRefreshTokenForAccessTokenAsync .goAsync(); } + /// + public Task> ExchangeRefreshTokenForAccessTokenWithRequestAsync(RefreshTokenAccessTokenRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/token") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> ExchangeRefreshTokenForJWTAsync(RefreshRequest request) { return buildAnonymousClient() @@ -1084,6 +1152,15 @@ public Task> ExchangeUserCredentialsForAccessTokenAs .goAsync(); } + /// + public Task> ExchangeUserCredentialsForAccessTokenWithRequestAsync(UserCredentialsAccessTokenRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/token") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> ForgotPasswordAsync(ForgotPasswordRequest request) { return buildClient() @@ -1209,6 +1286,15 @@ public Task> IntrospectAccessTokenAsync(strin .goAsync(); } + /// + public Task> IntrospectAccessTokenWithRequestAsync(AccessTokenIntrospectRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/introspect") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> IntrospectClientCredentialsAccessTokenAsync(string token) { var body = new Dictionary { @@ -1221,6 +1307,15 @@ public Task> IntrospectClientCredentialsAcces .goAsync(); } + /// + public Task> IntrospectClientCredentialsAccessTokenWithRequestAsync(ClientCredentialsAccessTokenIntrospectRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/introspect") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> IssueJWTAsync(Guid? applicationId, string encodedJWT, string refreshToken) { return buildAnonymousClient() @@ -2551,6 +2646,24 @@ public Task> RetrieveUserCodeUsingAPIKeyAsync(string us .goAsync(); } + /// + public Task> RetrieveUserCodeUsingAPIKeyWithRequestAsync(RetrieveUserCodeUsingAPIKeyRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/device/user-code") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + + /// + public Task> RetrieveUserCodeWithRequestAsync(RetrieveUserCodeRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/device/user-code") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> RetrieveUserCommentsAsync(Guid? userId) { return buildClient() @@ -3501,6 +3614,15 @@ public Task> ValidateDeviceAsync(string user_code, stri .goAsync(); } + /// + public Task> ValidateDeviceWithRequestAsync(ValidateDeviceRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/device/validate") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> ValidateJWTAsync(string encodedJWT) { return buildAnonymousClient() diff --git a/fusionauth-netcore-client/src/io/fusionauth/FusionAuthSyncClient.cs b/fusionauth-netcore-client/src/io/fusionauth/FusionAuthSyncClient.cs index 10a5daa2..84a55c71 100644 --- a/fusionauth-netcore-client/src/io/fusionauth/FusionAuthSyncClient.cs +++ b/fusionauth-netcore-client/src/io/fusionauth/FusionAuthSyncClient.cs @@ -76,6 +76,11 @@ public ClientResponse ApproveDevice(string client_id, st return client.ApproveDeviceAsync(client_id, client_secret, token, user_code).GetAwaiter().GetResult(); } + /// + public ClientResponse ApproveDeviceWithRequest(DeviceApprovalRequest request) { + return client.ApproveDeviceWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse CancelAction(Guid? actionId, ActionRequest request) { return client.CancelActionAsync(actionId, request).GetAwaiter().GetResult(); @@ -127,6 +132,11 @@ public ClientResponse ClientCredentialsGrant(string client_id, stri return client.ClientCredentialsGrantAsync(client_id, client_secret, scope).GetAwaiter().GetResult(); } + /// + public ClientResponse ClientCredentialsGrantWithRequest(ClientCredentialsGrantRequest request) { + return client.ClientCredentialsGrantWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse CommentOnUser(UserCommentRequest request) { return client.CommentOnUserAsync(request).GetAwaiter().GetResult(); @@ -509,6 +519,16 @@ public ClientResponse DeleteWebhook(Guid? webhookId) { return client.DeleteWebhookAsync(webhookId).GetAwaiter().GetResult(); } + /// + public ClientResponse DeviceAuthorize(string client_id, string client_secret, string scope) { + return client.DeviceAuthorizeAsync(client_id, client_secret, scope).GetAwaiter().GetResult(); + } + + /// + public ClientResponse DeviceAuthorizeWithRequest(DeviceAuthorizationRequest request) { + return client.DeviceAuthorizeWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse DisableTwoFactor(Guid? userId, string methodId, string code) { return client.DisableTwoFactorAsync(userId, methodId, code).GetAwaiter().GetResult(); @@ -534,11 +554,26 @@ public ClientResponse ExchangeOAuthCodeForAccessTokenUsingPKCE(stri return client.ExchangeOAuthCodeForAccessTokenUsingPKCEAsync(code, client_id, client_secret, redirect_uri, code_verifier).GetAwaiter().GetResult(); } + /// + public ClientResponse ExchangeOAuthCodeForAccessTokenUsingPKCEWithRequest(OAuthCodePKCEAccessTokenRequest request) { + return client.ExchangeOAuthCodeForAccessTokenUsingPKCEWithRequestAsync(request).GetAwaiter().GetResult(); + } + + /// + public ClientResponse ExchangeOAuthCodeForAccessTokenWithRequest(OAuthCodeAccessTokenRequest request) { + return client.ExchangeOAuthCodeForAccessTokenWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse ExchangeRefreshTokenForAccessToken(string refresh_token, string client_id, string client_secret, string scope, string user_code) { return client.ExchangeRefreshTokenForAccessTokenAsync(refresh_token, client_id, client_secret, scope, user_code).GetAwaiter().GetResult(); } + /// + public ClientResponse ExchangeRefreshTokenForAccessTokenWithRequest(RefreshTokenAccessTokenRequest request) { + return client.ExchangeRefreshTokenForAccessTokenWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse ExchangeRefreshTokenForJWT(RefreshRequest request) { return client.ExchangeRefreshTokenForJWTAsync(request).GetAwaiter().GetResult(); @@ -549,6 +584,11 @@ public ClientResponse ExchangeUserCredentialsForAccessToken(string return client.ExchangeUserCredentialsForAccessTokenAsync(username, password, client_id, client_secret, scope, user_code).GetAwaiter().GetResult(); } + /// + public ClientResponse ExchangeUserCredentialsForAccessTokenWithRequest(UserCredentialsAccessTokenRequest request) { + return client.ExchangeUserCredentialsForAccessTokenWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse ForgotPassword(ForgotPasswordRequest request) { return client.ForgotPasswordAsync(request).GetAwaiter().GetResult(); @@ -614,11 +654,21 @@ public ClientResponse IntrospectAccessToken(string client_id return client.IntrospectAccessTokenAsync(client_id, token).GetAwaiter().GetResult(); } + /// + public ClientResponse IntrospectAccessTokenWithRequest(AccessTokenIntrospectRequest request) { + return client.IntrospectAccessTokenWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse IntrospectClientCredentialsAccessToken(string token) { return client.IntrospectClientCredentialsAccessTokenAsync(token).GetAwaiter().GetResult(); } + /// + public ClientResponse IntrospectClientCredentialsAccessTokenWithRequest(ClientCredentialsAccessTokenIntrospectRequest request) { + return client.IntrospectClientCredentialsAccessTokenWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse IssueJWT(Guid? applicationId, string encodedJWT, string refreshToken) { return client.IssueJWTAsync(applicationId, encodedJWT, refreshToken).GetAwaiter().GetResult(); @@ -1334,6 +1384,16 @@ public ClientResponse RetrieveUserCodeUsingAPIKey(string user_code) { return client.RetrieveUserCodeUsingAPIKeyAsync(user_code).GetAwaiter().GetResult(); } + /// + public ClientResponse RetrieveUserCodeUsingAPIKeyWithRequest(RetrieveUserCodeUsingAPIKeyRequest request) { + return client.RetrieveUserCodeUsingAPIKeyWithRequestAsync(request).GetAwaiter().GetResult(); + } + + /// + public ClientResponse RetrieveUserCodeWithRequest(RetrieveUserCodeRequest request) { + return client.RetrieveUserCodeWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse RetrieveUserComments(Guid? userId) { return client.RetrieveUserCommentsAsync(userId).GetAwaiter().GetResult(); @@ -1833,6 +1893,11 @@ public ClientResponse ValidateDevice(string user_code, string client_i return client.ValidateDeviceAsync(user_code, client_id).GetAwaiter().GetResult(); } + /// + public ClientResponse ValidateDeviceWithRequest(ValidateDeviceRequest request) { + return client.ValidateDeviceWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse ValidateJWT(string encodedJWT) { return client.ValidateJWTAsync(encodedJWT).GetAwaiter().GetResult(); diff --git a/fusionauth-netcore-client/src/io/fusionauth/IFusionAuthClient.cs b/fusionauth-netcore-client/src/io/fusionauth/IFusionAuthClient.cs index 49ae30da..b7b817ba 100644 --- a/fusionauth-netcore-client/src/io/fusionauth/IFusionAuthClient.cs +++ b/fusionauth-netcore-client/src/io/fusionauth/IFusionAuthClient.cs @@ -92,6 +92,19 @@ public interface IFusionAuthAsyncClient { /// Task> ApproveDeviceAsync(string client_id, string client_secret, string token, string user_code); + /// + /// Approve a device grant. + /// This is an asynchronous method. + /// + /// The request object containing the device approval information and optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ApproveDeviceWithRequestAsync(DeviceApprovalRequest request); + /// /// Cancels the user action. /// This is an asynchronous method. @@ -260,6 +273,19 @@ public interface IFusionAuthAsyncClient { /// Task> ClientCredentialsGrantAsync(string client_id, string client_secret, string scope); + /// + /// Make a Client Credentials grant request to obtain an access token. + /// This is an asynchronous method. + /// + /// The client credentials grant request containing client authentication, scope and optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ClientCredentialsGrantWithRequestAsync(ClientCredentialsGrantRequest request); + /// /// Adds a comment to the user's account. /// This is an asynchronous method. @@ -1322,6 +1348,34 @@ public interface IFusionAuthAsyncClient { /// Task> DeleteWebhookAsync(Guid? webhookId); + /// + /// Start the Device Authorization flow using form-encoded parameters + /// This is an asynchronous method. + /// + /// The unique client identifier. The client Id is the Id of the FusionAuth Application in which you are attempting to authenticate. + /// (Optional) The client secret. This value may optionally be provided in the request body instead of the Authorization header. + /// (Optional) A space-delimited string of the requested scopes. Defaults to all scopes configured in the Application's OAuth configuration. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> DeviceAuthorizeAsync(string client_id, string client_secret, string scope); + + /// + /// Start the Device Authorization flow using a request body + /// This is an asynchronous method. + /// + /// The device authorization request containing client authentication, scope, and optional device metadata. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> DeviceAuthorizeWithRequestAsync(DeviceAuthorizationRequest request); + /// /// Disable two-factor authentication for a user. /// This is an asynchronous method. @@ -1402,6 +1456,34 @@ public interface IFusionAuthAsyncClient { /// Task> ExchangeOAuthCodeForAccessTokenUsingPKCEAsync(string code, string client_id, string client_secret, string redirect_uri, string code_verifier); + /// + /// Exchanges an OAuth authorization code and code_verifier for an access token. + /// Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint and a code_verifier for an access token. + /// This is an asynchronous method. + /// + /// The PKCE OAuth code access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ExchangeOAuthCodeForAccessTokenUsingPKCEWithRequestAsync(OAuthCodePKCEAccessTokenRequest request); + + /// + /// Exchanges an OAuth authorization code for an access token. + /// Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint for an access token. + /// This is an asynchronous method. + /// + /// The OAuth code access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ExchangeOAuthCodeForAccessTokenWithRequestAsync(OAuthCodeAccessTokenRequest request); + /// /// Exchange a Refresh Token for an Access Token. /// If you will be using the Refresh Token Grant, you will make a request to the Token endpoint to exchange the user’s refresh token for an access token. @@ -1421,6 +1503,20 @@ public interface IFusionAuthAsyncClient { /// Task> ExchangeRefreshTokenForAccessTokenAsync(string refresh_token, string client_id, string client_secret, string scope, string user_code); + /// + /// Exchange a Refresh Token for an Access Token. + /// If you will be using the Refresh Token Grant, you will make a request to the Token endpoint to exchange the user’s refresh token for an access token. + /// This is an asynchronous method. + /// + /// The refresh token access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ExchangeRefreshTokenForAccessTokenWithRequestAsync(RefreshTokenAccessTokenRequest request); + /// /// Exchange a refresh token for a new JWT. /// This is an asynchronous method. @@ -1454,6 +1550,20 @@ public interface IFusionAuthAsyncClient { /// Task> ExchangeUserCredentialsForAccessTokenAsync(string username, string password, string client_id, string client_secret, string scope, string user_code); + /// + /// Exchange User Credentials for a Token. + /// If you will be using the Resource Owner Password Credential Grant, you will make a request to the Token endpoint to exchange the user’s email and password for an access token. + /// This is an asynchronous method. + /// + /// The user credentials access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ExchangeUserCredentialsForAccessTokenWithRequestAsync(UserCredentialsAccessTokenRequest request); + /// /// Begins the forgot password sequence, which kicks off an email to the user so that they can reset their password. /// This is an asynchronous method. @@ -1648,6 +1758,19 @@ public interface IFusionAuthAsyncClient { /// Task> IntrospectAccessTokenAsync(string client_id, string token); + /// + /// Inspect an access token issued as the result of the User based grant such as the Authorization Code Grant, Implicit Grant, the User Credentials Grant or the Refresh Grant. + /// This is an asynchronous method. + /// + /// The access token introspection request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> IntrospectAccessTokenWithRequestAsync(AccessTokenIntrospectRequest request); + /// /// Inspect an access token issued as the result of the Client Credentials Grant. /// This is an asynchronous method. @@ -1661,6 +1784,19 @@ public interface IFusionAuthAsyncClient { /// Task> IntrospectClientCredentialsAccessTokenAsync(string token); + /// + /// Inspect an access token issued as the result of the Client Credentials Grant. + /// This is an asynchronous method. + /// + /// The client credentials access token. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> IntrospectClientCredentialsAccessTokenWithRequestAsync(ClientCredentialsAccessTokenIntrospectRequest request); + /// /// Issue a new access token (JWT) for the requested Application after ensuring the provided JWT is valid. A valid /// access token is properly signed and not expired. @@ -3611,6 +3747,38 @@ public interface IFusionAuthAsyncClient { /// Task> RetrieveUserCodeUsingAPIKeyAsync(string user_code); + /// + /// Retrieve a user_code that is part of an in-progress Device Authorization Grant. + /// + /// This API is useful if you want to build your own login workflow to complete a device grant. + /// + /// This request will require an API key. + /// This is an asynchronous method. + /// + /// The user code retrieval request including optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> RetrieveUserCodeUsingAPIKeyWithRequestAsync(RetrieveUserCodeUsingAPIKeyRequest request); + + /// + /// Retrieve a user_code that is part of an in-progress Device Authorization Grant. + /// + /// This API is useful if you want to build your own login workflow to complete a device grant. + /// This is an asynchronous method. + /// + /// The user code retrieval request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> RetrieveUserCodeWithRequestAsync(RetrieveUserCodeRequest request); + /// /// Retrieves all the comments for the user with the given Id. /// This is an asynchronous method. @@ -4992,6 +5160,20 @@ public interface IFusionAuthAsyncClient { /// Task> ValidateDeviceAsync(string user_code, string client_id); + /// + /// Validates the end-user provided user_code from the user-interaction of the Device Authorization Grant. + /// If you build your own activation form you should validate the user provided code prior to beginning the Authorization grant. + /// This is an asynchronous method. + /// + /// The device validation request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ValidateDeviceWithRequestAsync(ValidateDeviceRequest request); + /// /// Validates the provided JWT (encoded JWT string) to ensure the token is valid. A valid access token is properly /// signed and not expired. @@ -5178,6 +5360,18 @@ public interface IFusionAuthSyncClient { /// ClientResponse ApproveDevice(string client_id, string client_secret, string token, string user_code); + /// + /// Approve a device grant. + /// + /// The request object containing the device approval information and optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ApproveDeviceWithRequest(DeviceApprovalRequest request); + /// /// Cancels the user action. /// @@ -5336,6 +5530,18 @@ public interface IFusionAuthSyncClient { /// ClientResponse ClientCredentialsGrant(string client_id, string client_secret, string scope); + /// + /// Make a Client Credentials grant request to obtain an access token. + /// + /// The client credentials grant request containing client authentication, scope and optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ClientCredentialsGrantWithRequest(ClientCredentialsGrantRequest request); + /// /// Adds a comment to the user's account. /// @@ -6322,6 +6528,32 @@ public interface IFusionAuthSyncClient { /// ClientResponse DeleteWebhook(Guid? webhookId); + /// + /// Start the Device Authorization flow using form-encoded parameters + /// + /// The unique client identifier. The client Id is the Id of the FusionAuth Application in which you are attempting to authenticate. + /// (Optional) The client secret. This value may optionally be provided in the request body instead of the Authorization header. + /// (Optional) A space-delimited string of the requested scopes. Defaults to all scopes configured in the Application's OAuth configuration. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse DeviceAuthorize(string client_id, string client_secret, string scope); + + /// + /// Start the Device Authorization flow using a request body + /// + /// The device authorization request containing client authentication, scope, and optional device metadata. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse DeviceAuthorizeWithRequest(DeviceAuthorizationRequest request); + /// /// Disable two-factor authentication for a user. /// @@ -6397,6 +6629,32 @@ public interface IFusionAuthSyncClient { /// ClientResponse ExchangeOAuthCodeForAccessTokenUsingPKCE(string code, string client_id, string client_secret, string redirect_uri, string code_verifier); + /// + /// Exchanges an OAuth authorization code and code_verifier for an access token. + /// Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint and a code_verifier for an access token. + /// + /// The PKCE OAuth code access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ExchangeOAuthCodeForAccessTokenUsingPKCEWithRequest(OAuthCodePKCEAccessTokenRequest request); + + /// + /// Exchanges an OAuth authorization code for an access token. + /// Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint for an access token. + /// + /// The OAuth code access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ExchangeOAuthCodeForAccessTokenWithRequest(OAuthCodeAccessTokenRequest request); + /// /// Exchange a Refresh Token for an Access Token. /// If you will be using the Refresh Token Grant, you will make a request to the Token endpoint to exchange the user’s refresh token for an access token. @@ -6415,6 +6673,19 @@ public interface IFusionAuthSyncClient { /// ClientResponse ExchangeRefreshTokenForAccessToken(string refresh_token, string client_id, string client_secret, string scope, string user_code); + /// + /// Exchange a Refresh Token for an Access Token. + /// If you will be using the Refresh Token Grant, you will make a request to the Token endpoint to exchange the user’s refresh token for an access token. + /// + /// The refresh token access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ExchangeRefreshTokenForAccessTokenWithRequest(RefreshTokenAccessTokenRequest request); + /// /// Exchange a refresh token for a new JWT. /// @@ -6446,6 +6717,19 @@ public interface IFusionAuthSyncClient { /// ClientResponse ExchangeUserCredentialsForAccessToken(string username, string password, string client_id, string client_secret, string scope, string user_code); + /// + /// Exchange User Credentials for a Token. + /// If you will be using the Resource Owner Password Credential Grant, you will make a request to the Token endpoint to exchange the user’s email and password for an access token. + /// + /// The user credentials access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ExchangeUserCredentialsForAccessTokenWithRequest(UserCredentialsAccessTokenRequest request); + /// /// Begins the forgot password sequence, which kicks off an email to the user so that they can reset their password. /// @@ -6627,6 +6911,18 @@ public interface IFusionAuthSyncClient { /// ClientResponse IntrospectAccessToken(string client_id, string token); + /// + /// Inspect an access token issued as the result of the User based grant such as the Authorization Code Grant, Implicit Grant, the User Credentials Grant or the Refresh Grant. + /// + /// The access token introspection request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse IntrospectAccessTokenWithRequest(AccessTokenIntrospectRequest request); + /// /// Inspect an access token issued as the result of the Client Credentials Grant. /// @@ -6639,6 +6935,18 @@ public interface IFusionAuthSyncClient { /// ClientResponse IntrospectClientCredentialsAccessToken(string token); + /// + /// Inspect an access token issued as the result of the Client Credentials Grant. + /// + /// The client credentials access token. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse IntrospectClientCredentialsAccessTokenWithRequest(ClientCredentialsAccessTokenIntrospectRequest request); + /// /// Issue a new access token (JWT) for the requested Application after ensuring the provided JWT is valid. A valid /// access token is properly signed and not expired. @@ -8446,6 +8754,36 @@ public interface IFusionAuthSyncClient { /// ClientResponse RetrieveUserCodeUsingAPIKey(string user_code); + /// + /// Retrieve a user_code that is part of an in-progress Device Authorization Grant. + /// + /// This API is useful if you want to build your own login workflow to complete a device grant. + /// + /// This request will require an API key. + /// + /// The user code retrieval request including optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse RetrieveUserCodeUsingAPIKeyWithRequest(RetrieveUserCodeUsingAPIKeyRequest request); + + /// + /// Retrieve a user_code that is part of an in-progress Device Authorization Grant. + /// + /// This API is useful if you want to build your own login workflow to complete a device grant. + /// + /// The user code retrieval request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse RetrieveUserCodeWithRequest(RetrieveUserCodeRequest request); + /// /// Retrieves all the comments for the user with the given Id. /// @@ -9728,6 +10066,19 @@ public interface IFusionAuthSyncClient { /// ClientResponse ValidateDevice(string user_code, string client_id); + /// + /// Validates the end-user provided user_code from the user-interaction of the Device Authorization Grant. + /// If you build your own activation form you should validate the user provided code prior to beginning the Authorization grant. + /// + /// The device validation request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ValidateDeviceWithRequest(ValidateDeviceRequest request); + /// /// Validates the provided JWT (encoded JWT string) to ensure the token is valid. A valid access token is properly /// signed and not expired.