diff --git a/fusionauth-netcore-client/src/io/fusionauth/FusionAuthClient.cs b/fusionauth-netcore-client/src/io/fusionauth/FusionAuthClient.cs index cebab182..28a7ff69 100644 --- a/fusionauth-netcore-client/src/io/fusionauth/FusionAuthClient.cs +++ b/fusionauth-netcore-client/src/io/fusionauth/FusionAuthClient.cs @@ -133,6 +133,15 @@ public Task> ApproveDeviceAsync(string cl .goAsync(); } + /// + public Task> ApproveDeviceWithRequestAsync(DeviceApprovalRequest request) { + return buildClient() + .withUri("/oauth2/device/approve") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> CancelActionAsync(Guid? actionId, ActionRequest request) { return buildClient() @@ -225,6 +234,15 @@ public Task> ClientCredentialsGrantAsync(string clie .goAsync(); } + /// + public Task> ClientCredentialsGrantWithRequestAsync(ClientCredentialsGrantRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/token") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> CommentOnUserAsync(UserCommentRequest request) { return buildClient() @@ -966,6 +984,29 @@ public Task> DeleteWebhookAsync(Guid? webhookId) { .goAsync(); } + /// + public Task> DeviceAuthorizeAsync(string client_id, string client_secret, string scope) { + var body = new Dictionary { + { "client_id", client_id }, + { "client_secret", client_secret }, + { "scope", scope }, + }; + return buildAnonymousClient() + .withUri("/oauth2/device_authorize") + .withFormData(new FormUrlEncodedContent(body)) + .withMethod("Post") + .goAsync(); + } + + /// + public Task> DeviceAuthorizeWithRequestAsync(DeviceAuthorizationRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/device_authorize") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> DisableTwoFactorAsync(Guid? userId, string methodId, string code) { return buildClient() @@ -1030,6 +1071,24 @@ public Task> ExchangeOAuthCodeForAccessTokenUsingPKC .goAsync(); } + /// + public Task> ExchangeOAuthCodeForAccessTokenUsingPKCEWithRequestAsync(OAuthCodePKCEAccessTokenRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/token") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + + /// + public Task> ExchangeOAuthCodeForAccessTokenWithRequestAsync(OAuthCodeAccessTokenRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/token") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> ExchangeRefreshTokenForAccessTokenAsync(string refresh_token, string client_id, string client_secret, string scope, string user_code) { var body = new Dictionary { @@ -1047,6 +1106,15 @@ public Task> ExchangeRefreshTokenForAccessTokenAsync .goAsync(); } + /// + public Task> ExchangeRefreshTokenForAccessTokenWithRequestAsync(RefreshTokenAccessTokenRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/token") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> ExchangeRefreshTokenForJWTAsync(RefreshRequest request) { return buildAnonymousClient() @@ -1074,6 +1142,15 @@ public Task> ExchangeUserCredentialsForAccessTokenAs .goAsync(); } + /// + public Task> ExchangeUserCredentialsForAccessTokenWithRequestAsync(UserCredentialsAccessTokenRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/token") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> ForgotPasswordAsync(ForgotPasswordRequest request) { return buildClient() @@ -1199,6 +1276,15 @@ public Task> IntrospectAccessTokenAsync(strin .goAsync(); } + /// + public Task> IntrospectAccessTokenWithRequestAsync(AccessTokenIntrospectRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/introspect") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> IntrospectClientCredentialsAccessTokenAsync(string token) { var body = new Dictionary { @@ -1211,6 +1297,15 @@ public Task> IntrospectClientCredentialsAcces .goAsync(); } + /// + public Task> IntrospectClientCredentialsAccessTokenWithRequestAsync(ClientCredentialsAccessTokenIntrospectRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/introspect") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> IssueJWTAsync(Guid? applicationId, string encodedJWT, string refreshToken) { return buildAnonymousClient() @@ -2532,6 +2627,24 @@ public Task> RetrieveUserCodeUsingAPIKeyAsync(string us .goAsync(); } + /// + public Task> RetrieveUserCodeUsingAPIKeyWithRequestAsync(RetrieveUserCodeUsingAPIKeyRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/device/user-code") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + + /// + public Task> RetrieveUserCodeWithRequestAsync(RetrieveUserCodeRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/device/user-code") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> RetrieveUserCommentsAsync(Guid? userId) { return buildClient() @@ -3482,6 +3595,15 @@ public Task> ValidateDeviceAsync(string user_code, stri .goAsync(); } + /// + public Task> ValidateDeviceWithRequestAsync(ValidateDeviceRequest request) { + return buildAnonymousClient() + .withUri("/oauth2/device/validate") + .withJSONBody(request) + .withMethod("Post") + .goAsync(); + } + /// public Task> ValidateJWTAsync(string encodedJWT) { return buildAnonymousClient() diff --git a/fusionauth-netcore-client/src/io/fusionauth/FusionAuthSyncClient.cs b/fusionauth-netcore-client/src/io/fusionauth/FusionAuthSyncClient.cs index ca33255a..66406b89 100644 --- a/fusionauth-netcore-client/src/io/fusionauth/FusionAuthSyncClient.cs +++ b/fusionauth-netcore-client/src/io/fusionauth/FusionAuthSyncClient.cs @@ -76,6 +76,11 @@ public ClientResponse ApproveDevice(string client_id, st return client.ApproveDeviceAsync(client_id, client_secret, token, user_code).GetAwaiter().GetResult(); } + /// + public ClientResponse ApproveDeviceWithRequest(DeviceApprovalRequest request) { + return client.ApproveDeviceWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse CancelAction(Guid? actionId, ActionRequest request) { return client.CancelActionAsync(actionId, request).GetAwaiter().GetResult(); @@ -122,6 +127,11 @@ public ClientResponse ClientCredentialsGrant(string client_id, stri return client.ClientCredentialsGrantAsync(client_id, client_secret, scope).GetAwaiter().GetResult(); } + /// + public ClientResponse ClientCredentialsGrantWithRequest(ClientCredentialsGrantRequest request) { + return client.ClientCredentialsGrantWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse CommentOnUser(UserCommentRequest request) { return client.CommentOnUserAsync(request).GetAwaiter().GetResult(); @@ -504,6 +514,16 @@ public ClientResponse DeleteWebhook(Guid? webhookId) { return client.DeleteWebhookAsync(webhookId).GetAwaiter().GetResult(); } + /// + public ClientResponse DeviceAuthorize(string client_id, string client_secret, string scope) { + return client.DeviceAuthorizeAsync(client_id, client_secret, scope).GetAwaiter().GetResult(); + } + + /// + public ClientResponse DeviceAuthorizeWithRequest(DeviceAuthorizationRequest request) { + return client.DeviceAuthorizeWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse DisableTwoFactor(Guid? userId, string methodId, string code) { return client.DisableTwoFactorAsync(userId, methodId, code).GetAwaiter().GetResult(); @@ -529,11 +549,26 @@ public ClientResponse ExchangeOAuthCodeForAccessTokenUsingPKCE(stri return client.ExchangeOAuthCodeForAccessTokenUsingPKCEAsync(code, client_id, client_secret, redirect_uri, code_verifier).GetAwaiter().GetResult(); } + /// + public ClientResponse ExchangeOAuthCodeForAccessTokenUsingPKCEWithRequest(OAuthCodePKCEAccessTokenRequest request) { + return client.ExchangeOAuthCodeForAccessTokenUsingPKCEWithRequestAsync(request).GetAwaiter().GetResult(); + } + + /// + public ClientResponse ExchangeOAuthCodeForAccessTokenWithRequest(OAuthCodeAccessTokenRequest request) { + return client.ExchangeOAuthCodeForAccessTokenWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse ExchangeRefreshTokenForAccessToken(string refresh_token, string client_id, string client_secret, string scope, string user_code) { return client.ExchangeRefreshTokenForAccessTokenAsync(refresh_token, client_id, client_secret, scope, user_code).GetAwaiter().GetResult(); } + /// + public ClientResponse ExchangeRefreshTokenForAccessTokenWithRequest(RefreshTokenAccessTokenRequest request) { + return client.ExchangeRefreshTokenForAccessTokenWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse ExchangeRefreshTokenForJWT(RefreshRequest request) { return client.ExchangeRefreshTokenForJWTAsync(request).GetAwaiter().GetResult(); @@ -544,6 +579,11 @@ public ClientResponse ExchangeUserCredentialsForAccessToken(string return client.ExchangeUserCredentialsForAccessTokenAsync(username, password, client_id, client_secret, scope, user_code).GetAwaiter().GetResult(); } + /// + public ClientResponse ExchangeUserCredentialsForAccessTokenWithRequest(UserCredentialsAccessTokenRequest request) { + return client.ExchangeUserCredentialsForAccessTokenWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse ForgotPassword(ForgotPasswordRequest request) { return client.ForgotPasswordAsync(request).GetAwaiter().GetResult(); @@ -609,11 +649,21 @@ public ClientResponse IntrospectAccessToken(string client_id return client.IntrospectAccessTokenAsync(client_id, token).GetAwaiter().GetResult(); } + /// + public ClientResponse IntrospectAccessTokenWithRequest(AccessTokenIntrospectRequest request) { + return client.IntrospectAccessTokenWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse IntrospectClientCredentialsAccessToken(string token) { return client.IntrospectClientCredentialsAccessTokenAsync(token).GetAwaiter().GetResult(); } + /// + public ClientResponse IntrospectClientCredentialsAccessTokenWithRequest(ClientCredentialsAccessTokenIntrospectRequest request) { + return client.IntrospectClientCredentialsAccessTokenWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse IssueJWT(Guid? applicationId, string encodedJWT, string refreshToken) { return client.IssueJWTAsync(applicationId, encodedJWT, refreshToken).GetAwaiter().GetResult(); @@ -1324,6 +1374,16 @@ public ClientResponse RetrieveUserCodeUsingAPIKey(string user_code) { return client.RetrieveUserCodeUsingAPIKeyAsync(user_code).GetAwaiter().GetResult(); } + /// + public ClientResponse RetrieveUserCodeUsingAPIKeyWithRequest(RetrieveUserCodeUsingAPIKeyRequest request) { + return client.RetrieveUserCodeUsingAPIKeyWithRequestAsync(request).GetAwaiter().GetResult(); + } + + /// + public ClientResponse RetrieveUserCodeWithRequest(RetrieveUserCodeRequest request) { + return client.RetrieveUserCodeWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse RetrieveUserComments(Guid? userId) { return client.RetrieveUserCommentsAsync(userId).GetAwaiter().GetResult(); @@ -1823,6 +1883,11 @@ public ClientResponse ValidateDevice(string user_code, string client_i return client.ValidateDeviceAsync(user_code, client_id).GetAwaiter().GetResult(); } + /// + public ClientResponse ValidateDeviceWithRequest(ValidateDeviceRequest request) { + return client.ValidateDeviceWithRequestAsync(request).GetAwaiter().GetResult(); + } + /// public ClientResponse ValidateJWT(string encodedJWT) { return client.ValidateJWTAsync(encodedJWT).GetAwaiter().GetResult(); diff --git a/fusionauth-netcore-client/src/io/fusionauth/IFusionAuthClient.cs b/fusionauth-netcore-client/src/io/fusionauth/IFusionAuthClient.cs index ebd86e02..d2165cae 100644 --- a/fusionauth-netcore-client/src/io/fusionauth/IFusionAuthClient.cs +++ b/fusionauth-netcore-client/src/io/fusionauth/IFusionAuthClient.cs @@ -92,6 +92,19 @@ public interface IFusionAuthAsyncClient { /// Task> ApproveDeviceAsync(string client_id, string client_secret, string token, string user_code); + /// + /// Approve a device grant. + /// This is an asynchronous method. + /// + /// The request object containing the device approval information and optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ApproveDeviceWithRequestAsync(DeviceApprovalRequest request); + /// /// Cancels the user action. /// This is an asynchronous method. @@ -242,6 +255,19 @@ public interface IFusionAuthAsyncClient { /// Task> ClientCredentialsGrantAsync(string client_id, string client_secret, string scope); + /// + /// Make a Client Credentials grant request to obtain an access token. + /// This is an asynchronous method. + /// + /// The client credentials grant request containing client authentication, scope and optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ClientCredentialsGrantWithRequestAsync(ClientCredentialsGrantRequest request); + /// /// Adds a comment to the user's account. /// This is an asynchronous method. @@ -1304,6 +1330,34 @@ public interface IFusionAuthAsyncClient { /// Task> DeleteWebhookAsync(Guid? webhookId); + /// + /// Start the Device Authorization flow using form-encoded parameters + /// This is an asynchronous method. + /// + /// The unique client identifier. The client Id is the Id of the FusionAuth Application in which you are attempting to authenticate. + /// (Optional) The client secret. This value may optionally be provided in the request body instead of the Authorization header. + /// (Optional) A space-delimited string of the requested scopes. Defaults to all scopes configured in the Application's OAuth configuration. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> DeviceAuthorizeAsync(string client_id, string client_secret, string scope); + + /// + /// Start the Device Authorization flow using a request body + /// This is an asynchronous method. + /// + /// The device authorization request containing client authentication, scope, and optional device metadata. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> DeviceAuthorizeWithRequestAsync(DeviceAuthorizationRequest request); + /// /// Disable two-factor authentication for a user. /// This is an asynchronous method. @@ -1384,6 +1438,34 @@ public interface IFusionAuthAsyncClient { /// Task> ExchangeOAuthCodeForAccessTokenUsingPKCEAsync(string code, string client_id, string client_secret, string redirect_uri, string code_verifier); + /// + /// Exchanges an OAuth authorization code and code_verifier for an access token. + /// Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint and a code_verifier for an access token. + /// This is an asynchronous method. + /// + /// The PKCE OAuth code access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ExchangeOAuthCodeForAccessTokenUsingPKCEWithRequestAsync(OAuthCodePKCEAccessTokenRequest request); + + /// + /// Exchanges an OAuth authorization code for an access token. + /// Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint for an access token. + /// This is an asynchronous method. + /// + /// The OAuth code access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ExchangeOAuthCodeForAccessTokenWithRequestAsync(OAuthCodeAccessTokenRequest request); + /// /// Exchange a Refresh Token for an Access Token. /// If you will be using the Refresh Token Grant, you will make a request to the Token endpoint to exchange the user’s refresh token for an access token. @@ -1403,6 +1485,20 @@ public interface IFusionAuthAsyncClient { /// Task> ExchangeRefreshTokenForAccessTokenAsync(string refresh_token, string client_id, string client_secret, string scope, string user_code); + /// + /// Exchange a Refresh Token for an Access Token. + /// If you will be using the Refresh Token Grant, you will make a request to the Token endpoint to exchange the user’s refresh token for an access token. + /// This is an asynchronous method. + /// + /// The refresh token access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ExchangeRefreshTokenForAccessTokenWithRequestAsync(RefreshTokenAccessTokenRequest request); + /// /// Exchange a refresh token for a new JWT. /// This is an asynchronous method. @@ -1436,6 +1532,20 @@ public interface IFusionAuthAsyncClient { /// Task> ExchangeUserCredentialsForAccessTokenAsync(string username, string password, string client_id, string client_secret, string scope, string user_code); + /// + /// Exchange User Credentials for a Token. + /// If you will be using the Resource Owner Password Credential Grant, you will make a request to the Token endpoint to exchange the user’s email and password for an access token. + /// This is an asynchronous method. + /// + /// The user credentials access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ExchangeUserCredentialsForAccessTokenWithRequestAsync(UserCredentialsAccessTokenRequest request); + /// /// Begins the forgot password sequence, which kicks off an email to the user so that they can reset their password. /// This is an asynchronous method. @@ -1630,6 +1740,19 @@ public interface IFusionAuthAsyncClient { /// Task> IntrospectAccessTokenAsync(string client_id, string token); + /// + /// Inspect an access token issued as the result of the User based grant such as the Authorization Code Grant, Implicit Grant, the User Credentials Grant or the Refresh Grant. + /// This is an asynchronous method. + /// + /// The access token introspection request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> IntrospectAccessTokenWithRequestAsync(AccessTokenIntrospectRequest request); + /// /// Inspect an access token issued as the result of the Client Credentials Grant. /// This is an asynchronous method. @@ -1643,6 +1766,19 @@ public interface IFusionAuthAsyncClient { /// Task> IntrospectClientCredentialsAccessTokenAsync(string token); + /// + /// Inspect an access token issued as the result of the Client Credentials Grant. + /// This is an asynchronous method. + /// + /// The client credentials access token. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> IntrospectClientCredentialsAccessTokenWithRequestAsync(ClientCredentialsAccessTokenIntrospectRequest request); + /// /// Issue a new access token (JWT) for the requested Application after ensuring the provided JWT is valid. A valid /// access token is properly signed and not expired. @@ -3580,6 +3716,38 @@ public interface IFusionAuthAsyncClient { /// Task> RetrieveUserCodeUsingAPIKeyAsync(string user_code); + /// + /// Retrieve a user_code that is part of an in-progress Device Authorization Grant. + /// + /// This API is useful if you want to build your own login workflow to complete a device grant. + /// + /// This request will require an API key. + /// This is an asynchronous method. + /// + /// The user code retrieval request including optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> RetrieveUserCodeUsingAPIKeyWithRequestAsync(RetrieveUserCodeUsingAPIKeyRequest request); + + /// + /// Retrieve a user_code that is part of an in-progress Device Authorization Grant. + /// + /// This API is useful if you want to build your own login workflow to complete a device grant. + /// This is an asynchronous method. + /// + /// The user code retrieval request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> RetrieveUserCodeWithRequestAsync(RetrieveUserCodeRequest request); + /// /// Retrieves all the comments for the user with the given Id. /// This is an asynchronous method. @@ -4961,6 +5129,20 @@ public interface IFusionAuthAsyncClient { /// Task> ValidateDeviceAsync(string user_code, string client_id); + /// + /// Validates the end-user provided user_code from the user-interaction of the Device Authorization Grant. + /// If you build your own activation form you should validate the user provided code prior to beginning the Authorization grant. + /// This is an asynchronous method. + /// + /// The device validation request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + Task> ValidateDeviceWithRequestAsync(ValidateDeviceRequest request); + /// /// Validates the provided JWT (encoded JWT string) to ensure the token is valid. A valid access token is properly /// signed and not expired. @@ -5147,6 +5329,18 @@ public interface IFusionAuthSyncClient { /// ClientResponse ApproveDevice(string client_id, string client_secret, string token, string user_code); + /// + /// Approve a device grant. + /// + /// The request object containing the device approval information and optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ApproveDeviceWithRequest(DeviceApprovalRequest request); + /// /// Cancels the user action. /// @@ -5288,6 +5482,18 @@ public interface IFusionAuthSyncClient { /// ClientResponse ClientCredentialsGrant(string client_id, string client_secret, string scope); + /// + /// Make a Client Credentials grant request to obtain an access token. + /// + /// The client credentials grant request containing client authentication, scope and optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ClientCredentialsGrantWithRequest(ClientCredentialsGrantRequest request); + /// /// Adds a comment to the user's account. /// @@ -6274,6 +6480,32 @@ public interface IFusionAuthSyncClient { /// ClientResponse DeleteWebhook(Guid? webhookId); + /// + /// Start the Device Authorization flow using form-encoded parameters + /// + /// The unique client identifier. The client Id is the Id of the FusionAuth Application in which you are attempting to authenticate. + /// (Optional) The client secret. This value may optionally be provided in the request body instead of the Authorization header. + /// (Optional) A space-delimited string of the requested scopes. Defaults to all scopes configured in the Application's OAuth configuration. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse DeviceAuthorize(string client_id, string client_secret, string scope); + + /// + /// Start the Device Authorization flow using a request body + /// + /// The device authorization request containing client authentication, scope, and optional device metadata. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse DeviceAuthorizeWithRequest(DeviceAuthorizationRequest request); + /// /// Disable two-factor authentication for a user. /// @@ -6349,6 +6581,32 @@ public interface IFusionAuthSyncClient { /// ClientResponse ExchangeOAuthCodeForAccessTokenUsingPKCE(string code, string client_id, string client_secret, string redirect_uri, string code_verifier); + /// + /// Exchanges an OAuth authorization code and code_verifier for an access token. + /// Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint and a code_verifier for an access token. + /// + /// The PKCE OAuth code access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ExchangeOAuthCodeForAccessTokenUsingPKCEWithRequest(OAuthCodePKCEAccessTokenRequest request); + + /// + /// Exchanges an OAuth authorization code for an access token. + /// Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint for an access token. + /// + /// The OAuth code access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ExchangeOAuthCodeForAccessTokenWithRequest(OAuthCodeAccessTokenRequest request); + /// /// Exchange a Refresh Token for an Access Token. /// If you will be using the Refresh Token Grant, you will make a request to the Token endpoint to exchange the user’s refresh token for an access token. @@ -6367,6 +6625,19 @@ public interface IFusionAuthSyncClient { /// ClientResponse ExchangeRefreshTokenForAccessToken(string refresh_token, string client_id, string client_secret, string scope, string user_code); + /// + /// Exchange a Refresh Token for an Access Token. + /// If you will be using the Refresh Token Grant, you will make a request to the Token endpoint to exchange the user’s refresh token for an access token. + /// + /// The refresh token access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ExchangeRefreshTokenForAccessTokenWithRequest(RefreshTokenAccessTokenRequest request); + /// /// Exchange a refresh token for a new JWT. /// @@ -6398,6 +6669,19 @@ public interface IFusionAuthSyncClient { /// ClientResponse ExchangeUserCredentialsForAccessToken(string username, string password, string client_id, string client_secret, string scope, string user_code); + /// + /// Exchange User Credentials for a Token. + /// If you will be using the Resource Owner Password Credential Grant, you will make a request to the Token endpoint to exchange the user’s email and password for an access token. + /// + /// The user credentials access token exchange request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ExchangeUserCredentialsForAccessTokenWithRequest(UserCredentialsAccessTokenRequest request); + /// /// Begins the forgot password sequence, which kicks off an email to the user so that they can reset their password. /// @@ -6579,6 +6863,18 @@ public interface IFusionAuthSyncClient { /// ClientResponse IntrospectAccessToken(string client_id, string token); + /// + /// Inspect an access token issued as the result of the User based grant such as the Authorization Code Grant, Implicit Grant, the User Credentials Grant or the Refresh Grant. + /// + /// The access token introspection request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse IntrospectAccessTokenWithRequest(AccessTokenIntrospectRequest request); + /// /// Inspect an access token issued as the result of the Client Credentials Grant. /// @@ -6591,6 +6887,18 @@ public interface IFusionAuthSyncClient { /// ClientResponse IntrospectClientCredentialsAccessToken(string token); + /// + /// Inspect an access token issued as the result of the Client Credentials Grant. + /// + /// The client credentials access token. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse IntrospectClientCredentialsAccessTokenWithRequest(ClientCredentialsAccessTokenIntrospectRequest request); + /// /// Issue a new access token (JWT) for the requested Application after ensuring the provided JWT is valid. A valid /// access token is properly signed and not expired. @@ -8386,6 +8694,36 @@ public interface IFusionAuthSyncClient { /// ClientResponse RetrieveUserCodeUsingAPIKey(string user_code); + /// + /// Retrieve a user_code that is part of an in-progress Device Authorization Grant. + /// + /// This API is useful if you want to build your own login workflow to complete a device grant. + /// + /// This request will require an API key. + /// + /// The user code retrieval request including optional tenantId. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse RetrieveUserCodeUsingAPIKeyWithRequest(RetrieveUserCodeUsingAPIKeyRequest request); + + /// + /// Retrieve a user_code that is part of an in-progress Device Authorization Grant. + /// + /// This API is useful if you want to build your own login workflow to complete a device grant. + /// + /// The user code retrieval request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse RetrieveUserCodeWithRequest(RetrieveUserCodeRequest request); + /// /// Retrieves all the comments for the user with the given Id. /// @@ -9668,6 +10006,19 @@ public interface IFusionAuthSyncClient { /// ClientResponse ValidateDevice(string user_code, string client_id); + /// + /// Validates the end-user provided user_code from the user-interaction of the Device Authorization Grant. + /// If you build your own activation form you should validate the user provided code prior to beginning the Authorization grant. + /// + /// The device validation request. + /// + /// When successful, the response will contain the log of the action. If there was a validation error or any + /// other type of error, this will return the Errors object in the response. Additionally, if FusionAuth could not be + /// contacted because it is down or experiencing a failure, the response will contain an Exception, which could be an + /// IOException. + /// + ClientResponse ValidateDeviceWithRequest(ValidateDeviceRequest request); + /// /// Validates the provided JWT (encoded JWT string) to ensure the token is valid. A valid access token is properly /// signed and not expired.