@absolutejs/auth 0.26.0-beta.1 → 0.26.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/dist/audit/config.d.ts +2 -1
  2. package/dist/audit/types.d.ts +1 -1
  3. package/dist/authorization/config.d.ts +19 -0
  4. package/dist/authorization/protectPermission.d.ts +52 -0
  5. package/dist/compliance/cipher.d.ts +5 -0
  6. package/dist/compliance/config.d.ts +18 -0
  7. package/dist/compliance/redaction.d.ts +8 -0
  8. package/dist/compliance/routes.d.ts +89 -0
  9. package/dist/htmx/index.js +494 -98
  10. package/dist/htmx/index.js.map +3 -3
  11. package/dist/index.d.ts +2539 -344
  12. package/dist/index.js +3679 -1619
  13. package/dist/index.js.map +33 -13
  14. package/dist/lockout/redisLockoutStore.d.ts +3 -0
  15. package/dist/providers/clients.d.ts +3 -3
  16. package/dist/routes/authorize.d.ts +2 -2
  17. package/dist/routes/protectRoute.d.ts +2 -2
  18. package/dist/scim/config.d.ts +55 -0
  19. package/dist/scim/inMemoryScimTokenStore.d.ts +2 -0
  20. package/dist/scim/postgresScimTokenStore.d.ts +102 -0
  21. package/dist/scim/routes.d.ts +296 -0
  22. package/dist/scim/serialize.d.ts +45 -0
  23. package/dist/scim/types.d.ts +52 -0
  24. package/dist/session/promote.d.ts +9 -2
  25. package/dist/sso/config.d.ts +104 -0
  26. package/dist/sso/discoveryRoute.d.ts +63 -0
  27. package/dist/sso/inMemorySsoConnectionStore.d.ts +2 -0
  28. package/dist/sso/oidcRoutes.d.ts +97 -0
  29. package/dist/sso/postgresSsoConnectionStore.d.ts +139 -0
  30. package/dist/sso/samlRoutes.d.ts +176 -0
  31. package/dist/sso/types.d.ts +39 -0
  32. package/dist/stores/redis.d.ts +5 -0
  33. package/dist/typebox.d.ts +1 -1
  34. package/dist/types.d.ts +36 -0
  35. package/dist/webauthn/adapter.d.ts +59 -0
  36. package/dist/webauthn/config.d.ts +35 -0
  37. package/dist/webauthn/inMemoryWebAuthnCredentialStore.d.ts +2 -0
  38. package/dist/webauthn/postgresWebAuthnCredentialStore.d.ts +172 -0
  39. package/dist/webauthn/routes.d.ts +155 -0
  40. package/dist/webauthn/types.d.ts +17 -0
  41. package/package.json +2 -2
package/dist/lockout/redisLockoutStore.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ import type { RedisLike } from '../stores/redis';
2
+ import type { LockoutStore } from './types';
3
+ export declare const createRedisLockoutStore: (redis: RedisLike, keyPrefix?: string) => LockoutStore;
package/dist/providers/clients.d.ts CHANGED
@@ -5,7 +5,7 @@ export declare const buildClientProviders: (providersConfiguration: OAuth2Config
5
5
  entries: {
6
6
  [k: string]: {
7
7
  clientName: string | undefined;
8
- providerInstance: import("citra").BaseOAuth2Client<"42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "google" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoom">;
8
+ providerInstance: import("citra").BaseOAuth2Client<"42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "attio" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "close" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "gohighlevel" | "google" | "hubspot" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "monday" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "pipedrive" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoho" | "zoom">;
9
9
  scope: string[] | undefined;
10
10
  searchParams: [string, string][] | undefined;
11
11
  };
@@ -15,7 +15,7 @@ export declare const buildClientProviders: (providersConfiguration: OAuth2Config
15
15
  }>;
16
16
  export declare const normalizeProvidersConfiguration: (providersConfiguration: OAuth2ConfigurationOptions) => {
17
17
  [k: string]: {
18
- [k: string]: OAuth2ProviderClientConfiguration<"42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "google" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoom">;
18
+ [k: string]: OAuth2ProviderClientConfiguration<"42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "attio" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "close" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "gohighlevel" | "google" | "hubspot" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "monday" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "pipedrive" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoho" | "zoom">;
19
19
  };
20
20
  };
21
21
  export declare const resolveClientProviderEntry: ({ clientName, clientProviders, providerName }: {
@@ -46,7 +46,7 @@ export declare const resolveProviderClientConfiguration: ({ clientName, provider
46
46
  error: "Client provider not found";
47
47
  config?: undefined;
48
48
  } | {
49
- config: OAuth2ProviderClientConfiguration<"42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "google" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoom"> | undefined;
49
+ config: OAuth2ProviderClientConfiguration<"42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "attio" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "close" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "gohighlevel" | "google" | "hubspot" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "monday" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "pipedrive" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoho" | "zoom"> | undefined;
50
50
  error?: undefined;
51
51
  } | {
52
52
  error: "Client variant is required";
package/dist/routes/authorize.d.ts CHANGED
@@ -27,7 +27,7 @@ export declare const authorize: ({ clientProviders, authorizeRoute, onAuthorizeS
27
27
  get: {
28
28
  body: unknown;
29
29
  params: {
30
- provider: "42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "google" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoom";
30
+ provider: "42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "attio" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "close" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "gohighlevel" | "google" | "hubspot" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "monday" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "pipedrive" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoho" | "zoom";
31
31
  };
32
32
  query: {
33
33
  client?: string | undefined;
@@ -59,7 +59,7 @@ export declare const authorize: ({ clientProviders, authorizeRoute, onAuthorizeS
59
59
  get: {
60
60
  body: unknown;
61
61
  params: {
62
- provider: "42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "google" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoom";
62
+ provider: "42" | "amazoncognito" | "anilist" | "apple" | "atlassian" | "attio" | "auth0" | "authentik" | "autodesk" | "battlenet" | "bitbucket" | "box" | "bungie" | "close" | "coinbase" | "discord" | "donationalerts" | "dribbble" | "dropbox" | "epicgames" | "etsy" | "facebook" | "figma" | "gitea" | "github" | "gitlab" | "gohighlevel" | "google" | "hubspot" | "intuit" | "kakao" | "keycloak" | "kick" | "lichess" | "line" | "linear" | "linkedin" | "mastodon" | "mercadolibre" | "mercadopago" | "microsoftentraid" | "monday" | "myanimelist" | "naver" | "notion" | "okta" | "osu" | "patreon" | "pipedrive" | "polar" | "polaraccesslink" | "polarteampro" | "reddit" | "roblox" | "salesforce" | "shikimori" | "slack" | "spotify" | "startgg" | "strava" | "synology" | "tiktok" | "tiltify" | "tumblr" | "twitch" | "twitter" | "vk" | "withings" | "workos" | "yahoo" | "yandex" | "zoho" | "zoom";
63
63
  };
64
64
  query: {
65
65
  client?: string | undefined;
package/dist/routes/protectRoute.d.ts CHANGED
@@ -16,7 +16,7 @@ export declare const protectRoutePlugin: <UserType>({ authSessionStore }?: {
16
16
  unregisteredSession: import("..").UnregisteredSessionRecord;
17
17
  };
18
18
  derive: {
19
- readonly protectRoute: <AuthReturn, AuthFailReturn>(handleAuth: (user: UserType) => AuthReturn | Promise<AuthReturn>, handleAuthFail?: (error: AuthFailError) => AuthFailReturn) => Promise<AuthReturn | import("elysia").ElysiaCustomStatusResponse<"Bad Request", "Cookies are missing", 400> | NonNullable<AuthFailReturn> | import("elysia").ElysiaCustomStatusResponse<"Unauthorized", "User is not authenticated", 401>>;
19
+ readonly protectRoute: <AuthReturn, AuthFailReturn>(handleAuth: (user: UserType) => AuthReturn | Promise<AuthReturn>, handleAuthFail?: (error: AuthFailError) => AuthFailReturn) => Promise<import("elysia").ElysiaCustomStatusResponse<"Bad Request", "Cookies are missing", 400> | import("elysia").ElysiaCustomStatusResponse<"Unauthorized", "User is not authenticated", 401> | AuthReturn | NonNullable<AuthFailReturn>>;
20
20
  };
21
21
  resolve: {};
22
22
  }, {
@@ -33,7 +33,7 @@ export declare const protectRoutePlugin: <UserType>({ authSessionStore }?: {
33
33
  macroFn: {};
34
34
  parser: {};
35
35
  response: import("elysia").ExtractErrorFromHandle<{
36
- readonly protectRoute: <AuthReturn, AuthFailReturn>(handleAuth: (user: UserType) => AuthReturn | Promise<AuthReturn>, handleAuthFail?: (error: AuthFailError) => AuthFailReturn) => Promise<AuthReturn | import("elysia").ElysiaCustomStatusResponse<"Bad Request", "Cookies are missing", 400> | NonNullable<AuthFailReturn> | import("elysia").ElysiaCustomStatusResponse<"Unauthorized", "User is not authenticated", 401>>;
36
+ readonly protectRoute: <AuthReturn, AuthFailReturn>(handleAuth: (user: UserType) => AuthReturn | Promise<AuthReturn>, handleAuthFail?: (error: AuthFailError) => AuthFailReturn) => Promise<import("elysia").ElysiaCustomStatusResponse<"Bad Request", "Cookies are missing", 400> | import("elysia").ElysiaCustomStatusResponse<"Unauthorized", "User is not authenticated", 401> | AuthReturn | NonNullable<AuthFailReturn>>;
37
37
  }>;
38
38
  }, {}, {
39
39
  derive: {};
package/dist/scim/config.d.ts ADDED
@@ -0,0 +1,55 @@
1
+ import type { OrganizationId } from '../tenancy';
2
+ import type { RouteString } from '../types';
3
+ import type { ScimFilter, ScimGroup, ScimGroupInput, ScimTokenStore, ScimUser, ScimUserInput } from './types';
4
+ export declare const DEFAULT_SCIM_ROUTE = "/scim/v2";
5
+ export type ScimConfig = {
6
+ getScimGroup?: (context: {
7
+ id: string;
8
+ organizationId: OrganizationId;
9
+ }) => ScimGroup | undefined | Promise<ScimGroup | undefined>;
10
+ getScimUser: (context: {
11
+ id: string;
12
+ organizationId: OrganizationId;
13
+ }) => ScimUser | undefined | Promise<ScimUser | undefined>;
14
+ listScimGroups?: (context: {
15
+ filter?: ScimFilter;
16
+ organizationId: OrganizationId;
17
+ }) => ScimGroup[] | Promise<ScimGroup[]>;
18
+ listScimUsers: (context: {
19
+ filter?: ScimFilter;
20
+ organizationId: OrganizationId;
21
+ }) => ScimUser[] | Promise<ScimUser[]>;
22
+ onScimGroupCreate?: (context: {
23
+ input: ScimGroupInput;
24
+ organizationId: OrganizationId;
25
+ }) => ScimGroup | Promise<ScimGroup>;
26
+ onScimGroupDelete?: (context: {
27
+ id: string;
28
+ organizationId: OrganizationId;
29
+ }) => void | Promise<void>;
30
+ onScimGroupReplace?: (context: {
31
+ id: string;
32
+ input: ScimGroupInput;
33
+ organizationId: OrganizationId;
34
+ }) => ScimGroup | undefined | Promise<ScimGroup | undefined>;
35
+ onScimUserCreate: (context: {
36
+ input: ScimUserInput;
37
+ organizationId: OrganizationId;
38
+ }) => ScimUser | Promise<ScimUser>;
39
+ onScimUserDeactivate: (context: {
40
+ id: string;
41
+ organizationId: OrganizationId;
42
+ }) => void | Promise<void>;
43
+ onScimUserReplace: (context: {
44
+ id: string;
45
+ input: ScimUserInput;
46
+ organizationId: OrganizationId;
47
+ }) => ScimUser | undefined | Promise<ScimUser | undefined>;
48
+ scimRoute?: RouteString;
49
+ scimTokenStore: ScimTokenStore;
50
+ };
51
+ export declare const createScimToken: (scimTokenStore: ScimTokenStore, organizationId: OrganizationId) => Promise<{
52
+ token: string;
53
+ tokenId: string;
54
+ }>;
55
+ export declare const resolveScimOrganization: (scimTokenStore: ScimTokenStore, authorization: string | undefined) => Promise<string | undefined>;
package/dist/scim/inMemoryScimTokenStore.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { ScimTokenStore } from './types';
2
+ export declare const createInMemoryScimTokenStore: () => ScimTokenStore;
package/dist/scim/postgresScimTokenStore.d.ts ADDED
@@ -0,0 +1,102 @@
1
+ import { type AnyPgDatabase } from '../stores/postgres';
2
+ import type { ScimTokenStore } from './types';
3
+ export declare const scimTokensTable: import("drizzle-orm/pg-core").PgTableWithColumns<{
4
+ name: "auth_scim_tokens";
5
+ schema: undefined;
6
+ columns: {
7
+ created_at_ms: import("drizzle-orm/pg-core").PgColumn<{
8
+ name: "created_at_ms";
9
+ tableName: "auth_scim_tokens";
10
+ dataType: "number";
11
+ columnType: "PgBigInt53";
12
+ data: number;
13
+ driverParam: string | number;
14
+ notNull: true;
15
+ hasDefault: false;
16
+ isPrimaryKey: false;
17
+ isAutoincrement: false;
18
+ hasRuntimeDefault: false;
19
+ enumValues: undefined;
20
+ baseColumn: never;
21
+ identity: undefined;
22
+ generated: undefined;
23
+ }, {}, {}>;
24
+ hashed_token: import("drizzle-orm/pg-core").PgColumn<{
25
+ name: "hashed_token";
26
+ tableName: "auth_scim_tokens";
27
+ dataType: "string";
28
+ columnType: "PgVarchar";
29
+ data: string;
30
+ driverParam: string;
31
+ notNull: true;
32
+ hasDefault: false;
33
+ isPrimaryKey: false;
34
+ isAutoincrement: false;
35
+ hasRuntimeDefault: false;
36
+ enumValues: [string, ...string[]];
37
+ baseColumn: never;
38
+ identity: undefined;
39
+ generated: undefined;
40
+ }, {}, {
41
+ length: 255;
42
+ }>;
43
+ last_used_at_ms: import("drizzle-orm/pg-core").PgColumn<{
44
+ name: "last_used_at_ms";
45
+ tableName: "auth_scim_tokens";
46
+ dataType: "number";
47
+ columnType: "PgBigInt53";
48
+ data: number;
49
+ driverParam: string | number;
50
+ notNull: false;
51
+ hasDefault: false;
52
+ isPrimaryKey: false;
53
+ isAutoincrement: false;
54
+ hasRuntimeDefault: false;
55
+ enumValues: undefined;
56
+ baseColumn: never;
57
+ identity: undefined;
58
+ generated: undefined;
59
+ }, {}, {}>;
60
+ organization_id: import("drizzle-orm/pg-core").PgColumn<{
61
+ name: "organization_id";
62
+ tableName: "auth_scim_tokens";
63
+ dataType: "string";
64
+ columnType: "PgVarchar";
65
+ data: string;
66
+ driverParam: string;
67
+ notNull: true;
68
+ hasDefault: false;
69
+ isPrimaryKey: false;
70
+ isAutoincrement: false;
71
+ hasRuntimeDefault: false;
72
+ enumValues: [string, ...string[]];
73
+ baseColumn: never;
74
+ identity: undefined;
75
+ generated: undefined;
76
+ }, {}, {
77
+ length: 255;
78
+ }>;
79
+ token_id: import("drizzle-orm/pg-core").PgColumn<{
80
+ name: "token_id";
81
+ tableName: "auth_scim_tokens";
82
+ dataType: "string";
83
+ columnType: "PgVarchar";
84
+ data: string;
85
+ driverParam: string;
86
+ notNull: true;
87
+ hasDefault: false;
88
+ isPrimaryKey: true;
89
+ isAutoincrement: false;
90
+ hasRuntimeDefault: false;
91
+ enumValues: [string, ...string[]];
92
+ baseColumn: never;
93
+ identity: undefined;
94
+ generated: undefined;
95
+ }, {}, {
96
+ length: 255;
97
+ }>;
98
+ };
99
+ dialect: "pg";
100
+ }>;
101
+ export declare const createNeonScimTokenStore: (databaseUrl: string) => ScimTokenStore;
102
+ export declare const createPostgresScimTokenStore: (db: AnyPgDatabase) => ScimTokenStore;
package/dist/scim/routes.d.ts ADDED
@@ -0,0 +1,296 @@
1
+ import { Elysia } from 'elysia';
2
+ import { type ScimConfig } from './config';
3
+ export declare const scimRoutes: ({ getScimGroup, getScimUser, listScimGroups, listScimUsers, onScimGroupCreate, onScimGroupDelete, onScimGroupReplace, onScimUserCreate, onScimUserDeactivate, onScimUserReplace, scimRoute, scimTokenStore }: ScimConfig) => Elysia<"", {
4
+ decorator: {};
5
+ store: {};
6
+ derive: {};
7
+ resolve: {};
8
+ }, {
9
+ typebox: {};
10
+ error: {};
11
+ }, {
12
+ schema: {};
13
+ standaloneSchema: {};
14
+ macro: {};
15
+ macroFn: {};
16
+ parser: {};
17
+ response: {};
18
+ }, {
19
+ [x: string]: {
20
+ get: {
21
+ body: unknown;
22
+ params: {};
23
+ query: unknown;
24
+ headers: unknown;
25
+ response: {
26
+ 200: Response;
27
+ };
28
+ };
29
+ };
30
+ } & {
31
+ [x: string]: {
32
+ post: {
33
+ body: unknown;
34
+ params: {};
35
+ query: unknown;
36
+ headers: unknown;
37
+ response: {
38
+ 200: Response;
39
+ };
40
+ };
41
+ };
42
+ } & {
43
+ [x: string]: {
44
+ get: {
45
+ body: unknown;
46
+ params: {};
47
+ query: {
48
+ filter?: string | undefined;
49
+ };
50
+ headers: unknown;
51
+ response: {
52
+ 200: Response;
53
+ 422: {
54
+ type: "validation";
55
+ on: string;
56
+ summary?: string;
57
+ message?: string;
58
+ found?: unknown;
59
+ property?: string;
60
+ expected?: string;
61
+ };
62
+ };
63
+ };
64
+ };
65
+ } & {
66
+ [x: string]: {
67
+ get: {
68
+ body: unknown;
69
+ params: {
70
+ id: string;
71
+ };
72
+ query: unknown;
73
+ headers: unknown;
74
+ response: {
75
+ 200: Response;
76
+ 422: {
77
+ type: "validation";
78
+ on: string;
79
+ summary?: string;
80
+ message?: string;
81
+ found?: unknown;
82
+ property?: string;
83
+ expected?: string;
84
+ };
85
+ };
86
+ };
87
+ };
88
+ } & {
89
+ [x: string]: {
90
+ put: {
91
+ body: unknown;
92
+ params: {
93
+ id: string;
94
+ };
95
+ query: unknown;
96
+ headers: unknown;
97
+ response: {
98
+ 200: Response;
99
+ 422: {
100
+ type: "validation";
101
+ on: string;
102
+ summary?: string;
103
+ message?: string;
104
+ found?: unknown;
105
+ property?: string;
106
+ expected?: string;
107
+ };
108
+ };
109
+ };
110
+ };
111
+ } & {
112
+ [x: string]: {
113
+ patch: {
114
+ body: unknown;
115
+ params: {
116
+ id: string;
117
+ };
118
+ query: unknown;
119
+ headers: unknown;
120
+ response: {
121
+ 200: Response;
122
+ 422: {
123
+ type: "validation";
124
+ on: string;
125
+ summary?: string;
126
+ message?: string;
127
+ found?: unknown;
128
+ property?: string;
129
+ expected?: string;
130
+ };
131
+ };
132
+ };
133
+ };
134
+ } & {
135
+ [x: string]: {
136
+ delete: {
137
+ body: unknown;
138
+ params: {
139
+ id: string;
140
+ };
141
+ query: unknown;
142
+ headers: unknown;
143
+ response: {
144
+ 200: Response;
145
+ 422: {
146
+ type: "validation";
147
+ on: string;
148
+ summary?: string;
149
+ message?: string;
150
+ found?: unknown;
151
+ property?: string;
152
+ expected?: string;
153
+ };
154
+ };
155
+ };
156
+ };
157
+ } & {
158
+ [x: string]: {
159
+ post: {
160
+ body: unknown;
161
+ params: {};
162
+ query: unknown;
163
+ headers: unknown;
164
+ response: {
165
+ 200: Response;
166
+ };
167
+ };
168
+ };
169
+ } & {
170
+ [x: string]: {
171
+ get: {
172
+ body: unknown;
173
+ params: {};
174
+ query: {
175
+ filter?: string | undefined;
176
+ };
177
+ headers: unknown;
178
+ response: {
179
+ 200: Response;
180
+ 422: {
181
+ type: "validation";
182
+ on: string;
183
+ summary?: string;
184
+ message?: string;
185
+ found?: unknown;
186
+ property?: string;
187
+ expected?: string;
188
+ };
189
+ };
190
+ };
191
+ };
192
+ } & {
193
+ [x: string]: {
194
+ get: {
195
+ body: unknown;
196
+ params: {
197
+ id: string;
198
+ };
199
+ query: unknown;
200
+ headers: unknown;
201
+ response: {
202
+ 200: Response;
203
+ 422: {
204
+ type: "validation";
205
+ on: string;
206
+ summary?: string;
207
+ message?: string;
208
+ found?: unknown;
209
+ property?: string;
210
+ expected?: string;
211
+ };
212
+ };
213
+ };
214
+ };
215
+ } & {
216
+ [x: string]: {
217
+ put: {
218
+ body: unknown;
219
+ params: {
220
+ id: string;
221
+ };
222
+ query: unknown;
223
+ headers: unknown;
224
+ response: {
225
+ 200: Response;
226
+ 422: {
227
+ type: "validation";
228
+ on: string;
229
+ summary?: string;
230
+ message?: string;
231
+ found?: unknown;
232
+ property?: string;
233
+ expected?: string;
234
+ };
235
+ };
236
+ };
237
+ };
238
+ } & {
239
+ [x: string]: {
240
+ patch: {
241
+ body: unknown;
242
+ params: {
243
+ id: string;
244
+ };
245
+ query: unknown;
246
+ headers: unknown;
247
+ response: {
248
+ 200: Response;
249
+ 422: {
250
+ type: "validation";
251
+ on: string;
252
+ summary?: string;
253
+ message?: string;
254
+ found?: unknown;
255
+ property?: string;
256
+ expected?: string;
257
+ };
258
+ };
259
+ };
260
+ };
261
+ } & {
262
+ [x: string]: {
263
+ delete: {
264
+ body: unknown;
265
+ params: {
266
+ id: string;
267
+ };
268
+ query: unknown;
269
+ headers: unknown;
270
+ response: {
271
+ 200: Response;
272
+ 422: {
273
+ type: "validation";
274
+ on: string;
275
+ summary?: string;
276
+ message?: string;
277
+ found?: unknown;
278
+ property?: string;
279
+ expected?: string;
280
+ };
281
+ };
282
+ };
283
+ };
284
+ }, {
285
+ derive: {};
286
+ resolve: {};
287
+ schema: {};
288
+ standaloneSchema: {};
289
+ response: {};
290
+ }, {
291
+ derive: {};
292
+ resolve: {};
293
+ schema: {};
294
+ standaloneSchema: {};
295
+ response: {};
296
+ }>;
package/dist/scim/serialize.d.ts ADDED
@@ -0,0 +1,45 @@
1
+ import type { ScimFilter, ScimGroup, ScimGroupInput, ScimUser, ScimUserInput } from './types';
2
+ export declare const toUserResource: (user: ScimUser, location: string) => Record<string, unknown>;
3
+ export declare const parseUserInput: (body: unknown) => ScimUserInput | undefined;
4
+ export declare const applyPatch: (user: ScimUser, body: unknown) => ScimUserInput;
5
+ export declare const listResponse: (resources: Record<string, unknown>[]) => {
6
+ itemsPerPage: number;
7
+ Resources: Record<string, unknown>[];
8
+ schemas: string[];
9
+ startIndex: number;
10
+ totalResults: number;
11
+ };
12
+ export declare const parseFilter: (filter: string | undefined) => ScimFilter | undefined;
13
+ export declare const scimError: (httpStatus: number, detail: string, scimType?: string) => Response;
14
+ export declare const scimJson: (resource: unknown, httpStatus: number) => Response;
15
+ export declare const serviceProviderConfig: (location: string) => {
16
+ bulk: {
17
+ maxOperations: number;
18
+ maxPayloadSize: number;
19
+ supported: boolean;
20
+ };
21
+ changePassword: {
22
+ supported: boolean;
23
+ };
24
+ etag: {
25
+ supported: boolean;
26
+ };
27
+ filter: {
28
+ maxResults: number;
29
+ supported: boolean;
30
+ };
31
+ meta: {
32
+ location: string;
33
+ resourceType: string;
34
+ };
35
+ patch: {
36
+ supported: boolean;
37
+ };
38
+ schemas: string[];
39
+ sort: {
40
+ supported: boolean;
41
+ };
42
+ };
43
+ export declare const applyGroupPatch: (group: ScimGroup, body: unknown) => ScimGroupInput;
44
+ export declare const parseGroupInput: (body: unknown) => ScimGroupInput | undefined;
45
+ export declare const toGroupResource: (group: ScimGroup, location: string) => Record<string, unknown>;
package/dist/scim/types.d.ts ADDED
@@ -0,0 +1,52 @@
1
+ import type { OrganizationId } from '../tenancy';
2
+ export type ScimToken = {
3
+ createdAt: number;
4
+ hashedToken: string;
5
+ lastUsedAt?: number;
6
+ organizationId: OrganizationId;
7
+ tokenId: string;
8
+ };
9
+ export type ScimTokenStore = {
10
+ deleteToken: (tokenId: string) => Promise<void>;
11
+ findByHashedToken: (hashedToken: string) => Promise<ScimToken | undefined>;
12
+ listTokens: (organizationId: OrganizationId) => Promise<ScimToken[]>;
13
+ saveToken: (token: ScimToken) => Promise<void>;
14
+ };
15
+ export type ScimUser = {
16
+ active: boolean;
17
+ displayName?: string;
18
+ email?: string;
19
+ externalId?: string;
20
+ familyName?: string;
21
+ givenName?: string;
22
+ id: string;
23
+ userName: string;
24
+ };
25
+ export type ScimUserInput = {
26
+ active: boolean;
27
+ displayName?: string;
28
+ email?: string;
29
+ externalId?: string;
30
+ familyName?: string;
31
+ givenName?: string;
32
+ userName: string;
33
+ };
34
+ export type ScimGroupMember = {
35
+ display?: string;
36
+ value: string;
37
+ };
38
+ export type ScimGroup = {
39
+ displayName: string;
40
+ externalId?: string;
41
+ id: string;
42
+ members: ScimGroupMember[];
43
+ };
44
+ export type ScimGroupInput = {
45
+ displayName: string;
46
+ externalId?: string;
47
+ members: ScimGroupMember[];
48
+ };
49
+ export type ScimFilter = {
50
+ attribute: string;
51
+ value: string;
52
+ };
package/dist/session/promote.d.ts CHANGED
@@ -1,13 +1,20 @@
1
1
  import type { Cookie } from 'elysia';
2
- import type { SessionRecord, UserSessionId } from '../types';
2
+ import type { SessionData, SessionRecord, UserSessionId } from '../types';
3
3
  import type { AuthSessionStore } from './types';
4
+ type ClearSessionProps<UserType> = {
5
+ authSessionStore?: AuthSessionStore<UserType>;
6
+ cookie: Cookie<UserSessionId | undefined>;
7
+ inMemorySession: SessionRecord<UserType>;
8
+ };
9
+ export declare const clearSession: <UserType>({ authSessionStore, cookie, inMemorySession }: ClearSessionProps<UserType>) => Promise<void>;
4
10
  export declare const persistWhen: (shouldPersist: boolean, persist: () => Promise<void>) => Promise<void>;
5
11
  type PromoteToSessionProps<UserType> = {
6
12
  authSessionStore?: AuthSessionStore<UserType>;
7
13
  cookie: Cookie<UserSessionId | undefined>;
8
14
  inMemorySession: SessionRecord<UserType>;
15
+ samlLogout?: SessionData<UserType>['samlLogout'];
9
16
  sessionDurationMs: number;
10
17
  user: UserType;
11
18
  };
12
- export declare const promoteToSession: <UserType>({ authSessionStore, cookie, inMemorySession, sessionDurationMs, user }: PromoteToSessionProps<UserType>) => Promise<`${string}-${string}-${string}-${string}-${string}`>;
19
+ export declare const promoteToSession: <UserType>({ authSessionStore, cookie, inMemorySession, samlLogout, sessionDurationMs, user }: PromoteToSessionProps<UserType>) => Promise<`${string}-${string}-${string}-${string}-${string}`>;
13
20
  export {};