@absolutejs/auth 0.27.0-beta.9 → 0.28.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (24) hide show
  1. package/dist/abuse/captcha.d.ts +11 -0
  2. package/dist/actions.d.ts +27 -0
  3. package/dist/client/createAuthClient.d.ts +258 -0
  4. package/dist/client/index.d.ts +1 -0
  5. package/dist/client/index.js +127 -0
  6. package/dist/client/index.js.map +10 -0
  7. package/dist/client/react.d.ts +62 -0
  8. package/dist/client/react.js +75 -0
  9. package/dist/client/react.js.map +10 -0
  10. package/dist/fga/config.d.ts +10 -0
  11. package/dist/index.d.ts +119 -5
  12. package/dist/index.js +9700 -9028
  13. package/dist/index.js.map +19 -14
  14. package/dist/oidc/config.d.ts +97 -2
  15. package/dist/oidc/inMemoryStores.d.ts +2 -1
  16. package/dist/oidc/postgresStores.d.ts +199 -1
  17. package/dist/oidc/routes.d.ts +111 -3
  18. package/dist/oidc/types.d.ts +20 -0
  19. package/dist/organizations/operations.d.ts +7 -0
  20. package/dist/vault/config.d.ts +20 -0
  21. package/dist/vault/inMemoryVaultStore.d.ts +2 -0
  22. package/dist/vault/postgresVaultStore.d.ts +100 -0
  23. package/dist/vault/types.d.ts +14 -0
  24. package/package.json +18 -3
package/dist/oidc/config.d.ts CHANGED
@@ -1,11 +1,20 @@
1
1
  import type { RouteString } from '../types';
2
2
  import { type SigningKey } from './keys';
3
- import type { AuthorizationCodeStore, OAuthClientStore, OidcRefreshTokenStore } from './types';
3
+ import type { AuthorizationCodeStore, DeviceAuthorizationStore, OAuthClientStore, OidcRefreshTokenStore } from './types';
4
4
  export declare const DEFAULT_OIDC_ROUTE: RouteString;
5
5
  export type OidcProviderConfig<UserType> = {
6
6
  accessTokenTtlMs?: number;
7
7
  authorizationCodeStore: AuthorizationCodeStore;
8
8
  clientStore: OAuthClientStore;
9
+ deviceAuthorizationStore?: DeviceAuthorizationStore;
10
+ deviceCodeTtlMs?: number;
11
+ devicePollIntervalSeconds?: number;
12
+ getAccessTokenClaims?: (context: {
13
+ audience?: string;
14
+ clientId: string;
15
+ scopes: string[];
16
+ sub: string;
17
+ }) => Record<string, unknown> | Promise<Record<string, unknown>>;
9
18
  getClaims?: (user: UserType) => Record<string, unknown>;
10
19
  getGrantedScopes?: (context: {
11
20
  client: {
@@ -57,7 +66,7 @@ export declare const issueTokenSet: <UserType>({ claims, clientId, config, dpopJ
57
66
  id_token: string;
58
67
  refresh_token: string;
59
68
  scope: string;
60
- token_type: string;
69
+ token_type: "Bearer" | "DPoP";
61
70
  }>;
62
71
  export declare const mcpProtectedResourceMetadata: ({ issuer, resource, scopes }: {
63
72
  issuer: string;
@@ -69,3 +78,89 @@ export declare const mcpProtectedResourceMetadata: ({ issuer, resource, scopes }
69
78
  scopes_supported: string[];
70
79
  };
71
80
  export declare const verifyPkce: (codeVerifier: string, codeChallenge: string) => Promise<boolean>;
81
+ export type TokenIntrospection = {
82
+ active: false;
83
+ } | {
84
+ active: true;
85
+ client_id: string;
86
+ exp: number;
87
+ iat: number;
88
+ scope: string;
89
+ sub: string;
90
+ token_type: 'access_token' | 'refresh_token';
91
+ };
92
+ export type TokenTypeHint = 'access_token' | 'refresh_token';
93
+ export declare const introspectToken: <UserType>({ config, hint, now, token }: {
94
+ config: OidcProviderConfig<UserType>;
95
+ hint?: TokenTypeHint;
96
+ now?: number;
97
+ token: string;
98
+ }) => Promise<{
99
+ active: false;
100
+ } | {
101
+ active: true;
102
+ client_id: any;
103
+ exp: any;
104
+ iat: any;
105
+ scope: any;
106
+ sub: any;
107
+ token_type: "access_token";
108
+ } | {
109
+ active: true;
110
+ client_id: string;
111
+ exp: number;
112
+ iat: number;
113
+ scope: string;
114
+ sub: string;
115
+ token_type: "refresh_token";
116
+ }>;
117
+ export declare const revokeRefreshToken: <UserType>(config: OidcProviderConfig<UserType>, token: string) => Promise<boolean>;
118
+ export type DeviceAuthorizationResponse = {
119
+ device_code: string;
120
+ expires_in: number;
121
+ interval: number;
122
+ user_code: string;
123
+ verification_uri: string;
124
+ verification_uri_complete: string;
125
+ };
126
+ export declare const issueDeviceAuthorization: <UserType>({ clientId, config, now, requestedScopes }: {
127
+ clientId: string;
128
+ config: OidcProviderConfig<UserType>;
129
+ now?: number;
130
+ requestedScopes: string[];
131
+ }) => Promise<DeviceAuthorizationResponse>;
132
+ export type DeviceDecisionResult = {
133
+ error: 'already_decided' | 'expired_token' | 'invalid_user_code' | 'not_configured';
134
+ ok: false;
135
+ } | {
136
+ ok: true;
137
+ };
138
+ export declare const approveDeviceAuthorization: <UserType>({ config, userCode, userSub }: {
139
+ config: OidcProviderConfig<UserType>;
140
+ userCode: string;
141
+ userSub: string;
142
+ }) => Promise<DeviceDecisionResult>;
143
+ export declare const denyDeviceAuthorization: <UserType>({ config, userCode }: {
144
+ config: OidcProviderConfig<UserType>;
145
+ userCode: string;
146
+ }) => Promise<DeviceDecisionResult>;
147
+ export type DeviceCodeExchangeError = 'access_denied' | 'authorization_pending' | 'expired_token' | 'invalid_grant' | 'slow_down';
148
+ export type DeviceCodeExchangeResult = {
149
+ access_token: string;
150
+ expires_in: number;
151
+ id_token: string;
152
+ ok: true;
153
+ refresh_token: string;
154
+ scope: string;
155
+ token_type: 'Bearer' | 'DPoP';
156
+ } | {
157
+ error: DeviceCodeExchangeError;
158
+ ok: false;
159
+ };
160
+ export declare const exchangeDeviceCode: <UserType>({ clientId, config, deviceCode, dpopJkt, now }: {
161
+ clientId: string;
162
+ config: OidcProviderConfig<UserType>;
163
+ deviceCode: string;
164
+ dpopJkt?: string;
165
+ now?: number;
166
+ }) => Promise<DeviceCodeExchangeResult>;
package/dist/oidc/inMemoryStores.d.ts CHANGED
@@ -1,4 +1,5 @@
1
- import type { AuthorizationCodeStore, OAuthClient, OAuthClientStore, OidcRefreshTokenStore } from './types';
1
+ import type { AuthorizationCodeStore, DeviceAuthorizationStore, OAuthClient, OAuthClientStore, OidcRefreshTokenStore } from './types';
2
2
  export declare const createInMemoryAuthorizationCodeStore: () => AuthorizationCodeStore;
3
+ export declare const createInMemoryDeviceAuthorizationStore: () => DeviceAuthorizationStore;
3
4
  export declare const createInMemoryOAuthClientStore: (clients: OAuthClient[]) => OAuthClientStore;
4
5
  export declare const createInMemoryOidcRefreshTokenStore: () => OidcRefreshTokenStore;
package/dist/oidc/postgresStores.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import { type AnyPgDatabase } from '../stores/postgres';
2
- import type { AuthorizationCodeStore, OAuthClientStore, OidcRefreshTokenStore } from './types';
2
+ import type { AuthorizationCodeStore, DeviceAuthorizationStore, OAuthClientStore, OidcRefreshTokenStore } from './types';
3
3
  export declare const oauthClientsTable: import("drizzle-orm/pg-core").PgTableWithColumns<{
4
4
  name: "auth_oauth_clients";
5
5
  schema: undefined;
@@ -386,6 +386,202 @@ export declare const oauthCodesTable: import("drizzle-orm/pg-core").PgTableWithC
386
386
  };
387
387
  dialect: "pg";
388
388
  }>;
389
+ export declare const oauthDeviceAuthorizationsTable: import("drizzle-orm/pg-core").PgTableWithColumns<{
390
+ name: "auth_oauth_device_authorizations";
391
+ schema: undefined;
392
+ columns: {
393
+ client_id: import("drizzle-orm/pg-core").PgColumn<{
394
+ name: "client_id";
395
+ tableName: "auth_oauth_device_authorizations";
396
+ dataType: "string";
397
+ columnType: "PgVarchar";
398
+ data: string;
399
+ driverParam: string;
400
+ notNull: true;
401
+ hasDefault: false;
402
+ isPrimaryKey: false;
403
+ isAutoincrement: false;
404
+ hasRuntimeDefault: false;
405
+ enumValues: [string, ...string[]];
406
+ baseColumn: never;
407
+ identity: undefined;
408
+ generated: undefined;
409
+ }, {}, {
410
+ length: 255;
411
+ }>;
412
+ created_at_ms: import("drizzle-orm/pg-core").PgColumn<{
413
+ name: "created_at_ms";
414
+ tableName: "auth_oauth_device_authorizations";
415
+ dataType: "number";
416
+ columnType: "PgBigInt53";
417
+ data: number;
418
+ driverParam: string | number;
419
+ notNull: true;
420
+ hasDefault: false;
421
+ isPrimaryKey: false;
422
+ isAutoincrement: false;
423
+ hasRuntimeDefault: false;
424
+ enumValues: undefined;
425
+ baseColumn: never;
426
+ identity: undefined;
427
+ generated: undefined;
428
+ }, {}, {}>;
429
+ device_code_hash: import("drizzle-orm/pg-core").PgColumn<{
430
+ name: "device_code_hash";
431
+ tableName: "auth_oauth_device_authorizations";
432
+ dataType: "string";
433
+ columnType: "PgVarchar";
434
+ data: string;
435
+ driverParam: string;
436
+ notNull: true;
437
+ hasDefault: false;
438
+ isPrimaryKey: true;
439
+ isAutoincrement: false;
440
+ hasRuntimeDefault: false;
441
+ enumValues: [string, ...string[]];
442
+ baseColumn: never;
443
+ identity: undefined;
444
+ generated: undefined;
445
+ }, {}, {
446
+ length: 255;
447
+ }>;
448
+ expires_at_ms: import("drizzle-orm/pg-core").PgColumn<{
449
+ name: "expires_at_ms";
450
+ tableName: "auth_oauth_device_authorizations";
451
+ dataType: "number";
452
+ columnType: "PgBigInt53";
453
+ data: number;
454
+ driverParam: string | number;
455
+ notNull: true;
456
+ hasDefault: false;
457
+ isPrimaryKey: false;
458
+ isAutoincrement: false;
459
+ hasRuntimeDefault: false;
460
+ enumValues: undefined;
461
+ baseColumn: never;
462
+ identity: undefined;
463
+ generated: undefined;
464
+ }, {}, {}>;
465
+ interval_seconds: import("drizzle-orm/pg-core").PgColumn<{
466
+ name: "interval_seconds";
467
+ tableName: "auth_oauth_device_authorizations";
468
+ dataType: "number";
469
+ columnType: "PgBigInt53";
470
+ data: number;
471
+ driverParam: string | number;
472
+ notNull: true;
473
+ hasDefault: false;
474
+ isPrimaryKey: false;
475
+ isAutoincrement: false;
476
+ hasRuntimeDefault: false;
477
+ enumValues: undefined;
478
+ baseColumn: never;
479
+ identity: undefined;
480
+ generated: undefined;
481
+ }, {}, {}>;
482
+ scopes: import("drizzle-orm/pg-core").PgColumn<{
483
+ name: "scopes";
484
+ tableName: "auth_oauth_device_authorizations";
485
+ dataType: "array";
486
+ columnType: "PgArray";
487
+ data: string[];
488
+ driverParam: string | string[];
489
+ notNull: true;
490
+ hasDefault: false;
491
+ isPrimaryKey: false;
492
+ isAutoincrement: false;
493
+ hasRuntimeDefault: false;
494
+ enumValues: [string, ...string[]];
495
+ baseColumn: import("drizzle-orm").Column<{
496
+ name: "scopes";
497
+ tableName: "auth_oauth_device_authorizations";
498
+ dataType: "string";
499
+ columnType: "PgText";
500
+ data: string;
501
+ driverParam: string;
502
+ notNull: false;
503
+ hasDefault: false;
504
+ isPrimaryKey: false;
505
+ isAutoincrement: false;
506
+ hasRuntimeDefault: false;
507
+ enumValues: [string, ...string[]];
508
+ baseColumn: never;
509
+ identity: undefined;
510
+ generated: undefined;
511
+ }, {}, {}>;
512
+ identity: undefined;
513
+ generated: undefined;
514
+ }, {}, {
515
+ baseBuilder: import("drizzle-orm/pg-core").PgColumnBuilder<{
516
+ name: "scopes";
517
+ dataType: "string";
518
+ columnType: "PgText";
519
+ data: string;
520
+ enumValues: [string, ...string[]];
521
+ driverParam: string;
522
+ }, {}, {}, import("drizzle-orm").ColumnBuilderExtraConfig>;
523
+ size: undefined;
524
+ }>;
525
+ status: import("drizzle-orm/pg-core").PgColumn<{
526
+ name: "status";
527
+ tableName: "auth_oauth_device_authorizations";
528
+ dataType: "string";
529
+ columnType: "PgVarchar";
530
+ data: string;
531
+ driverParam: string;
532
+ notNull: true;
533
+ hasDefault: false;
534
+ isPrimaryKey: false;
535
+ isAutoincrement: false;
536
+ hasRuntimeDefault: false;
537
+ enumValues: [string, ...string[]];
538
+ baseColumn: never;
539
+ identity: undefined;
540
+ generated: undefined;
541
+ }, {}, {
542
+ length: 16;
543
+ }>;
544
+ user_code: import("drizzle-orm/pg-core").PgColumn<{
545
+ name: "user_code";
546
+ tableName: "auth_oauth_device_authorizations";
547
+ dataType: "string";
548
+ columnType: "PgVarchar";
549
+ data: string;
550
+ driverParam: string;
551
+ notNull: true;
552
+ hasDefault: false;
553
+ isPrimaryKey: false;
554
+ isAutoincrement: false;
555
+ hasRuntimeDefault: false;
556
+ enumValues: [string, ...string[]];
557
+ baseColumn: never;
558
+ identity: undefined;
559
+ generated: undefined;
560
+ }, {}, {
561
+ length: 16;
562
+ }>;
563
+ user_sub: import("drizzle-orm/pg-core").PgColumn<{
564
+ name: "user_sub";
565
+ tableName: "auth_oauth_device_authorizations";
566
+ dataType: "string";
567
+ columnType: "PgVarchar";
568
+ data: string;
569
+ driverParam: string;
570
+ notNull: false;
571
+ hasDefault: false;
572
+ isPrimaryKey: false;
573
+ isAutoincrement: false;
574
+ hasRuntimeDefault: false;
575
+ enumValues: [string, ...string[]];
576
+ baseColumn: never;
577
+ identity: undefined;
578
+ generated: undefined;
579
+ }, {}, {
580
+ length: 255;
581
+ }>;
582
+ };
583
+ dialect: "pg";
584
+ }>;
389
585
  export declare const oauthRefreshTokensTable: import("drizzle-orm/pg-core").PgTableWithColumns<{
390
586
  name: "auth_oauth_refresh_tokens";
391
587
  schema: undefined;
@@ -566,8 +762,10 @@ export declare const oauthRefreshTokensTable: import("drizzle-orm/pg-core").PgTa
566
762
  dialect: "pg";
567
763
  }>;
568
764
  export declare const createNeonAuthorizationCodeStore: (databaseUrl: string) => AuthorizationCodeStore;
765
+ export declare const createNeonDeviceAuthorizationStore: (databaseUrl: string) => DeviceAuthorizationStore;
569
766
  export declare const createNeonOAuthClientStore: (databaseUrl: string) => OAuthClientStore;
570
767
  export declare const createNeonOidcRefreshTokenStore: (databaseUrl: string) => OidcRefreshTokenStore;
571
768
  export declare const createPostgresAuthorizationCodeStore: (db: AnyPgDatabase) => AuthorizationCodeStore;
769
+ export declare const createPostgresDeviceAuthorizationStore: (db: AnyPgDatabase) => DeviceAuthorizationStore;
572
770
  export declare const createPostgresOAuthClientStore: (db: AnyPgDatabase) => OAuthClientStore;
573
771
  export declare const createPostgresOidcRefreshTokenStore: (db: AnyPgDatabase) => OidcRefreshTokenStore;
package/dist/oidc/routes.d.ts CHANGED
@@ -27,9 +27,9 @@ export declare const oidcProviderRoutes: <UserType>(config: OidcProviderConfig<U
27
27
  body: unknown;
28
28
  params: {};
29
29
  query: {
30
- nonce?: string | undefined;
31
30
  client_id?: string | undefined;
32
31
  scope?: string | undefined;
32
+ nonce?: string | undefined;
33
33
  code_challenge?: string | undefined;
34
34
  code_challenge_method?: string | undefined;
35
35
  redirect_uri?: string | undefined;
@@ -55,11 +55,12 @@ export declare const oidcProviderRoutes: <UserType>(config: OidcProviderConfig<U
55
55
  [x: string]: {
56
56
  post: {
57
57
  body: {
58
- audience?: string | undefined;
59
- resource?: string | undefined;
60
58
  client_id?: string | undefined;
61
59
  scope?: string | undefined;
60
+ audience?: string | undefined;
61
+ resource?: string | undefined;
62
62
  refresh_token?: string | undefined;
63
+ device_code?: string | undefined;
63
64
  client_secret?: string | undefined;
64
65
  grant_type?: string | undefined;
65
66
  code?: string | undefined;
@@ -85,6 +86,113 @@ export declare const oidcProviderRoutes: <UserType>(config: OidcProviderConfig<U
85
86
  };
86
87
  };
87
88
  };
89
+ } & {
90
+ [x: string]: {
91
+ post: {
92
+ body: {
93
+ client_id?: string | undefined;
94
+ client_secret?: string | undefined;
95
+ token_type_hint?: string | undefined;
96
+ token: string;
97
+ };
98
+ params: {};
99
+ query: unknown;
100
+ headers: {
101
+ authorization?: string | undefined;
102
+ };
103
+ response: {
104
+ 200: Response;
105
+ 422: {
106
+ type: "validation";
107
+ on: string;
108
+ summary?: string;
109
+ message?: string;
110
+ found?: unknown;
111
+ property?: string;
112
+ expected?: string;
113
+ };
114
+ };
115
+ };
116
+ };
117
+ } & {
118
+ [x: string]: {
119
+ post: {
120
+ body: {
121
+ client_id?: string | undefined;
122
+ client_secret?: string | undefined;
123
+ token_type_hint?: string | undefined;
124
+ token: string;
125
+ };
126
+ params: {};
127
+ query: unknown;
128
+ headers: {
129
+ authorization?: string | undefined;
130
+ };
131
+ response: {
132
+ 200: Response;
133
+ 422: {
134
+ type: "validation";
135
+ on: string;
136
+ summary?: string;
137
+ message?: string;
138
+ found?: unknown;
139
+ property?: string;
140
+ expected?: string;
141
+ };
142
+ };
143
+ };
144
+ };
145
+ } & {
146
+ [x: string]: {
147
+ post: {
148
+ body: {
149
+ client_id?: string | undefined;
150
+ scope?: string | undefined;
151
+ client_secret?: string | undefined;
152
+ };
153
+ params: {};
154
+ query: unknown;
155
+ headers: {
156
+ authorization?: string | undefined;
157
+ };
158
+ response: {
159
+ 200: Response;
160
+ 422: {
161
+ type: "validation";
162
+ on: string;
163
+ summary?: string;
164
+ message?: string;
165
+ found?: unknown;
166
+ property?: string;
167
+ expected?: string;
168
+ };
169
+ };
170
+ };
171
+ };
172
+ } & {
173
+ [x: string]: {
174
+ post: {
175
+ body: {
176
+ action?: "deny" | "approve" | undefined;
177
+ user_code: string;
178
+ };
179
+ params: {};
180
+ query: unknown;
181
+ headers: unknown;
182
+ response: {
183
+ 200: Response;
184
+ 422: {
185
+ type: "validation";
186
+ on: string;
187
+ summary?: string;
188
+ message?: string;
189
+ found?: unknown;
190
+ property?: string;
191
+ expected?: string;
192
+ };
193
+ };
194
+ };
195
+ };
88
196
  } & {
89
197
  [x: string]: {
90
198
  get: {
package/dist/oidc/types.d.ts CHANGED
@@ -38,5 +38,25 @@ export type OidcRefreshToken = {
38
38
  export type OidcRefreshTokenStore = {
39
39
  consumeToken: (tokenHash: string) => Promise<OidcRefreshToken | undefined>;
40
40
  deleteForUser: (userId: string) => Promise<void>;
41
+ getToken: (tokenHash: string) => Promise<OidcRefreshToken | undefined>;
41
42
  saveToken: (token: OidcRefreshToken) => Promise<void>;
42
43
  };
44
+ export type DeviceAuthorizationStatus = 'approved' | 'denied' | 'pending';
45
+ export type DeviceAuthorization = {
46
+ clientId: string;
47
+ createdAt: number;
48
+ deviceCodeHash: string;
49
+ expiresAt: number;
50
+ intervalSeconds: number;
51
+ scopes: string[];
52
+ status: DeviceAuthorizationStatus;
53
+ userCode: string;
54
+ userSub?: string;
55
+ };
56
+ export type DeviceAuthorizationStore = {
57
+ deleteByDeviceCodeHash: (deviceCodeHash: string) => Promise<void>;
58
+ findByDeviceCodeHash: (deviceCodeHash: string) => Promise<DeviceAuthorization | undefined>;
59
+ findByUserCode: (userCode: string) => Promise<DeviceAuthorization | undefined>;
60
+ saveDeviceAuthorization: (deviceAuthorization: DeviceAuthorization) => Promise<void>;
61
+ updateStatus: (deviceCodeHash: string, status: DeviceAuthorizationStatus, userSub?: string) => Promise<void>;
62
+ };
package/dist/organizations/operations.d.ts CHANGED
@@ -5,6 +5,13 @@ export declare const acceptInvitation: ({ organizationStore, token, userId }: {
5
5
  token: string;
6
6
  userId: string;
7
7
  }) => Promise<OrganizationMembership | undefined>;
8
+ export declare const autoAssignOrgsByEmail: ({ email, getOrgsForDomain, organizationStore, roles, userId }: {
9
+ email: string;
10
+ getOrgsForDomain: (domain: string) => Promise<OrganizationId[]> | OrganizationId[];
11
+ organizationStore: OrganizationStore;
12
+ roles?: string[];
13
+ userId: string;
14
+ }) => Promise<string[]>;
8
15
  export declare const createOrganization: ({ metadata, name, organizationStore, ownerRoles, ownerUserId }: {
9
16
  metadata?: Record<string, unknown>;
10
17
  name: string;
package/dist/vault/config.d.ts ADDED
@@ -0,0 +1,20 @@
1
+ import { type SecretCipher } from '../compliance/cipher';
2
+ import type { VaultStore } from './types';
3
+ export type Vault = {
4
+ delete: (ownerId: string, name: string) => Promise<void>;
5
+ get: (ownerId: string, name: string) => Promise<string | undefined>;
6
+ list: (ownerId: string) => Promise<string[]>;
7
+ put: (ownerId: string, name: string, value: string) => Promise<void>;
8
+ };
9
+ export declare const createVault: ({ cipher, store }: {
10
+ cipher: SecretCipher;
11
+ store: VaultStore;
12
+ }) => Vault;
13
+ export type VaultKeyRotationResult = {
14
+ rotated: number;
15
+ };
16
+ export declare const rotateVaultKey: ({ newKey, oldKey, store }: {
17
+ newKey: string;
18
+ oldKey: string;
19
+ store: VaultStore;
20
+ }) => Promise<VaultKeyRotationResult>;
package/dist/vault/inMemoryVaultStore.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { VaultStore } from './types';
2
+ export declare const createInMemoryVaultStore: () => VaultStore;
package/dist/vault/postgresVaultStore.d.ts ADDED
@@ -0,0 +1,100 @@
1
+ import { type AnyPgDatabase } from '../stores/postgres';
2
+ import type { VaultStore } from './types';
3
+ export declare const vaultEntriesTable: import("drizzle-orm/pg-core").PgTableWithColumns<{
4
+ name: "auth_vault_entries";
5
+ schema: undefined;
6
+ columns: {
7
+ created_at_ms: import("drizzle-orm/pg-core").PgColumn<{
8
+ name: "created_at_ms";
9
+ tableName: "auth_vault_entries";
10
+ dataType: "number";
11
+ columnType: "PgBigInt53";
12
+ data: number;
13
+ driverParam: string | number;
14
+ notNull: true;
15
+ hasDefault: false;
16
+ isPrimaryKey: false;
17
+ isAutoincrement: false;
18
+ hasRuntimeDefault: false;
19
+ enumValues: undefined;
20
+ baseColumn: never;
21
+ identity: undefined;
22
+ generated: undefined;
23
+ }, {}, {}>;
24
+ encrypted_value: import("drizzle-orm/pg-core").PgColumn<{
25
+ name: "encrypted_value";
26
+ tableName: "auth_vault_entries";
27
+ dataType: "string";
28
+ columnType: "PgText";
29
+ data: string;
30
+ driverParam: string;
31
+ notNull: true;
32
+ hasDefault: false;
33
+ isPrimaryKey: false;
34
+ isAutoincrement: false;
35
+ hasRuntimeDefault: false;
36
+ enumValues: [string, ...string[]];
37
+ baseColumn: never;
38
+ identity: undefined;
39
+ generated: undefined;
40
+ }, {}, {}>;
41
+ name: import("drizzle-orm/pg-core").PgColumn<{
42
+ name: "name";
43
+ tableName: "auth_vault_entries";
44
+ dataType: "string";
45
+ columnType: "PgVarchar";
46
+ data: string;
47
+ driverParam: string;
48
+ notNull: true;
49
+ hasDefault: false;
50
+ isPrimaryKey: false;
51
+ isAutoincrement: false;
52
+ hasRuntimeDefault: false;
53
+ enumValues: [string, ...string[]];
54
+ baseColumn: never;
55
+ identity: undefined;
56
+ generated: undefined;
57
+ }, {}, {
58
+ length: 255;
59
+ }>;
60
+ owner_id: import("drizzle-orm/pg-core").PgColumn<{
61
+ name: "owner_id";
62
+ tableName: "auth_vault_entries";
63
+ dataType: "string";
64
+ columnType: "PgVarchar";
65
+ data: string;
66
+ driverParam: string;
67
+ notNull: true;
68
+ hasDefault: false;
69
+ isPrimaryKey: false;
70
+ isAutoincrement: false;
71
+ hasRuntimeDefault: false;
72
+ enumValues: [string, ...string[]];
73
+ baseColumn: never;
74
+ identity: undefined;
75
+ generated: undefined;
76
+ }, {}, {
77
+ length: 255;
78
+ }>;
79
+ updated_at_ms: import("drizzle-orm/pg-core").PgColumn<{
80
+ name: "updated_at_ms";
81
+ tableName: "auth_vault_entries";
82
+ dataType: "number";
83
+ columnType: "PgBigInt53";
84
+ data: number;
85
+ driverParam: string | number;
86
+ notNull: true;
87
+ hasDefault: false;
88
+ isPrimaryKey: false;
89
+ isAutoincrement: false;
90
+ hasRuntimeDefault: false;
91
+ enumValues: undefined;
92
+ baseColumn: never;
93
+ identity: undefined;
94
+ generated: undefined;
95
+ }, {}, {}>;
96
+ };
97
+ dialect: "pg";
98
+ }>;
99
+ export declare const createNeonVaultStore: (databaseUrl: string) => VaultStore;
100
+ export declare const createPostgresVaultStore: (db: AnyPgDatabase) => VaultStore;
package/dist/vault/types.d.ts ADDED
@@ -0,0 +1,14 @@
1
+ export type VaultEntry = {
2
+ createdAt: number;
3
+ encryptedValue: string;
4
+ name: string;
5
+ ownerId: string;
6
+ updatedAt: number;
7
+ };
8
+ export type VaultStore = {
9
+ deleteEntry: (ownerId: string, name: string) => Promise<void>;
10
+ getEntry: (ownerId: string, name: string) => Promise<VaultEntry | undefined>;
11
+ listAllEntries: () => Promise<VaultEntry[]>;
12
+ listEntries: (ownerId: string) => Promise<VaultEntry[]>;
13
+ saveEntry: (entry: VaultEntry) => Promise<void>;
14
+ };