@absolutejs/auth 0.27.0 → 0.29.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/dist/index.d.ts +112 -2
  2. package/dist/index.js +647 -40
  3. package/dist/index.js.map +12 -10
  4. package/dist/oidc/config.d.ts +91 -2
  5. package/dist/oidc/inMemoryStores.d.ts +2 -1
  6. package/dist/oidc/postgresStores.d.ts +199 -1
  7. package/dist/oidc/routes.d.ts +108 -0
  8. package/dist/oidc/types.d.ts +20 -0
  9. package/dist/webhooks/config.d.ts +14 -1
  10. package/dist/webhooks/dispatcher.d.ts +1 -1
  11. package/dist/webhooks/inMemoryStore.d.ts +2 -0
  12. package/dist/webhooks/postgresStore.d.ts +136 -0
  13. package/dist/webhooks/types.d.ts +14 -0
  14. package/package.json +1 -1
package/dist/oidc/config.d.ts CHANGED
@@ -1,11 +1,14 @@
1
1
  import type { RouteString } from '../types';
2
2
  import { type SigningKey } from './keys';
3
- import type { AuthorizationCodeStore, OAuthClientStore, OidcRefreshTokenStore } from './types';
3
+ import type { AuthorizationCodeStore, DeviceAuthorizationStore, OAuthClientStore, OidcRefreshTokenStore } from './types';
4
4
  export declare const DEFAULT_OIDC_ROUTE: RouteString;
5
5
  export type OidcProviderConfig<UserType> = {
6
6
  accessTokenTtlMs?: number;
7
7
  authorizationCodeStore: AuthorizationCodeStore;
8
8
  clientStore: OAuthClientStore;
9
+ deviceAuthorizationStore?: DeviceAuthorizationStore;
10
+ deviceCodeTtlMs?: number;
11
+ devicePollIntervalSeconds?: number;
9
12
  getAccessTokenClaims?: (context: {
10
13
  audience?: string;
11
14
  clientId: string;
@@ -63,7 +66,7 @@ export declare const issueTokenSet: <UserType>({ claims, clientId, config, dpopJ
63
66
  id_token: string;
64
67
  refresh_token: string;
65
68
  scope: string;
66
- token_type: string;
69
+ token_type: "Bearer" | "DPoP";
67
70
  }>;
68
71
  export declare const mcpProtectedResourceMetadata: ({ issuer, resource, scopes }: {
69
72
  issuer: string;
@@ -75,3 +78,89 @@ export declare const mcpProtectedResourceMetadata: ({ issuer, resource, scopes }
75
78
  scopes_supported: string[];
76
79
  };
77
80
  export declare const verifyPkce: (codeVerifier: string, codeChallenge: string) => Promise<boolean>;
81
+ export type TokenIntrospection = {
82
+ active: false;
83
+ } | {
84
+ active: true;
85
+ client_id: string;
86
+ exp: number;
87
+ iat: number;
88
+ scope: string;
89
+ sub: string;
90
+ token_type: 'access_token' | 'refresh_token';
91
+ };
92
+ export type TokenTypeHint = 'access_token' | 'refresh_token';
93
+ export declare const introspectToken: <UserType>({ config, hint, now, token }: {
94
+ config: OidcProviderConfig<UserType>;
95
+ hint?: TokenTypeHint;
96
+ now?: number;
97
+ token: string;
98
+ }) => Promise<{
99
+ active: false;
100
+ } | {
101
+ active: true;
102
+ client_id: any;
103
+ exp: any;
104
+ iat: any;
105
+ scope: any;
106
+ sub: any;
107
+ token_type: "access_token";
108
+ } | {
109
+ active: true;
110
+ client_id: string;
111
+ exp: number;
112
+ iat: number;
113
+ scope: string;
114
+ sub: string;
115
+ token_type: "refresh_token";
116
+ }>;
117
+ export declare const revokeRefreshToken: <UserType>(config: OidcProviderConfig<UserType>, token: string) => Promise<boolean>;
118
+ export type DeviceAuthorizationResponse = {
119
+ device_code: string;
120
+ expires_in: number;
121
+ interval: number;
122
+ user_code: string;
123
+ verification_uri: string;
124
+ verification_uri_complete: string;
125
+ };
126
+ export declare const issueDeviceAuthorization: <UserType>({ clientId, config, now, requestedScopes }: {
127
+ clientId: string;
128
+ config: OidcProviderConfig<UserType>;
129
+ now?: number;
130
+ requestedScopes: string[];
131
+ }) => Promise<DeviceAuthorizationResponse>;
132
+ export type DeviceDecisionResult = {
133
+ error: 'already_decided' | 'expired_token' | 'invalid_user_code' | 'not_configured';
134
+ ok: false;
135
+ } | {
136
+ ok: true;
137
+ };
138
+ export declare const approveDeviceAuthorization: <UserType>({ config, userCode, userSub }: {
139
+ config: OidcProviderConfig<UserType>;
140
+ userCode: string;
141
+ userSub: string;
142
+ }) => Promise<DeviceDecisionResult>;
143
+ export declare const denyDeviceAuthorization: <UserType>({ config, userCode }: {
144
+ config: OidcProviderConfig<UserType>;
145
+ userCode: string;
146
+ }) => Promise<DeviceDecisionResult>;
147
+ export type DeviceCodeExchangeError = 'access_denied' | 'authorization_pending' | 'expired_token' | 'invalid_grant' | 'slow_down';
148
+ export type DeviceCodeExchangeResult = {
149
+ access_token: string;
150
+ expires_in: number;
151
+ id_token: string;
152
+ ok: true;
153
+ refresh_token: string;
154
+ scope: string;
155
+ token_type: 'Bearer' | 'DPoP';
156
+ } | {
157
+ error: DeviceCodeExchangeError;
158
+ ok: false;
159
+ };
160
+ export declare const exchangeDeviceCode: <UserType>({ clientId, config, deviceCode, dpopJkt, now }: {
161
+ clientId: string;
162
+ config: OidcProviderConfig<UserType>;
163
+ deviceCode: string;
164
+ dpopJkt?: string;
165
+ now?: number;
166
+ }) => Promise<DeviceCodeExchangeResult>;
package/dist/oidc/inMemoryStores.d.ts CHANGED
@@ -1,4 +1,5 @@
1
- import type { AuthorizationCodeStore, OAuthClient, OAuthClientStore, OidcRefreshTokenStore } from './types';
1
+ import type { AuthorizationCodeStore, DeviceAuthorizationStore, OAuthClient, OAuthClientStore, OidcRefreshTokenStore } from './types';
2
2
  export declare const createInMemoryAuthorizationCodeStore: () => AuthorizationCodeStore;
3
+ export declare const createInMemoryDeviceAuthorizationStore: () => DeviceAuthorizationStore;
3
4
  export declare const createInMemoryOAuthClientStore: (clients: OAuthClient[]) => OAuthClientStore;
4
5
  export declare const createInMemoryOidcRefreshTokenStore: () => OidcRefreshTokenStore;
package/dist/oidc/postgresStores.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import { type AnyPgDatabase } from '../stores/postgres';
2
- import type { AuthorizationCodeStore, OAuthClientStore, OidcRefreshTokenStore } from './types';
2
+ import type { AuthorizationCodeStore, DeviceAuthorizationStore, OAuthClientStore, OidcRefreshTokenStore } from './types';
3
3
  export declare const oauthClientsTable: import("drizzle-orm/pg-core").PgTableWithColumns<{
4
4
  name: "auth_oauth_clients";
5
5
  schema: undefined;
@@ -386,6 +386,202 @@ export declare const oauthCodesTable: import("drizzle-orm/pg-core").PgTableWithC
386
386
  };
387
387
  dialect: "pg";
388
388
  }>;
389
+ export declare const oauthDeviceAuthorizationsTable: import("drizzle-orm/pg-core").PgTableWithColumns<{
390
+ name: "auth_oauth_device_authorizations";
391
+ schema: undefined;
392
+ columns: {
393
+ client_id: import("drizzle-orm/pg-core").PgColumn<{
394
+ name: "client_id";
395
+ tableName: "auth_oauth_device_authorizations";
396
+ dataType: "string";
397
+ columnType: "PgVarchar";
398
+ data: string;
399
+ driverParam: string;
400
+ notNull: true;
401
+ hasDefault: false;
402
+ isPrimaryKey: false;
403
+ isAutoincrement: false;
404
+ hasRuntimeDefault: false;
405
+ enumValues: [string, ...string[]];
406
+ baseColumn: never;
407
+ identity: undefined;
408
+ generated: undefined;
409
+ }, {}, {
410
+ length: 255;
411
+ }>;
412
+ created_at_ms: import("drizzle-orm/pg-core").PgColumn<{
413
+ name: "created_at_ms";
414
+ tableName: "auth_oauth_device_authorizations";
415
+ dataType: "number";
416
+ columnType: "PgBigInt53";
417
+ data: number;
418
+ driverParam: string | number;
419
+ notNull: true;
420
+ hasDefault: false;
421
+ isPrimaryKey: false;
422
+ isAutoincrement: false;
423
+ hasRuntimeDefault: false;
424
+ enumValues: undefined;
425
+ baseColumn: never;
426
+ identity: undefined;
427
+ generated: undefined;
428
+ }, {}, {}>;
429
+ device_code_hash: import("drizzle-orm/pg-core").PgColumn<{
430
+ name: "device_code_hash";
431
+ tableName: "auth_oauth_device_authorizations";
432
+ dataType: "string";
433
+ columnType: "PgVarchar";
434
+ data: string;
435
+ driverParam: string;
436
+ notNull: true;
437
+ hasDefault: false;
438
+ isPrimaryKey: true;
439
+ isAutoincrement: false;
440
+ hasRuntimeDefault: false;
441
+ enumValues: [string, ...string[]];
442
+ baseColumn: never;
443
+ identity: undefined;
444
+ generated: undefined;
445
+ }, {}, {
446
+ length: 255;
447
+ }>;
448
+ expires_at_ms: import("drizzle-orm/pg-core").PgColumn<{
449
+ name: "expires_at_ms";
450
+ tableName: "auth_oauth_device_authorizations";
451
+ dataType: "number";
452
+ columnType: "PgBigInt53";
453
+ data: number;
454
+ driverParam: string | number;
455
+ notNull: true;
456
+ hasDefault: false;
457
+ isPrimaryKey: false;
458
+ isAutoincrement: false;
459
+ hasRuntimeDefault: false;
460
+ enumValues: undefined;
461
+ baseColumn: never;
462
+ identity: undefined;
463
+ generated: undefined;
464
+ }, {}, {}>;
465
+ interval_seconds: import("drizzle-orm/pg-core").PgColumn<{
466
+ name: "interval_seconds";
467
+ tableName: "auth_oauth_device_authorizations";
468
+ dataType: "number";
469
+ columnType: "PgBigInt53";
470
+ data: number;
471
+ driverParam: string | number;
472
+ notNull: true;
473
+ hasDefault: false;
474
+ isPrimaryKey: false;
475
+ isAutoincrement: false;
476
+ hasRuntimeDefault: false;
477
+ enumValues: undefined;
478
+ baseColumn: never;
479
+ identity: undefined;
480
+ generated: undefined;
481
+ }, {}, {}>;
482
+ scopes: import("drizzle-orm/pg-core").PgColumn<{
483
+ name: "scopes";
484
+ tableName: "auth_oauth_device_authorizations";
485
+ dataType: "array";
486
+ columnType: "PgArray";
487
+ data: string[];
488
+ driverParam: string | string[];
489
+ notNull: true;
490
+ hasDefault: false;
491
+ isPrimaryKey: false;
492
+ isAutoincrement: false;
493
+ hasRuntimeDefault: false;
494
+ enumValues: [string, ...string[]];
495
+ baseColumn: import("drizzle-orm").Column<{
496
+ name: "scopes";
497
+ tableName: "auth_oauth_device_authorizations";
498
+ dataType: "string";
499
+ columnType: "PgText";
500
+ data: string;
501
+ driverParam: string;
502
+ notNull: false;
503
+ hasDefault: false;
504
+ isPrimaryKey: false;
505
+ isAutoincrement: false;
506
+ hasRuntimeDefault: false;
507
+ enumValues: [string, ...string[]];
508
+ baseColumn: never;
509
+ identity: undefined;
510
+ generated: undefined;
511
+ }, {}, {}>;
512
+ identity: undefined;
513
+ generated: undefined;
514
+ }, {}, {
515
+ baseBuilder: import("drizzle-orm/pg-core").PgColumnBuilder<{
516
+ name: "scopes";
517
+ dataType: "string";
518
+ columnType: "PgText";
519
+ data: string;
520
+ enumValues: [string, ...string[]];
521
+ driverParam: string;
522
+ }, {}, {}, import("drizzle-orm").ColumnBuilderExtraConfig>;
523
+ size: undefined;
524
+ }>;
525
+ status: import("drizzle-orm/pg-core").PgColumn<{
526
+ name: "status";
527
+ tableName: "auth_oauth_device_authorizations";
528
+ dataType: "string";
529
+ columnType: "PgVarchar";
530
+ data: string;
531
+ driverParam: string;
532
+ notNull: true;
533
+ hasDefault: false;
534
+ isPrimaryKey: false;
535
+ isAutoincrement: false;
536
+ hasRuntimeDefault: false;
537
+ enumValues: [string, ...string[]];
538
+ baseColumn: never;
539
+ identity: undefined;
540
+ generated: undefined;
541
+ }, {}, {
542
+ length: 16;
543
+ }>;
544
+ user_code: import("drizzle-orm/pg-core").PgColumn<{
545
+ name: "user_code";
546
+ tableName: "auth_oauth_device_authorizations";
547
+ dataType: "string";
548
+ columnType: "PgVarchar";
549
+ data: string;
550
+ driverParam: string;
551
+ notNull: true;
552
+ hasDefault: false;
553
+ isPrimaryKey: false;
554
+ isAutoincrement: false;
555
+ hasRuntimeDefault: false;
556
+ enumValues: [string, ...string[]];
557
+ baseColumn: never;
558
+ identity: undefined;
559
+ generated: undefined;
560
+ }, {}, {
561
+ length: 16;
562
+ }>;
563
+ user_sub: import("drizzle-orm/pg-core").PgColumn<{
564
+ name: "user_sub";
565
+ tableName: "auth_oauth_device_authorizations";
566
+ dataType: "string";
567
+ columnType: "PgVarchar";
568
+ data: string;
569
+ driverParam: string;
570
+ notNull: false;
571
+ hasDefault: false;
572
+ isPrimaryKey: false;
573
+ isAutoincrement: false;
574
+ hasRuntimeDefault: false;
575
+ enumValues: [string, ...string[]];
576
+ baseColumn: never;
577
+ identity: undefined;
578
+ generated: undefined;
579
+ }, {}, {
580
+ length: 255;
581
+ }>;
582
+ };
583
+ dialect: "pg";
584
+ }>;
389
585
  export declare const oauthRefreshTokensTable: import("drizzle-orm/pg-core").PgTableWithColumns<{
390
586
  name: "auth_oauth_refresh_tokens";
391
587
  schema: undefined;
@@ -566,8 +762,10 @@ export declare const oauthRefreshTokensTable: import("drizzle-orm/pg-core").PgTa
566
762
  dialect: "pg";
567
763
  }>;
568
764
  export declare const createNeonAuthorizationCodeStore: (databaseUrl: string) => AuthorizationCodeStore;
765
+ export declare const createNeonDeviceAuthorizationStore: (databaseUrl: string) => DeviceAuthorizationStore;
569
766
  export declare const createNeonOAuthClientStore: (databaseUrl: string) => OAuthClientStore;
570
767
  export declare const createNeonOidcRefreshTokenStore: (databaseUrl: string) => OidcRefreshTokenStore;
571
768
  export declare const createPostgresAuthorizationCodeStore: (db: AnyPgDatabase) => AuthorizationCodeStore;
769
+ export declare const createPostgresDeviceAuthorizationStore: (db: AnyPgDatabase) => DeviceAuthorizationStore;
572
770
  export declare const createPostgresOAuthClientStore: (db: AnyPgDatabase) => OAuthClientStore;
573
771
  export declare const createPostgresOidcRefreshTokenStore: (db: AnyPgDatabase) => OidcRefreshTokenStore;
package/dist/oidc/routes.d.ts CHANGED
@@ -60,6 +60,7 @@ export declare const oidcProviderRoutes: <UserType>(config: OidcProviderConfig<U
60
60
  audience?: string | undefined;
61
61
  resource?: string | undefined;
62
62
  refresh_token?: string | undefined;
63
+ device_code?: string | undefined;
63
64
  client_secret?: string | undefined;
64
65
  grant_type?: string | undefined;
65
66
  code?: string | undefined;
@@ -85,6 +86,113 @@ export declare const oidcProviderRoutes: <UserType>(config: OidcProviderConfig<U
85
86
  };
86
87
  };
87
88
  };
89
+ } & {
90
+ [x: string]: {
91
+ post: {
92
+ body: {
93
+ client_id?: string | undefined;
94
+ client_secret?: string | undefined;
95
+ token_type_hint?: string | undefined;
96
+ token: string;
97
+ };
98
+ params: {};
99
+ query: unknown;
100
+ headers: {
101
+ authorization?: string | undefined;
102
+ };
103
+ response: {
104
+ 200: Response;
105
+ 422: {
106
+ type: "validation";
107
+ on: string;
108
+ summary?: string;
109
+ message?: string;
110
+ found?: unknown;
111
+ property?: string;
112
+ expected?: string;
113
+ };
114
+ };
115
+ };
116
+ };
117
+ } & {
118
+ [x: string]: {
119
+ post: {
120
+ body: {
121
+ client_id?: string | undefined;
122
+ client_secret?: string | undefined;
123
+ token_type_hint?: string | undefined;
124
+ token: string;
125
+ };
126
+ params: {};
127
+ query: unknown;
128
+ headers: {
129
+ authorization?: string | undefined;
130
+ };
131
+ response: {
132
+ 200: Response;
133
+ 422: {
134
+ type: "validation";
135
+ on: string;
136
+ summary?: string;
137
+ message?: string;
138
+ found?: unknown;
139
+ property?: string;
140
+ expected?: string;
141
+ };
142
+ };
143
+ };
144
+ };
145
+ } & {
146
+ [x: string]: {
147
+ post: {
148
+ body: {
149
+ client_id?: string | undefined;
150
+ scope?: string | undefined;
151
+ client_secret?: string | undefined;
152
+ };
153
+ params: {};
154
+ query: unknown;
155
+ headers: {
156
+ authorization?: string | undefined;
157
+ };
158
+ response: {
159
+ 200: Response;
160
+ 422: {
161
+ type: "validation";
162
+ on: string;
163
+ summary?: string;
164
+ message?: string;
165
+ found?: unknown;
166
+ property?: string;
167
+ expected?: string;
168
+ };
169
+ };
170
+ };
171
+ };
172
+ } & {
173
+ [x: string]: {
174
+ post: {
175
+ body: {
176
+ action?: "deny" | "approve" | undefined;
177
+ user_code: string;
178
+ };
179
+ params: {};
180
+ query: unknown;
181
+ headers: unknown;
182
+ response: {
183
+ 200: Response;
184
+ 422: {
185
+ type: "validation";
186
+ on: string;
187
+ summary?: string;
188
+ message?: string;
189
+ found?: unknown;
190
+ property?: string;
191
+ expected?: string;
192
+ };
193
+ };
194
+ };
195
+ };
88
196
  } & {
89
197
  [x: string]: {
90
198
  get: {
package/dist/oidc/types.d.ts CHANGED
@@ -38,5 +38,25 @@ export type OidcRefreshToken = {
38
38
  export type OidcRefreshTokenStore = {
39
39
  consumeToken: (tokenHash: string) => Promise<OidcRefreshToken | undefined>;
40
40
  deleteForUser: (userId: string) => Promise<void>;
41
+ getToken: (tokenHash: string) => Promise<OidcRefreshToken | undefined>;
41
42
  saveToken: (token: OidcRefreshToken) => Promise<void>;
42
43
  };
44
+ export type DeviceAuthorizationStatus = 'approved' | 'denied' | 'pending';
45
+ export type DeviceAuthorization = {
46
+ clientId: string;
47
+ createdAt: number;
48
+ deviceCodeHash: string;
49
+ expiresAt: number;
50
+ intervalSeconds: number;
51
+ scopes: string[];
52
+ status: DeviceAuthorizationStatus;
53
+ userCode: string;
54
+ userSub?: string;
55
+ };
56
+ export type DeviceAuthorizationStore = {
57
+ deleteByDeviceCodeHash: (deviceCodeHash: string) => Promise<void>;
58
+ findByDeviceCodeHash: (deviceCodeHash: string) => Promise<DeviceAuthorization | undefined>;
59
+ findByUserCode: (userCode: string) => Promise<DeviceAuthorization | undefined>;
60
+ saveDeviceAuthorization: (deviceAuthorization: DeviceAuthorization) => Promise<void>;
61
+ updateStatus: (deviceCodeHash: string, status: DeviceAuthorizationStatus, userSub?: string) => Promise<void>;
62
+ };
package/dist/webhooks/config.d.ts CHANGED
@@ -1,5 +1,15 @@
1
- import type { WebhookEndpoint, WebhookEvent } from './types';
1
+ import type { WebhookDeliveryStore, WebhookEndpoint, WebhookEvent } from './types';
2
+ export declare const DEFAULT_WEBHOOK_RETRY: {
3
+ readonly attempts: 3;
4
+ readonly backoffMultiplier: 2;
5
+ readonly initialDelayMs: 1000;
6
+ };
2
7
  export declare const DEFAULT_WEBHOOK_TIMEOUT_MS: number;
8
+ export type WebhookRetryConfig = {
9
+ attempts?: number;
10
+ backoffMultiplier?: number;
11
+ initialDelayMs?: number;
12
+ };
3
13
  export type WebhookFetch = (url: string, init: {
4
14
  body: string;
5
15
  headers: Record<string, string>;
@@ -10,6 +20,7 @@ export type WebhookFetch = (url: string, init: {
10
20
  status: number;
11
21
  }>;
12
22
  export type WebhooksConfig = {
23
+ deliveryStore?: WebhookDeliveryStore;
13
24
  endpoints: WebhookEndpoint[];
14
25
  fetch?: WebhookFetch;
15
26
  onDeliveryError?: (context: {
@@ -17,5 +28,7 @@ export type WebhooksConfig = {
17
28
  error: unknown;
18
29
  event: WebhookEvent;
19
30
  }) => void | Promise<void>;
31
+ retry?: WebhookRetryConfig;
32
+ sleep?: (ms: number) => Promise<void>;
20
33
  timeoutMs?: number;
21
34
  };
package/dist/webhooks/dispatcher.d.ts CHANGED
@@ -1,3 +1,3 @@
1
1
  import type { AuditEvent } from '../audit/types';
2
2
  import { type WebhooksConfig } from './config';
3
- export declare const createWebhookDispatcher: ({ endpoints, fetch: fetchImpl, onDeliveryError, timeoutMs }: WebhooksConfig) => (event: AuditEvent) => Promise<void>;
3
+ export declare const createWebhookDispatcher: ({ deliveryStore, endpoints, fetch: fetchImpl, onDeliveryError, retry, sleep, timeoutMs }: WebhooksConfig) => (event: AuditEvent) => Promise<void>;
package/dist/webhooks/inMemoryStore.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { WebhookDeliveryStore } from './types';
2
+ export declare const createInMemoryWebhookDeliveryStore: () => WebhookDeliveryStore;
package/dist/webhooks/postgresStore.d.ts ADDED
@@ -0,0 +1,136 @@
1
+ import { type AnyPgDatabase } from '../stores/postgres';
2
+ import type { WebhookDeliveryStore, WebhookEvent } from './types';
3
+ export declare const webhookDeliveriesTable: import("drizzle-orm/pg-core").PgTableWithColumns<{
4
+ name: "auth_webhook_deliveries";
5
+ schema: undefined;
6
+ columns: {
7
+ attempts: import("drizzle-orm/pg-core").PgColumn<{
8
+ name: "attempts";
9
+ tableName: "auth_webhook_deliveries";
10
+ dataType: "number";
11
+ columnType: "PgBigInt53";
12
+ data: number;
13
+ driverParam: string | number;
14
+ notNull: true;
15
+ hasDefault: false;
16
+ isPrimaryKey: false;
17
+ isAutoincrement: false;
18
+ hasRuntimeDefault: false;
19
+ enumValues: undefined;
20
+ baseColumn: never;
21
+ identity: undefined;
22
+ generated: undefined;
23
+ }, {}, {}>;
24
+ created_at_ms: import("drizzle-orm/pg-core").PgColumn<{
25
+ name: "created_at_ms";
26
+ tableName: "auth_webhook_deliveries";
27
+ dataType: "number";
28
+ columnType: "PgBigInt53";
29
+ data: number;
30
+ driverParam: string | number;
31
+ notNull: true;
32
+ hasDefault: false;
33
+ isPrimaryKey: false;
34
+ isAutoincrement: false;
35
+ hasRuntimeDefault: false;
36
+ enumValues: undefined;
37
+ baseColumn: never;
38
+ identity: undefined;
39
+ generated: undefined;
40
+ }, {}, {}>;
41
+ endpoint_url: import("drizzle-orm/pg-core").PgColumn<{
42
+ name: "endpoint_url";
43
+ tableName: "auth_webhook_deliveries";
44
+ dataType: "string";
45
+ columnType: "PgVarchar";
46
+ data: string;
47
+ driverParam: string;
48
+ notNull: true;
49
+ hasDefault: false;
50
+ isPrimaryKey: false;
51
+ isAutoincrement: false;
52
+ hasRuntimeDefault: false;
53
+ enumValues: [string, ...string[]];
54
+ baseColumn: never;
55
+ identity: undefined;
56
+ generated: undefined;
57
+ }, {}, {
58
+ length: 2048;
59
+ }>;
60
+ envelope_id: import("drizzle-orm/pg-core").PgColumn<{
61
+ name: "envelope_id";
62
+ tableName: "auth_webhook_deliveries";
63
+ dataType: "string";
64
+ columnType: "PgVarchar";
65
+ data: string;
66
+ driverParam: string;
67
+ notNull: true;
68
+ hasDefault: false;
69
+ isPrimaryKey: true;
70
+ isAutoincrement: false;
71
+ hasRuntimeDefault: false;
72
+ enumValues: [string, ...string[]];
73
+ baseColumn: never;
74
+ identity: undefined;
75
+ generated: undefined;
76
+ }, {}, {
77
+ length: 255;
78
+ }>;
79
+ envelope_json: import("drizzle-orm/pg-core").PgColumn<{
80
+ name: "envelope_json";
81
+ tableName: "auth_webhook_deliveries";
82
+ dataType: "json";
83
+ columnType: "PgJsonb";
84
+ data: WebhookEvent;
85
+ driverParam: unknown;
86
+ notNull: true;
87
+ hasDefault: false;
88
+ isPrimaryKey: false;
89
+ isAutoincrement: false;
90
+ hasRuntimeDefault: false;
91
+ enumValues: undefined;
92
+ baseColumn: never;
93
+ identity: undefined;
94
+ generated: undefined;
95
+ }, {}, {
96
+ $type: WebhookEvent;
97
+ }>;
98
+ last_error: import("drizzle-orm/pg-core").PgColumn<{
99
+ name: "last_error";
100
+ tableName: "auth_webhook_deliveries";
101
+ dataType: "string";
102
+ columnType: "PgText";
103
+ data: string;
104
+ driverParam: string;
105
+ notNull: false;
106
+ hasDefault: false;
107
+ isPrimaryKey: false;
108
+ isAutoincrement: false;
109
+ hasRuntimeDefault: false;
110
+ enumValues: [string, ...string[]];
111
+ baseColumn: never;
112
+ identity: undefined;
113
+ generated: undefined;
114
+ }, {}, {}>;
115
+ last_status: import("drizzle-orm/pg-core").PgColumn<{
116
+ name: "last_status";
117
+ tableName: "auth_webhook_deliveries";
118
+ dataType: "number";
119
+ columnType: "PgBigInt53";
120
+ data: number;
121
+ driverParam: string | number;
122
+ notNull: false;
123
+ hasDefault: false;
124
+ isPrimaryKey: false;
125
+ isAutoincrement: false;
126
+ hasRuntimeDefault: false;
127
+ enumValues: undefined;
128
+ baseColumn: never;
129
+ identity: undefined;
130
+ generated: undefined;
131
+ }, {}, {}>;
132
+ };
133
+ dialect: "pg";
134
+ }>;
135
+ export declare const createNeonWebhookDeliveryStore: (databaseUrl: string) => WebhookDeliveryStore;
136
+ export declare const createPostgresWebhookDeliveryStore: (db: AnyPgDatabase) => WebhookDeliveryStore;
package/dist/webhooks/types.d.ts CHANGED
@@ -1,5 +1,6 @@
1
1
  import type { AuditEvent, AuditEventType } from '../audit/types';
2
2
  export type WebhookEndpoint = {
3
+ events?: readonly AuditEventType[];
3
4
  secret: string;
4
5
  url: string;
5
6
  };
@@ -9,3 +10,16 @@ export type WebhookEvent = {
9
10
  id: string;
10
11
  type: AuditEventType;
11
12
  };
13
+ export type WebhookDelivery = {
14
+ attempts: number;
15
+ createdAt: number;
16
+ endpointUrl: string;
17
+ envelope: WebhookEvent;
18
+ lastError?: string;
19
+ lastStatus?: number;
20
+ };
21
+ export type WebhookDeliveryStore = {
22
+ listFailed: (limit?: number) => Promise<WebhookDelivery[]>;
23
+ recordFailure: (delivery: WebhookDelivery) => Promise<void>;
24
+ removeFailure: (envelopeId: string) => Promise<void>;
25
+ };