@better-auth/oauth-provider 1.5.5 → 1.5.7-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/dist/client-resource.d.mts +1 -1
  2. package/dist/client-resource.mjs +3 -4
  3. package/dist/client-resource.mjs.map +1 -1
  4. package/dist/client.d.mts +1 -2
  5. package/dist/client.mjs +3 -5
  6. package/dist/client.mjs.map +1 -1
  7. package/dist/index.d.mts +2 -2
  8. package/dist/index.mjs +58 -38
  9. package/dist/index.mjs.map +1 -1
  10. package/dist/oauth-CiaEIjBG.d.mts +1879 -0
  11. package/dist/{oauth-Chk8ejPr.d.mts → oauth-DrFFxaBJ.d.mts} +6 -1
  12. package/dist/{utils-DgozotLg.mjs → utils-BpUSdl43.mjs} +12 -6
  13. package/dist/utils-BpUSdl43.mjs.map +1 -0
  14. package/package.json +7 -7
  15. package/dist/oauth-wm0HlZm9.d.mts +0 -2067
  16. package/dist/utils-DgozotLg.mjs.map +0 -1
package/dist/oauth-CiaEIjBG.d.mts ADDED
@@ -0,0 +1,1879 @@
1
+ import { c as OAuthConsent, i as OIDCMetadata, m as Scope, r as OAuthClient, t as AuthServerMetadata, u as OAuthOptions } from "./oauth-DrFFxaBJ.mjs";
2
+ import * as better_call0 from "better-call";
3
+ import * as better_auth_plugins0 from "better-auth/plugins";
4
+ import * as jose from "jose";
5
+ import * as better_auth0 from "better-auth";
6
+
7
+ //#region src/oauth.d.ts
8
+ declare module "@better-auth/core" {
9
+ interface BetterAuthPluginRegistry<AuthOptions, Options> {
10
+ "oauth-provider": {
11
+ creator: typeof oauthProvider;
12
+ };
13
+ }
14
+ }
15
+ declare const getOAuthProviderState: () => Promise<{
16
+ query?: string;
17
+ } | null>;
18
+ /**
19
+ * oAuth 2.1 provider plugin for Better Auth.
20
+ *
21
+ * @see https://better-auth.com/docs/plugins/oauth-provider
22
+ * @param options - The options for the oAuth Provider plugin.
23
+ * @returns A Better Auth plugin.
24
+ */
25
+ declare const oauthProvider: <O extends OAuthOptions<Scope[]>>(options: O) => {
26
+ id: "oauth-provider";
27
+ options: NoInfer<O>;
28
+ init: (ctx: better_auth0.AuthContext) => void;
29
+ hooks: {
30
+ before: {
31
+ matcher(ctx: better_auth0.HookEndpointContext): any;
32
+ handler: better_call0.Middleware<(inputContext: Record<string, any>) => Promise<void>>;
33
+ }[];
34
+ after: {
35
+ matcher(ctx: better_auth0.HookEndpointContext): boolean;
36
+ handler: better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
37
+ redirect: boolean;
38
+ url: string;
39
+ } | undefined>>;
40
+ }[];
41
+ };
42
+ endpoints: {
43
+ /**
44
+ * A server-only endpoint that helps provide the
45
+ * oAuth Server configuration at the well-known endpoint.
46
+ *
47
+ * Provided at /.well-known/oauth-authorization-server/[issuer-path]
48
+ * (root if no issuer-path).
49
+ */
50
+ getOAuthServerConfig: better_call0.Endpoint<"/.well-known/oauth-authorization-server", "GET", undefined, Record<string, any> | undefined, any, AuthServerMetadata, {
51
+ SERVER_ONLY: true;
52
+ }, undefined>;
53
+ /**
54
+ * A server-only endpoint that helps provide the
55
+ * OpenId configuration at the well-known endpoint.
56
+ *
57
+ * Provided at [issuer-path]/.well-known/openid-configuration
58
+ * (root if no issuer-path).
59
+ */
60
+ getOpenIdConfig: better_call0.Endpoint<"/.well-known/openid-configuration", "GET", undefined, Record<string, any> | undefined, any, Omit<OIDCMetadata, "id_token_signing_alg_values_supported"> & {
61
+ id_token_signing_alg_values_supported: better_auth_plugins0.JWSAlgorithms[] | ["HS256"];
62
+ }, {
63
+ SERVER_ONLY: true;
64
+ }, undefined>;
65
+ oauth2Authorize: better_call0.Endpoint<"/oauth2/authorize", "GET", undefined, {
66
+ response_type: "code";
67
+ client_id: string;
68
+ redirect_uri?: string | undefined;
69
+ scope?: string | undefined;
70
+ state?: string | undefined;
71
+ code_challenge?: string | undefined;
72
+ code_challenge_method?: "S256" | undefined;
73
+ nonce?: string | undefined;
74
+ prompt?: "none" | "consent" | "login" | "create" | "select_account" | "login consent" | "select_account consent" | undefined;
75
+ }, any, {
76
+ redirect: boolean;
77
+ url: string;
78
+ }, {
79
+ openapi: {
80
+ description: string;
81
+ parameters: ({
82
+ name: string;
83
+ in: "query";
84
+ required: true;
85
+ schema: {
86
+ type: "string";
87
+ format?: undefined;
88
+ };
89
+ description: string;
90
+ } | {
91
+ name: string;
92
+ in: "query";
93
+ required: false;
94
+ schema: {
95
+ type: "string";
96
+ format: string;
97
+ };
98
+ description: string;
99
+ } | {
100
+ name: string;
101
+ in: "query";
102
+ required: false;
103
+ schema: {
104
+ type: "string";
105
+ format?: undefined;
106
+ };
107
+ description: string;
108
+ })[];
109
+ responses: {
110
+ "302": {
111
+ description: string;
112
+ headers: {
113
+ Location: {
114
+ description: string;
115
+ schema: {
116
+ type: string;
117
+ format: string;
118
+ };
119
+ };
120
+ };
121
+ };
122
+ "400": {
123
+ description: string;
124
+ content: {
125
+ "application/json": {
126
+ schema: {
127
+ type: "object";
128
+ properties: {
129
+ error: {
130
+ type: string;
131
+ };
132
+ error_description: {
133
+ type: string;
134
+ };
135
+ state: {
136
+ type: string;
137
+ };
138
+ };
139
+ required: string[];
140
+ };
141
+ };
142
+ };
143
+ };
144
+ };
145
+ };
146
+ }, undefined>;
147
+ oauth2Consent: better_call0.Endpoint<"/oauth2/consent", "POST", {
148
+ accept: boolean;
149
+ scope?: string | undefined;
150
+ oauth_query?: string | undefined;
151
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
152
+ session: {
153
+ session: Record<string, any> & {
154
+ id: string;
155
+ createdAt: Date;
156
+ updatedAt: Date;
157
+ userId: string;
158
+ expiresAt: Date;
159
+ token: string;
160
+ ipAddress?: string | null | undefined;
161
+ userAgent?: string | null | undefined;
162
+ };
163
+ user: Record<string, any> & {
164
+ id: string;
165
+ createdAt: Date;
166
+ updatedAt: Date;
167
+ email: string;
168
+ emailVerified: boolean;
169
+ name: string;
170
+ image?: string | null | undefined;
171
+ };
172
+ };
173
+ }>>], {
174
+ redirect: boolean;
175
+ url: string;
176
+ }, {
177
+ openapi: {
178
+ description: string;
179
+ responses: {
180
+ "200": {
181
+ description: string;
182
+ content: {
183
+ "application/json": {
184
+ schema: {
185
+ type: "object";
186
+ properties: {
187
+ redirect_uri: {
188
+ type: string;
189
+ format: string;
190
+ description: string;
191
+ };
192
+ };
193
+ required: string[];
194
+ };
195
+ };
196
+ };
197
+ };
198
+ };
199
+ };
200
+ }, undefined>;
201
+ oauth2Continue: better_call0.Endpoint<"/oauth2/continue", "POST", {
202
+ selected?: boolean | undefined;
203
+ created?: boolean | undefined;
204
+ postLogin?: boolean | undefined;
205
+ oauth_query?: string | undefined;
206
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
207
+ session: {
208
+ session: Record<string, any> & {
209
+ id: string;
210
+ createdAt: Date;
211
+ updatedAt: Date;
212
+ userId: string;
213
+ expiresAt: Date;
214
+ token: string;
215
+ ipAddress?: string | null | undefined;
216
+ userAgent?: string | null | undefined;
217
+ };
218
+ user: Record<string, any> & {
219
+ id: string;
220
+ createdAt: Date;
221
+ updatedAt: Date;
222
+ email: string;
223
+ emailVerified: boolean;
224
+ name: string;
225
+ image?: string | null | undefined;
226
+ };
227
+ };
228
+ }>>], {
229
+ redirect: boolean;
230
+ url: string;
231
+ }, {
232
+ openapi: {
233
+ description: string;
234
+ responses: {
235
+ "200": {
236
+ description: string;
237
+ content: {
238
+ "application/json": {
239
+ schema: {
240
+ type: "object";
241
+ properties: {
242
+ redirect_uri: {
243
+ type: string;
244
+ format: string;
245
+ description: string;
246
+ };
247
+ };
248
+ required: string[];
249
+ };
250
+ };
251
+ };
252
+ };
253
+ };
254
+ };
255
+ }, undefined>;
256
+ oauth2Token: better_call0.Endpoint<"/oauth2/token", "POST", {
257
+ grant_type: "authorization_code" | "client_credentials" | "refresh_token";
258
+ client_id?: string | undefined;
259
+ client_secret?: string | undefined;
260
+ code?: string | undefined;
261
+ code_verifier?: string | undefined;
262
+ redirect_uri?: string | undefined;
263
+ refresh_token?: string | undefined;
264
+ resource?: string | undefined;
265
+ scope?: string | undefined;
266
+ }, Record<string, any> | undefined, any, {
267
+ access_token: string;
268
+ expires_in: number;
269
+ expires_at: number;
270
+ token_type: string;
271
+ scope: string;
272
+ }, {
273
+ allowedMediaTypes: string[];
274
+ openapi: {
275
+ description: string;
276
+ requestBody: {
277
+ required: boolean;
278
+ content: {
279
+ "application/json": {
280
+ schema: {
281
+ type: "object";
282
+ properties: {
283
+ grant_type: {
284
+ type: string;
285
+ enum: string[];
286
+ description: string;
287
+ };
288
+ client_id: {
289
+ type: string;
290
+ description: string;
291
+ };
292
+ client_secret: {
293
+ type: string;
294
+ description: string;
295
+ };
296
+ code: {
297
+ type: string;
298
+ description: string;
299
+ };
300
+ code_verifier: {
301
+ type: string;
302
+ description: string;
303
+ };
304
+ redirect_uri: {
305
+ type: string;
306
+ format: string;
307
+ description: string;
308
+ };
309
+ refresh_token: {
310
+ type: string;
311
+ description: string;
312
+ };
313
+ resource: {
314
+ type: string;
315
+ description: string;
316
+ };
317
+ scope: {
318
+ type: string;
319
+ description: string;
320
+ };
321
+ };
322
+ required: string[];
323
+ };
324
+ };
325
+ };
326
+ };
327
+ responses: {
328
+ "200": {
329
+ description: string;
330
+ content: {
331
+ "application/json": {
332
+ schema: {
333
+ type: "object";
334
+ properties: {
335
+ access_token: {
336
+ type: string;
337
+ description: string;
338
+ };
339
+ token_type: {
340
+ type: string;
341
+ description: string;
342
+ enum: string[];
343
+ };
344
+ expires_in: {
345
+ type: string;
346
+ description: string;
347
+ };
348
+ refresh_token: {
349
+ type: string;
350
+ description: string;
351
+ };
352
+ scope: {
353
+ type: string;
354
+ description: string;
355
+ };
356
+ id_token: {
357
+ type: string;
358
+ description: string;
359
+ };
360
+ };
361
+ required: string[];
362
+ };
363
+ };
364
+ };
365
+ };
366
+ "400": {
367
+ description: string;
368
+ content: {
369
+ "application/json": {
370
+ schema: {
371
+ type: "object";
372
+ properties: {
373
+ error: {
374
+ type: string;
375
+ };
376
+ error_description: {
377
+ type: string;
378
+ };
379
+ error_uri: {
380
+ type: string;
381
+ };
382
+ };
383
+ required: string[];
384
+ };
385
+ };
386
+ };
387
+ };
388
+ };
389
+ };
390
+ }, undefined>;
391
+ oauth2Introspect: better_call0.Endpoint<"/oauth2/introspect", "POST", {
392
+ token: string;
393
+ client_id?: string | undefined;
394
+ client_secret?: string | undefined;
395
+ token_type_hint?: "refresh_token" | "access_token" | undefined;
396
+ }, Record<string, any> | undefined, any, jose.JWTPayload, {
397
+ allowedMediaTypes: string[];
398
+ openapi: {
399
+ description: string;
400
+ requestBody: {
401
+ required: boolean;
402
+ content: {
403
+ "application/json": {
404
+ schema: {
405
+ type: "object";
406
+ properties: {
407
+ client_id: {
408
+ type: string;
409
+ description: string;
410
+ };
411
+ client_secret: {
412
+ type: string;
413
+ description: string;
414
+ };
415
+ token: {
416
+ type: string;
417
+ description: string;
418
+ };
419
+ token_type_hint: {
420
+ type: string;
421
+ enum: string[];
422
+ description: string;
423
+ };
424
+ resource: {
425
+ type: string;
426
+ description: string;
427
+ };
428
+ };
429
+ required: string[];
430
+ };
431
+ };
432
+ };
433
+ };
434
+ responses: {
435
+ "200": {
436
+ description: string;
437
+ content: {
438
+ "application/json": {
439
+ schema: {
440
+ type: "object";
441
+ properties: {
442
+ active: {
443
+ type: string;
444
+ description: string;
445
+ };
446
+ scope: {
447
+ type: string;
448
+ description: string;
449
+ };
450
+ client_id: {
451
+ type: string;
452
+ description: string;
453
+ };
454
+ username: {
455
+ type: string;
456
+ description: string;
457
+ };
458
+ token_type: {
459
+ type: string;
460
+ description: string;
461
+ };
462
+ exp: {
463
+ type: string;
464
+ description: string;
465
+ };
466
+ iat: {
467
+ type: string;
468
+ description: string;
469
+ };
470
+ nbf: {
471
+ type: string;
472
+ description: string;
473
+ };
474
+ sub: {
475
+ type: string;
476
+ description: string;
477
+ };
478
+ aud: {
479
+ type: string;
480
+ description: string;
481
+ };
482
+ iss: {
483
+ type: string;
484
+ description: string;
485
+ };
486
+ jti: {
487
+ type: string;
488
+ description: string;
489
+ };
490
+ };
491
+ required: string[];
492
+ };
493
+ };
494
+ };
495
+ };
496
+ "400": {
497
+ description: string;
498
+ content: {
499
+ "application/json": {
500
+ schema: {
501
+ type: "object";
502
+ properties: {
503
+ error: {
504
+ type: string;
505
+ };
506
+ error_description: {
507
+ type: string;
508
+ };
509
+ error_uri: {
510
+ type: string;
511
+ };
512
+ };
513
+ required: string[];
514
+ };
515
+ };
516
+ };
517
+ };
518
+ };
519
+ };
520
+ }, undefined>;
521
+ oauth2Revoke: better_call0.Endpoint<"/oauth2/revoke", "POST", {
522
+ token: string;
523
+ client_id?: string | undefined;
524
+ client_secret?: string | undefined;
525
+ token_type_hint?: "refresh_token" | "access_token" | undefined;
526
+ }, Record<string, any> | undefined, any, null | undefined, {
527
+ allowedMediaTypes: string[];
528
+ openapi: {
529
+ description: string;
530
+ requestBody: {
531
+ required: boolean;
532
+ content: {
533
+ "application/json": {
534
+ schema: {
535
+ type: "object";
536
+ properties: {
537
+ client_id: {
538
+ type: string;
539
+ description: string;
540
+ };
541
+ client_secret: {
542
+ type: string;
543
+ description: string;
544
+ };
545
+ token: {
546
+ type: string;
547
+ description: string;
548
+ };
549
+ token_type_hint: {
550
+ type: string;
551
+ enum: string[];
552
+ description: string;
553
+ };
554
+ };
555
+ required: string[];
556
+ };
557
+ };
558
+ };
559
+ };
560
+ responses: {
561
+ "200": {
562
+ description: string;
563
+ content: {
564
+ "application/json": {
565
+ schema: {
566
+ type: "object";
567
+ description: string;
568
+ };
569
+ };
570
+ };
571
+ };
572
+ "400": {
573
+ description: string;
574
+ content: {
575
+ "application/json": {
576
+ schema: {
577
+ type: "object";
578
+ properties: {
579
+ error: {
580
+ type: string;
581
+ };
582
+ error_description: {
583
+ type: string;
584
+ };
585
+ error_uri: {
586
+ type: string;
587
+ };
588
+ };
589
+ required: string[];
590
+ };
591
+ };
592
+ };
593
+ };
594
+ };
595
+ };
596
+ }, undefined>;
597
+ oauth2UserInfo: better_call0.Endpoint<"/oauth2/userinfo", "GET", undefined, Record<string, any> | undefined, any, {
598
+ email?: string | undefined;
599
+ email_verified?: boolean | undefined;
600
+ name?: string | undefined;
601
+ picture?: string | undefined;
602
+ given_name?: string | undefined;
603
+ family_name?: string | undefined;
604
+ sub: string;
605
+ }, {
606
+ openapi: {
607
+ description: string;
608
+ security: ({
609
+ bearerAuth: never[];
610
+ OAuth2?: undefined;
611
+ } | {
612
+ OAuth2: string[];
613
+ bearerAuth?: undefined;
614
+ })[];
615
+ parameters: {
616
+ name: string;
617
+ in: "header";
618
+ required: false;
619
+ schema: {
620
+ type: "string";
621
+ };
622
+ description: string;
623
+ }[];
624
+ responses: {
625
+ "200": {
626
+ description: string;
627
+ content: {
628
+ "application/json": {
629
+ schema: {
630
+ type: "object";
631
+ properties: {
632
+ sub: {
633
+ type: string;
634
+ description: string;
635
+ };
636
+ email: {
637
+ type: string;
638
+ format: string;
639
+ nullable: boolean;
640
+ description: string;
641
+ };
642
+ name: {
643
+ type: string;
644
+ nullable: boolean;
645
+ description: string;
646
+ };
647
+ picture: {
648
+ type: string;
649
+ format: string;
650
+ nullable: boolean;
651
+ description: string;
652
+ };
653
+ given_name: {
654
+ type: string;
655
+ nullable: boolean;
656
+ description: string;
657
+ };
658
+ family_name: {
659
+ type: string;
660
+ nullable: boolean;
661
+ description: string;
662
+ };
663
+ email_verified: {
664
+ type: string;
665
+ nullable: boolean;
666
+ description: string;
667
+ };
668
+ };
669
+ required: string[];
670
+ };
671
+ };
672
+ };
673
+ };
674
+ "401": {
675
+ description: string;
676
+ content: {
677
+ "application/json": {
678
+ schema: {
679
+ type: "object";
680
+ properties: {
681
+ error: {
682
+ type: string;
683
+ };
684
+ error_description: {
685
+ type: string;
686
+ };
687
+ };
688
+ required: string[];
689
+ };
690
+ };
691
+ };
692
+ };
693
+ "403": {
694
+ description: string;
695
+ content: {
696
+ "application/json": {
697
+ schema: {
698
+ type: "object";
699
+ properties: {
700
+ error: {
701
+ type: string;
702
+ };
703
+ error_description: {
704
+ type: string;
705
+ };
706
+ };
707
+ required: string[];
708
+ };
709
+ };
710
+ };
711
+ };
712
+ };
713
+ };
714
+ }, undefined>;
715
+ oauth2EndSession: better_call0.Endpoint<"/oauth2/end-session", "GET", undefined, {
716
+ id_token_hint: string;
717
+ client_id?: string | undefined;
718
+ post_logout_redirect_uri?: string | undefined;
719
+ state?: string | undefined;
720
+ }, any, {
721
+ redirect: boolean;
722
+ url: string;
723
+ } | undefined, {
724
+ openapi: {
725
+ description: string;
726
+ responses: {
727
+ "200": {
728
+ description: string;
729
+ content: {
730
+ "application/json": {
731
+ schema: {
732
+ type: "object";
733
+ properties: {
734
+ redirect_uri: {
735
+ type: string;
736
+ format: string;
737
+ description: string;
738
+ };
739
+ message: {
740
+ type: string;
741
+ description: string;
742
+ };
743
+ };
744
+ };
745
+ };
746
+ };
747
+ };
748
+ };
749
+ };
750
+ }, undefined>;
751
+ registerOAuthClient: better_call0.Endpoint<"/oauth2/register", "POST", {
752
+ redirect_uris: string[];
753
+ scope?: string | undefined;
754
+ client_name?: string | undefined;
755
+ client_uri?: string | undefined;
756
+ logo_uri?: string | undefined;
757
+ contacts?: string[] | undefined;
758
+ tos_uri?: string | undefined;
759
+ policy_uri?: string | undefined;
760
+ software_id?: string | undefined;
761
+ software_version?: string | undefined;
762
+ software_statement?: string | undefined;
763
+ post_logout_redirect_uris?: string[] | undefined;
764
+ token_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_post" | undefined;
765
+ grant_types?: ("authorization_code" | "client_credentials" | "refresh_token")[] | undefined;
766
+ response_types?: "code"[] | undefined;
767
+ type?: "web" | "native" | "user-agent-based" | undefined;
768
+ subject_type?: "public" | "pairwise" | undefined;
769
+ }, Record<string, any> | undefined, any, OAuthClient, {
770
+ openapi: {
771
+ description: string;
772
+ responses: {
773
+ "200": {
774
+ description: string;
775
+ content: {
776
+ "application/json": {
777
+ schema: {
778
+ /** @returns {OauthClient} */type: "object";
779
+ properties: {
780
+ client_id: {
781
+ type: string;
782
+ description: string;
783
+ };
784
+ client_secret: {
785
+ type: string;
786
+ description: string;
787
+ };
788
+ client_secret_expires_at: {
789
+ type: string;
790
+ description: string;
791
+ };
792
+ scope: {
793
+ type: string;
794
+ description: string;
795
+ };
796
+ user_id: {
797
+ type: string;
798
+ description: string;
799
+ };
800
+ client_id_issued_at: {
801
+ type: string;
802
+ description: string;
803
+ };
804
+ client_name: {
805
+ type: string;
806
+ description: string;
807
+ };
808
+ client_uri: {
809
+ type: string;
810
+ description: string;
811
+ };
812
+ logo_uri: {
813
+ type: string;
814
+ description: string;
815
+ };
816
+ contacts: {
817
+ type: string;
818
+ items: {
819
+ type: string;
820
+ };
821
+ description: string;
822
+ };
823
+ tos_uri: {
824
+ type: string;
825
+ description: string;
826
+ };
827
+ policy_uri: {
828
+ type: string;
829
+ description: string;
830
+ };
831
+ software_id: {
832
+ type: string;
833
+ description: string;
834
+ };
835
+ software_version: {
836
+ type: string;
837
+ description: string;
838
+ };
839
+ software_statement: {
840
+ type: string;
841
+ description: string;
842
+ };
843
+ redirect_uris: {
844
+ type: string;
845
+ items: {
846
+ type: string;
847
+ format: string;
848
+ };
849
+ description: string;
850
+ };
851
+ post_logout_redirect_uris: {
852
+ type: string;
853
+ items: {
854
+ type: string;
855
+ format: string;
856
+ };
857
+ description: string;
858
+ };
859
+ token_endpoint_auth_method: {
860
+ type: string;
861
+ description: string;
862
+ enum: string[];
863
+ };
864
+ grant_types: {
865
+ type: string;
866
+ items: {
867
+ type: string;
868
+ enum: string[];
869
+ };
870
+ description: string;
871
+ };
872
+ response_types: {
873
+ type: string;
874
+ items: {
875
+ type: string;
876
+ enum: string[];
877
+ };
878
+ description: string;
879
+ };
880
+ public: {
881
+ type: string;
882
+ description: string;
883
+ };
884
+ type: {
885
+ type: string;
886
+ description: string;
887
+ enum: string[];
888
+ };
889
+ disabled: {
890
+ type: string;
891
+ description: string;
892
+ };
893
+ };
894
+ required: string[];
895
+ };
896
+ };
897
+ };
898
+ };
899
+ };
900
+ };
901
+ }, undefined>;
902
+ adminCreateOAuthClient: better_call0.Endpoint<"/admin/oauth2/create-client", "POST", {
903
+ redirect_uris: string[];
904
+ scope?: string | undefined;
905
+ client_name?: string | undefined;
906
+ client_uri?: string | undefined;
907
+ logo_uri?: string | undefined;
908
+ contacts?: string[] | undefined;
909
+ tos_uri?: string | undefined;
910
+ policy_uri?: string | undefined;
911
+ software_id?: string | undefined;
912
+ software_version?: string | undefined;
913
+ software_statement?: string | undefined;
914
+ post_logout_redirect_uris?: string[] | undefined;
915
+ token_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_post" | undefined;
916
+ grant_types?: ("authorization_code" | "client_credentials" | "refresh_token")[] | undefined;
917
+ response_types?: "code"[] | undefined;
918
+ type?: "web" | "native" | "user-agent-based" | undefined;
919
+ client_secret_expires_at?: string | number | undefined;
920
+ skip_consent?: boolean | undefined;
921
+ enable_end_session?: boolean | undefined;
922
+ require_pkce?: boolean | undefined;
923
+ subject_type?: "public" | "pairwise" | undefined;
924
+ metadata?: Record<string, unknown> | undefined;
925
+ }, Record<string, any> | undefined, [], OAuthClient, {
926
+ SERVER_ONLY: true;
927
+ openapi: {
928
+ description: string;
929
+ responses: {
930
+ "200": {
931
+ description: string;
932
+ content: {
933
+ "application/json": {
934
+ schema: {
935
+ type: "object";
936
+ properties: {
937
+ client_id: {
938
+ type: string;
939
+ description: string;
940
+ };
941
+ client_secret: {
942
+ type: string;
943
+ description: string;
944
+ };
945
+ client_secret_expires_at: {
946
+ type: string;
947
+ description: string;
948
+ };
949
+ scope: {
950
+ type: string;
951
+ description: string;
952
+ };
953
+ user_id: {
954
+ type: string;
955
+ description: string;
956
+ };
957
+ client_id_issued_at: {
958
+ type: string;
959
+ description: string;
960
+ };
961
+ client_name: {
962
+ type: string;
963
+ description: string;
964
+ };
965
+ client_uri: {
966
+ type: string;
967
+ description: string;
968
+ };
969
+ logo_uri: {
970
+ type: string;
971
+ description: string;
972
+ };
973
+ contacts: {
974
+ type: string;
975
+ items: {
976
+ type: string;
977
+ };
978
+ description: string;
979
+ };
980
+ tos_uri: {
981
+ type: string;
982
+ description: string;
983
+ };
984
+ policy_uri: {
985
+ type: string;
986
+ description: string;
987
+ };
988
+ software_id: {
989
+ type: string;
990
+ description: string;
991
+ };
992
+ software_version: {
993
+ type: string;
994
+ description: string;
995
+ };
996
+ software_statement: {
997
+ type: string;
998
+ description: string;
999
+ };
1000
+ redirect_uris: {
1001
+ type: string;
1002
+ items: {
1003
+ type: string;
1004
+ format: string;
1005
+ };
1006
+ description: string;
1007
+ };
1008
+ token_endpoint_auth_method: {
1009
+ type: string;
1010
+ description: string;
1011
+ enum: string[];
1012
+ };
1013
+ grant_types: {
1014
+ type: string;
1015
+ items: {
1016
+ type: string;
1017
+ enum: string[];
1018
+ };
1019
+ description: string;
1020
+ };
1021
+ response_types: {
1022
+ type: string;
1023
+ items: {
1024
+ type: string;
1025
+ enum: string[];
1026
+ };
1027
+ description: string;
1028
+ };
1029
+ public: {
1030
+ type: string;
1031
+ description: string;
1032
+ };
1033
+ type: {
1034
+ type: string;
1035
+ description: string;
1036
+ enum: string[];
1037
+ };
1038
+ disabled: {
1039
+ type: string;
1040
+ description: string;
1041
+ };
1042
+ require_pkce: {
1043
+ type: string;
1044
+ description: string;
1045
+ default: boolean;
1046
+ };
1047
+ metadata: {
1048
+ type: string;
1049
+ additionalProperties: boolean;
1050
+ nullable: boolean;
1051
+ description: string;
1052
+ };
1053
+ };
1054
+ required: string[];
1055
+ };
1056
+ };
1057
+ };
1058
+ };
1059
+ };
1060
+ };
1061
+ }, undefined>;
1062
+ createOAuthClient: better_call0.Endpoint<"/oauth2/create-client", "POST", {
1063
+ redirect_uris: string[];
1064
+ scope?: string | undefined;
1065
+ client_name?: string | undefined;
1066
+ client_uri?: string | undefined;
1067
+ logo_uri?: string | undefined;
1068
+ contacts?: string[] | undefined;
1069
+ tos_uri?: string | undefined;
1070
+ policy_uri?: string | undefined;
1071
+ software_id?: string | undefined;
1072
+ software_version?: string | undefined;
1073
+ software_statement?: string | undefined;
1074
+ post_logout_redirect_uris?: string[] | undefined;
1075
+ token_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_post" | undefined;
1076
+ grant_types?: ("authorization_code" | "client_credentials" | "refresh_token")[] | undefined;
1077
+ response_types?: "code"[] | undefined;
1078
+ type?: "web" | "native" | "user-agent-based" | undefined;
1079
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1080
+ session: {
1081
+ session: Record<string, any> & {
1082
+ id: string;
1083
+ createdAt: Date;
1084
+ updatedAt: Date;
1085
+ userId: string;
1086
+ expiresAt: Date;
1087
+ token: string;
1088
+ ipAddress?: string | null | undefined;
1089
+ userAgent?: string | null | undefined;
1090
+ };
1091
+ user: Record<string, any> & {
1092
+ id: string;
1093
+ createdAt: Date;
1094
+ updatedAt: Date;
1095
+ email: string;
1096
+ emailVerified: boolean;
1097
+ name: string;
1098
+ image?: string | null | undefined;
1099
+ };
1100
+ };
1101
+ }>>], OAuthClient, {
1102
+ openapi: {
1103
+ description: string;
1104
+ responses: {
1105
+ "200": {
1106
+ description: string;
1107
+ content: {
1108
+ "application/json": {
1109
+ schema: {
1110
+ type: "object";
1111
+ properties: {
1112
+ client_id: {
1113
+ type: string;
1114
+ description: string;
1115
+ };
1116
+ client_secret: {
1117
+ type: string;
1118
+ description: string;
1119
+ };
1120
+ client_secret_expires_at: {
1121
+ type: string;
1122
+ description: string;
1123
+ };
1124
+ scope: {
1125
+ type: string;
1126
+ description: string;
1127
+ };
1128
+ user_id: {
1129
+ type: string;
1130
+ description: string;
1131
+ };
1132
+ client_id_issued_at: {
1133
+ type: string;
1134
+ description: string;
1135
+ };
1136
+ client_name: {
1137
+ type: string;
1138
+ description: string;
1139
+ };
1140
+ client_uri: {
1141
+ type: string;
1142
+ description: string;
1143
+ };
1144
+ logo_uri: {
1145
+ type: string;
1146
+ description: string;
1147
+ };
1148
+ contacts: {
1149
+ type: string;
1150
+ items: {
1151
+ type: string;
1152
+ };
1153
+ description: string;
1154
+ };
1155
+ tos_uri: {
1156
+ type: string;
1157
+ description: string;
1158
+ };
1159
+ policy_uri: {
1160
+ type: string;
1161
+ description: string;
1162
+ };
1163
+ software_id: {
1164
+ type: string;
1165
+ description: string;
1166
+ };
1167
+ software_version: {
1168
+ type: string;
1169
+ description: string;
1170
+ };
1171
+ software_statement: {
1172
+ type: string;
1173
+ description: string;
1174
+ };
1175
+ redirect_uris: {
1176
+ type: string;
1177
+ items: {
1178
+ type: string;
1179
+ format: string;
1180
+ };
1181
+ description: string;
1182
+ };
1183
+ token_endpoint_auth_method: {
1184
+ type: string;
1185
+ description: string;
1186
+ enum: string[];
1187
+ };
1188
+ grant_types: {
1189
+ type: string;
1190
+ items: {
1191
+ type: string;
1192
+ enum: string[];
1193
+ };
1194
+ description: string;
1195
+ };
1196
+ response_types: {
1197
+ type: string;
1198
+ items: {
1199
+ type: string;
1200
+ enum: string[];
1201
+ };
1202
+ description: string;
1203
+ };
1204
+ public: {
1205
+ type: string;
1206
+ description: string;
1207
+ };
1208
+ type: {
1209
+ type: string;
1210
+ description: string;
1211
+ enum: string[];
1212
+ };
1213
+ disabled: {
1214
+ type: string;
1215
+ description: string;
1216
+ };
1217
+ metadata: {
1218
+ type: string;
1219
+ additionalProperties: boolean;
1220
+ nullable: boolean;
1221
+ description: string;
1222
+ };
1223
+ };
1224
+ required: string[];
1225
+ };
1226
+ };
1227
+ };
1228
+ };
1229
+ };
1230
+ };
1231
+ }, undefined>;
1232
+ getOAuthClient: better_call0.Endpoint<"/oauth2/get-client", "GET", undefined, {
1233
+ client_id: string;
1234
+ }, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1235
+ session: {
1236
+ session: Record<string, any> & {
1237
+ id: string;
1238
+ createdAt: Date;
1239
+ updatedAt: Date;
1240
+ userId: string;
1241
+ expiresAt: Date;
1242
+ token: string;
1243
+ ipAddress?: string | null | undefined;
1244
+ userAgent?: string | null | undefined;
1245
+ };
1246
+ user: Record<string, any> & {
1247
+ id: string;
1248
+ createdAt: Date;
1249
+ updatedAt: Date;
1250
+ email: string;
1251
+ emailVerified: boolean;
1252
+ name: string;
1253
+ image?: string | null | undefined;
1254
+ };
1255
+ };
1256
+ }>>], OAuthClient, {
1257
+ openapi: {
1258
+ description: string;
1259
+ };
1260
+ }, undefined>;
1261
+ getOAuthClientPublic: better_call0.Endpoint<"/oauth2/public-client", "GET", undefined, {
1262
+ client_id: string;
1263
+ }, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1264
+ session: {
1265
+ session: Record<string, any> & {
1266
+ id: string;
1267
+ createdAt: Date;
1268
+ updatedAt: Date;
1269
+ userId: string;
1270
+ expiresAt: Date;
1271
+ token: string;
1272
+ ipAddress?: string | null | undefined;
1273
+ userAgent?: string | null | undefined;
1274
+ };
1275
+ user: Record<string, any> & {
1276
+ id: string;
1277
+ createdAt: Date;
1278
+ updatedAt: Date;
1279
+ email: string;
1280
+ emailVerified: boolean;
1281
+ name: string;
1282
+ image?: string | null | undefined;
1283
+ };
1284
+ };
1285
+ }>>], OAuthClient, {
1286
+ openapi: {
1287
+ description: string;
1288
+ };
1289
+ }, undefined>;
1290
+ getOAuthClientPublicPrelogin: better_call0.Endpoint<"/oauth2/public-client-prelogin", "POST", {
1291
+ client_id: string;
1292
+ oauth_query?: string | undefined;
1293
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<void>>], OAuthClient, {
1294
+ openapi: {
1295
+ description: string;
1296
+ };
1297
+ }, undefined>;
1298
+ getOAuthClients: better_call0.Endpoint<"/oauth2/get-clients", "GET", undefined, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1299
+ session: {
1300
+ session: Record<string, any> & {
1301
+ id: string;
1302
+ createdAt: Date;
1303
+ updatedAt: Date;
1304
+ userId: string;
1305
+ expiresAt: Date;
1306
+ token: string;
1307
+ ipAddress?: string | null | undefined;
1308
+ userAgent?: string | null | undefined;
1309
+ };
1310
+ user: Record<string, any> & {
1311
+ id: string;
1312
+ createdAt: Date;
1313
+ updatedAt: Date;
1314
+ email: string;
1315
+ emailVerified: boolean;
1316
+ name: string;
1317
+ image?: string | null | undefined;
1318
+ };
1319
+ };
1320
+ }>>], OAuthClient[] | null, {
1321
+ openapi: {
1322
+ description: string;
1323
+ };
1324
+ }, undefined>;
1325
+ adminUpdateOAuthClient: better_call0.Endpoint<"/admin/oauth2/update-client", "PATCH", {
1326
+ client_id: string;
1327
+ update: {
1328
+ redirect_uris?: string[] | undefined;
1329
+ scope?: string | undefined;
1330
+ client_name?: string | undefined;
1331
+ client_uri?: string | undefined;
1332
+ logo_uri?: string | undefined;
1333
+ contacts?: string[] | undefined;
1334
+ tos_uri?: string | undefined;
1335
+ policy_uri?: string | undefined;
1336
+ software_id?: string | undefined;
1337
+ software_version?: string | undefined;
1338
+ software_statement?: string | undefined;
1339
+ post_logout_redirect_uris?: string[] | undefined;
1340
+ grant_types?: ("authorization_code" | "client_credentials" | "refresh_token")[] | undefined;
1341
+ response_types?: "code"[] | undefined;
1342
+ type?: "web" | "native" | "user-agent-based" | undefined;
1343
+ client_secret_expires_at?: string | number | undefined;
1344
+ skip_consent?: boolean | undefined;
1345
+ enable_end_session?: boolean | undefined;
1346
+ metadata?: Record<string, unknown> | undefined;
1347
+ };
1348
+ }, Record<string, any> | undefined, [], OAuthClient, {
1349
+ SERVER_ONLY: true;
1350
+ openapi: {
1351
+ description: string;
1352
+ };
1353
+ }, undefined>;
1354
+ updateOAuthClient: better_call0.Endpoint<"/oauth2/update-client", "POST", {
1355
+ client_id: string;
1356
+ update: {
1357
+ redirect_uris?: string[] | undefined;
1358
+ scope?: string | undefined;
1359
+ client_name?: string | undefined;
1360
+ client_uri?: string | undefined;
1361
+ logo_uri?: string | undefined;
1362
+ contacts?: string[] | undefined;
1363
+ tos_uri?: string | undefined;
1364
+ policy_uri?: string | undefined;
1365
+ software_id?: string | undefined;
1366
+ software_version?: string | undefined;
1367
+ software_statement?: string | undefined;
1368
+ post_logout_redirect_uris?: string[] | undefined;
1369
+ grant_types?: ("authorization_code" | "client_credentials" | "refresh_token")[] | undefined;
1370
+ response_types?: "code"[] | undefined;
1371
+ type?: "web" | "native" | "user-agent-based" | undefined;
1372
+ };
1373
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1374
+ session: {
1375
+ session: Record<string, any> & {
1376
+ id: string;
1377
+ createdAt: Date;
1378
+ updatedAt: Date;
1379
+ userId: string;
1380
+ expiresAt: Date;
1381
+ token: string;
1382
+ ipAddress?: string | null | undefined;
1383
+ userAgent?: string | null | undefined;
1384
+ };
1385
+ user: Record<string, any> & {
1386
+ id: string;
1387
+ createdAt: Date;
1388
+ updatedAt: Date;
1389
+ email: string;
1390
+ emailVerified: boolean;
1391
+ name: string;
1392
+ image?: string | null | undefined;
1393
+ };
1394
+ };
1395
+ }>>], OAuthClient, {
1396
+ openapi: {
1397
+ description: string;
1398
+ };
1399
+ }, undefined>;
1400
+ rotateClientSecret: better_call0.Endpoint<"/oauth2/client/rotate-secret", "POST", {
1401
+ client_id: string;
1402
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1403
+ session: {
1404
+ session: Record<string, any> & {
1405
+ id: string;
1406
+ createdAt: Date;
1407
+ updatedAt: Date;
1408
+ userId: string;
1409
+ expiresAt: Date;
1410
+ token: string;
1411
+ ipAddress?: string | null | undefined;
1412
+ userAgent?: string | null | undefined;
1413
+ };
1414
+ user: Record<string, any> & {
1415
+ id: string;
1416
+ createdAt: Date;
1417
+ updatedAt: Date;
1418
+ email: string;
1419
+ emailVerified: boolean;
1420
+ name: string;
1421
+ image?: string | null | undefined;
1422
+ };
1423
+ };
1424
+ }>>], OAuthClient, {
1425
+ openapi: {
1426
+ description: string;
1427
+ };
1428
+ }, undefined>;
1429
+ deleteOAuthClient: better_call0.Endpoint<"/oauth2/delete-client", "POST", {
1430
+ client_id: string;
1431
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1432
+ session: {
1433
+ session: Record<string, any> & {
1434
+ id: string;
1435
+ createdAt: Date;
1436
+ updatedAt: Date;
1437
+ userId: string;
1438
+ expiresAt: Date;
1439
+ token: string;
1440
+ ipAddress?: string | null | undefined;
1441
+ userAgent?: string | null | undefined;
1442
+ };
1443
+ user: Record<string, any> & {
1444
+ id: string;
1445
+ createdAt: Date;
1446
+ updatedAt: Date;
1447
+ email: string;
1448
+ emailVerified: boolean;
1449
+ name: string;
1450
+ image?: string | null | undefined;
1451
+ };
1452
+ };
1453
+ }>>], void, {
1454
+ openapi: {
1455
+ description: string;
1456
+ };
1457
+ }, undefined>;
1458
+ getOAuthConsent: better_call0.Endpoint<"/oauth2/get-consent", "GET", undefined, {
1459
+ id: string;
1460
+ }, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1461
+ session: {
1462
+ session: Record<string, any> & {
1463
+ id: string;
1464
+ createdAt: Date;
1465
+ updatedAt: Date;
1466
+ userId: string;
1467
+ expiresAt: Date;
1468
+ token: string;
1469
+ ipAddress?: string | null | undefined;
1470
+ userAgent?: string | null | undefined;
1471
+ };
1472
+ user: Record<string, any> & {
1473
+ id: string;
1474
+ createdAt: Date;
1475
+ updatedAt: Date;
1476
+ email: string;
1477
+ emailVerified: boolean;
1478
+ name: string;
1479
+ image?: string | null | undefined;
1480
+ };
1481
+ };
1482
+ }>>], OAuthConsent<Scope[]>, {
1483
+ openapi: {
1484
+ description: string;
1485
+ };
1486
+ }, undefined>;
1487
+ getOAuthConsents: better_call0.Endpoint<"/oauth2/get-consents", "GET", undefined, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1488
+ session: {
1489
+ session: Record<string, any> & {
1490
+ id: string;
1491
+ createdAt: Date;
1492
+ updatedAt: Date;
1493
+ userId: string;
1494
+ expiresAt: Date;
1495
+ token: string;
1496
+ ipAddress?: string | null | undefined;
1497
+ userAgent?: string | null | undefined;
1498
+ };
1499
+ user: Record<string, any> & {
1500
+ id: string;
1501
+ createdAt: Date;
1502
+ updatedAt: Date;
1503
+ email: string;
1504
+ emailVerified: boolean;
1505
+ name: string;
1506
+ image?: string | null | undefined;
1507
+ };
1508
+ };
1509
+ }>>], OAuthConsent<Scope[]>[], {
1510
+ openapi: {
1511
+ description: string;
1512
+ };
1513
+ }, undefined>;
1514
+ updateOAuthConsent: better_call0.Endpoint<"/oauth2/update-consent", "POST", {
1515
+ id: string;
1516
+ update: {
1517
+ scopes: string[];
1518
+ };
1519
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1520
+ session: {
1521
+ session: Record<string, any> & {
1522
+ id: string;
1523
+ createdAt: Date;
1524
+ updatedAt: Date;
1525
+ userId: string;
1526
+ expiresAt: Date;
1527
+ token: string;
1528
+ ipAddress?: string | null | undefined;
1529
+ userAgent?: string | null | undefined;
1530
+ };
1531
+ user: Record<string, any> & {
1532
+ id: string;
1533
+ createdAt: Date;
1534
+ updatedAt: Date;
1535
+ email: string;
1536
+ emailVerified: boolean;
1537
+ name: string;
1538
+ image?: string | null | undefined;
1539
+ };
1540
+ };
1541
+ }>>], OAuthConsent<Scope[]> | null, {
1542
+ openapi: {
1543
+ description: string;
1544
+ };
1545
+ }, undefined>;
1546
+ deleteOAuthConsent: better_call0.Endpoint<"/oauth2/delete-consent", "POST", {
1547
+ id: string;
1548
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1549
+ session: {
1550
+ session: Record<string, any> & {
1551
+ id: string;
1552
+ createdAt: Date;
1553
+ updatedAt: Date;
1554
+ userId: string;
1555
+ expiresAt: Date;
1556
+ token: string;
1557
+ ipAddress?: string | null | undefined;
1558
+ userAgent?: string | null | undefined;
1559
+ };
1560
+ user: Record<string, any> & {
1561
+ id: string;
1562
+ createdAt: Date;
1563
+ updatedAt: Date;
1564
+ email: string;
1565
+ emailVerified: boolean;
1566
+ name: string;
1567
+ image?: string | null | undefined;
1568
+ };
1569
+ };
1570
+ }>>], void, {
1571
+ openapi: {
1572
+ description: string;
1573
+ };
1574
+ }, undefined>;
1575
+ };
1576
+ schema: {
1577
+ oauthClient: {
1578
+ modelName: string;
1579
+ fields: {
1580
+ clientId: {
1581
+ type: "string";
1582
+ unique: true;
1583
+ required: true;
1584
+ };
1585
+ clientSecret: {
1586
+ type: "string";
1587
+ required: false;
1588
+ };
1589
+ disabled: {
1590
+ type: "boolean";
1591
+ defaultValue: false;
1592
+ required: false;
1593
+ };
1594
+ skipConsent: {
1595
+ type: "boolean";
1596
+ required: false;
1597
+ };
1598
+ enableEndSession: {
1599
+ type: "boolean";
1600
+ required: false;
1601
+ };
1602
+ subjectType: {
1603
+ type: "string";
1604
+ required: false;
1605
+ };
1606
+ scopes: {
1607
+ type: "string[]";
1608
+ required: false;
1609
+ };
1610
+ userId: {
1611
+ type: "string";
1612
+ required: false;
1613
+ references: {
1614
+ model: string;
1615
+ field: string;
1616
+ };
1617
+ };
1618
+ createdAt: {
1619
+ type: "date";
1620
+ required: false;
1621
+ };
1622
+ updatedAt: {
1623
+ type: "date";
1624
+ required: false;
1625
+ };
1626
+ name: {
1627
+ type: "string";
1628
+ required: false;
1629
+ };
1630
+ uri: {
1631
+ type: "string";
1632
+ required: false;
1633
+ };
1634
+ icon: {
1635
+ type: "string";
1636
+ required: false;
1637
+ };
1638
+ contacts: {
1639
+ type: "string[]";
1640
+ required: false;
1641
+ };
1642
+ tos: {
1643
+ type: "string";
1644
+ required: false;
1645
+ };
1646
+ policy: {
1647
+ type: "string";
1648
+ required: false;
1649
+ };
1650
+ softwareId: {
1651
+ type: "string";
1652
+ required: false;
1653
+ };
1654
+ softwareVersion: {
1655
+ type: "string";
1656
+ required: false;
1657
+ };
1658
+ softwareStatement: {
1659
+ type: "string";
1660
+ required: false;
1661
+ };
1662
+ redirectUris: {
1663
+ type: "string[]";
1664
+ required: true;
1665
+ };
1666
+ postLogoutRedirectUris: {
1667
+ type: "string[]";
1668
+ required: false;
1669
+ };
1670
+ tokenEndpointAuthMethod: {
1671
+ type: "string";
1672
+ required: false;
1673
+ };
1674
+ grantTypes: {
1675
+ type: "string[]";
1676
+ required: false;
1677
+ };
1678
+ responseTypes: {
1679
+ type: "string[]";
1680
+ required: false;
1681
+ };
1682
+ public: {
1683
+ type: "boolean";
1684
+ required: false;
1685
+ };
1686
+ type: {
1687
+ type: "string";
1688
+ required: false;
1689
+ };
1690
+ requirePKCE: {
1691
+ type: "boolean";
1692
+ required: false;
1693
+ };
1694
+ referenceId: {
1695
+ type: "string";
1696
+ required: false;
1697
+ };
1698
+ metadata: {
1699
+ type: "json";
1700
+ required: false;
1701
+ };
1702
+ };
1703
+ };
1704
+ oauthRefreshToken: {
1705
+ fields: {
1706
+ token: {
1707
+ type: "string";
1708
+ required: true;
1709
+ };
1710
+ clientId: {
1711
+ type: "string";
1712
+ required: true;
1713
+ references: {
1714
+ model: string;
1715
+ field: string;
1716
+ };
1717
+ };
1718
+ sessionId: {
1719
+ type: "string";
1720
+ required: false;
1721
+ references: {
1722
+ model: string;
1723
+ field: string;
1724
+ onDelete: "set null";
1725
+ };
1726
+ };
1727
+ userId: {
1728
+ type: "string";
1729
+ required: true;
1730
+ references: {
1731
+ model: string;
1732
+ field: string;
1733
+ };
1734
+ };
1735
+ referenceId: {
1736
+ type: "string";
1737
+ required: false;
1738
+ };
1739
+ expiresAt: {
1740
+ type: "date";
1741
+ };
1742
+ createdAt: {
1743
+ type: "date";
1744
+ };
1745
+ revoked: {
1746
+ type: "date";
1747
+ required: false;
1748
+ };
1749
+ authTime: {
1750
+ type: "date";
1751
+ required: false;
1752
+ };
1753
+ scopes: {
1754
+ type: "string[]";
1755
+ required: true;
1756
+ };
1757
+ };
1758
+ };
1759
+ oauthAccessToken: {
1760
+ modelName: string;
1761
+ fields: {
1762
+ token: {
1763
+ type: "string";
1764
+ unique: true;
1765
+ };
1766
+ clientId: {
1767
+ type: "string";
1768
+ required: true;
1769
+ references: {
1770
+ model: string;
1771
+ field: string;
1772
+ };
1773
+ };
1774
+ sessionId: {
1775
+ type: "string";
1776
+ required: false;
1777
+ references: {
1778
+ model: string;
1779
+ field: string;
1780
+ onDelete: "set null";
1781
+ };
1782
+ };
1783
+ userId: {
1784
+ type: "string";
1785
+ required: false;
1786
+ references: {
1787
+ model: string;
1788
+ field: string;
1789
+ };
1790
+ };
1791
+ referenceId: {
1792
+ type: "string";
1793
+ required: false;
1794
+ };
1795
+ refreshId: {
1796
+ type: "string";
1797
+ required: false;
1798
+ references: {
1799
+ model: string;
1800
+ field: string;
1801
+ };
1802
+ };
1803
+ expiresAt: {
1804
+ type: "date";
1805
+ };
1806
+ createdAt: {
1807
+ type: "date";
1808
+ };
1809
+ scopes: {
1810
+ type: "string[]";
1811
+ required: true;
1812
+ };
1813
+ };
1814
+ };
1815
+ oauthConsent: {
1816
+ modelName: string;
1817
+ fields: {
1818
+ clientId: {
1819
+ type: "string";
1820
+ required: true;
1821
+ references: {
1822
+ model: string;
1823
+ field: string;
1824
+ };
1825
+ };
1826
+ userId: {
1827
+ type: "string";
1828
+ required: false;
1829
+ references: {
1830
+ model: string;
1831
+ field: string;
1832
+ };
1833
+ };
1834
+ referenceId: {
1835
+ type: "string";
1836
+ required: false;
1837
+ };
1838
+ scopes: {
1839
+ type: "string[]";
1840
+ required: true;
1841
+ };
1842
+ createdAt: {
1843
+ type: "date";
1844
+ };
1845
+ updatedAt: {
1846
+ type: "date";
1847
+ };
1848
+ };
1849
+ };
1850
+ };
1851
+ rateLimit: ({
1852
+ pathMatcher: (path: string) => path is "/oauth2/token";
1853
+ window: number;
1854
+ max: number;
1855
+ } | {
1856
+ pathMatcher: (path: string) => path is "/oauth2/authorize";
1857
+ window: number;
1858
+ max: number;
1859
+ } | {
1860
+ pathMatcher: (path: string) => path is "/oauth2/introspect";
1861
+ window: number;
1862
+ max: number;
1863
+ } | {
1864
+ pathMatcher: (path: string) => path is "/oauth2/revoke";
1865
+ window: number;
1866
+ max: number;
1867
+ } | {
1868
+ pathMatcher: (path: string) => path is "/oauth2/register";
1869
+ window: number;
1870
+ max: number;
1871
+ } | {
1872
+ pathMatcher: (path: string) => path is "/oauth2/userinfo";
1873
+ window: number;
1874
+ max: number;
1875
+ })[];
1876
+ };
1877
+ //#endregion
1878
+ export { oauthProvider as n, getOAuthProviderState as t };
1879
+ //# sourceMappingURL=oauth-CiaEIjBG.d.mts.map