@better-auth/oauth-provider 1.5.6 → 1.6.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/dist/client-resource.d.mts +2 -2
  2. package/dist/client-resource.mjs +3 -4
  3. package/dist/client.d.mts +3 -3
  4. package/dist/client.mjs +2 -3
  5. package/dist/index.d.mts +2 -3
  6. package/dist/index.mjs +34 -39
  7. package/dist/oauth-4vgZlF-I.d.mts +1 -2
  8. package/dist/oauth-CEoJtL3Y.d.mts +1879 -0
  9. package/dist/{utils-BDSjyzic.mjs → utils-sQ4gYeh3.mjs} +39 -5
  10. package/dist/version-DevbO3Yy.mjs +5 -0
  11. package/package.json +10 -9
  12. package/dist/client-resource.mjs.map +0 -1
  13. package/dist/client.mjs.map +0 -1
  14. package/dist/index.mjs.map +0 -1
  15. package/dist/oauth-E89Dh-ZC.d.mts +0 -2079
  16. package/dist/utils-BDSjyzic.mjs.map +0 -1
package/dist/oauth-CEoJtL3Y.d.mts ADDED
@@ -0,0 +1,1879 @@
1
+ import { c as OAuthConsent, i as OIDCMetadata, m as Scope, r as OAuthClient, t as AuthServerMetadata, u as OAuthOptions } from "./oauth-4vgZlF-I.mjs";
2
+ import * as better_call0 from "better-call";
3
+ import * as better_auth_plugins0 from "better-auth/plugins";
4
+ import * as jose from "jose";
5
+ import * as better_auth0 from "better-auth";
6
+
7
+ //#region src/oauth.d.ts
8
+ declare module "@better-auth/core" {
9
+ interface BetterAuthPluginRegistry<AuthOptions, Options> {
10
+ "oauth-provider": {
11
+ creator: typeof oauthProvider;
12
+ };
13
+ }
14
+ }
15
+ declare const getOAuthProviderState: () => Promise<{
16
+ query?: string;
17
+ } | null>;
18
+ /**
19
+ * oAuth 2.1 provider plugin for Better Auth.
20
+ *
21
+ * @see https://better-auth.com/docs/plugins/oauth-provider
22
+ * @param options - The options for the oAuth Provider plugin.
23
+ * @returns A Better Auth plugin.
24
+ */
25
+ declare const oauthProvider: <O extends OAuthOptions<Scope[]>>(options: O) => {
26
+ id: "oauth-provider";
27
+ version: string;
28
+ options: NoInfer<O>;
29
+ init: (ctx: better_auth0.AuthContext) => void;
30
+ hooks: {
31
+ before: {
32
+ matcher(ctx: better_auth0.HookEndpointContext): any;
33
+ handler: better_call0.Middleware<(inputContext: Record<string, any>) => Promise<void>>;
34
+ }[];
35
+ after: {
36
+ matcher(ctx: better_auth0.HookEndpointContext): boolean;
37
+ handler: better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
38
+ redirect: boolean;
39
+ url: string;
40
+ } | undefined>>;
41
+ }[];
42
+ };
43
+ endpoints: {
44
+ /**
45
+ * A server-only endpoint that helps provide the
46
+ * oAuth Server configuration at the well-known endpoint.
47
+ *
48
+ * Provided at /.well-known/oauth-authorization-server/[issuer-path]
49
+ * (root if no issuer-path).
50
+ */
51
+ getOAuthServerConfig: better_call0.Endpoint<"/.well-known/oauth-authorization-server", "GET", undefined, Record<string, any> | undefined, any, AuthServerMetadata, {
52
+ SERVER_ONLY: true;
53
+ }, undefined>;
54
+ /**
55
+ * A server-only endpoint that helps provide the
56
+ * OpenId configuration at the well-known endpoint.
57
+ *
58
+ * Provided at [issuer-path]/.well-known/openid-configuration
59
+ * (root if no issuer-path).
60
+ */
61
+ getOpenIdConfig: better_call0.Endpoint<"/.well-known/openid-configuration", "GET", undefined, Record<string, any> | undefined, any, Omit<OIDCMetadata, "id_token_signing_alg_values_supported"> & {
62
+ id_token_signing_alg_values_supported: better_auth_plugins0.JWSAlgorithms[] | ["HS256"];
63
+ }, {
64
+ SERVER_ONLY: true;
65
+ }, undefined>;
66
+ oauth2Authorize: better_call0.Endpoint<"/oauth2/authorize", "GET", undefined, {
67
+ response_type: "code";
68
+ client_id: string;
69
+ redirect_uri?: string | undefined;
70
+ scope?: string | undefined;
71
+ state?: string | undefined;
72
+ code_challenge?: string | undefined;
73
+ code_challenge_method?: "S256" | undefined;
74
+ nonce?: string | undefined;
75
+ prompt?: "none" | "consent" | "login" | "create" | "select_account" | "login consent" | "select_account consent" | undefined;
76
+ }, any, {
77
+ redirect: boolean;
78
+ url: string;
79
+ }, {
80
+ openapi: {
81
+ description: string;
82
+ parameters: ({
83
+ name: string;
84
+ in: "query";
85
+ required: true;
86
+ schema: {
87
+ type: "string";
88
+ format?: undefined;
89
+ };
90
+ description: string;
91
+ } | {
92
+ name: string;
93
+ in: "query";
94
+ required: false;
95
+ schema: {
96
+ type: "string";
97
+ format: string;
98
+ };
99
+ description: string;
100
+ } | {
101
+ name: string;
102
+ in: "query";
103
+ required: false;
104
+ schema: {
105
+ type: "string";
106
+ format?: undefined;
107
+ };
108
+ description: string;
109
+ })[];
110
+ responses: {
111
+ "302": {
112
+ description: string;
113
+ headers: {
114
+ Location: {
115
+ description: string;
116
+ schema: {
117
+ type: string;
118
+ format: string;
119
+ };
120
+ };
121
+ };
122
+ };
123
+ "400": {
124
+ description: string;
125
+ content: {
126
+ "application/json": {
127
+ schema: {
128
+ type: "object";
129
+ properties: {
130
+ error: {
131
+ type: string;
132
+ };
133
+ error_description: {
134
+ type: string;
135
+ };
136
+ state: {
137
+ type: string;
138
+ };
139
+ };
140
+ required: string[];
141
+ };
142
+ };
143
+ };
144
+ };
145
+ };
146
+ };
147
+ }, undefined>;
148
+ oauth2Consent: better_call0.Endpoint<"/oauth2/consent", "POST", {
149
+ accept: boolean;
150
+ scope?: string | undefined;
151
+ oauth_query?: string | undefined;
152
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
153
+ session: {
154
+ session: Record<string, any> & {
155
+ id: string;
156
+ createdAt: Date;
157
+ updatedAt: Date;
158
+ userId: string;
159
+ expiresAt: Date;
160
+ token: string;
161
+ ipAddress?: string | null | undefined;
162
+ userAgent?: string | null | undefined;
163
+ };
164
+ user: Record<string, any> & {
165
+ id: string;
166
+ createdAt: Date;
167
+ updatedAt: Date;
168
+ email: string;
169
+ emailVerified: boolean;
170
+ name: string;
171
+ image?: string | null | undefined;
172
+ };
173
+ };
174
+ }>>], {
175
+ redirect: boolean;
176
+ url: string;
177
+ }, {
178
+ openapi: {
179
+ description: string;
180
+ responses: {
181
+ "200": {
182
+ description: string;
183
+ content: {
184
+ "application/json": {
185
+ schema: {
186
+ type: "object";
187
+ properties: {
188
+ redirect_uri: {
189
+ type: string;
190
+ format: string;
191
+ description: string;
192
+ };
193
+ };
194
+ required: string[];
195
+ };
196
+ };
197
+ };
198
+ };
199
+ };
200
+ };
201
+ }, undefined>;
202
+ oauth2Continue: better_call0.Endpoint<"/oauth2/continue", "POST", {
203
+ selected?: boolean | undefined;
204
+ created?: boolean | undefined;
205
+ postLogin?: boolean | undefined;
206
+ oauth_query?: string | undefined;
207
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
208
+ session: {
209
+ session: Record<string, any> & {
210
+ id: string;
211
+ createdAt: Date;
212
+ updatedAt: Date;
213
+ userId: string;
214
+ expiresAt: Date;
215
+ token: string;
216
+ ipAddress?: string | null | undefined;
217
+ userAgent?: string | null | undefined;
218
+ };
219
+ user: Record<string, any> & {
220
+ id: string;
221
+ createdAt: Date;
222
+ updatedAt: Date;
223
+ email: string;
224
+ emailVerified: boolean;
225
+ name: string;
226
+ image?: string | null | undefined;
227
+ };
228
+ };
229
+ }>>], {
230
+ redirect: boolean;
231
+ url: string;
232
+ }, {
233
+ openapi: {
234
+ description: string;
235
+ responses: {
236
+ "200": {
237
+ description: string;
238
+ content: {
239
+ "application/json": {
240
+ schema: {
241
+ type: "object";
242
+ properties: {
243
+ redirect_uri: {
244
+ type: string;
245
+ format: string;
246
+ description: string;
247
+ };
248
+ };
249
+ required: string[];
250
+ };
251
+ };
252
+ };
253
+ };
254
+ };
255
+ };
256
+ }, undefined>;
257
+ oauth2Token: better_call0.Endpoint<"/oauth2/token", "POST", {
258
+ grant_type: "authorization_code" | "client_credentials" | "refresh_token";
259
+ client_id?: string | undefined;
260
+ client_secret?: string | undefined;
261
+ code?: string | undefined;
262
+ code_verifier?: string | undefined;
263
+ redirect_uri?: string | undefined;
264
+ refresh_token?: string | undefined;
265
+ resource?: string | undefined;
266
+ scope?: string | undefined;
267
+ }, Record<string, any> | undefined, any, {
268
+ access_token: string;
269
+ expires_in: number;
270
+ expires_at: number;
271
+ token_type: string;
272
+ scope: string;
273
+ }, {
274
+ allowedMediaTypes: string[];
275
+ openapi: {
276
+ description: string;
277
+ requestBody: {
278
+ required: boolean;
279
+ content: {
280
+ "application/json": {
281
+ schema: {
282
+ type: "object";
283
+ properties: {
284
+ grant_type: {
285
+ type: string;
286
+ enum: string[];
287
+ description: string;
288
+ };
289
+ client_id: {
290
+ type: string;
291
+ description: string;
292
+ };
293
+ client_secret: {
294
+ type: string;
295
+ description: string;
296
+ };
297
+ code: {
298
+ type: string;
299
+ description: string;
300
+ };
301
+ code_verifier: {
302
+ type: string;
303
+ description: string;
304
+ };
305
+ redirect_uri: {
306
+ type: string;
307
+ format: string;
308
+ description: string;
309
+ };
310
+ refresh_token: {
311
+ type: string;
312
+ description: string;
313
+ };
314
+ resource: {
315
+ type: string;
316
+ description: string;
317
+ };
318
+ scope: {
319
+ type: string;
320
+ description: string;
321
+ };
322
+ };
323
+ required: string[];
324
+ };
325
+ };
326
+ };
327
+ };
328
+ responses: {
329
+ "200": {
330
+ description: string;
331
+ content: {
332
+ "application/json": {
333
+ schema: {
334
+ type: "object";
335
+ properties: {
336
+ access_token: {
337
+ type: string;
338
+ description: string;
339
+ };
340
+ token_type: {
341
+ type: string;
342
+ description: string;
343
+ enum: string[];
344
+ };
345
+ expires_in: {
346
+ type: string;
347
+ description: string;
348
+ };
349
+ refresh_token: {
350
+ type: string;
351
+ description: string;
352
+ };
353
+ scope: {
354
+ type: string;
355
+ description: string;
356
+ };
357
+ id_token: {
358
+ type: string;
359
+ description: string;
360
+ };
361
+ };
362
+ required: string[];
363
+ };
364
+ };
365
+ };
366
+ };
367
+ "400": {
368
+ description: string;
369
+ content: {
370
+ "application/json": {
371
+ schema: {
372
+ type: "object";
373
+ properties: {
374
+ error: {
375
+ type: string;
376
+ };
377
+ error_description: {
378
+ type: string;
379
+ };
380
+ error_uri: {
381
+ type: string;
382
+ };
383
+ };
384
+ required: string[];
385
+ };
386
+ };
387
+ };
388
+ };
389
+ };
390
+ };
391
+ }, undefined>;
392
+ oauth2Introspect: better_call0.Endpoint<"/oauth2/introspect", "POST", {
393
+ token: string;
394
+ client_id?: string | undefined;
395
+ client_secret?: string | undefined;
396
+ token_type_hint?: "refresh_token" | "access_token" | undefined;
397
+ }, Record<string, any> | undefined, any, jose.JWTPayload, {
398
+ allowedMediaTypes: string[];
399
+ openapi: {
400
+ description: string;
401
+ requestBody: {
402
+ required: boolean;
403
+ content: {
404
+ "application/json": {
405
+ schema: {
406
+ type: "object";
407
+ properties: {
408
+ client_id: {
409
+ type: string;
410
+ description: string;
411
+ };
412
+ client_secret: {
413
+ type: string;
414
+ description: string;
415
+ };
416
+ token: {
417
+ type: string;
418
+ description: string;
419
+ };
420
+ token_type_hint: {
421
+ type: string;
422
+ enum: string[];
423
+ description: string;
424
+ };
425
+ resource: {
426
+ type: string;
427
+ description: string;
428
+ };
429
+ };
430
+ required: string[];
431
+ };
432
+ };
433
+ };
434
+ };
435
+ responses: {
436
+ "200": {
437
+ description: string;
438
+ content: {
439
+ "application/json": {
440
+ schema: {
441
+ type: "object";
442
+ properties: {
443
+ active: {
444
+ type: string;
445
+ description: string;
446
+ };
447
+ scope: {
448
+ type: string;
449
+ description: string;
450
+ };
451
+ client_id: {
452
+ type: string;
453
+ description: string;
454
+ };
455
+ username: {
456
+ type: string;
457
+ description: string;
458
+ };
459
+ token_type: {
460
+ type: string;
461
+ description: string;
462
+ };
463
+ exp: {
464
+ type: string;
465
+ description: string;
466
+ };
467
+ iat: {
468
+ type: string;
469
+ description: string;
470
+ };
471
+ nbf: {
472
+ type: string;
473
+ description: string;
474
+ };
475
+ sub: {
476
+ type: string;
477
+ description: string;
478
+ };
479
+ aud: {
480
+ type: string;
481
+ description: string;
482
+ };
483
+ iss: {
484
+ type: string;
485
+ description: string;
486
+ };
487
+ jti: {
488
+ type: string;
489
+ description: string;
490
+ };
491
+ };
492
+ required: string[];
493
+ };
494
+ };
495
+ };
496
+ };
497
+ "400": {
498
+ description: string;
499
+ content: {
500
+ "application/json": {
501
+ schema: {
502
+ type: "object";
503
+ properties: {
504
+ error: {
505
+ type: string;
506
+ };
507
+ error_description: {
508
+ type: string;
509
+ };
510
+ error_uri: {
511
+ type: string;
512
+ };
513
+ };
514
+ required: string[];
515
+ };
516
+ };
517
+ };
518
+ };
519
+ };
520
+ };
521
+ }, undefined>;
522
+ oauth2Revoke: better_call0.Endpoint<"/oauth2/revoke", "POST", {
523
+ token: string;
524
+ client_id?: string | undefined;
525
+ client_secret?: string | undefined;
526
+ token_type_hint?: "refresh_token" | "access_token" | undefined;
527
+ }, Record<string, any> | undefined, any, null | undefined, {
528
+ allowedMediaTypes: string[];
529
+ openapi: {
530
+ description: string;
531
+ requestBody: {
532
+ required: boolean;
533
+ content: {
534
+ "application/json": {
535
+ schema: {
536
+ type: "object";
537
+ properties: {
538
+ client_id: {
539
+ type: string;
540
+ description: string;
541
+ };
542
+ client_secret: {
543
+ type: string;
544
+ description: string;
545
+ };
546
+ token: {
547
+ type: string;
548
+ description: string;
549
+ };
550
+ token_type_hint: {
551
+ type: string;
552
+ enum: string[];
553
+ description: string;
554
+ };
555
+ };
556
+ required: string[];
557
+ };
558
+ };
559
+ };
560
+ };
561
+ responses: {
562
+ "200": {
563
+ description: string;
564
+ content: {
565
+ "application/json": {
566
+ schema: {
567
+ type: "object";
568
+ description: string;
569
+ };
570
+ };
571
+ };
572
+ };
573
+ "400": {
574
+ description: string;
575
+ content: {
576
+ "application/json": {
577
+ schema: {
578
+ type: "object";
579
+ properties: {
580
+ error: {
581
+ type: string;
582
+ };
583
+ error_description: {
584
+ type: string;
585
+ };
586
+ error_uri: {
587
+ type: string;
588
+ };
589
+ };
590
+ required: string[];
591
+ };
592
+ };
593
+ };
594
+ };
595
+ };
596
+ };
597
+ }, undefined>;
598
+ oauth2UserInfo: better_call0.Endpoint<"/oauth2/userinfo", "GET", undefined, Record<string, any> | undefined, any, {
599
+ email?: string | undefined;
600
+ email_verified?: boolean | undefined;
601
+ name?: string | undefined;
602
+ picture?: string | undefined;
603
+ given_name?: string | undefined;
604
+ family_name?: string | undefined;
605
+ sub: string;
606
+ }, {
607
+ openapi: {
608
+ description: string;
609
+ security: ({
610
+ bearerAuth: never[];
611
+ OAuth2?: undefined;
612
+ } | {
613
+ OAuth2: string[];
614
+ bearerAuth?: undefined;
615
+ })[];
616
+ parameters: {
617
+ name: string;
618
+ in: "header";
619
+ required: false;
620
+ schema: {
621
+ type: "string";
622
+ };
623
+ description: string;
624
+ }[];
625
+ responses: {
626
+ "200": {
627
+ description: string;
628
+ content: {
629
+ "application/json": {
630
+ schema: {
631
+ type: "object";
632
+ properties: {
633
+ sub: {
634
+ type: string;
635
+ description: string;
636
+ };
637
+ email: {
638
+ type: string;
639
+ format: string;
640
+ nullable: boolean;
641
+ description: string;
642
+ };
643
+ name: {
644
+ type: string;
645
+ nullable: boolean;
646
+ description: string;
647
+ };
648
+ picture: {
649
+ type: string;
650
+ format: string;
651
+ nullable: boolean;
652
+ description: string;
653
+ };
654
+ given_name: {
655
+ type: string;
656
+ nullable: boolean;
657
+ description: string;
658
+ };
659
+ family_name: {
660
+ type: string;
661
+ nullable: boolean;
662
+ description: string;
663
+ };
664
+ email_verified: {
665
+ type: string;
666
+ nullable: boolean;
667
+ description: string;
668
+ };
669
+ };
670
+ required: string[];
671
+ };
672
+ };
673
+ };
674
+ };
675
+ "401": {
676
+ description: string;
677
+ content: {
678
+ "application/json": {
679
+ schema: {
680
+ type: "object";
681
+ properties: {
682
+ error: {
683
+ type: string;
684
+ };
685
+ error_description: {
686
+ type: string;
687
+ };
688
+ };
689
+ required: string[];
690
+ };
691
+ };
692
+ };
693
+ };
694
+ "403": {
695
+ description: string;
696
+ content: {
697
+ "application/json": {
698
+ schema: {
699
+ type: "object";
700
+ properties: {
701
+ error: {
702
+ type: string;
703
+ };
704
+ error_description: {
705
+ type: string;
706
+ };
707
+ };
708
+ required: string[];
709
+ };
710
+ };
711
+ };
712
+ };
713
+ };
714
+ };
715
+ }, undefined>;
716
+ oauth2EndSession: better_call0.Endpoint<"/oauth2/end-session", "GET", undefined, {
717
+ id_token_hint: string;
718
+ client_id?: string | undefined;
719
+ post_logout_redirect_uri?: string | undefined;
720
+ state?: string | undefined;
721
+ }, any, {
722
+ redirect: boolean;
723
+ url: string;
724
+ } | undefined, {
725
+ openapi: {
726
+ description: string;
727
+ responses: {
728
+ "200": {
729
+ description: string;
730
+ content: {
731
+ "application/json": {
732
+ schema: {
733
+ type: "object";
734
+ properties: {
735
+ redirect_uri: {
736
+ type: string;
737
+ format: string;
738
+ description: string;
739
+ };
740
+ message: {
741
+ type: string;
742
+ description: string;
743
+ };
744
+ };
745
+ };
746
+ };
747
+ };
748
+ };
749
+ };
750
+ };
751
+ }, undefined>;
752
+ registerOAuthClient: better_call0.Endpoint<"/oauth2/register", "POST", {
753
+ redirect_uris: string[];
754
+ scope?: string | undefined;
755
+ client_name?: string | undefined;
756
+ client_uri?: string | undefined;
757
+ logo_uri?: string | undefined;
758
+ contacts?: string[] | undefined;
759
+ tos_uri?: string | undefined;
760
+ policy_uri?: string | undefined;
761
+ software_id?: string | undefined;
762
+ software_version?: string | undefined;
763
+ software_statement?: string | undefined;
764
+ post_logout_redirect_uris?: string[] | undefined;
765
+ token_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_post" | undefined;
766
+ grant_types?: ("authorization_code" | "client_credentials" | "refresh_token")[] | undefined;
767
+ response_types?: "code"[] | undefined;
768
+ type?: "web" | "native" | "user-agent-based" | undefined;
769
+ subject_type?: "public" | "pairwise" | undefined;
770
+ }, Record<string, any> | undefined, any, OAuthClient, {
771
+ openapi: {
772
+ description: string;
773
+ responses: {
774
+ "200": {
775
+ description: string;
776
+ content: {
777
+ "application/json": {
778
+ schema: {
779
+ /** @returns {OauthClient} */type: "object";
780
+ properties: {
781
+ client_id: {
782
+ type: string;
783
+ description: string;
784
+ };
785
+ client_secret: {
786
+ type: string;
787
+ description: string;
788
+ };
789
+ client_secret_expires_at: {
790
+ type: string;
791
+ description: string;
792
+ };
793
+ scope: {
794
+ type: string;
795
+ description: string;
796
+ };
797
+ user_id: {
798
+ type: string;
799
+ description: string;
800
+ };
801
+ client_id_issued_at: {
802
+ type: string;
803
+ description: string;
804
+ };
805
+ client_name: {
806
+ type: string;
807
+ description: string;
808
+ };
809
+ client_uri: {
810
+ type: string;
811
+ description: string;
812
+ };
813
+ logo_uri: {
814
+ type: string;
815
+ description: string;
816
+ };
817
+ contacts: {
818
+ type: string;
819
+ items: {
820
+ type: string;
821
+ };
822
+ description: string;
823
+ };
824
+ tos_uri: {
825
+ type: string;
826
+ description: string;
827
+ };
828
+ policy_uri: {
829
+ type: string;
830
+ description: string;
831
+ };
832
+ software_id: {
833
+ type: string;
834
+ description: string;
835
+ };
836
+ software_version: {
837
+ type: string;
838
+ description: string;
839
+ };
840
+ software_statement: {
841
+ type: string;
842
+ description: string;
843
+ };
844
+ redirect_uris: {
845
+ type: string;
846
+ items: {
847
+ type: string;
848
+ format: string;
849
+ };
850
+ description: string;
851
+ };
852
+ post_logout_redirect_uris: {
853
+ type: string;
854
+ items: {
855
+ type: string;
856
+ format: string;
857
+ };
858
+ description: string;
859
+ };
860
+ token_endpoint_auth_method: {
861
+ type: string;
862
+ description: string;
863
+ enum: string[];
864
+ };
865
+ grant_types: {
866
+ type: string;
867
+ items: {
868
+ type: string;
869
+ enum: string[];
870
+ };
871
+ description: string;
872
+ };
873
+ response_types: {
874
+ type: string;
875
+ items: {
876
+ type: string;
877
+ enum: string[];
878
+ };
879
+ description: string;
880
+ };
881
+ public: {
882
+ type: string;
883
+ description: string;
884
+ };
885
+ type: {
886
+ type: string;
887
+ description: string;
888
+ enum: string[];
889
+ };
890
+ disabled: {
891
+ type: string;
892
+ description: string;
893
+ };
894
+ };
895
+ required: string[];
896
+ };
897
+ };
898
+ };
899
+ };
900
+ };
901
+ };
902
+ }, undefined>;
903
+ adminCreateOAuthClient: better_call0.Endpoint<"/admin/oauth2/create-client", "POST", {
904
+ redirect_uris: string[];
905
+ scope?: string | undefined;
906
+ client_name?: string | undefined;
907
+ client_uri?: string | undefined;
908
+ logo_uri?: string | undefined;
909
+ contacts?: string[] | undefined;
910
+ tos_uri?: string | undefined;
911
+ policy_uri?: string | undefined;
912
+ software_id?: string | undefined;
913
+ software_version?: string | undefined;
914
+ software_statement?: string | undefined;
915
+ post_logout_redirect_uris?: string[] | undefined;
916
+ token_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_post" | undefined;
917
+ grant_types?: ("authorization_code" | "client_credentials" | "refresh_token")[] | undefined;
918
+ response_types?: "code"[] | undefined;
919
+ type?: "web" | "native" | "user-agent-based" | undefined;
920
+ client_secret_expires_at?: string | number | undefined;
921
+ skip_consent?: boolean | undefined;
922
+ enable_end_session?: boolean | undefined;
923
+ require_pkce?: boolean | undefined;
924
+ subject_type?: "public" | "pairwise" | undefined;
925
+ metadata?: Record<string, unknown> | undefined;
926
+ }, Record<string, any> | undefined, [], OAuthClient, {
927
+ SERVER_ONLY: true;
928
+ openapi: {
929
+ description: string;
930
+ responses: {
931
+ "200": {
932
+ description: string;
933
+ content: {
934
+ "application/json": {
935
+ schema: {
936
+ type: "object";
937
+ properties: {
938
+ client_id: {
939
+ type: string;
940
+ description: string;
941
+ };
942
+ client_secret: {
943
+ type: string;
944
+ description: string;
945
+ };
946
+ client_secret_expires_at: {
947
+ type: string;
948
+ description: string;
949
+ };
950
+ scope: {
951
+ type: string;
952
+ description: string;
953
+ };
954
+ user_id: {
955
+ type: string;
956
+ description: string;
957
+ };
958
+ client_id_issued_at: {
959
+ type: string;
960
+ description: string;
961
+ };
962
+ client_name: {
963
+ type: string;
964
+ description: string;
965
+ };
966
+ client_uri: {
967
+ type: string;
968
+ description: string;
969
+ };
970
+ logo_uri: {
971
+ type: string;
972
+ description: string;
973
+ };
974
+ contacts: {
975
+ type: string;
976
+ items: {
977
+ type: string;
978
+ };
979
+ description: string;
980
+ };
981
+ tos_uri: {
982
+ type: string;
983
+ description: string;
984
+ };
985
+ policy_uri: {
986
+ type: string;
987
+ description: string;
988
+ };
989
+ software_id: {
990
+ type: string;
991
+ description: string;
992
+ };
993
+ software_version: {
994
+ type: string;
995
+ description: string;
996
+ };
997
+ software_statement: {
998
+ type: string;
999
+ description: string;
1000
+ };
1001
+ redirect_uris: {
1002
+ type: string;
1003
+ items: {
1004
+ type: string;
1005
+ format: string;
1006
+ };
1007
+ description: string;
1008
+ };
1009
+ token_endpoint_auth_method: {
1010
+ type: string;
1011
+ description: string;
1012
+ enum: string[];
1013
+ };
1014
+ grant_types: {
1015
+ type: string;
1016
+ items: {
1017
+ type: string;
1018
+ enum: string[];
1019
+ };
1020
+ description: string;
1021
+ };
1022
+ response_types: {
1023
+ type: string;
1024
+ items: {
1025
+ type: string;
1026
+ enum: string[];
1027
+ };
1028
+ description: string;
1029
+ };
1030
+ public: {
1031
+ type: string;
1032
+ description: string;
1033
+ };
1034
+ type: {
1035
+ type: string;
1036
+ description: string;
1037
+ enum: string[];
1038
+ };
1039
+ disabled: {
1040
+ type: string;
1041
+ description: string;
1042
+ };
1043
+ require_pkce: {
1044
+ type: string;
1045
+ description: string;
1046
+ default: boolean;
1047
+ };
1048
+ metadata: {
1049
+ type: string;
1050
+ additionalProperties: boolean;
1051
+ nullable: boolean;
1052
+ description: string;
1053
+ };
1054
+ };
1055
+ required: string[];
1056
+ };
1057
+ };
1058
+ };
1059
+ };
1060
+ };
1061
+ };
1062
+ }, undefined>;
1063
+ createOAuthClient: better_call0.Endpoint<"/oauth2/create-client", "POST", {
1064
+ redirect_uris: string[];
1065
+ scope?: string | undefined;
1066
+ client_name?: string | undefined;
1067
+ client_uri?: string | undefined;
1068
+ logo_uri?: string | undefined;
1069
+ contacts?: string[] | undefined;
1070
+ tos_uri?: string | undefined;
1071
+ policy_uri?: string | undefined;
1072
+ software_id?: string | undefined;
1073
+ software_version?: string | undefined;
1074
+ software_statement?: string | undefined;
1075
+ post_logout_redirect_uris?: string[] | undefined;
1076
+ token_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_post" | undefined;
1077
+ grant_types?: ("authorization_code" | "client_credentials" | "refresh_token")[] | undefined;
1078
+ response_types?: "code"[] | undefined;
1079
+ type?: "web" | "native" | "user-agent-based" | undefined;
1080
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1081
+ session: {
1082
+ session: Record<string, any> & {
1083
+ id: string;
1084
+ createdAt: Date;
1085
+ updatedAt: Date;
1086
+ userId: string;
1087
+ expiresAt: Date;
1088
+ token: string;
1089
+ ipAddress?: string | null | undefined;
1090
+ userAgent?: string | null | undefined;
1091
+ };
1092
+ user: Record<string, any> & {
1093
+ id: string;
1094
+ createdAt: Date;
1095
+ updatedAt: Date;
1096
+ email: string;
1097
+ emailVerified: boolean;
1098
+ name: string;
1099
+ image?: string | null | undefined;
1100
+ };
1101
+ };
1102
+ }>>], OAuthClient, {
1103
+ openapi: {
1104
+ description: string;
1105
+ responses: {
1106
+ "200": {
1107
+ description: string;
1108
+ content: {
1109
+ "application/json": {
1110
+ schema: {
1111
+ type: "object";
1112
+ properties: {
1113
+ client_id: {
1114
+ type: string;
1115
+ description: string;
1116
+ };
1117
+ client_secret: {
1118
+ type: string;
1119
+ description: string;
1120
+ };
1121
+ client_secret_expires_at: {
1122
+ type: string;
1123
+ description: string;
1124
+ };
1125
+ scope: {
1126
+ type: string;
1127
+ description: string;
1128
+ };
1129
+ user_id: {
1130
+ type: string;
1131
+ description: string;
1132
+ };
1133
+ client_id_issued_at: {
1134
+ type: string;
1135
+ description: string;
1136
+ };
1137
+ client_name: {
1138
+ type: string;
1139
+ description: string;
1140
+ };
1141
+ client_uri: {
1142
+ type: string;
1143
+ description: string;
1144
+ };
1145
+ logo_uri: {
1146
+ type: string;
1147
+ description: string;
1148
+ };
1149
+ contacts: {
1150
+ type: string;
1151
+ items: {
1152
+ type: string;
1153
+ };
1154
+ description: string;
1155
+ };
1156
+ tos_uri: {
1157
+ type: string;
1158
+ description: string;
1159
+ };
1160
+ policy_uri: {
1161
+ type: string;
1162
+ description: string;
1163
+ };
1164
+ software_id: {
1165
+ type: string;
1166
+ description: string;
1167
+ };
1168
+ software_version: {
1169
+ type: string;
1170
+ description: string;
1171
+ };
1172
+ software_statement: {
1173
+ type: string;
1174
+ description: string;
1175
+ };
1176
+ redirect_uris: {
1177
+ type: string;
1178
+ items: {
1179
+ type: string;
1180
+ format: string;
1181
+ };
1182
+ description: string;
1183
+ };
1184
+ token_endpoint_auth_method: {
1185
+ type: string;
1186
+ description: string;
1187
+ enum: string[];
1188
+ };
1189
+ grant_types: {
1190
+ type: string;
1191
+ items: {
1192
+ type: string;
1193
+ enum: string[];
1194
+ };
1195
+ description: string;
1196
+ };
1197
+ response_types: {
1198
+ type: string;
1199
+ items: {
1200
+ type: string;
1201
+ enum: string[];
1202
+ };
1203
+ description: string;
1204
+ };
1205
+ public: {
1206
+ type: string;
1207
+ description: string;
1208
+ };
1209
+ type: {
1210
+ type: string;
1211
+ description: string;
1212
+ enum: string[];
1213
+ };
1214
+ disabled: {
1215
+ type: string;
1216
+ description: string;
1217
+ };
1218
+ metadata: {
1219
+ type: string;
1220
+ additionalProperties: boolean;
1221
+ nullable: boolean;
1222
+ description: string;
1223
+ };
1224
+ };
1225
+ required: string[];
1226
+ };
1227
+ };
1228
+ };
1229
+ };
1230
+ };
1231
+ };
1232
+ }, undefined>;
1233
+ getOAuthClient: better_call0.Endpoint<"/oauth2/get-client", "GET", undefined, {
1234
+ client_id: string;
1235
+ }, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1236
+ session: {
1237
+ session: Record<string, any> & {
1238
+ id: string;
1239
+ createdAt: Date;
1240
+ updatedAt: Date;
1241
+ userId: string;
1242
+ expiresAt: Date;
1243
+ token: string;
1244
+ ipAddress?: string | null | undefined;
1245
+ userAgent?: string | null | undefined;
1246
+ };
1247
+ user: Record<string, any> & {
1248
+ id: string;
1249
+ createdAt: Date;
1250
+ updatedAt: Date;
1251
+ email: string;
1252
+ emailVerified: boolean;
1253
+ name: string;
1254
+ image?: string | null | undefined;
1255
+ };
1256
+ };
1257
+ }>>], OAuthClient, {
1258
+ openapi: {
1259
+ description: string;
1260
+ };
1261
+ }, undefined>;
1262
+ getOAuthClientPublic: better_call0.Endpoint<"/oauth2/public-client", "GET", undefined, {
1263
+ client_id: string;
1264
+ }, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1265
+ session: {
1266
+ session: Record<string, any> & {
1267
+ id: string;
1268
+ createdAt: Date;
1269
+ updatedAt: Date;
1270
+ userId: string;
1271
+ expiresAt: Date;
1272
+ token: string;
1273
+ ipAddress?: string | null | undefined;
1274
+ userAgent?: string | null | undefined;
1275
+ };
1276
+ user: Record<string, any> & {
1277
+ id: string;
1278
+ createdAt: Date;
1279
+ updatedAt: Date;
1280
+ email: string;
1281
+ emailVerified: boolean;
1282
+ name: string;
1283
+ image?: string | null | undefined;
1284
+ };
1285
+ };
1286
+ }>>], OAuthClient, {
1287
+ openapi: {
1288
+ description: string;
1289
+ };
1290
+ }, undefined>;
1291
+ getOAuthClientPublicPrelogin: better_call0.Endpoint<"/oauth2/public-client-prelogin", "POST", {
1292
+ client_id: string;
1293
+ oauth_query?: string | undefined;
1294
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<void>>], OAuthClient, {
1295
+ openapi: {
1296
+ description: string;
1297
+ };
1298
+ }, undefined>;
1299
+ getOAuthClients: better_call0.Endpoint<"/oauth2/get-clients", "GET", undefined, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1300
+ session: {
1301
+ session: Record<string, any> & {
1302
+ id: string;
1303
+ createdAt: Date;
1304
+ updatedAt: Date;
1305
+ userId: string;
1306
+ expiresAt: Date;
1307
+ token: string;
1308
+ ipAddress?: string | null | undefined;
1309
+ userAgent?: string | null | undefined;
1310
+ };
1311
+ user: Record<string, any> & {
1312
+ id: string;
1313
+ createdAt: Date;
1314
+ updatedAt: Date;
1315
+ email: string;
1316
+ emailVerified: boolean;
1317
+ name: string;
1318
+ image?: string | null | undefined;
1319
+ };
1320
+ };
1321
+ }>>], OAuthClient[] | null, {
1322
+ openapi: {
1323
+ description: string;
1324
+ };
1325
+ }, undefined>;
1326
+ adminUpdateOAuthClient: better_call0.Endpoint<"/admin/oauth2/update-client", "PATCH", {
1327
+ client_id: string;
1328
+ update: {
1329
+ redirect_uris?: string[] | undefined;
1330
+ scope?: string | undefined;
1331
+ client_name?: string | undefined;
1332
+ client_uri?: string | undefined;
1333
+ logo_uri?: string | undefined;
1334
+ contacts?: string[] | undefined;
1335
+ tos_uri?: string | undefined;
1336
+ policy_uri?: string | undefined;
1337
+ software_id?: string | undefined;
1338
+ software_version?: string | undefined;
1339
+ software_statement?: string | undefined;
1340
+ post_logout_redirect_uris?: string[] | undefined;
1341
+ grant_types?: ("authorization_code" | "client_credentials" | "refresh_token")[] | undefined;
1342
+ response_types?: "code"[] | undefined;
1343
+ type?: "web" | "native" | "user-agent-based" | undefined;
1344
+ client_secret_expires_at?: string | number | undefined;
1345
+ skip_consent?: boolean | undefined;
1346
+ enable_end_session?: boolean | undefined;
1347
+ metadata?: Record<string, unknown> | undefined;
1348
+ };
1349
+ }, Record<string, any> | undefined, [], OAuthClient, {
1350
+ SERVER_ONLY: true;
1351
+ openapi: {
1352
+ description: string;
1353
+ };
1354
+ }, undefined>;
1355
+ updateOAuthClient: better_call0.Endpoint<"/oauth2/update-client", "POST", {
1356
+ client_id: string;
1357
+ update: {
1358
+ redirect_uris?: string[] | undefined;
1359
+ scope?: string | undefined;
1360
+ client_name?: string | undefined;
1361
+ client_uri?: string | undefined;
1362
+ logo_uri?: string | undefined;
1363
+ contacts?: string[] | undefined;
1364
+ tos_uri?: string | undefined;
1365
+ policy_uri?: string | undefined;
1366
+ software_id?: string | undefined;
1367
+ software_version?: string | undefined;
1368
+ software_statement?: string | undefined;
1369
+ post_logout_redirect_uris?: string[] | undefined;
1370
+ grant_types?: ("authorization_code" | "client_credentials" | "refresh_token")[] | undefined;
1371
+ response_types?: "code"[] | undefined;
1372
+ type?: "web" | "native" | "user-agent-based" | undefined;
1373
+ };
1374
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1375
+ session: {
1376
+ session: Record<string, any> & {
1377
+ id: string;
1378
+ createdAt: Date;
1379
+ updatedAt: Date;
1380
+ userId: string;
1381
+ expiresAt: Date;
1382
+ token: string;
1383
+ ipAddress?: string | null | undefined;
1384
+ userAgent?: string | null | undefined;
1385
+ };
1386
+ user: Record<string, any> & {
1387
+ id: string;
1388
+ createdAt: Date;
1389
+ updatedAt: Date;
1390
+ email: string;
1391
+ emailVerified: boolean;
1392
+ name: string;
1393
+ image?: string | null | undefined;
1394
+ };
1395
+ };
1396
+ }>>], OAuthClient, {
1397
+ openapi: {
1398
+ description: string;
1399
+ };
1400
+ }, undefined>;
1401
+ rotateClientSecret: better_call0.Endpoint<"/oauth2/client/rotate-secret", "POST", {
1402
+ client_id: string;
1403
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1404
+ session: {
1405
+ session: Record<string, any> & {
1406
+ id: string;
1407
+ createdAt: Date;
1408
+ updatedAt: Date;
1409
+ userId: string;
1410
+ expiresAt: Date;
1411
+ token: string;
1412
+ ipAddress?: string | null | undefined;
1413
+ userAgent?: string | null | undefined;
1414
+ };
1415
+ user: Record<string, any> & {
1416
+ id: string;
1417
+ createdAt: Date;
1418
+ updatedAt: Date;
1419
+ email: string;
1420
+ emailVerified: boolean;
1421
+ name: string;
1422
+ image?: string | null | undefined;
1423
+ };
1424
+ };
1425
+ }>>], OAuthClient, {
1426
+ openapi: {
1427
+ description: string;
1428
+ };
1429
+ }, undefined>;
1430
+ deleteOAuthClient: better_call0.Endpoint<"/oauth2/delete-client", "POST", {
1431
+ client_id: string;
1432
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1433
+ session: {
1434
+ session: Record<string, any> & {
1435
+ id: string;
1436
+ createdAt: Date;
1437
+ updatedAt: Date;
1438
+ userId: string;
1439
+ expiresAt: Date;
1440
+ token: string;
1441
+ ipAddress?: string | null | undefined;
1442
+ userAgent?: string | null | undefined;
1443
+ };
1444
+ user: Record<string, any> & {
1445
+ id: string;
1446
+ createdAt: Date;
1447
+ updatedAt: Date;
1448
+ email: string;
1449
+ emailVerified: boolean;
1450
+ name: string;
1451
+ image?: string | null | undefined;
1452
+ };
1453
+ };
1454
+ }>>], void, {
1455
+ openapi: {
1456
+ description: string;
1457
+ };
1458
+ }, undefined>;
1459
+ getOAuthConsent: better_call0.Endpoint<"/oauth2/get-consent", "GET", undefined, {
1460
+ id: string;
1461
+ }, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1462
+ session: {
1463
+ session: Record<string, any> & {
1464
+ id: string;
1465
+ createdAt: Date;
1466
+ updatedAt: Date;
1467
+ userId: string;
1468
+ expiresAt: Date;
1469
+ token: string;
1470
+ ipAddress?: string | null | undefined;
1471
+ userAgent?: string | null | undefined;
1472
+ };
1473
+ user: Record<string, any> & {
1474
+ id: string;
1475
+ createdAt: Date;
1476
+ updatedAt: Date;
1477
+ email: string;
1478
+ emailVerified: boolean;
1479
+ name: string;
1480
+ image?: string | null | undefined;
1481
+ };
1482
+ };
1483
+ }>>], OAuthConsent<Scope[]>, {
1484
+ openapi: {
1485
+ description: string;
1486
+ };
1487
+ }, undefined>;
1488
+ getOAuthConsents: better_call0.Endpoint<"/oauth2/get-consents", "GET", undefined, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1489
+ session: {
1490
+ session: Record<string, any> & {
1491
+ id: string;
1492
+ createdAt: Date;
1493
+ updatedAt: Date;
1494
+ userId: string;
1495
+ expiresAt: Date;
1496
+ token: string;
1497
+ ipAddress?: string | null | undefined;
1498
+ userAgent?: string | null | undefined;
1499
+ };
1500
+ user: Record<string, any> & {
1501
+ id: string;
1502
+ createdAt: Date;
1503
+ updatedAt: Date;
1504
+ email: string;
1505
+ emailVerified: boolean;
1506
+ name: string;
1507
+ image?: string | null | undefined;
1508
+ };
1509
+ };
1510
+ }>>], OAuthConsent<Scope[]>[], {
1511
+ openapi: {
1512
+ description: string;
1513
+ };
1514
+ }, undefined>;
1515
+ updateOAuthConsent: better_call0.Endpoint<"/oauth2/update-consent", "POST", {
1516
+ id: string;
1517
+ update: {
1518
+ scopes: string[];
1519
+ };
1520
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1521
+ session: {
1522
+ session: Record<string, any> & {
1523
+ id: string;
1524
+ createdAt: Date;
1525
+ updatedAt: Date;
1526
+ userId: string;
1527
+ expiresAt: Date;
1528
+ token: string;
1529
+ ipAddress?: string | null | undefined;
1530
+ userAgent?: string | null | undefined;
1531
+ };
1532
+ user: Record<string, any> & {
1533
+ id: string;
1534
+ createdAt: Date;
1535
+ updatedAt: Date;
1536
+ email: string;
1537
+ emailVerified: boolean;
1538
+ name: string;
1539
+ image?: string | null | undefined;
1540
+ };
1541
+ };
1542
+ }>>], OAuthConsent<Scope[]> | null, {
1543
+ openapi: {
1544
+ description: string;
1545
+ };
1546
+ }, undefined>;
1547
+ deleteOAuthConsent: better_call0.Endpoint<"/oauth2/delete-consent", "POST", {
1548
+ id: string;
1549
+ }, Record<string, any> | undefined, [better_call0.Middleware<(inputContext: Record<string, any>) => Promise<{
1550
+ session: {
1551
+ session: Record<string, any> & {
1552
+ id: string;
1553
+ createdAt: Date;
1554
+ updatedAt: Date;
1555
+ userId: string;
1556
+ expiresAt: Date;
1557
+ token: string;
1558
+ ipAddress?: string | null | undefined;
1559
+ userAgent?: string | null | undefined;
1560
+ };
1561
+ user: Record<string, any> & {
1562
+ id: string;
1563
+ createdAt: Date;
1564
+ updatedAt: Date;
1565
+ email: string;
1566
+ emailVerified: boolean;
1567
+ name: string;
1568
+ image?: string | null | undefined;
1569
+ };
1570
+ };
1571
+ }>>], void, {
1572
+ openapi: {
1573
+ description: string;
1574
+ };
1575
+ }, undefined>;
1576
+ };
1577
+ schema: {
1578
+ oauthClient: {
1579
+ modelName: string;
1580
+ fields: {
1581
+ clientId: {
1582
+ type: "string";
1583
+ unique: true;
1584
+ required: true;
1585
+ };
1586
+ clientSecret: {
1587
+ type: "string";
1588
+ required: false;
1589
+ };
1590
+ disabled: {
1591
+ type: "boolean";
1592
+ defaultValue: false;
1593
+ required: false;
1594
+ };
1595
+ skipConsent: {
1596
+ type: "boolean";
1597
+ required: false;
1598
+ };
1599
+ enableEndSession: {
1600
+ type: "boolean";
1601
+ required: false;
1602
+ };
1603
+ subjectType: {
1604
+ type: "string";
1605
+ required: false;
1606
+ };
1607
+ scopes: {
1608
+ type: "string[]";
1609
+ required: false;
1610
+ };
1611
+ userId: {
1612
+ type: "string";
1613
+ required: false;
1614
+ references: {
1615
+ model: string;
1616
+ field: string;
1617
+ };
1618
+ };
1619
+ createdAt: {
1620
+ type: "date";
1621
+ required: false;
1622
+ };
1623
+ updatedAt: {
1624
+ type: "date";
1625
+ required: false;
1626
+ };
1627
+ name: {
1628
+ type: "string";
1629
+ required: false;
1630
+ };
1631
+ uri: {
1632
+ type: "string";
1633
+ required: false;
1634
+ };
1635
+ icon: {
1636
+ type: "string";
1637
+ required: false;
1638
+ };
1639
+ contacts: {
1640
+ type: "string[]";
1641
+ required: false;
1642
+ };
1643
+ tos: {
1644
+ type: "string";
1645
+ required: false;
1646
+ };
1647
+ policy: {
1648
+ type: "string";
1649
+ required: false;
1650
+ };
1651
+ softwareId: {
1652
+ type: "string";
1653
+ required: false;
1654
+ };
1655
+ softwareVersion: {
1656
+ type: "string";
1657
+ required: false;
1658
+ };
1659
+ softwareStatement: {
1660
+ type: "string";
1661
+ required: false;
1662
+ };
1663
+ redirectUris: {
1664
+ type: "string[]";
1665
+ required: true;
1666
+ };
1667
+ postLogoutRedirectUris: {
1668
+ type: "string[]";
1669
+ required: false;
1670
+ };
1671
+ tokenEndpointAuthMethod: {
1672
+ type: "string";
1673
+ required: false;
1674
+ };
1675
+ grantTypes: {
1676
+ type: "string[]";
1677
+ required: false;
1678
+ };
1679
+ responseTypes: {
1680
+ type: "string[]";
1681
+ required: false;
1682
+ };
1683
+ public: {
1684
+ type: "boolean";
1685
+ required: false;
1686
+ };
1687
+ type: {
1688
+ type: "string";
1689
+ required: false;
1690
+ };
1691
+ requirePKCE: {
1692
+ type: "boolean";
1693
+ required: false;
1694
+ };
1695
+ referenceId: {
1696
+ type: "string";
1697
+ required: false;
1698
+ };
1699
+ metadata: {
1700
+ type: "json";
1701
+ required: false;
1702
+ };
1703
+ };
1704
+ };
1705
+ oauthRefreshToken: {
1706
+ fields: {
1707
+ token: {
1708
+ type: "string";
1709
+ required: true;
1710
+ };
1711
+ clientId: {
1712
+ type: "string";
1713
+ required: true;
1714
+ references: {
1715
+ model: string;
1716
+ field: string;
1717
+ };
1718
+ };
1719
+ sessionId: {
1720
+ type: "string";
1721
+ required: false;
1722
+ references: {
1723
+ model: string;
1724
+ field: string;
1725
+ onDelete: "set null";
1726
+ };
1727
+ };
1728
+ userId: {
1729
+ type: "string";
1730
+ required: true;
1731
+ references: {
1732
+ model: string;
1733
+ field: string;
1734
+ };
1735
+ };
1736
+ referenceId: {
1737
+ type: "string";
1738
+ required: false;
1739
+ };
1740
+ expiresAt: {
1741
+ type: "date";
1742
+ };
1743
+ createdAt: {
1744
+ type: "date";
1745
+ };
1746
+ revoked: {
1747
+ type: "date";
1748
+ required: false;
1749
+ };
1750
+ authTime: {
1751
+ type: "date";
1752
+ required: false;
1753
+ };
1754
+ scopes: {
1755
+ type: "string[]";
1756
+ required: true;
1757
+ };
1758
+ };
1759
+ };
1760
+ oauthAccessToken: {
1761
+ modelName: string;
1762
+ fields: {
1763
+ token: {
1764
+ type: "string";
1765
+ unique: true;
1766
+ };
1767
+ clientId: {
1768
+ type: "string";
1769
+ required: true;
1770
+ references: {
1771
+ model: string;
1772
+ field: string;
1773
+ };
1774
+ };
1775
+ sessionId: {
1776
+ type: "string";
1777
+ required: false;
1778
+ references: {
1779
+ model: string;
1780
+ field: string;
1781
+ onDelete: "set null";
1782
+ };
1783
+ };
1784
+ userId: {
1785
+ type: "string";
1786
+ required: false;
1787
+ references: {
1788
+ model: string;
1789
+ field: string;
1790
+ };
1791
+ };
1792
+ referenceId: {
1793
+ type: "string";
1794
+ required: false;
1795
+ };
1796
+ refreshId: {
1797
+ type: "string";
1798
+ required: false;
1799
+ references: {
1800
+ model: string;
1801
+ field: string;
1802
+ };
1803
+ };
1804
+ expiresAt: {
1805
+ type: "date";
1806
+ };
1807
+ createdAt: {
1808
+ type: "date";
1809
+ };
1810
+ scopes: {
1811
+ type: "string[]";
1812
+ required: true;
1813
+ };
1814
+ };
1815
+ };
1816
+ oauthConsent: {
1817
+ modelName: string;
1818
+ fields: {
1819
+ clientId: {
1820
+ type: "string";
1821
+ required: true;
1822
+ references: {
1823
+ model: string;
1824
+ field: string;
1825
+ };
1826
+ };
1827
+ userId: {
1828
+ type: "string";
1829
+ required: false;
1830
+ references: {
1831
+ model: string;
1832
+ field: string;
1833
+ };
1834
+ };
1835
+ referenceId: {
1836
+ type: "string";
1837
+ required: false;
1838
+ };
1839
+ scopes: {
1840
+ type: "string[]";
1841
+ required: true;
1842
+ };
1843
+ createdAt: {
1844
+ type: "date";
1845
+ };
1846
+ updatedAt: {
1847
+ type: "date";
1848
+ };
1849
+ };
1850
+ };
1851
+ };
1852
+ rateLimit: ({
1853
+ pathMatcher: (path: string) => path is "/oauth2/token";
1854
+ window: number;
1855
+ max: number;
1856
+ } | {
1857
+ pathMatcher: (path: string) => path is "/oauth2/authorize";
1858
+ window: number;
1859
+ max: number;
1860
+ } | {
1861
+ pathMatcher: (path: string) => path is "/oauth2/introspect";
1862
+ window: number;
1863
+ max: number;
1864
+ } | {
1865
+ pathMatcher: (path: string) => path is "/oauth2/revoke";
1866
+ window: number;
1867
+ max: number;
1868
+ } | {
1869
+ pathMatcher: (path: string) => path is "/oauth2/register";
1870
+ window: number;
1871
+ max: number;
1872
+ } | {
1873
+ pathMatcher: (path: string) => path is "/oauth2/userinfo";
1874
+ window: number;
1875
+ max: number;
1876
+ })[];
1877
+ };
1878
+ //#endregion
1879
+ export { oauthProvider as n, getOAuthProviderState as t };