@better-auth/oauth-provider 1.6.0-beta.0 → 1.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/client-resource.d.mts +1 -1
  2. package/dist/client-resource.mjs +1 -1
  3. package/dist/client.d.mts +1 -1
  4. package/dist/client.mjs +1 -1
  5. package/dist/index.d.mts +2 -2
  6. package/dist/index.mjs +49 -10
  7. package/dist/oauth-CYgzO8Am.d.mts +2081 -0
  8. package/dist/{oauth-4vgZlF-I.d.mts → oauth-Cc0nzj5Q.d.mts} +19 -2
  9. package/dist/{version-DevbO3Yy.mjs → version-DNcPo3T3.mjs} +1 -1
  10. package/package.json +6 -6
  11. package/dist/oauth-CEoJtL3Y.d.mts +0 -1879
package/dist/oauth-CYgzO8Am.d.mts ADDED
@@ -0,0 +1,2081 @@
1
+ import { c as OAuthConsent, i as OIDCMetadata, m as Scope, r as OAuthClient, t as AuthServerMetadata, u as OAuthOptions } from "./oauth-Cc0nzj5Q.mjs";
2
+ import * as better_call0 from "better-call";
3
+ import * as z from "zod";
4
+ import * as better_auth_plugins0 from "better-auth/plugins";
5
+ import * as jose from "jose";
6
+ import * as better_auth0 from "better-auth";
7
+
8
+ //#region src/oauth.d.ts
9
+ declare module "@better-auth/core" {
10
+ interface BetterAuthPluginRegistry<AuthOptions, Options> {
11
+ "oauth-provider": {
12
+ creator: typeof oauthProvider;
13
+ };
14
+ }
15
+ }
16
+ declare const getOAuthProviderState: () => Promise<{
17
+ query?: string;
18
+ } | null>;
19
+ /**
20
+ * oAuth 2.1 provider plugin for Better Auth.
21
+ *
22
+ * @see https://better-auth.com/docs/plugins/oauth-provider
23
+ * @param options - The options for the oAuth Provider plugin.
24
+ * @returns A Better Auth plugin.
25
+ */
26
+ declare const oauthProvider: <O extends OAuthOptions<Scope[]>>(options: O) => {
27
+ id: "oauth-provider";
28
+ version: string;
29
+ options: NoInfer<O>;
30
+ init: (ctx: better_auth0.AuthContext) => void;
31
+ hooks: {
32
+ before: {
33
+ matcher(ctx: better_auth0.HookEndpointContext): any;
34
+ handler: (inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<void>;
35
+ }[];
36
+ after: {
37
+ matcher(ctx: better_auth0.HookEndpointContext): boolean;
38
+ handler: (inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
39
+ redirect: boolean;
40
+ url: string;
41
+ } | undefined>;
42
+ }[];
43
+ };
44
+ endpoints: {
45
+ /**
46
+ * A server-only endpoint that helps provide the
47
+ * oAuth Server configuration at the well-known endpoint.
48
+ *
49
+ * Provided at /.well-known/oauth-authorization-server/[issuer-path]
50
+ * (root if no issuer-path).
51
+ */
52
+ getOAuthServerConfig: better_call0.StrictEndpoint<"/.well-known/oauth-authorization-server", {
53
+ method: "GET";
54
+ metadata: {
55
+ SERVER_ONLY: true;
56
+ };
57
+ }, AuthServerMetadata>;
58
+ /**
59
+ * A server-only endpoint that helps provide the
60
+ * OpenId configuration at the well-known endpoint.
61
+ *
62
+ * Provided at [issuer-path]/.well-known/openid-configuration
63
+ * (root if no issuer-path).
64
+ */
65
+ getOpenIdConfig: better_call0.StrictEndpoint<"/.well-known/openid-configuration", {
66
+ method: "GET";
67
+ metadata: {
68
+ SERVER_ONLY: true;
69
+ };
70
+ }, Omit<OIDCMetadata, "id_token_signing_alg_values_supported"> & {
71
+ id_token_signing_alg_values_supported: better_auth_plugins0.JWSAlgorithms[] | ["HS256"];
72
+ }>;
73
+ oauth2Authorize: better_call0.StrictEndpoint<"/oauth2/authorize", {
74
+ method: "GET";
75
+ query: z.ZodObject<{
76
+ response_type: z.ZodOptional<z.ZodEnum<{
77
+ code: "code";
78
+ }>>;
79
+ client_id: z.ZodString;
80
+ redirect_uri: z.ZodOptional<z.ZodURL>;
81
+ scope: z.ZodOptional<z.ZodString>;
82
+ state: z.ZodOptional<z.ZodString>;
83
+ request_uri: z.ZodOptional<z.ZodString>;
84
+ code_challenge: z.ZodOptional<z.ZodString>;
85
+ code_challenge_method: z.ZodOptional<z.ZodEnum<{
86
+ S256: "S256";
87
+ }>>;
88
+ nonce: z.ZodOptional<z.ZodString>;
89
+ prompt: z.ZodOptional<z.ZodEnum<{
90
+ none: "none";
91
+ consent: "consent";
92
+ login: "login";
93
+ create: "create";
94
+ select_account: "select_account";
95
+ "login consent": "login consent";
96
+ "select_account consent": "select_account consent";
97
+ }>>;
98
+ }, z.core.$strip>;
99
+ metadata: {
100
+ openapi: {
101
+ description: string;
102
+ parameters: ({
103
+ name: string;
104
+ in: "query";
105
+ required: false;
106
+ schema: {
107
+ type: "string";
108
+ format?: undefined;
109
+ };
110
+ description: string;
111
+ } | {
112
+ name: string;
113
+ in: "query";
114
+ required: true;
115
+ schema: {
116
+ type: "string";
117
+ format?: undefined;
118
+ };
119
+ description: string;
120
+ } | {
121
+ name: string;
122
+ in: "query";
123
+ required: false;
124
+ schema: {
125
+ type: "string";
126
+ format: string;
127
+ };
128
+ description: string;
129
+ })[];
130
+ responses: {
131
+ "302": {
132
+ description: string;
133
+ headers: {
134
+ Location: {
135
+ description: string;
136
+ schema: {
137
+ type: string;
138
+ format: string;
139
+ };
140
+ };
141
+ };
142
+ };
143
+ "400": {
144
+ description: string;
145
+ content: {
146
+ "application/json": {
147
+ schema: {
148
+ type: "object";
149
+ properties: {
150
+ error: {
151
+ type: string;
152
+ };
153
+ error_description: {
154
+ type: string;
155
+ };
156
+ state: {
157
+ type: string;
158
+ };
159
+ };
160
+ required: string[];
161
+ };
162
+ };
163
+ };
164
+ };
165
+ };
166
+ };
167
+ };
168
+ }, {
169
+ redirect: boolean;
170
+ url: string;
171
+ }>;
172
+ oauth2Consent: better_call0.StrictEndpoint<"/oauth2/consent", {
173
+ method: "POST";
174
+ body: z.ZodObject<{
175
+ accept: z.ZodBoolean;
176
+ scope: z.ZodOptional<z.ZodString>;
177
+ oauth_query: z.ZodOptional<z.ZodString>;
178
+ }, z.core.$strip>;
179
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
180
+ session: {
181
+ session: Record<string, any> & {
182
+ id: string;
183
+ createdAt: Date;
184
+ updatedAt: Date;
185
+ userId: string;
186
+ expiresAt: Date;
187
+ token: string;
188
+ ipAddress?: string | null | undefined;
189
+ userAgent?: string | null | undefined;
190
+ };
191
+ user: Record<string, any> & {
192
+ id: string;
193
+ createdAt: Date;
194
+ updatedAt: Date;
195
+ email: string;
196
+ emailVerified: boolean;
197
+ name: string;
198
+ image?: string | null | undefined;
199
+ };
200
+ };
201
+ }>)[];
202
+ metadata: {
203
+ openapi: {
204
+ description: string;
205
+ responses: {
206
+ "200": {
207
+ description: string;
208
+ content: {
209
+ "application/json": {
210
+ schema: {
211
+ type: "object";
212
+ properties: {
213
+ redirect_uri: {
214
+ type: string;
215
+ format: string;
216
+ description: string;
217
+ };
218
+ };
219
+ required: string[];
220
+ };
221
+ };
222
+ };
223
+ };
224
+ };
225
+ };
226
+ };
227
+ }, {
228
+ redirect: boolean;
229
+ url: string;
230
+ }>;
231
+ oauth2Continue: better_call0.StrictEndpoint<"/oauth2/continue", {
232
+ method: "POST";
233
+ body: z.ZodObject<{
234
+ selected: z.ZodOptional<z.ZodBoolean>;
235
+ created: z.ZodOptional<z.ZodBoolean>;
236
+ postLogin: z.ZodOptional<z.ZodBoolean>;
237
+ oauth_query: z.ZodOptional<z.ZodString>;
238
+ }, z.core.$strip>;
239
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
240
+ session: {
241
+ session: Record<string, any> & {
242
+ id: string;
243
+ createdAt: Date;
244
+ updatedAt: Date;
245
+ userId: string;
246
+ expiresAt: Date;
247
+ token: string;
248
+ ipAddress?: string | null | undefined;
249
+ userAgent?: string | null | undefined;
250
+ };
251
+ user: Record<string, any> & {
252
+ id: string;
253
+ createdAt: Date;
254
+ updatedAt: Date;
255
+ email: string;
256
+ emailVerified: boolean;
257
+ name: string;
258
+ image?: string | null | undefined;
259
+ };
260
+ };
261
+ }>)[];
262
+ metadata: {
263
+ openapi: {
264
+ description: string;
265
+ responses: {
266
+ "200": {
267
+ description: string;
268
+ content: {
269
+ "application/json": {
270
+ schema: {
271
+ type: "object";
272
+ properties: {
273
+ redirect_uri: {
274
+ type: string;
275
+ format: string;
276
+ description: string;
277
+ };
278
+ };
279
+ required: string[];
280
+ };
281
+ };
282
+ };
283
+ };
284
+ };
285
+ };
286
+ };
287
+ }, {
288
+ redirect: boolean;
289
+ url: string;
290
+ }>;
291
+ oauth2Token: better_call0.StrictEndpoint<"/oauth2/token", {
292
+ method: "POST";
293
+ body: z.ZodObject<{
294
+ grant_type: z.ZodEnum<{
295
+ authorization_code: "authorization_code";
296
+ client_credentials: "client_credentials";
297
+ refresh_token: "refresh_token";
298
+ }>;
299
+ client_id: z.ZodOptional<z.ZodString>;
300
+ client_secret: z.ZodOptional<z.ZodString>;
301
+ code: z.ZodOptional<z.ZodString>;
302
+ code_verifier: z.ZodOptional<z.ZodString>;
303
+ redirect_uri: z.ZodOptional<z.ZodURL>;
304
+ refresh_token: z.ZodOptional<z.ZodString>;
305
+ resource: z.ZodOptional<z.ZodString>;
306
+ scope: z.ZodOptional<z.ZodString>;
307
+ }, z.core.$strip>;
308
+ metadata: {
309
+ allowedMediaTypes: string[];
310
+ openapi: {
311
+ description: string;
312
+ requestBody: {
313
+ required: boolean;
314
+ content: {
315
+ "application/json": {
316
+ schema: {
317
+ type: "object";
318
+ properties: {
319
+ grant_type: {
320
+ type: string;
321
+ enum: string[];
322
+ description: string;
323
+ };
324
+ client_id: {
325
+ type: string;
326
+ description: string;
327
+ };
328
+ client_secret: {
329
+ type: string;
330
+ description: string;
331
+ };
332
+ code: {
333
+ type: string;
334
+ description: string;
335
+ };
336
+ code_verifier: {
337
+ type: string;
338
+ description: string;
339
+ };
340
+ redirect_uri: {
341
+ type: string;
342
+ format: string;
343
+ description: string;
344
+ };
345
+ refresh_token: {
346
+ type: string;
347
+ description: string;
348
+ };
349
+ resource: {
350
+ type: string;
351
+ description: string;
352
+ };
353
+ scope: {
354
+ type: string;
355
+ description: string;
356
+ };
357
+ };
358
+ required: string[];
359
+ };
360
+ };
361
+ };
362
+ };
363
+ responses: {
364
+ "200": {
365
+ description: string;
366
+ content: {
367
+ "application/json": {
368
+ schema: {
369
+ type: "object";
370
+ properties: {
371
+ access_token: {
372
+ type: string;
373
+ description: string;
374
+ };
375
+ token_type: {
376
+ type: string;
377
+ description: string;
378
+ enum: string[];
379
+ };
380
+ expires_in: {
381
+ type: string;
382
+ description: string;
383
+ };
384
+ refresh_token: {
385
+ type: string;
386
+ description: string;
387
+ };
388
+ scope: {
389
+ type: string;
390
+ description: string;
391
+ };
392
+ id_token: {
393
+ type: string;
394
+ description: string;
395
+ };
396
+ };
397
+ required: string[];
398
+ };
399
+ };
400
+ };
401
+ };
402
+ "400": {
403
+ description: string;
404
+ content: {
405
+ "application/json": {
406
+ schema: {
407
+ type: "object";
408
+ properties: {
409
+ error: {
410
+ type: string;
411
+ };
412
+ error_description: {
413
+ type: string;
414
+ };
415
+ error_uri: {
416
+ type: string;
417
+ };
418
+ };
419
+ required: string[];
420
+ };
421
+ };
422
+ };
423
+ };
424
+ };
425
+ };
426
+ };
427
+ }, {
428
+ access_token: string;
429
+ expires_in: number;
430
+ expires_at: number;
431
+ token_type: string;
432
+ scope: string;
433
+ }>;
434
+ oauth2Introspect: better_call0.StrictEndpoint<"/oauth2/introspect", {
435
+ method: "POST";
436
+ body: z.ZodObject<{
437
+ client_id: z.ZodOptional<z.ZodString>;
438
+ client_secret: z.ZodOptional<z.ZodString>;
439
+ token: z.ZodString;
440
+ token_type_hint: z.ZodOptional<z.ZodEnum<{
441
+ refresh_token: "refresh_token";
442
+ access_token: "access_token";
443
+ }>>;
444
+ }, z.core.$strip>;
445
+ metadata: {
446
+ allowedMediaTypes: string[];
447
+ openapi: {
448
+ description: string;
449
+ requestBody: {
450
+ required: boolean;
451
+ content: {
452
+ "application/json": {
453
+ schema: {
454
+ type: "object";
455
+ properties: {
456
+ client_id: {
457
+ type: string;
458
+ description: string;
459
+ };
460
+ client_secret: {
461
+ type: string;
462
+ description: string;
463
+ };
464
+ token: {
465
+ type: string;
466
+ description: string;
467
+ };
468
+ token_type_hint: {
469
+ type: string;
470
+ enum: string[];
471
+ description: string;
472
+ };
473
+ resource: {
474
+ type: string;
475
+ description: string;
476
+ };
477
+ };
478
+ required: string[];
479
+ };
480
+ };
481
+ };
482
+ };
483
+ responses: {
484
+ "200": {
485
+ description: string;
486
+ content: {
487
+ "application/json": {
488
+ schema: {
489
+ type: "object";
490
+ properties: {
491
+ active: {
492
+ type: string;
493
+ description: string;
494
+ };
495
+ scope: {
496
+ type: string;
497
+ description: string;
498
+ };
499
+ client_id: {
500
+ type: string;
501
+ description: string;
502
+ };
503
+ username: {
504
+ type: string;
505
+ description: string;
506
+ };
507
+ token_type: {
508
+ type: string;
509
+ description: string;
510
+ };
511
+ exp: {
512
+ type: string;
513
+ description: string;
514
+ };
515
+ iat: {
516
+ type: string;
517
+ description: string;
518
+ };
519
+ nbf: {
520
+ type: string;
521
+ description: string;
522
+ };
523
+ sub: {
524
+ type: string;
525
+ description: string;
526
+ };
527
+ aud: {
528
+ type: string;
529
+ description: string;
530
+ };
531
+ iss: {
532
+ type: string;
533
+ description: string;
534
+ };
535
+ jti: {
536
+ type: string;
537
+ description: string;
538
+ };
539
+ };
540
+ required: string[];
541
+ };
542
+ };
543
+ };
544
+ };
545
+ "400": {
546
+ description: string;
547
+ content: {
548
+ "application/json": {
549
+ schema: {
550
+ type: "object";
551
+ properties: {
552
+ error: {
553
+ type: string;
554
+ };
555
+ error_description: {
556
+ type: string;
557
+ };
558
+ error_uri: {
559
+ type: string;
560
+ };
561
+ };
562
+ required: string[];
563
+ };
564
+ };
565
+ };
566
+ };
567
+ };
568
+ };
569
+ };
570
+ }, jose.JWTPayload>;
571
+ oauth2Revoke: better_call0.StrictEndpoint<"/oauth2/revoke", {
572
+ method: "POST";
573
+ body: z.ZodObject<{
574
+ client_id: z.ZodOptional<z.ZodString>;
575
+ client_secret: z.ZodOptional<z.ZodString>;
576
+ token: z.ZodString;
577
+ token_type_hint: z.ZodOptional<z.ZodEnum<{
578
+ refresh_token: "refresh_token";
579
+ access_token: "access_token";
580
+ }>>;
581
+ }, z.core.$strip>;
582
+ metadata: {
583
+ allowedMediaTypes: string[];
584
+ openapi: {
585
+ description: string;
586
+ requestBody: {
587
+ required: boolean;
588
+ content: {
589
+ "application/json": {
590
+ schema: {
591
+ type: "object";
592
+ properties: {
593
+ client_id: {
594
+ type: string;
595
+ description: string;
596
+ };
597
+ client_secret: {
598
+ type: string;
599
+ description: string;
600
+ };
601
+ token: {
602
+ type: string;
603
+ description: string;
604
+ };
605
+ token_type_hint: {
606
+ type: string;
607
+ enum: string[];
608
+ description: string;
609
+ };
610
+ };
611
+ required: string[];
612
+ };
613
+ };
614
+ };
615
+ };
616
+ responses: {
617
+ "200": {
618
+ description: string;
619
+ content: {
620
+ "application/json": {
621
+ schema: {
622
+ type: "object";
623
+ description: string;
624
+ };
625
+ };
626
+ };
627
+ };
628
+ "400": {
629
+ description: string;
630
+ content: {
631
+ "application/json": {
632
+ schema: {
633
+ type: "object";
634
+ properties: {
635
+ error: {
636
+ type: string;
637
+ };
638
+ error_description: {
639
+ type: string;
640
+ };
641
+ error_uri: {
642
+ type: string;
643
+ };
644
+ };
645
+ required: string[];
646
+ };
647
+ };
648
+ };
649
+ };
650
+ };
651
+ };
652
+ };
653
+ }, null | undefined>;
654
+ oauth2UserInfo: better_call0.StrictEndpoint<"/oauth2/userinfo", {
655
+ method: "GET";
656
+ metadata: {
657
+ openapi: {
658
+ description: string;
659
+ security: ({
660
+ bearerAuth: never[];
661
+ OAuth2?: undefined;
662
+ } | {
663
+ OAuth2: string[];
664
+ bearerAuth?: undefined;
665
+ })[];
666
+ parameters: {
667
+ name: string;
668
+ in: "header";
669
+ required: false;
670
+ schema: {
671
+ type: "string";
672
+ };
673
+ description: string;
674
+ }[];
675
+ responses: {
676
+ "200": {
677
+ description: string;
678
+ content: {
679
+ "application/json": {
680
+ schema: {
681
+ type: "object";
682
+ properties: {
683
+ sub: {
684
+ type: string;
685
+ description: string;
686
+ };
687
+ email: {
688
+ type: string;
689
+ format: string;
690
+ nullable: boolean;
691
+ description: string;
692
+ };
693
+ name: {
694
+ type: string;
695
+ nullable: boolean;
696
+ description: string;
697
+ };
698
+ picture: {
699
+ type: string;
700
+ format: string;
701
+ nullable: boolean;
702
+ description: string;
703
+ };
704
+ given_name: {
705
+ type: string;
706
+ nullable: boolean;
707
+ description: string;
708
+ };
709
+ family_name: {
710
+ type: string;
711
+ nullable: boolean;
712
+ description: string;
713
+ };
714
+ email_verified: {
715
+ type: string;
716
+ nullable: boolean;
717
+ description: string;
718
+ };
719
+ };
720
+ required: string[];
721
+ };
722
+ };
723
+ };
724
+ };
725
+ "401": {
726
+ description: string;
727
+ content: {
728
+ "application/json": {
729
+ schema: {
730
+ type: "object";
731
+ properties: {
732
+ error: {
733
+ type: string;
734
+ };
735
+ error_description: {
736
+ type: string;
737
+ };
738
+ };
739
+ required: string[];
740
+ };
741
+ };
742
+ };
743
+ };
744
+ "403": {
745
+ description: string;
746
+ content: {
747
+ "application/json": {
748
+ schema: {
749
+ type: "object";
750
+ properties: {
751
+ error: {
752
+ type: string;
753
+ };
754
+ error_description: {
755
+ type: string;
756
+ };
757
+ };
758
+ required: string[];
759
+ };
760
+ };
761
+ };
762
+ };
763
+ };
764
+ };
765
+ };
766
+ }, {
767
+ email?: string | undefined;
768
+ email_verified?: boolean | undefined;
769
+ name?: string | undefined;
770
+ picture?: string | undefined;
771
+ given_name?: string | undefined;
772
+ family_name?: string | undefined;
773
+ sub: string;
774
+ }>;
775
+ oauth2EndSession: better_call0.StrictEndpoint<"/oauth2/end-session", {
776
+ method: "GET";
777
+ query: z.ZodObject<{
778
+ id_token_hint: z.ZodString;
779
+ client_id: z.ZodOptional<z.ZodString>;
780
+ post_logout_redirect_uri: z.ZodOptional<z.ZodURL>;
781
+ state: z.ZodOptional<z.ZodString>;
782
+ }, z.core.$strip>;
783
+ metadata: {
784
+ openapi: {
785
+ description: string;
786
+ responses: {
787
+ "200": {
788
+ description: string;
789
+ content: {
790
+ "application/json": {
791
+ schema: {
792
+ type: "object";
793
+ properties: {
794
+ redirect_uri: {
795
+ type: string;
796
+ format: string;
797
+ description: string;
798
+ };
799
+ message: {
800
+ type: string;
801
+ description: string;
802
+ };
803
+ };
804
+ };
805
+ };
806
+ };
807
+ };
808
+ };
809
+ };
810
+ };
811
+ }, {
812
+ redirect: boolean;
813
+ url: string;
814
+ } | undefined>;
815
+ registerOAuthClient: better_call0.StrictEndpoint<"/oauth2/register", {
816
+ method: "POST";
817
+ body: z.ZodObject<{
818
+ redirect_uris: z.ZodArray<z.ZodURL>;
819
+ scope: z.ZodOptional<z.ZodString>;
820
+ client_name: z.ZodOptional<z.ZodString>;
821
+ client_uri: z.ZodOptional<z.ZodString>;
822
+ logo_uri: z.ZodOptional<z.ZodString>;
823
+ contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
824
+ tos_uri: z.ZodOptional<z.ZodString>;
825
+ policy_uri: z.ZodOptional<z.ZodString>;
826
+ software_id: z.ZodOptional<z.ZodString>;
827
+ software_version: z.ZodOptional<z.ZodString>;
828
+ software_statement: z.ZodOptional<z.ZodString>;
829
+ post_logout_redirect_uris: z.ZodOptional<z.ZodArray<z.ZodURL>>;
830
+ token_endpoint_auth_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<{
831
+ none: "none";
832
+ client_secret_basic: "client_secret_basic";
833
+ client_secret_post: "client_secret_post";
834
+ }>>>;
835
+ grant_types: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodEnum<{
836
+ authorization_code: "authorization_code";
837
+ client_credentials: "client_credentials";
838
+ refresh_token: "refresh_token";
839
+ }>>>>;
840
+ response_types: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodEnum<{
841
+ code: "code";
842
+ }>>>>;
843
+ type: z.ZodOptional<z.ZodEnum<{
844
+ web: "web";
845
+ native: "native";
846
+ "user-agent-based": "user-agent-based";
847
+ }>>;
848
+ subject_type: z.ZodOptional<z.ZodEnum<{
849
+ public: "public";
850
+ pairwise: "pairwise";
851
+ }>>;
852
+ skip_consent: z.ZodOptional<z.ZodBoolean>;
853
+ }, z.core.$strip>;
854
+ metadata: {
855
+ openapi: {
856
+ description: string;
857
+ responses: {
858
+ "200": {
859
+ description: string;
860
+ content: {
861
+ "application/json": {
862
+ schema: {
863
+ /** @returns {OauthClient} */type: "object";
864
+ properties: {
865
+ client_id: {
866
+ type: string;
867
+ description: string;
868
+ };
869
+ client_secret: {
870
+ type: string;
871
+ description: string;
872
+ };
873
+ client_secret_expires_at: {
874
+ type: string;
875
+ description: string;
876
+ };
877
+ scope: {
878
+ type: string;
879
+ description: string;
880
+ };
881
+ user_id: {
882
+ type: string;
883
+ description: string;
884
+ };
885
+ client_id_issued_at: {
886
+ type: string;
887
+ description: string;
888
+ };
889
+ client_name: {
890
+ type: string;
891
+ description: string;
892
+ };
893
+ client_uri: {
894
+ type: string;
895
+ description: string;
896
+ };
897
+ logo_uri: {
898
+ type: string;
899
+ description: string;
900
+ };
901
+ contacts: {
902
+ type: string;
903
+ items: {
904
+ type: string;
905
+ };
906
+ description: string;
907
+ };
908
+ tos_uri: {
909
+ type: string;
910
+ description: string;
911
+ };
912
+ policy_uri: {
913
+ type: string;
914
+ description: string;
915
+ };
916
+ software_id: {
917
+ type: string;
918
+ description: string;
919
+ };
920
+ software_version: {
921
+ type: string;
922
+ description: string;
923
+ };
924
+ software_statement: {
925
+ type: string;
926
+ description: string;
927
+ };
928
+ redirect_uris: {
929
+ type: string;
930
+ items: {
931
+ type: string;
932
+ format: string;
933
+ };
934
+ description: string;
935
+ };
936
+ post_logout_redirect_uris: {
937
+ type: string;
938
+ items: {
939
+ type: string;
940
+ format: string;
941
+ };
942
+ description: string;
943
+ };
944
+ token_endpoint_auth_method: {
945
+ type: string;
946
+ description: string;
947
+ enum: string[];
948
+ };
949
+ grant_types: {
950
+ type: string;
951
+ items: {
952
+ type: string;
953
+ enum: string[];
954
+ };
955
+ description: string;
956
+ };
957
+ response_types: {
958
+ type: string;
959
+ items: {
960
+ type: string;
961
+ enum: string[];
962
+ };
963
+ description: string;
964
+ };
965
+ public: {
966
+ type: string;
967
+ description: string;
968
+ };
969
+ type: {
970
+ type: string;
971
+ description: string;
972
+ enum: string[];
973
+ };
974
+ disabled: {
975
+ type: string;
976
+ description: string;
977
+ };
978
+ };
979
+ required: string[];
980
+ };
981
+ };
982
+ };
983
+ };
984
+ };
985
+ };
986
+ };
987
+ }, OAuthClient>;
988
+ adminCreateOAuthClient: better_call0.StrictEndpoint<"/admin/oauth2/create-client", {
989
+ method: "POST";
990
+ body: z.ZodObject<{
991
+ redirect_uris: z.ZodArray<z.ZodURL>;
992
+ scope: z.ZodOptional<z.ZodString>;
993
+ client_name: z.ZodOptional<z.ZodString>;
994
+ client_uri: z.ZodOptional<z.ZodString>;
995
+ logo_uri: z.ZodOptional<z.ZodString>;
996
+ contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
997
+ tos_uri: z.ZodOptional<z.ZodString>;
998
+ policy_uri: z.ZodOptional<z.ZodString>;
999
+ software_id: z.ZodOptional<z.ZodString>;
1000
+ software_version: z.ZodOptional<z.ZodString>;
1001
+ software_statement: z.ZodOptional<z.ZodString>;
1002
+ post_logout_redirect_uris: z.ZodOptional<z.ZodArray<z.ZodURL>>;
1003
+ token_endpoint_auth_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<{
1004
+ none: "none";
1005
+ client_secret_basic: "client_secret_basic";
1006
+ client_secret_post: "client_secret_post";
1007
+ }>>>;
1008
+ grant_types: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodEnum<{
1009
+ authorization_code: "authorization_code";
1010
+ client_credentials: "client_credentials";
1011
+ refresh_token: "refresh_token";
1012
+ }>>>>;
1013
+ response_types: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodEnum<{
1014
+ code: "code";
1015
+ }>>>>;
1016
+ type: z.ZodOptional<z.ZodEnum<{
1017
+ web: "web";
1018
+ native: "native";
1019
+ "user-agent-based": "user-agent-based";
1020
+ }>>;
1021
+ client_secret_expires_at: z.ZodDefault<z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>>>;
1022
+ skip_consent: z.ZodOptional<z.ZodBoolean>;
1023
+ enable_end_session: z.ZodOptional<z.ZodBoolean>;
1024
+ require_pkce: z.ZodOptional<z.ZodBoolean>;
1025
+ subject_type: z.ZodOptional<z.ZodEnum<{
1026
+ public: "public";
1027
+ pairwise: "pairwise";
1028
+ }>>;
1029
+ metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
1030
+ }, z.core.$strip>;
1031
+ metadata: {
1032
+ SERVER_ONLY: true;
1033
+ openapi: {
1034
+ description: string;
1035
+ responses: {
1036
+ "200": {
1037
+ description: string;
1038
+ content: {
1039
+ "application/json": {
1040
+ schema: {
1041
+ type: "object";
1042
+ properties: {
1043
+ client_id: {
1044
+ type: string;
1045
+ description: string;
1046
+ };
1047
+ client_secret: {
1048
+ type: string;
1049
+ description: string;
1050
+ };
1051
+ client_secret_expires_at: {
1052
+ type: string;
1053
+ description: string;
1054
+ };
1055
+ scope: {
1056
+ type: string;
1057
+ description: string;
1058
+ };
1059
+ user_id: {
1060
+ type: string;
1061
+ description: string;
1062
+ };
1063
+ client_id_issued_at: {
1064
+ type: string;
1065
+ description: string;
1066
+ };
1067
+ client_name: {
1068
+ type: string;
1069
+ description: string;
1070
+ };
1071
+ client_uri: {
1072
+ type: string;
1073
+ description: string;
1074
+ };
1075
+ logo_uri: {
1076
+ type: string;
1077
+ description: string;
1078
+ };
1079
+ contacts: {
1080
+ type: string;
1081
+ items: {
1082
+ type: string;
1083
+ };
1084
+ description: string;
1085
+ };
1086
+ tos_uri: {
1087
+ type: string;
1088
+ description: string;
1089
+ };
1090
+ policy_uri: {
1091
+ type: string;
1092
+ description: string;
1093
+ };
1094
+ software_id: {
1095
+ type: string;
1096
+ description: string;
1097
+ };
1098
+ software_version: {
1099
+ type: string;
1100
+ description: string;
1101
+ };
1102
+ software_statement: {
1103
+ type: string;
1104
+ description: string;
1105
+ };
1106
+ redirect_uris: {
1107
+ type: string;
1108
+ items: {
1109
+ type: string;
1110
+ format: string;
1111
+ };
1112
+ description: string;
1113
+ };
1114
+ token_endpoint_auth_method: {
1115
+ type: string;
1116
+ description: string;
1117
+ enum: string[];
1118
+ };
1119
+ grant_types: {
1120
+ type: string;
1121
+ items: {
1122
+ type: string;
1123
+ enum: string[];
1124
+ };
1125
+ description: string;
1126
+ };
1127
+ response_types: {
1128
+ type: string;
1129
+ items: {
1130
+ type: string;
1131
+ enum: string[];
1132
+ };
1133
+ description: string;
1134
+ };
1135
+ public: {
1136
+ type: string;
1137
+ description: string;
1138
+ };
1139
+ type: {
1140
+ type: string;
1141
+ description: string;
1142
+ enum: string[];
1143
+ };
1144
+ disabled: {
1145
+ type: string;
1146
+ description: string;
1147
+ };
1148
+ require_pkce: {
1149
+ type: string;
1150
+ description: string;
1151
+ default: boolean;
1152
+ };
1153
+ metadata: {
1154
+ type: string;
1155
+ additionalProperties: boolean;
1156
+ nullable: boolean;
1157
+ description: string;
1158
+ };
1159
+ };
1160
+ required: string[];
1161
+ };
1162
+ };
1163
+ };
1164
+ };
1165
+ };
1166
+ };
1167
+ };
1168
+ }, OAuthClient>;
1169
+ createOAuthClient: better_call0.StrictEndpoint<"/oauth2/create-client", {
1170
+ method: "POST";
1171
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
1172
+ session: {
1173
+ session: Record<string, any> & {
1174
+ id: string;
1175
+ createdAt: Date;
1176
+ updatedAt: Date;
1177
+ userId: string;
1178
+ expiresAt: Date;
1179
+ token: string;
1180
+ ipAddress?: string | null | undefined;
1181
+ userAgent?: string | null | undefined;
1182
+ };
1183
+ user: Record<string, any> & {
1184
+ id: string;
1185
+ createdAt: Date;
1186
+ updatedAt: Date;
1187
+ email: string;
1188
+ emailVerified: boolean;
1189
+ name: string;
1190
+ image?: string | null | undefined;
1191
+ };
1192
+ };
1193
+ }>)[];
1194
+ body: z.ZodObject<{
1195
+ redirect_uris: z.ZodArray<z.ZodURL>;
1196
+ scope: z.ZodOptional<z.ZodString>;
1197
+ client_name: z.ZodOptional<z.ZodString>;
1198
+ client_uri: z.ZodOptional<z.ZodString>;
1199
+ logo_uri: z.ZodOptional<z.ZodString>;
1200
+ contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
1201
+ tos_uri: z.ZodOptional<z.ZodString>;
1202
+ policy_uri: z.ZodOptional<z.ZodString>;
1203
+ software_id: z.ZodOptional<z.ZodString>;
1204
+ software_version: z.ZodOptional<z.ZodString>;
1205
+ software_statement: z.ZodOptional<z.ZodString>;
1206
+ post_logout_redirect_uris: z.ZodOptional<z.ZodArray<z.ZodURL>>;
1207
+ token_endpoint_auth_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<{
1208
+ none: "none";
1209
+ client_secret_basic: "client_secret_basic";
1210
+ client_secret_post: "client_secret_post";
1211
+ }>>>;
1212
+ grant_types: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodEnum<{
1213
+ authorization_code: "authorization_code";
1214
+ client_credentials: "client_credentials";
1215
+ refresh_token: "refresh_token";
1216
+ }>>>>;
1217
+ response_types: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodEnum<{
1218
+ code: "code";
1219
+ }>>>>;
1220
+ type: z.ZodOptional<z.ZodEnum<{
1221
+ web: "web";
1222
+ native: "native";
1223
+ "user-agent-based": "user-agent-based";
1224
+ }>>;
1225
+ }, z.core.$strip>;
1226
+ metadata: {
1227
+ openapi: {
1228
+ description: string;
1229
+ responses: {
1230
+ "200": {
1231
+ description: string;
1232
+ content: {
1233
+ "application/json": {
1234
+ schema: {
1235
+ type: "object";
1236
+ properties: {
1237
+ client_id: {
1238
+ type: string;
1239
+ description: string;
1240
+ };
1241
+ client_secret: {
1242
+ type: string;
1243
+ description: string;
1244
+ };
1245
+ client_secret_expires_at: {
1246
+ type: string;
1247
+ description: string;
1248
+ };
1249
+ scope: {
1250
+ type: string;
1251
+ description: string;
1252
+ };
1253
+ user_id: {
1254
+ type: string;
1255
+ description: string;
1256
+ };
1257
+ client_id_issued_at: {
1258
+ type: string;
1259
+ description: string;
1260
+ };
1261
+ client_name: {
1262
+ type: string;
1263
+ description: string;
1264
+ };
1265
+ client_uri: {
1266
+ type: string;
1267
+ description: string;
1268
+ };
1269
+ logo_uri: {
1270
+ type: string;
1271
+ description: string;
1272
+ };
1273
+ contacts: {
1274
+ type: string;
1275
+ items: {
1276
+ type: string;
1277
+ };
1278
+ description: string;
1279
+ };
1280
+ tos_uri: {
1281
+ type: string;
1282
+ description: string;
1283
+ };
1284
+ policy_uri: {
1285
+ type: string;
1286
+ description: string;
1287
+ };
1288
+ software_id: {
1289
+ type: string;
1290
+ description: string;
1291
+ };
1292
+ software_version: {
1293
+ type: string;
1294
+ description: string;
1295
+ };
1296
+ software_statement: {
1297
+ type: string;
1298
+ description: string;
1299
+ };
1300
+ redirect_uris: {
1301
+ type: string;
1302
+ items: {
1303
+ type: string;
1304
+ format: string;
1305
+ };
1306
+ description: string;
1307
+ };
1308
+ token_endpoint_auth_method: {
1309
+ type: string;
1310
+ description: string;
1311
+ enum: string[];
1312
+ };
1313
+ grant_types: {
1314
+ type: string;
1315
+ items: {
1316
+ type: string;
1317
+ enum: string[];
1318
+ };
1319
+ description: string;
1320
+ };
1321
+ response_types: {
1322
+ type: string;
1323
+ items: {
1324
+ type: string;
1325
+ enum: string[];
1326
+ };
1327
+ description: string;
1328
+ };
1329
+ public: {
1330
+ type: string;
1331
+ description: string;
1332
+ };
1333
+ type: {
1334
+ type: string;
1335
+ description: string;
1336
+ enum: string[];
1337
+ };
1338
+ disabled: {
1339
+ type: string;
1340
+ description: string;
1341
+ };
1342
+ metadata: {
1343
+ type: string;
1344
+ additionalProperties: boolean;
1345
+ nullable: boolean;
1346
+ description: string;
1347
+ };
1348
+ };
1349
+ required: string[];
1350
+ };
1351
+ };
1352
+ };
1353
+ };
1354
+ };
1355
+ };
1356
+ };
1357
+ }, OAuthClient>;
1358
+ getOAuthClient: better_call0.StrictEndpoint<"/oauth2/get-client", {
1359
+ method: "GET";
1360
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
1361
+ session: {
1362
+ session: Record<string, any> & {
1363
+ id: string;
1364
+ createdAt: Date;
1365
+ updatedAt: Date;
1366
+ userId: string;
1367
+ expiresAt: Date;
1368
+ token: string;
1369
+ ipAddress?: string | null | undefined;
1370
+ userAgent?: string | null | undefined;
1371
+ };
1372
+ user: Record<string, any> & {
1373
+ id: string;
1374
+ createdAt: Date;
1375
+ updatedAt: Date;
1376
+ email: string;
1377
+ emailVerified: boolean;
1378
+ name: string;
1379
+ image?: string | null | undefined;
1380
+ };
1381
+ };
1382
+ }>)[];
1383
+ query: z.ZodObject<{
1384
+ client_id: z.ZodString;
1385
+ }, z.core.$strip>;
1386
+ metadata: {
1387
+ openapi: {
1388
+ description: string;
1389
+ };
1390
+ };
1391
+ }, OAuthClient>;
1392
+ getOAuthClientPublic: better_call0.StrictEndpoint<"/oauth2/public-client", {
1393
+ method: "GET";
1394
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
1395
+ session: {
1396
+ session: Record<string, any> & {
1397
+ id: string;
1398
+ createdAt: Date;
1399
+ updatedAt: Date;
1400
+ userId: string;
1401
+ expiresAt: Date;
1402
+ token: string;
1403
+ ipAddress?: string | null | undefined;
1404
+ userAgent?: string | null | undefined;
1405
+ };
1406
+ user: Record<string, any> & {
1407
+ id: string;
1408
+ createdAt: Date;
1409
+ updatedAt: Date;
1410
+ email: string;
1411
+ emailVerified: boolean;
1412
+ name: string;
1413
+ image?: string | null | undefined;
1414
+ };
1415
+ };
1416
+ }>)[];
1417
+ query: z.ZodObject<{
1418
+ client_id: z.ZodString;
1419
+ }, z.core.$strip>;
1420
+ metadata: {
1421
+ openapi: {
1422
+ description: string;
1423
+ };
1424
+ };
1425
+ }, OAuthClient>;
1426
+ getOAuthClientPublicPrelogin: better_call0.StrictEndpoint<"/oauth2/public-client-prelogin", {
1427
+ method: "POST";
1428
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<void>)[];
1429
+ body: z.ZodObject<{
1430
+ client_id: z.ZodString;
1431
+ oauth_query: z.ZodOptional<z.ZodString>;
1432
+ }, z.core.$strip>;
1433
+ metadata: {
1434
+ openapi: {
1435
+ description: string;
1436
+ };
1437
+ };
1438
+ }, OAuthClient>;
1439
+ getOAuthClients: better_call0.StrictEndpoint<"/oauth2/get-clients", {
1440
+ method: "GET";
1441
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
1442
+ session: {
1443
+ session: Record<string, any> & {
1444
+ id: string;
1445
+ createdAt: Date;
1446
+ updatedAt: Date;
1447
+ userId: string;
1448
+ expiresAt: Date;
1449
+ token: string;
1450
+ ipAddress?: string | null | undefined;
1451
+ userAgent?: string | null | undefined;
1452
+ };
1453
+ user: Record<string, any> & {
1454
+ id: string;
1455
+ createdAt: Date;
1456
+ updatedAt: Date;
1457
+ email: string;
1458
+ emailVerified: boolean;
1459
+ name: string;
1460
+ image?: string | null | undefined;
1461
+ };
1462
+ };
1463
+ }>)[];
1464
+ metadata: {
1465
+ openapi: {
1466
+ description: string;
1467
+ };
1468
+ };
1469
+ }, OAuthClient[] | null>;
1470
+ adminUpdateOAuthClient: better_call0.StrictEndpoint<"/admin/oauth2/update-client", {
1471
+ method: "PATCH";
1472
+ body: z.ZodObject<{
1473
+ client_id: z.ZodString;
1474
+ update: z.ZodObject<{
1475
+ redirect_uris: z.ZodOptional<z.ZodArray<z.ZodURL>>;
1476
+ scope: z.ZodOptional<z.ZodString>;
1477
+ client_name: z.ZodOptional<z.ZodString>;
1478
+ client_uri: z.ZodOptional<z.ZodString>;
1479
+ logo_uri: z.ZodOptional<z.ZodString>;
1480
+ contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
1481
+ tos_uri: z.ZodOptional<z.ZodString>;
1482
+ policy_uri: z.ZodOptional<z.ZodString>;
1483
+ software_id: z.ZodOptional<z.ZodString>;
1484
+ software_version: z.ZodOptional<z.ZodString>;
1485
+ software_statement: z.ZodOptional<z.ZodString>;
1486
+ post_logout_redirect_uris: z.ZodOptional<z.ZodArray<z.ZodURL>>;
1487
+ grant_types: z.ZodOptional<z.ZodArray<z.ZodEnum<{
1488
+ authorization_code: "authorization_code";
1489
+ client_credentials: "client_credentials";
1490
+ refresh_token: "refresh_token";
1491
+ }>>>;
1492
+ response_types: z.ZodOptional<z.ZodArray<z.ZodEnum<{
1493
+ code: "code";
1494
+ }>>>;
1495
+ type: z.ZodOptional<z.ZodEnum<{
1496
+ web: "web";
1497
+ native: "native";
1498
+ "user-agent-based": "user-agent-based";
1499
+ }>>;
1500
+ client_secret_expires_at: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>>;
1501
+ skip_consent: z.ZodOptional<z.ZodBoolean>;
1502
+ enable_end_session: z.ZodOptional<z.ZodBoolean>;
1503
+ metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
1504
+ }, z.core.$strip>;
1505
+ }, z.core.$strip>;
1506
+ metadata: {
1507
+ SERVER_ONLY: true;
1508
+ openapi: {
1509
+ description: string;
1510
+ };
1511
+ };
1512
+ }, OAuthClient>;
1513
+ updateOAuthClient: better_call0.StrictEndpoint<"/oauth2/update-client", {
1514
+ method: "POST";
1515
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
1516
+ session: {
1517
+ session: Record<string, any> & {
1518
+ id: string;
1519
+ createdAt: Date;
1520
+ updatedAt: Date;
1521
+ userId: string;
1522
+ expiresAt: Date;
1523
+ token: string;
1524
+ ipAddress?: string | null | undefined;
1525
+ userAgent?: string | null | undefined;
1526
+ };
1527
+ user: Record<string, any> & {
1528
+ id: string;
1529
+ createdAt: Date;
1530
+ updatedAt: Date;
1531
+ email: string;
1532
+ emailVerified: boolean;
1533
+ name: string;
1534
+ image?: string | null | undefined;
1535
+ };
1536
+ };
1537
+ }>)[];
1538
+ body: z.ZodObject<{
1539
+ client_id: z.ZodString;
1540
+ update: z.ZodObject<{
1541
+ redirect_uris: z.ZodOptional<z.ZodArray<z.ZodURL>>;
1542
+ scope: z.ZodOptional<z.ZodString>;
1543
+ client_name: z.ZodOptional<z.ZodString>;
1544
+ client_uri: z.ZodOptional<z.ZodString>;
1545
+ logo_uri: z.ZodOptional<z.ZodString>;
1546
+ contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
1547
+ tos_uri: z.ZodOptional<z.ZodString>;
1548
+ policy_uri: z.ZodOptional<z.ZodString>;
1549
+ software_id: z.ZodOptional<z.ZodString>;
1550
+ software_version: z.ZodOptional<z.ZodString>;
1551
+ software_statement: z.ZodOptional<z.ZodString>;
1552
+ post_logout_redirect_uris: z.ZodOptional<z.ZodArray<z.ZodURL>>;
1553
+ grant_types: z.ZodOptional<z.ZodArray<z.ZodEnum<{
1554
+ authorization_code: "authorization_code";
1555
+ client_credentials: "client_credentials";
1556
+ refresh_token: "refresh_token";
1557
+ }>>>;
1558
+ response_types: z.ZodOptional<z.ZodArray<z.ZodEnum<{
1559
+ code: "code";
1560
+ }>>>;
1561
+ type: z.ZodOptional<z.ZodEnum<{
1562
+ web: "web";
1563
+ native: "native";
1564
+ "user-agent-based": "user-agent-based";
1565
+ }>>;
1566
+ }, z.core.$strip>;
1567
+ }, z.core.$strip>;
1568
+ metadata: {
1569
+ openapi: {
1570
+ description: string;
1571
+ };
1572
+ };
1573
+ }, OAuthClient>;
1574
+ rotateClientSecret: better_call0.StrictEndpoint<"/oauth2/client/rotate-secret", {
1575
+ method: "POST";
1576
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
1577
+ session: {
1578
+ session: Record<string, any> & {
1579
+ id: string;
1580
+ createdAt: Date;
1581
+ updatedAt: Date;
1582
+ userId: string;
1583
+ expiresAt: Date;
1584
+ token: string;
1585
+ ipAddress?: string | null | undefined;
1586
+ userAgent?: string | null | undefined;
1587
+ };
1588
+ user: Record<string, any> & {
1589
+ id: string;
1590
+ createdAt: Date;
1591
+ updatedAt: Date;
1592
+ email: string;
1593
+ emailVerified: boolean;
1594
+ name: string;
1595
+ image?: string | null | undefined;
1596
+ };
1597
+ };
1598
+ }>)[];
1599
+ body: z.ZodObject<{
1600
+ client_id: z.ZodString;
1601
+ }, z.core.$strip>;
1602
+ metadata: {
1603
+ openapi: {
1604
+ description: string;
1605
+ };
1606
+ };
1607
+ }, OAuthClient>;
1608
+ deleteOAuthClient: better_call0.StrictEndpoint<"/oauth2/delete-client", {
1609
+ method: "POST";
1610
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
1611
+ session: {
1612
+ session: Record<string, any> & {
1613
+ id: string;
1614
+ createdAt: Date;
1615
+ updatedAt: Date;
1616
+ userId: string;
1617
+ expiresAt: Date;
1618
+ token: string;
1619
+ ipAddress?: string | null | undefined;
1620
+ userAgent?: string | null | undefined;
1621
+ };
1622
+ user: Record<string, any> & {
1623
+ id: string;
1624
+ createdAt: Date;
1625
+ updatedAt: Date;
1626
+ email: string;
1627
+ emailVerified: boolean;
1628
+ name: string;
1629
+ image?: string | null | undefined;
1630
+ };
1631
+ };
1632
+ }>)[];
1633
+ body: z.ZodObject<{
1634
+ client_id: z.ZodString;
1635
+ }, z.core.$strip>;
1636
+ metadata: {
1637
+ openapi: {
1638
+ description: string;
1639
+ };
1640
+ };
1641
+ }, void>;
1642
+ getOAuthConsent: better_call0.StrictEndpoint<"/oauth2/get-consent", {
1643
+ method: "GET";
1644
+ query: z.ZodObject<{
1645
+ id: z.ZodString;
1646
+ }, z.core.$strip>;
1647
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
1648
+ session: {
1649
+ session: Record<string, any> & {
1650
+ id: string;
1651
+ createdAt: Date;
1652
+ updatedAt: Date;
1653
+ userId: string;
1654
+ expiresAt: Date;
1655
+ token: string;
1656
+ ipAddress?: string | null | undefined;
1657
+ userAgent?: string | null | undefined;
1658
+ };
1659
+ user: Record<string, any> & {
1660
+ id: string;
1661
+ createdAt: Date;
1662
+ updatedAt: Date;
1663
+ email: string;
1664
+ emailVerified: boolean;
1665
+ name: string;
1666
+ image?: string | null | undefined;
1667
+ };
1668
+ };
1669
+ }>)[];
1670
+ metadata: {
1671
+ openapi: {
1672
+ description: string;
1673
+ };
1674
+ };
1675
+ }, OAuthConsent<Scope[]>>;
1676
+ getOAuthConsents: better_call0.StrictEndpoint<"/oauth2/get-consents", {
1677
+ method: "GET";
1678
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
1679
+ session: {
1680
+ session: Record<string, any> & {
1681
+ id: string;
1682
+ createdAt: Date;
1683
+ updatedAt: Date;
1684
+ userId: string;
1685
+ expiresAt: Date;
1686
+ token: string;
1687
+ ipAddress?: string | null | undefined;
1688
+ userAgent?: string | null | undefined;
1689
+ };
1690
+ user: Record<string, any> & {
1691
+ id: string;
1692
+ createdAt: Date;
1693
+ updatedAt: Date;
1694
+ email: string;
1695
+ emailVerified: boolean;
1696
+ name: string;
1697
+ image?: string | null | undefined;
1698
+ };
1699
+ };
1700
+ }>)[];
1701
+ metadata: {
1702
+ openapi: {
1703
+ description: string;
1704
+ };
1705
+ };
1706
+ }, OAuthConsent<Scope[]>[]>;
1707
+ updateOAuthConsent: better_call0.StrictEndpoint<"/oauth2/update-consent", {
1708
+ method: "POST";
1709
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
1710
+ session: {
1711
+ session: Record<string, any> & {
1712
+ id: string;
1713
+ createdAt: Date;
1714
+ updatedAt: Date;
1715
+ userId: string;
1716
+ expiresAt: Date;
1717
+ token: string;
1718
+ ipAddress?: string | null | undefined;
1719
+ userAgent?: string | null | undefined;
1720
+ };
1721
+ user: Record<string, any> & {
1722
+ id: string;
1723
+ createdAt: Date;
1724
+ updatedAt: Date;
1725
+ email: string;
1726
+ emailVerified: boolean;
1727
+ name: string;
1728
+ image?: string | null | undefined;
1729
+ };
1730
+ };
1731
+ }>)[];
1732
+ body: z.ZodObject<{
1733
+ id: z.ZodString;
1734
+ update: z.ZodObject<{
1735
+ scopes: z.ZodArray<z.ZodString>;
1736
+ }, z.core.$strip>;
1737
+ }, z.core.$strip>;
1738
+ metadata: {
1739
+ openapi: {
1740
+ description: string;
1741
+ };
1742
+ };
1743
+ }, OAuthConsent<Scope[]> | null>;
1744
+ deleteOAuthConsent: better_call0.StrictEndpoint<"/oauth2/delete-consent", {
1745
+ method: "POST";
1746
+ use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
1747
+ session: {
1748
+ session: Record<string, any> & {
1749
+ id: string;
1750
+ createdAt: Date;
1751
+ updatedAt: Date;
1752
+ userId: string;
1753
+ expiresAt: Date;
1754
+ token: string;
1755
+ ipAddress?: string | null | undefined;
1756
+ userAgent?: string | null | undefined;
1757
+ };
1758
+ user: Record<string, any> & {
1759
+ id: string;
1760
+ createdAt: Date;
1761
+ updatedAt: Date;
1762
+ email: string;
1763
+ emailVerified: boolean;
1764
+ name: string;
1765
+ image?: string | null | undefined;
1766
+ };
1767
+ };
1768
+ }>)[];
1769
+ body: z.ZodObject<{
1770
+ id: z.ZodString;
1771
+ }, z.core.$strip>;
1772
+ metadata: {
1773
+ openapi: {
1774
+ description: string;
1775
+ };
1776
+ };
1777
+ }, void>;
1778
+ };
1779
+ schema: {
1780
+ oauthClient: {
1781
+ modelName: string;
1782
+ fields: {
1783
+ clientId: {
1784
+ type: "string";
1785
+ unique: true;
1786
+ required: true;
1787
+ };
1788
+ clientSecret: {
1789
+ type: "string";
1790
+ required: false;
1791
+ };
1792
+ disabled: {
1793
+ type: "boolean";
1794
+ defaultValue: false;
1795
+ required: false;
1796
+ };
1797
+ skipConsent: {
1798
+ type: "boolean";
1799
+ required: false;
1800
+ };
1801
+ enableEndSession: {
1802
+ type: "boolean";
1803
+ required: false;
1804
+ };
1805
+ subjectType: {
1806
+ type: "string";
1807
+ required: false;
1808
+ };
1809
+ scopes: {
1810
+ type: "string[]";
1811
+ required: false;
1812
+ };
1813
+ userId: {
1814
+ type: "string";
1815
+ required: false;
1816
+ references: {
1817
+ model: string;
1818
+ field: string;
1819
+ };
1820
+ };
1821
+ createdAt: {
1822
+ type: "date";
1823
+ required: false;
1824
+ };
1825
+ updatedAt: {
1826
+ type: "date";
1827
+ required: false;
1828
+ };
1829
+ name: {
1830
+ type: "string";
1831
+ required: false;
1832
+ };
1833
+ uri: {
1834
+ type: "string";
1835
+ required: false;
1836
+ };
1837
+ icon: {
1838
+ type: "string";
1839
+ required: false;
1840
+ };
1841
+ contacts: {
1842
+ type: "string[]";
1843
+ required: false;
1844
+ };
1845
+ tos: {
1846
+ type: "string";
1847
+ required: false;
1848
+ };
1849
+ policy: {
1850
+ type: "string";
1851
+ required: false;
1852
+ };
1853
+ softwareId: {
1854
+ type: "string";
1855
+ required: false;
1856
+ };
1857
+ softwareVersion: {
1858
+ type: "string";
1859
+ required: false;
1860
+ };
1861
+ softwareStatement: {
1862
+ type: "string";
1863
+ required: false;
1864
+ };
1865
+ redirectUris: {
1866
+ type: "string[]";
1867
+ required: true;
1868
+ };
1869
+ postLogoutRedirectUris: {
1870
+ type: "string[]";
1871
+ required: false;
1872
+ };
1873
+ tokenEndpointAuthMethod: {
1874
+ type: "string";
1875
+ required: false;
1876
+ };
1877
+ grantTypes: {
1878
+ type: "string[]";
1879
+ required: false;
1880
+ };
1881
+ responseTypes: {
1882
+ type: "string[]";
1883
+ required: false;
1884
+ };
1885
+ public: {
1886
+ type: "boolean";
1887
+ required: false;
1888
+ };
1889
+ type: {
1890
+ type: "string";
1891
+ required: false;
1892
+ };
1893
+ requirePKCE: {
1894
+ type: "boolean";
1895
+ required: false;
1896
+ };
1897
+ referenceId: {
1898
+ type: "string";
1899
+ required: false;
1900
+ };
1901
+ metadata: {
1902
+ type: "json";
1903
+ required: false;
1904
+ };
1905
+ };
1906
+ };
1907
+ oauthRefreshToken: {
1908
+ fields: {
1909
+ token: {
1910
+ type: "string";
1911
+ required: true;
1912
+ };
1913
+ clientId: {
1914
+ type: "string";
1915
+ required: true;
1916
+ references: {
1917
+ model: string;
1918
+ field: string;
1919
+ };
1920
+ };
1921
+ sessionId: {
1922
+ type: "string";
1923
+ required: false;
1924
+ references: {
1925
+ model: string;
1926
+ field: string;
1927
+ onDelete: "set null";
1928
+ };
1929
+ };
1930
+ userId: {
1931
+ type: "string";
1932
+ required: true;
1933
+ references: {
1934
+ model: string;
1935
+ field: string;
1936
+ };
1937
+ };
1938
+ referenceId: {
1939
+ type: "string";
1940
+ required: false;
1941
+ };
1942
+ expiresAt: {
1943
+ type: "date";
1944
+ };
1945
+ createdAt: {
1946
+ type: "date";
1947
+ };
1948
+ revoked: {
1949
+ type: "date";
1950
+ required: false;
1951
+ };
1952
+ authTime: {
1953
+ type: "date";
1954
+ required: false;
1955
+ };
1956
+ scopes: {
1957
+ type: "string[]";
1958
+ required: true;
1959
+ };
1960
+ };
1961
+ };
1962
+ oauthAccessToken: {
1963
+ modelName: string;
1964
+ fields: {
1965
+ token: {
1966
+ type: "string";
1967
+ unique: true;
1968
+ };
1969
+ clientId: {
1970
+ type: "string";
1971
+ required: true;
1972
+ references: {
1973
+ model: string;
1974
+ field: string;
1975
+ };
1976
+ };
1977
+ sessionId: {
1978
+ type: "string";
1979
+ required: false;
1980
+ references: {
1981
+ model: string;
1982
+ field: string;
1983
+ onDelete: "set null";
1984
+ };
1985
+ };
1986
+ userId: {
1987
+ type: "string";
1988
+ required: false;
1989
+ references: {
1990
+ model: string;
1991
+ field: string;
1992
+ };
1993
+ };
1994
+ referenceId: {
1995
+ type: "string";
1996
+ required: false;
1997
+ };
1998
+ refreshId: {
1999
+ type: "string";
2000
+ required: false;
2001
+ references: {
2002
+ model: string;
2003
+ field: string;
2004
+ };
2005
+ };
2006
+ expiresAt: {
2007
+ type: "date";
2008
+ };
2009
+ createdAt: {
2010
+ type: "date";
2011
+ };
2012
+ scopes: {
2013
+ type: "string[]";
2014
+ required: true;
2015
+ };
2016
+ };
2017
+ };
2018
+ oauthConsent: {
2019
+ modelName: string;
2020
+ fields: {
2021
+ clientId: {
2022
+ type: "string";
2023
+ required: true;
2024
+ references: {
2025
+ model: string;
2026
+ field: string;
2027
+ };
2028
+ };
2029
+ userId: {
2030
+ type: "string";
2031
+ required: false;
2032
+ references: {
2033
+ model: string;
2034
+ field: string;
2035
+ };
2036
+ };
2037
+ referenceId: {
2038
+ type: "string";
2039
+ required: false;
2040
+ };
2041
+ scopes: {
2042
+ type: "string[]";
2043
+ required: true;
2044
+ };
2045
+ createdAt: {
2046
+ type: "date";
2047
+ };
2048
+ updatedAt: {
2049
+ type: "date";
2050
+ };
2051
+ };
2052
+ };
2053
+ };
2054
+ rateLimit: ({
2055
+ pathMatcher: (path: string) => path is "/oauth2/token";
2056
+ window: number;
2057
+ max: number;
2058
+ } | {
2059
+ pathMatcher: (path: string) => path is "/oauth2/authorize";
2060
+ window: number;
2061
+ max: number;
2062
+ } | {
2063
+ pathMatcher: (path: string) => path is "/oauth2/introspect";
2064
+ window: number;
2065
+ max: number;
2066
+ } | {
2067
+ pathMatcher: (path: string) => path is "/oauth2/revoke";
2068
+ window: number;
2069
+ max: number;
2070
+ } | {
2071
+ pathMatcher: (path: string) => path is "/oauth2/register";
2072
+ window: number;
2073
+ max: number;
2074
+ } | {
2075
+ pathMatcher: (path: string) => path is "/oauth2/userinfo";
2076
+ window: number;
2077
+ max: number;
2078
+ })[];
2079
+ };
2080
+ //#endregion
2081
+ export { oauthProvider as n, getOAuthProviderState as t };