@better-auth/sso 1.4.0-beta.1 → 1.4.0-beta.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/.turbo/turbo-build.log +23 -15
  2. package/dist/client.cjs +8 -6
  3. package/dist/client.d.cts +6 -8
  4. package/dist/client.d.ts +6 -8
  5. package/dist/client.js +12 -0
  6. package/dist/index-Cl11-WdU.d.cts +965 -0
  7. package/dist/index-Dtx0Mkqc.d.ts +965 -0
  8. package/dist/index.cjs +2 -1161
  9. package/dist/index.d.cts +2 -812
  10. package/dist/index.d.ts +2 -812
  11. package/dist/index.js +3 -0
  12. package/dist/src-BYOa9Nr6.cjs +1256 -0
  13. package/dist/src-Z1RpfPZt.js +1218 -0
  14. package/package.json +13 -12
  15. package/src/index.ts +896 -150
  16. package/src/oidc.test.ts +156 -172
  17. package/src/saml.test.ts +212 -8
  18. package/tsconfig.json +4 -15
  19. package/tsdown.config.ts +8 -0
  20. package/CHANGELOG.md +0 -20
  21. package/build.config.ts +0 -12
  22. package/dist/client.d.mts +0 -11
  23. package/dist/client.mjs +0 -8
  24. package/dist/index.d.mts +0 -812
  25. package/dist/index.mjs +0 -1145
package/dist/index.d.mts DELETED
@@ -1,812 +0,0 @@
1
- import * as better_call from 'better-call';
2
- import { User, OAuth2Tokens } from 'better-auth';
3
- import * as z from 'zod/v4';
4
-
5
- interface OIDCConfig {
6
- issuer: string;
7
- pkce: boolean;
8
- clientId: string;
9
- clientSecret: string;
10
- authorizationEndpoint?: string;
11
- discoveryEndpoint: string;
12
- userInfoEndpoint?: string;
13
- scopes?: string[];
14
- overrideUserInfo?: boolean;
15
- tokenEndpoint?: string;
16
- tokenEndpointAuthentication?: "client_secret_post" | "client_secret_basic";
17
- jwksEndpoint?: string;
18
- mapping?: {
19
- id?: string;
20
- email?: string;
21
- emailVerified?: string;
22
- name?: string;
23
- image?: string;
24
- extraFields?: Record<string, string>;
25
- };
26
- }
27
- interface SAMLConfig {
28
- issuer: string;
29
- entryPoint: string;
30
- signingKey: string;
31
- certificate: string;
32
- attributeConsumingServiceIndex: number;
33
- mapping?: {
34
- id?: string;
35
- email?: string;
36
- name?: string;
37
- firstName?: string;
38
- lastName?: string;
39
- extraFields?: Record<string, string>;
40
- };
41
- }
42
- interface SSOProvider {
43
- issuer: string;
44
- oidcConfig?: OIDCConfig;
45
- samlConfig?: SAMLConfig;
46
- userId: string;
47
- providerId: string;
48
- organizationId?: string;
49
- }
50
- interface SSOOptions {
51
- /**
52
- * custom function to provision a user when they sign in with an SSO provider.
53
- */
54
- provisionUser?: (data: {
55
- /**
56
- * The user object from the database
57
- */
58
- user: User & Record<string, any>;
59
- /**
60
- * The user info object from the provider
61
- */
62
- userInfo: Record<string, any>;
63
- /**
64
- * The OAuth2 tokens from the provider
65
- */
66
- token?: OAuth2Tokens;
67
- /**
68
- * The SSO provider
69
- */
70
- provider: SSOProvider;
71
- }) => Promise<void>;
72
- /**
73
- * Organization provisioning options
74
- */
75
- organizationProvisioning?: {
76
- disabled?: boolean;
77
- defaultRole?: "member" | "admin";
78
- getRole?: (data: {
79
- /**
80
- * The user object from the database
81
- */
82
- user: User & Record<string, any>;
83
- /**
84
- * The user info object from the provider
85
- */
86
- userInfo: Record<string, any>;
87
- /**
88
- * The OAuth2 tokens from the provider
89
- */
90
- token?: OAuth2Tokens;
91
- /**
92
- * The SSO provider
93
- */
94
- provider: SSOProvider;
95
- }) => Promise<"member" | "admin">;
96
- };
97
- /**
98
- * Override user info with the provider info.
99
- * @default false
100
- */
101
- defaultOverrideUserInfo?: boolean;
102
- /**
103
- * Disable implicit sign up for new users. When set to true for the provider,
104
- * sign-in need to be called with with requestSignUp as true to create new users.
105
- */
106
- disableImplicitSignUp?: boolean;
107
- /**
108
- * Configure the maximum number of SSO providers a user can register.
109
- * You can also pass a function that returns a number.
110
- * Set to 0 to disable SSO provider registration.
111
- *
112
- * @example
113
- * ```ts
114
- * providersLimit: async (user) => {
115
- * const plan = await getUserPlan(user);
116
- * return plan.name === "pro" ? 10 : 1;
117
- * }
118
- * ```
119
- * @default 10
120
- */
121
- providersLimit?: number | ((user: User) => Promise<number> | number);
122
- /**
123
- * Trust the email verified flag from the provider.
124
- * @default false
125
- */
126
- trustEmailVerified?: boolean;
127
- }
128
- declare const sso: (options?: SSOOptions) => {
129
- id: "sso";
130
- endpoints: {
131
- spMetadata: {
132
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
133
- body?: undefined;
134
- } & {
135
- method?: "GET" | undefined;
136
- } & {
137
- query: {
138
- providerId: string;
139
- format?: "xml" | "json" | undefined;
140
- };
141
- } & {
142
- params?: Record<string, any>;
143
- } & {
144
- request?: Request;
145
- } & {
146
- headers?: HeadersInit;
147
- } & {
148
- asResponse?: boolean;
149
- returnHeaders?: boolean;
150
- use?: better_call.Middleware[];
151
- path?: string;
152
- } & {
153
- asResponse?: AsResponse | undefined;
154
- returnHeaders?: ReturnHeaders | undefined;
155
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
156
- headers: Headers;
157
- response: Response;
158
- } : Response>;
159
- options: {
160
- method: "GET";
161
- query: z.ZodObject<{
162
- providerId: z.ZodString;
163
- format: z.ZodDefault<z.ZodEnum<{
164
- xml: "xml";
165
- json: "json";
166
- }>>;
167
- }, z.core.$strip>;
168
- metadata: {
169
- openapi: {
170
- summary: string;
171
- description: string;
172
- responses: {
173
- "200": {
174
- description: string;
175
- };
176
- };
177
- };
178
- };
179
- } & {
180
- use: any[];
181
- };
182
- path: "/sso/saml2/sp/metadata";
183
- };
184
- registerSSOProvider: {
185
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
186
- body: {
187
- providerId: string;
188
- issuer: string;
189
- domain: string;
190
- oidcConfig?: {
191
- clientId: string;
192
- clientSecret: string;
193
- authorizationEndpoint?: string | undefined;
194
- tokenEndpoint?: string | undefined;
195
- userInfoEndpoint?: string | undefined;
196
- tokenEndpointAuthentication?: "client_secret_post" | "client_secret_basic" | undefined;
197
- jwksEndpoint?: string | undefined;
198
- discoveryEndpoint?: string | undefined;
199
- scopes?: string[] | undefined;
200
- pkce?: boolean | undefined;
201
- } | undefined;
202
- samlConfig?: {
203
- entryPoint: string;
204
- cert: string;
205
- callbackUrl: string;
206
- spMetadata: {
207
- metadata: string;
208
- binding?: string | undefined;
209
- privateKey?: string | undefined;
210
- privateKeyPass?: string | undefined;
211
- isAssertionEncrypted?: boolean | undefined;
212
- encPrivateKey?: string | undefined;
213
- encPrivateKeyPass?: string | undefined;
214
- };
215
- audience?: string | undefined;
216
- idpMetadata?: {
217
- metadata: string;
218
- privateKey?: string | undefined;
219
- privateKeyPass?: string | undefined;
220
- isAssertionEncrypted?: boolean | undefined;
221
- encPrivateKey?: string | undefined;
222
- encPrivateKeyPass?: string | undefined;
223
- } | undefined;
224
- wantAssertionsSigned?: boolean | undefined;
225
- signatureAlgorithm?: string | undefined;
226
- digestAlgorithm?: string | undefined;
227
- identifierFormat?: string | undefined;
228
- privateKey?: string | undefined;
229
- decryptionPvk?: string | undefined;
230
- additionalParams?: Record<string, any> | undefined;
231
- } | undefined;
232
- mapping?: {
233
- id: string;
234
- email: string;
235
- name: string;
236
- emailVerified?: string | undefined;
237
- image?: string | undefined;
238
- extraFields?: Record<string, any> | undefined;
239
- } | undefined;
240
- organizationId?: string | undefined;
241
- overrideUserInfo?: boolean | undefined;
242
- };
243
- } & {
244
- method?: "POST" | undefined;
245
- } & {
246
- query?: Record<string, any> | undefined;
247
- } & {
248
- params?: Record<string, any>;
249
- } & {
250
- request?: Request;
251
- } & {
252
- headers?: HeadersInit;
253
- } & {
254
- asResponse?: boolean;
255
- returnHeaders?: boolean;
256
- use?: better_call.Middleware[];
257
- path?: string;
258
- } & {
259
- asResponse?: AsResponse | undefined;
260
- returnHeaders?: ReturnHeaders | undefined;
261
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
262
- headers: Headers;
263
- response: {
264
- oidcConfig: OIDCConfig;
265
- samlConfig: SAMLConfig;
266
- redirectURI: string;
267
- issuer: string;
268
- userId: string;
269
- providerId: string;
270
- organizationId?: string;
271
- };
272
- } : {
273
- oidcConfig: OIDCConfig;
274
- samlConfig: SAMLConfig;
275
- redirectURI: string;
276
- issuer: string;
277
- userId: string;
278
- providerId: string;
279
- organizationId?: string;
280
- }>;
281
- options: {
282
- method: "POST";
283
- body: z.ZodObject<{
284
- providerId: z.ZodString;
285
- issuer: z.ZodString;
286
- domain: z.ZodString;
287
- oidcConfig: z.ZodOptional<z.ZodObject<{
288
- clientId: z.ZodString;
289
- clientSecret: z.ZodString;
290
- authorizationEndpoint: z.ZodOptional<z.ZodString>;
291
- tokenEndpoint: z.ZodOptional<z.ZodString>;
292
- userInfoEndpoint: z.ZodOptional<z.ZodString>;
293
- tokenEndpointAuthentication: z.ZodOptional<z.ZodEnum<{
294
- client_secret_post: "client_secret_post";
295
- client_secret_basic: "client_secret_basic";
296
- }>>;
297
- jwksEndpoint: z.ZodOptional<z.ZodString>;
298
- discoveryEndpoint: z.ZodOptional<z.ZodString>;
299
- scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
300
- pkce: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
301
- }, z.core.$strip>>;
302
- samlConfig: z.ZodOptional<z.ZodObject<{
303
- entryPoint: z.ZodString;
304
- cert: z.ZodString;
305
- callbackUrl: z.ZodString;
306
- audience: z.ZodOptional<z.ZodString>;
307
- idpMetadata: z.ZodOptional<z.ZodObject<{
308
- metadata: z.ZodString;
309
- privateKey: z.ZodOptional<z.ZodString>;
310
- privateKeyPass: z.ZodOptional<z.ZodString>;
311
- isAssertionEncrypted: z.ZodOptional<z.ZodBoolean>;
312
- encPrivateKey: z.ZodOptional<z.ZodString>;
313
- encPrivateKeyPass: z.ZodOptional<z.ZodString>;
314
- }, z.core.$strip>>;
315
- spMetadata: z.ZodObject<{
316
- metadata: z.ZodString;
317
- binding: z.ZodOptional<z.ZodString>;
318
- privateKey: z.ZodOptional<z.ZodString>;
319
- privateKeyPass: z.ZodOptional<z.ZodString>;
320
- isAssertionEncrypted: z.ZodOptional<z.ZodBoolean>;
321
- encPrivateKey: z.ZodOptional<z.ZodString>;
322
- encPrivateKeyPass: z.ZodOptional<z.ZodString>;
323
- }, z.core.$strip>;
324
- wantAssertionsSigned: z.ZodOptional<z.ZodBoolean>;
325
- signatureAlgorithm: z.ZodOptional<z.ZodString>;
326
- digestAlgorithm: z.ZodOptional<z.ZodString>;
327
- identifierFormat: z.ZodOptional<z.ZodString>;
328
- privateKey: z.ZodOptional<z.ZodString>;
329
- decryptionPvk: z.ZodOptional<z.ZodString>;
330
- additionalParams: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
331
- }, z.core.$strip>>;
332
- mapping: z.ZodOptional<z.ZodObject<{
333
- id: z.ZodString;
334
- email: z.ZodString;
335
- emailVerified: z.ZodOptional<z.ZodString>;
336
- name: z.ZodString;
337
- image: z.ZodOptional<z.ZodString>;
338
- extraFields: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
339
- }, z.core.$strip>>;
340
- organizationId: z.ZodOptional<z.ZodString>;
341
- overrideUserInfo: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
342
- }, z.core.$strip>;
343
- use: ((inputContext: better_call.MiddlewareInputContext<better_call.MiddlewareOptions>) => Promise<{
344
- session: {
345
- session: Record<string, any> & {
346
- id: string;
347
- createdAt: Date;
348
- updatedAt: Date;
349
- userId: string;
350
- expiresAt: Date;
351
- token: string;
352
- ipAddress?: string | null | undefined;
353
- userAgent?: string | null | undefined;
354
- };
355
- user: Record<string, any> & {
356
- id: string;
357
- createdAt: Date;
358
- updatedAt: Date;
359
- email: string;
360
- emailVerified: boolean;
361
- name: string;
362
- image?: string | null | undefined;
363
- };
364
- };
365
- }>)[];
366
- metadata: {
367
- openapi: {
368
- summary: string;
369
- description: string;
370
- responses: {
371
- "200": {
372
- description: string;
373
- content: {
374
- "application/json": {
375
- schema: {
376
- type: "object";
377
- properties: {
378
- issuer: {
379
- type: string;
380
- format: string;
381
- description: string;
382
- };
383
- domain: {
384
- type: string;
385
- description: string;
386
- };
387
- oidcConfig: {
388
- type: string;
389
- properties: {
390
- issuer: {
391
- type: string;
392
- format: string;
393
- description: string;
394
- };
395
- pkce: {
396
- type: string;
397
- description: string;
398
- };
399
- clientId: {
400
- type: string;
401
- description: string;
402
- };
403
- clientSecret: {
404
- type: string;
405
- description: string;
406
- };
407
- authorizationEndpoint: {
408
- type: string;
409
- format: string;
410
- nullable: boolean;
411
- description: string;
412
- };
413
- discoveryEndpoint: {
414
- type: string;
415
- format: string;
416
- description: string;
417
- };
418
- userInfoEndpoint: {
419
- type: string;
420
- format: string;
421
- nullable: boolean;
422
- description: string;
423
- };
424
- scopes: {
425
- type: string;
426
- items: {
427
- type: string;
428
- };
429
- nullable: boolean;
430
- description: string;
431
- };
432
- tokenEndpoint: {
433
- type: string;
434
- format: string;
435
- nullable: boolean;
436
- description: string;
437
- };
438
- tokenEndpointAuthentication: {
439
- type: string;
440
- enum: string[];
441
- nullable: boolean;
442
- description: string;
443
- };
444
- jwksEndpoint: {
445
- type: string;
446
- format: string;
447
- nullable: boolean;
448
- description: string;
449
- };
450
- mapping: {
451
- type: string;
452
- nullable: boolean;
453
- properties: {
454
- id: {
455
- type: string;
456
- description: string;
457
- };
458
- email: {
459
- type: string;
460
- description: string;
461
- };
462
- emailVerified: {
463
- type: string;
464
- nullable: boolean;
465
- description: string;
466
- };
467
- name: {
468
- type: string;
469
- description: string;
470
- };
471
- image: {
472
- type: string;
473
- nullable: boolean;
474
- description: string;
475
- };
476
- extraFields: {
477
- type: string;
478
- additionalProperties: {
479
- type: string;
480
- };
481
- nullable: boolean;
482
- description: string;
483
- };
484
- };
485
- required: string[];
486
- };
487
- };
488
- required: string[];
489
- description: string;
490
- };
491
- organizationId: {
492
- type: string;
493
- nullable: boolean;
494
- description: string;
495
- };
496
- userId: {
497
- type: string;
498
- description: string;
499
- };
500
- providerId: {
501
- type: string;
502
- description: string;
503
- };
504
- redirectURI: {
505
- type: string;
506
- format: string;
507
- description: string;
508
- };
509
- };
510
- required: string[];
511
- };
512
- };
513
- };
514
- };
515
- };
516
- };
517
- };
518
- } & {
519
- use: any[];
520
- };
521
- path: "/sso/register";
522
- };
523
- signInSSO: {
524
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
525
- body: {
526
- callbackURL: string;
527
- email?: string | undefined;
528
- organizationSlug?: string | undefined;
529
- providerId?: string | undefined;
530
- domain?: string | undefined;
531
- errorCallbackURL?: string | undefined;
532
- newUserCallbackURL?: string | undefined;
533
- scopes?: string[] | undefined;
534
- requestSignUp?: boolean | undefined;
535
- providerType?: "oidc" | "saml" | undefined;
536
- };
537
- } & {
538
- method?: "POST" | undefined;
539
- } & {
540
- query?: Record<string, any> | undefined;
541
- } & {
542
- params?: Record<string, any>;
543
- } & {
544
- request?: Request;
545
- } & {
546
- headers?: HeadersInit;
547
- } & {
548
- asResponse?: boolean;
549
- returnHeaders?: boolean;
550
- use?: better_call.Middleware[];
551
- path?: string;
552
- } & {
553
- asResponse?: AsResponse | undefined;
554
- returnHeaders?: ReturnHeaders | undefined;
555
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
556
- headers: Headers;
557
- response: {
558
- url: string;
559
- redirect: boolean;
560
- };
561
- } : {
562
- url: string;
563
- redirect: boolean;
564
- }>;
565
- options: {
566
- method: "POST";
567
- body: z.ZodObject<{
568
- email: z.ZodOptional<z.ZodString>;
569
- organizationSlug: z.ZodOptional<z.ZodString>;
570
- providerId: z.ZodOptional<z.ZodString>;
571
- domain: z.ZodOptional<z.ZodString>;
572
- callbackURL: z.ZodString;
573
- errorCallbackURL: z.ZodOptional<z.ZodString>;
574
- newUserCallbackURL: z.ZodOptional<z.ZodString>;
575
- scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
576
- requestSignUp: z.ZodOptional<z.ZodBoolean>;
577
- providerType: z.ZodOptional<z.ZodEnum<{
578
- oidc: "oidc";
579
- saml: "saml";
580
- }>>;
581
- }, z.core.$strip>;
582
- metadata: {
583
- openapi: {
584
- summary: string;
585
- description: string;
586
- requestBody: {
587
- content: {
588
- "application/json": {
589
- schema: {
590
- type: "object";
591
- properties: {
592
- email: {
593
- type: string;
594
- description: string;
595
- };
596
- issuer: {
597
- type: string;
598
- description: string;
599
- };
600
- providerId: {
601
- type: string;
602
- description: string;
603
- };
604
- callbackURL: {
605
- type: string;
606
- description: string;
607
- };
608
- errorCallbackURL: {
609
- type: string;
610
- description: string;
611
- };
612
- newUserCallbackURL: {
613
- type: string;
614
- description: string;
615
- };
616
- };
617
- required: string[];
618
- };
619
- };
620
- };
621
- };
622
- responses: {
623
- "200": {
624
- description: string;
625
- content: {
626
- "application/json": {
627
- schema: {
628
- type: "object";
629
- properties: {
630
- url: {
631
- type: string;
632
- format: string;
633
- description: string;
634
- };
635
- redirect: {
636
- type: string;
637
- description: string;
638
- enum: boolean[];
639
- };
640
- };
641
- required: string[];
642
- };
643
- };
644
- };
645
- };
646
- };
647
- };
648
- };
649
- } & {
650
- use: any[];
651
- };
652
- path: "/sign-in/sso";
653
- };
654
- callbackSSO: {
655
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
656
- body?: undefined;
657
- } & {
658
- method?: "GET" | undefined;
659
- } & {
660
- query: {
661
- state: string;
662
- code?: string | undefined;
663
- error?: string | undefined;
664
- error_description?: string | undefined;
665
- };
666
- } & {
667
- params: {
668
- providerId: string;
669
- };
670
- } & {
671
- request?: Request;
672
- } & {
673
- headers?: HeadersInit;
674
- } & {
675
- asResponse?: boolean;
676
- returnHeaders?: boolean;
677
- use?: better_call.Middleware[];
678
- path?: string;
679
- } & {
680
- asResponse?: AsResponse | undefined;
681
- returnHeaders?: ReturnHeaders | undefined;
682
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
683
- headers: Headers;
684
- response: never;
685
- } : never>;
686
- options: {
687
- method: "GET";
688
- query: z.ZodObject<{
689
- code: z.ZodOptional<z.ZodString>;
690
- state: z.ZodString;
691
- error: z.ZodOptional<z.ZodString>;
692
- error_description: z.ZodOptional<z.ZodString>;
693
- }, z.core.$strip>;
694
- metadata: {
695
- isAction: boolean;
696
- openapi: {
697
- summary: string;
698
- description: string;
699
- responses: {
700
- "302": {
701
- description: string;
702
- };
703
- };
704
- };
705
- };
706
- } & {
707
- use: any[];
708
- };
709
- path: "/sso/callback/:providerId";
710
- };
711
- callbackSSOSAML: {
712
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
713
- body: {
714
- SAMLResponse: string;
715
- RelayState?: string | undefined;
716
- };
717
- } & {
718
- method?: "POST" | undefined;
719
- } & {
720
- query?: Record<string, any> | undefined;
721
- } & {
722
- params: {
723
- providerId: string;
724
- };
725
- } & {
726
- request?: Request;
727
- } & {
728
- headers?: HeadersInit;
729
- } & {
730
- asResponse?: boolean;
731
- returnHeaders?: boolean;
732
- use?: better_call.Middleware[];
733
- path?: string;
734
- } & {
735
- asResponse?: AsResponse | undefined;
736
- returnHeaders?: ReturnHeaders | undefined;
737
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
738
- headers: Headers;
739
- response: never;
740
- } : never>;
741
- options: {
742
- method: "POST";
743
- body: z.ZodObject<{
744
- SAMLResponse: z.ZodString;
745
- RelayState: z.ZodOptional<z.ZodString>;
746
- }, z.core.$strip>;
747
- metadata: {
748
- isAction: boolean;
749
- openapi: {
750
- summary: string;
751
- description: string;
752
- responses: {
753
- "302": {
754
- description: string;
755
- };
756
- "400": {
757
- description: string;
758
- };
759
- "401": {
760
- description: string;
761
- };
762
- };
763
- };
764
- };
765
- } & {
766
- use: any[];
767
- };
768
- path: "/sso/saml2/callback/:providerId";
769
- };
770
- };
771
- schema: {
772
- ssoProvider: {
773
- fields: {
774
- issuer: {
775
- type: "string";
776
- required: true;
777
- };
778
- oidcConfig: {
779
- type: "string";
780
- required: false;
781
- };
782
- samlConfig: {
783
- type: "string";
784
- required: false;
785
- };
786
- userId: {
787
- type: "string";
788
- references: {
789
- model: string;
790
- field: string;
791
- };
792
- };
793
- providerId: {
794
- type: "string";
795
- required: true;
796
- unique: true;
797
- };
798
- organizationId: {
799
- type: "string";
800
- required: false;
801
- };
802
- domain: {
803
- type: "string";
804
- required: true;
805
- };
806
- };
807
- };
808
- };
809
- };
810
-
811
- export { sso };
812
- export type { OIDCConfig, SAMLConfig, SSOOptions, SSOProvider };