@better-auth/sso 1.4.0-beta.10 → 1.4.0-beta.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/.turbo/turbo-build.log +9 -9
  2. package/dist/client.cjs +1 -1
  3. package/dist/client.d.cts +1 -1
  4. package/dist/client.d.ts +1 -1
  5. package/dist/client.js +1 -1
  6. package/dist/index-B2BVFq3k.d.ts +688 -0
  7. package/dist/index-ChbeAG7i.d.cts +688 -0
  8. package/dist/index.cjs +1 -1
  9. package/dist/index.d.cts +1 -1
  10. package/dist/index.d.ts +1 -1
  11. package/dist/index.js +1 -1
  12. package/dist/{src-DLLHZrD9.cjs → src-BYOa9Nr6.cjs} +8 -2
  13. package/dist/{src-DrA9mJEu.js → src-Z1RpfPZt.js} +8 -2
  14. package/package.json +4 -4
  15. package/src/index.ts +15 -2
  16. package/src/oidc.test.ts +3 -0
  17. package/dist/index-D0i1jHBp.d.cts +0 -959
  18. package/dist/index-Drgwy6ZL.d.ts +0 -959
package/dist/index-D0i1jHBp.d.cts DELETED
@@ -1,959 +0,0 @@
1
- import * as better_call0 from "better-call";
2
- import { OAuth2Tokens, User } from "better-auth";
3
- import * as z from "zod/v4";
4
-
5
- //#region src/index.d.ts
6
- interface OIDCMapping {
7
- id?: string;
8
- email?: string;
9
- emailVerified?: string;
10
- name?: string;
11
- image?: string;
12
- extraFields?: Record<string, string>;
13
- }
14
- interface SAMLMapping {
15
- id?: string;
16
- email?: string;
17
- emailVerified?: string;
18
- name?: string;
19
- firstName?: string;
20
- lastName?: string;
21
- extraFields?: Record<string, string>;
22
- }
23
- interface OIDCConfig {
24
- issuer: string;
25
- pkce: boolean;
26
- clientId: string;
27
- clientSecret: string;
28
- authorizationEndpoint?: string;
29
- discoveryEndpoint: string;
30
- userInfoEndpoint?: string;
31
- scopes?: string[];
32
- overrideUserInfo?: boolean;
33
- tokenEndpoint?: string;
34
- tokenEndpointAuthentication?: "client_secret_post" | "client_secret_basic";
35
- jwksEndpoint?: string;
36
- mapping?: OIDCMapping;
37
- }
38
- interface SAMLConfig {
39
- issuer: string;
40
- entryPoint: string;
41
- cert: string;
42
- callbackUrl: string;
43
- audience?: string;
44
- idpMetadata?: {
45
- metadata?: string;
46
- entityID?: string;
47
- entityURL?: string;
48
- redirectURL?: string;
49
- cert?: string;
50
- privateKey?: string;
51
- privateKeyPass?: string;
52
- isAssertionEncrypted?: boolean;
53
- encPrivateKey?: string;
54
- encPrivateKeyPass?: string;
55
- singleSignOnService?: Array<{
56
- Binding: string;
57
- Location: string;
58
- }>;
59
- };
60
- spMetadata: {
61
- metadata?: string;
62
- entityID?: string;
63
- binding?: string;
64
- privateKey?: string;
65
- privateKeyPass?: string;
66
- isAssertionEncrypted?: boolean;
67
- encPrivateKey?: string;
68
- encPrivateKeyPass?: string;
69
- };
70
- wantAssertionsSigned?: boolean;
71
- signatureAlgorithm?: string;
72
- digestAlgorithm?: string;
73
- identifierFormat?: string;
74
- privateKey?: string;
75
- decryptionPvk?: string;
76
- additionalParams?: Record<string, any>;
77
- mapping?: SAMLMapping;
78
- }
79
- interface SSOProvider {
80
- issuer: string;
81
- oidcConfig?: OIDCConfig;
82
- samlConfig?: SAMLConfig;
83
- userId: string;
84
- providerId: string;
85
- organizationId?: string;
86
- }
87
- interface SSOOptions {
88
- /**
89
- * custom function to provision a user when they sign in with an SSO provider.
90
- */
91
- provisionUser?: (data: {
92
- /**
93
- * The user object from the database
94
- */
95
- user: User & Record<string, any>;
96
- /**
97
- * The user info object from the provider
98
- */
99
- userInfo: Record<string, any>;
100
- /**
101
- * The OAuth2 tokens from the provider
102
- */
103
- token?: OAuth2Tokens;
104
- /**
105
- * The SSO provider
106
- */
107
- provider: SSOProvider;
108
- }) => Promise<void>;
109
- /**
110
- * Organization provisioning options
111
- */
112
- organizationProvisioning?: {
113
- disabled?: boolean;
114
- defaultRole?: "member" | "admin";
115
- getRole?: (data: {
116
- /**
117
- * The user object from the database
118
- */
119
- user: User & Record<string, any>;
120
- /**
121
- * The user info object from the provider
122
- */
123
- userInfo: Record<string, any>;
124
- /**
125
- * The OAuth2 tokens from the provider
126
- */
127
- token?: OAuth2Tokens;
128
- /**
129
- * The SSO provider
130
- */
131
- provider: SSOProvider;
132
- }) => Promise<"member" | "admin">;
133
- };
134
- /**
135
- * Default SSO provider configurations for testing.
136
- * These will take the precedence over the database providers.
137
- */
138
- defaultSSO?: Array<{
139
- /**
140
- * The domain to match for this default provider.
141
- * This is only used to match incoming requests to this default provider.
142
- */
143
- domain: string;
144
- /**
145
- * The provider ID to use
146
- */
147
- providerId: string;
148
- /**
149
- * SAML configuration
150
- */
151
- samlConfig?: SAMLConfig;
152
- /**
153
- * OIDC configuration
154
- */
155
- oidcConfig?: OIDCConfig;
156
- }>;
157
- /**
158
- * Override user info with the provider info.
159
- * @default false
160
- */
161
- defaultOverrideUserInfo?: boolean;
162
- /**
163
- * Disable implicit sign up for new users. When set to true for the provider,
164
- * sign-in need to be called with with requestSignUp as true to create new users.
165
- */
166
- disableImplicitSignUp?: boolean;
167
- /**
168
- * Configure the maximum number of SSO providers a user can register.
169
- * You can also pass a function that returns a number.
170
- * Set to 0 to disable SSO provider registration.
171
- *
172
- * @example
173
- * ```ts
174
- * providersLimit: async (user) => {
175
- * const plan = await getUserPlan(user);
176
- * return plan.name === "pro" ? 10 : 1;
177
- * }
178
- * ```
179
- * @default 10
180
- */
181
- providersLimit?: number | ((user: User) => Promise<number> | number);
182
- /**
183
- * Trust the email verified flag from the provider.
184
- * @default false
185
- */
186
- trustEmailVerified?: boolean;
187
- }
188
- declare const sso: (options?: SSOOptions) => {
189
- id: "sso";
190
- endpoints: {
191
- spMetadata: {
192
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
193
- body?: undefined;
194
- } & {
195
- method?: "GET" | undefined;
196
- } & {
197
- query: {
198
- providerId: string;
199
- format?: "xml" | "json" | undefined;
200
- };
201
- } & {
202
- params?: Record<string, any>;
203
- } & {
204
- request?: Request;
205
- } & {
206
- headers?: HeadersInit;
207
- } & {
208
- asResponse?: boolean;
209
- returnHeaders?: boolean;
210
- use?: better_call0.Middleware[];
211
- path?: string;
212
- } & {
213
- asResponse?: AsResponse | undefined;
214
- returnHeaders?: ReturnHeaders | undefined;
215
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
216
- headers: Headers;
217
- response: Response;
218
- } : Response>;
219
- options: {
220
- method: "GET";
221
- query: z.ZodObject<{
222
- providerId: z.ZodString;
223
- format: z.ZodDefault<z.ZodEnum<{
224
- xml: "xml";
225
- json: "json";
226
- }>>;
227
- }, z.core.$strip>;
228
- metadata: {
229
- openapi: {
230
- summary: string;
231
- description: string;
232
- responses: {
233
- "200": {
234
- description: string;
235
- };
236
- };
237
- };
238
- };
239
- } & {
240
- use: any[];
241
- };
242
- path: "/sso/saml2/sp/metadata";
243
- };
244
- registerSSOProvider: {
245
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
246
- body: {
247
- providerId: string;
248
- issuer: string;
249
- domain: string;
250
- oidcConfig?: {
251
- clientId: string;
252
- clientSecret: string;
253
- authorizationEndpoint?: string | undefined;
254
- tokenEndpoint?: string | undefined;
255
- userInfoEndpoint?: string | undefined;
256
- tokenEndpointAuthentication?: "client_secret_post" | "client_secret_basic" | undefined;
257
- jwksEndpoint?: string | undefined;
258
- discoveryEndpoint?: string | undefined;
259
- scopes?: string[] | undefined;
260
- pkce?: boolean | undefined;
261
- mapping?: {
262
- id: string;
263
- email: string;
264
- name: string;
265
- emailVerified?: string | undefined;
266
- image?: string | undefined;
267
- extraFields?: Record<string, any> | undefined;
268
- } | undefined;
269
- } | undefined;
270
- samlConfig?: {
271
- entryPoint: string;
272
- cert: string;
273
- callbackUrl: string;
274
- spMetadata: {
275
- metadata?: string | undefined;
276
- entityID?: string | undefined;
277
- binding?: string | undefined;
278
- privateKey?: string | undefined;
279
- privateKeyPass?: string | undefined;
280
- isAssertionEncrypted?: boolean | undefined;
281
- encPrivateKey?: string | undefined;
282
- encPrivateKeyPass?: string | undefined;
283
- };
284
- audience?: string | undefined;
285
- idpMetadata?: {
286
- metadata?: string | undefined;
287
- entityID?: string | undefined;
288
- cert?: string | undefined;
289
- privateKey?: string | undefined;
290
- privateKeyPass?: string | undefined;
291
- isAssertionEncrypted?: boolean | undefined;
292
- encPrivateKey?: string | undefined;
293
- encPrivateKeyPass?: string | undefined;
294
- singleSignOnService?: {
295
- Binding: string;
296
- Location: string;
297
- }[] | undefined;
298
- } | undefined;
299
- wantAssertionsSigned?: boolean | undefined;
300
- signatureAlgorithm?: string | undefined;
301
- digestAlgorithm?: string | undefined;
302
- identifierFormat?: string | undefined;
303
- privateKey?: string | undefined;
304
- decryptionPvk?: string | undefined;
305
- additionalParams?: Record<string, any> | undefined;
306
- mapping?: {
307
- id: string;
308
- email: string;
309
- name: string;
310
- emailVerified?: string | undefined;
311
- firstName?: string | undefined;
312
- lastName?: string | undefined;
313
- extraFields?: Record<string, any> | undefined;
314
- } | undefined;
315
- } | undefined;
316
- organizationId?: string | undefined;
317
- overrideUserInfo?: boolean | undefined;
318
- };
319
- } & {
320
- method?: "POST" | undefined;
321
- } & {
322
- query?: Record<string, any> | undefined;
323
- } & {
324
- params?: Record<string, any>;
325
- } & {
326
- request?: Request;
327
- } & {
328
- headers?: HeadersInit;
329
- } & {
330
- asResponse?: boolean;
331
- returnHeaders?: boolean;
332
- use?: better_call0.Middleware[];
333
- path?: string;
334
- } & {
335
- asResponse?: AsResponse | undefined;
336
- returnHeaders?: ReturnHeaders | undefined;
337
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
338
- headers: Headers;
339
- response: {
340
- oidcConfig: OIDCConfig;
341
- samlConfig: SAMLConfig;
342
- redirectURI: string;
343
- issuer: string;
344
- userId: string;
345
- providerId: string;
346
- organizationId?: string;
347
- };
348
- } : {
349
- oidcConfig: OIDCConfig;
350
- samlConfig: SAMLConfig;
351
- redirectURI: string;
352
- issuer: string;
353
- userId: string;
354
- providerId: string;
355
- organizationId?: string;
356
- }>;
357
- options: {
358
- method: "POST";
359
- body: z.ZodObject<{
360
- providerId: z.ZodString;
361
- issuer: z.ZodString;
362
- domain: z.ZodString;
363
- oidcConfig: z.ZodOptional<z.ZodObject<{
364
- clientId: z.ZodString;
365
- clientSecret: z.ZodString;
366
- authorizationEndpoint: z.ZodOptional<z.ZodString>;
367
- tokenEndpoint: z.ZodOptional<z.ZodString>;
368
- userInfoEndpoint: z.ZodOptional<z.ZodString>;
369
- tokenEndpointAuthentication: z.ZodOptional<z.ZodEnum<{
370
- client_secret_post: "client_secret_post";
371
- client_secret_basic: "client_secret_basic";
372
- }>>;
373
- jwksEndpoint: z.ZodOptional<z.ZodString>;
374
- discoveryEndpoint: z.ZodOptional<z.ZodString>;
375
- scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
376
- pkce: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
377
- mapping: z.ZodOptional<z.ZodObject<{
378
- id: z.ZodString;
379
- email: z.ZodString;
380
- emailVerified: z.ZodOptional<z.ZodString>;
381
- name: z.ZodString;
382
- image: z.ZodOptional<z.ZodString>;
383
- extraFields: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
384
- }, z.core.$strip>>;
385
- }, z.core.$strip>>;
386
- samlConfig: z.ZodOptional<z.ZodObject<{
387
- entryPoint: z.ZodString;
388
- cert: z.ZodString;
389
- callbackUrl: z.ZodString;
390
- audience: z.ZodOptional<z.ZodString>;
391
- idpMetadata: z.ZodOptional<z.ZodObject<{
392
- metadata: z.ZodOptional<z.ZodString>;
393
- entityID: z.ZodOptional<z.ZodString>;
394
- cert: z.ZodOptional<z.ZodString>;
395
- privateKey: z.ZodOptional<z.ZodString>;
396
- privateKeyPass: z.ZodOptional<z.ZodString>;
397
- isAssertionEncrypted: z.ZodOptional<z.ZodBoolean>;
398
- encPrivateKey: z.ZodOptional<z.ZodString>;
399
- encPrivateKeyPass: z.ZodOptional<z.ZodString>;
400
- singleSignOnService: z.ZodOptional<z.ZodArray<z.ZodObject<{
401
- Binding: z.ZodString;
402
- Location: z.ZodString;
403
- }, z.core.$strip>>>;
404
- }, z.core.$strip>>;
405
- spMetadata: z.ZodObject<{
406
- metadata: z.ZodOptional<z.ZodString>;
407
- entityID: z.ZodOptional<z.ZodString>;
408
- binding: z.ZodOptional<z.ZodString>;
409
- privateKey: z.ZodOptional<z.ZodString>;
410
- privateKeyPass: z.ZodOptional<z.ZodString>;
411
- isAssertionEncrypted: z.ZodOptional<z.ZodBoolean>;
412
- encPrivateKey: z.ZodOptional<z.ZodString>;
413
- encPrivateKeyPass: z.ZodOptional<z.ZodString>;
414
- }, z.core.$strip>;
415
- wantAssertionsSigned: z.ZodOptional<z.ZodBoolean>;
416
- signatureAlgorithm: z.ZodOptional<z.ZodString>;
417
- digestAlgorithm: z.ZodOptional<z.ZodString>;
418
- identifierFormat: z.ZodOptional<z.ZodString>;
419
- privateKey: z.ZodOptional<z.ZodString>;
420
- decryptionPvk: z.ZodOptional<z.ZodString>;
421
- additionalParams: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
422
- mapping: z.ZodOptional<z.ZodObject<{
423
- id: z.ZodString;
424
- email: z.ZodString;
425
- emailVerified: z.ZodOptional<z.ZodString>;
426
- name: z.ZodString;
427
- firstName: z.ZodOptional<z.ZodString>;
428
- lastName: z.ZodOptional<z.ZodString>;
429
- extraFields: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
430
- }, z.core.$strip>>;
431
- }, z.core.$strip>>;
432
- organizationId: z.ZodOptional<z.ZodString>;
433
- overrideUserInfo: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
434
- }, z.core.$strip>;
435
- use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
436
- session: {
437
- session: Record<string, any> & {
438
- id: string;
439
- createdAt: Date;
440
- updatedAt: Date;
441
- userId: string;
442
- expiresAt: Date;
443
- token: string;
444
- ipAddress?: string | null | undefined;
445
- userAgent?: string | null | undefined;
446
- };
447
- user: Record<string, any> & {
448
- id: string;
449
- createdAt: Date;
450
- updatedAt: Date;
451
- email: string;
452
- emailVerified: boolean;
453
- name: string;
454
- image?: string | null | undefined;
455
- };
456
- };
457
- }>)[];
458
- metadata: {
459
- openapi: {
460
- summary: string;
461
- description: string;
462
- responses: {
463
- "200": {
464
- description: string;
465
- content: {
466
- "application/json": {
467
- schema: {
468
- type: "object";
469
- properties: {
470
- issuer: {
471
- type: string;
472
- format: string;
473
- description: string;
474
- };
475
- domain: {
476
- type: string;
477
- description: string;
478
- };
479
- oidcConfig: {
480
- type: string;
481
- properties: {
482
- issuer: {
483
- type: string;
484
- format: string;
485
- description: string;
486
- };
487
- pkce: {
488
- type: string;
489
- description: string;
490
- };
491
- clientId: {
492
- type: string;
493
- description: string;
494
- };
495
- clientSecret: {
496
- type: string;
497
- description: string;
498
- };
499
- authorizationEndpoint: {
500
- type: string;
501
- format: string;
502
- nullable: boolean;
503
- description: string;
504
- };
505
- discoveryEndpoint: {
506
- type: string;
507
- format: string;
508
- description: string;
509
- };
510
- userInfoEndpoint: {
511
- type: string;
512
- format: string;
513
- nullable: boolean;
514
- description: string;
515
- };
516
- scopes: {
517
- type: string;
518
- items: {
519
- type: string;
520
- };
521
- nullable: boolean;
522
- description: string;
523
- };
524
- tokenEndpoint: {
525
- type: string;
526
- format: string;
527
- nullable: boolean;
528
- description: string;
529
- };
530
- tokenEndpointAuthentication: {
531
- type: string;
532
- enum: string[];
533
- nullable: boolean;
534
- description: string;
535
- };
536
- jwksEndpoint: {
537
- type: string;
538
- format: string;
539
- nullable: boolean;
540
- description: string;
541
- };
542
- mapping: {
543
- type: string;
544
- nullable: boolean;
545
- properties: {
546
- id: {
547
- type: string;
548
- description: string;
549
- };
550
- email: {
551
- type: string;
552
- description: string;
553
- };
554
- emailVerified: {
555
- type: string;
556
- nullable: boolean;
557
- description: string;
558
- };
559
- name: {
560
- type: string;
561
- description: string;
562
- };
563
- image: {
564
- type: string;
565
- nullable: boolean;
566
- description: string;
567
- };
568
- extraFields: {
569
- type: string;
570
- additionalProperties: {
571
- type: string;
572
- };
573
- nullable: boolean;
574
- description: string;
575
- };
576
- };
577
- required: string[];
578
- };
579
- };
580
- required: string[];
581
- description: string;
582
- };
583
- organizationId: {
584
- type: string;
585
- nullable: boolean;
586
- description: string;
587
- };
588
- userId: {
589
- type: string;
590
- description: string;
591
- };
592
- providerId: {
593
- type: string;
594
- description: string;
595
- };
596
- redirectURI: {
597
- type: string;
598
- format: string;
599
- description: string;
600
- };
601
- };
602
- required: string[];
603
- };
604
- };
605
- };
606
- };
607
- };
608
- };
609
- };
610
- } & {
611
- use: any[];
612
- };
613
- path: "/sso/register";
614
- };
615
- signInSSO: {
616
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
617
- body: {
618
- callbackURL: string;
619
- email?: string | undefined;
620
- organizationSlug?: string | undefined;
621
- providerId?: string | undefined;
622
- domain?: string | undefined;
623
- errorCallbackURL?: string | undefined;
624
- newUserCallbackURL?: string | undefined;
625
- scopes?: string[] | undefined;
626
- requestSignUp?: boolean | undefined;
627
- providerType?: "oidc" | "saml" | undefined;
628
- };
629
- } & {
630
- method?: "POST" | undefined;
631
- } & {
632
- query?: Record<string, any> | undefined;
633
- } & {
634
- params?: Record<string, any>;
635
- } & {
636
- request?: Request;
637
- } & {
638
- headers?: HeadersInit;
639
- } & {
640
- asResponse?: boolean;
641
- returnHeaders?: boolean;
642
- use?: better_call0.Middleware[];
643
- path?: string;
644
- } & {
645
- asResponse?: AsResponse | undefined;
646
- returnHeaders?: ReturnHeaders | undefined;
647
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
648
- headers: Headers;
649
- response: {
650
- url: string;
651
- redirect: boolean;
652
- };
653
- } : {
654
- url: string;
655
- redirect: boolean;
656
- }>;
657
- options: {
658
- method: "POST";
659
- body: z.ZodObject<{
660
- email: z.ZodOptional<z.ZodString>;
661
- organizationSlug: z.ZodOptional<z.ZodString>;
662
- providerId: z.ZodOptional<z.ZodString>;
663
- domain: z.ZodOptional<z.ZodString>;
664
- callbackURL: z.ZodString;
665
- errorCallbackURL: z.ZodOptional<z.ZodString>;
666
- newUserCallbackURL: z.ZodOptional<z.ZodString>;
667
- scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
668
- requestSignUp: z.ZodOptional<z.ZodBoolean>;
669
- providerType: z.ZodOptional<z.ZodEnum<{
670
- oidc: "oidc";
671
- saml: "saml";
672
- }>>;
673
- }, z.core.$strip>;
674
- metadata: {
675
- openapi: {
676
- summary: string;
677
- description: string;
678
- requestBody: {
679
- content: {
680
- "application/json": {
681
- schema: {
682
- type: "object";
683
- properties: {
684
- email: {
685
- type: string;
686
- description: string;
687
- };
688
- issuer: {
689
- type: string;
690
- description: string;
691
- };
692
- providerId: {
693
- type: string;
694
- description: string;
695
- };
696
- callbackURL: {
697
- type: string;
698
- description: string;
699
- };
700
- errorCallbackURL: {
701
- type: string;
702
- description: string;
703
- };
704
- newUserCallbackURL: {
705
- type: string;
706
- description: string;
707
- };
708
- };
709
- required: string[];
710
- };
711
- };
712
- };
713
- };
714
- responses: {
715
- "200": {
716
- description: string;
717
- content: {
718
- "application/json": {
719
- schema: {
720
- type: "object";
721
- properties: {
722
- url: {
723
- type: string;
724
- format: string;
725
- description: string;
726
- };
727
- redirect: {
728
- type: string;
729
- description: string;
730
- enum: boolean[];
731
- };
732
- };
733
- required: string[];
734
- };
735
- };
736
- };
737
- };
738
- };
739
- };
740
- };
741
- } & {
742
- use: any[];
743
- };
744
- path: "/sign-in/sso";
745
- };
746
- callbackSSO: {
747
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
748
- body?: undefined;
749
- } & {
750
- method?: "GET" | undefined;
751
- } & {
752
- query: {
753
- state: string;
754
- code?: string | undefined;
755
- error?: string | undefined;
756
- error_description?: string | undefined;
757
- };
758
- } & {
759
- params: {
760
- providerId: string;
761
- };
762
- } & {
763
- request?: Request;
764
- } & {
765
- headers?: HeadersInit;
766
- } & {
767
- asResponse?: boolean;
768
- returnHeaders?: boolean;
769
- use?: better_call0.Middleware[];
770
- path?: string;
771
- } & {
772
- asResponse?: AsResponse | undefined;
773
- returnHeaders?: ReturnHeaders | undefined;
774
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
775
- headers: Headers;
776
- response: never;
777
- } : never>;
778
- options: {
779
- method: "GET";
780
- query: z.ZodObject<{
781
- code: z.ZodOptional<z.ZodString>;
782
- state: z.ZodString;
783
- error: z.ZodOptional<z.ZodString>;
784
- error_description: z.ZodOptional<z.ZodString>;
785
- }, z.core.$strip>;
786
- metadata: {
787
- isAction: boolean;
788
- openapi: {
789
- summary: string;
790
- description: string;
791
- responses: {
792
- "302": {
793
- description: string;
794
- };
795
- };
796
- };
797
- };
798
- } & {
799
- use: any[];
800
- };
801
- path: "/sso/callback/:providerId";
802
- };
803
- callbackSSOSAML: {
804
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
805
- body: {
806
- SAMLResponse: string;
807
- RelayState?: string | undefined;
808
- };
809
- } & {
810
- method?: "POST" | undefined;
811
- } & {
812
- query?: Record<string, any> | undefined;
813
- } & {
814
- params: {
815
- providerId: string;
816
- };
817
- } & {
818
- request?: Request;
819
- } & {
820
- headers?: HeadersInit;
821
- } & {
822
- asResponse?: boolean;
823
- returnHeaders?: boolean;
824
- use?: better_call0.Middleware[];
825
- path?: string;
826
- } & {
827
- asResponse?: AsResponse | undefined;
828
- returnHeaders?: ReturnHeaders | undefined;
829
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
830
- headers: Headers;
831
- response: never;
832
- } : never>;
833
- options: {
834
- method: "POST";
835
- body: z.ZodObject<{
836
- SAMLResponse: z.ZodString;
837
- RelayState: z.ZodOptional<z.ZodString>;
838
- }, z.core.$strip>;
839
- metadata: {
840
- isAction: boolean;
841
- openapi: {
842
- summary: string;
843
- description: string;
844
- responses: {
845
- "302": {
846
- description: string;
847
- };
848
- "400": {
849
- description: string;
850
- };
851
- "401": {
852
- description: string;
853
- };
854
- };
855
- };
856
- };
857
- } & {
858
- use: any[];
859
- };
860
- path: "/sso/saml2/callback/:providerId";
861
- };
862
- acsEndpoint: {
863
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
864
- body: {
865
- SAMLResponse: string;
866
- RelayState?: string | undefined;
867
- };
868
- } & {
869
- method?: "POST" | undefined;
870
- } & {
871
- query?: Record<string, any> | undefined;
872
- } & {
873
- params: {
874
- providerId: string;
875
- };
876
- } & {
877
- request?: Request;
878
- } & {
879
- headers?: HeadersInit;
880
- } & {
881
- asResponse?: boolean;
882
- returnHeaders?: boolean;
883
- use?: better_call0.Middleware[];
884
- path?: string;
885
- } & {
886
- asResponse?: AsResponse | undefined;
887
- returnHeaders?: ReturnHeaders | undefined;
888
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
889
- headers: Headers;
890
- response: never;
891
- } : never>;
892
- options: {
893
- method: "POST";
894
- params: z.ZodObject<{
895
- providerId: z.ZodOptional<z.ZodString>;
896
- }, z.core.$strip>;
897
- body: z.ZodObject<{
898
- SAMLResponse: z.ZodString;
899
- RelayState: z.ZodOptional<z.ZodString>;
900
- }, z.core.$strip>;
901
- metadata: {
902
- isAction: boolean;
903
- openapi: {
904
- summary: string;
905
- description: string;
906
- responses: {
907
- "302": {
908
- description: string;
909
- };
910
- };
911
- };
912
- };
913
- } & {
914
- use: any[];
915
- };
916
- path: "/sso/saml2/sp/acs/:providerId";
917
- };
918
- };
919
- schema: {
920
- ssoProvider: {
921
- fields: {
922
- issuer: {
923
- type: "string";
924
- required: true;
925
- };
926
- oidcConfig: {
927
- type: "string";
928
- required: false;
929
- };
930
- samlConfig: {
931
- type: "string";
932
- required: false;
933
- };
934
- userId: {
935
- type: "string";
936
- references: {
937
- model: string;
938
- field: string;
939
- };
940
- };
941
- providerId: {
942
- type: "string";
943
- required: true;
944
- unique: true;
945
- };
946
- organizationId: {
947
- type: "string";
948
- required: false;
949
- };
950
- domain: {
951
- type: "string";
952
- required: true;
953
- };
954
- };
955
- };
956
- };
957
- };
958
- //#endregion
959
- export { OIDCConfig, OIDCMapping, SAMLConfig, SAMLMapping, SSOOptions, SSOProvider, sso };