@better-auth/sso 1.4.0-beta.11 → 1.4.0-beta.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/.turbo/turbo-build.log +10 -10
  2. package/dist/client.d.cts +1 -1
  3. package/dist/client.d.ts +1 -1
  4. package/dist/client.js +1 -1
  5. package/dist/index-CL9gq2xe.d.ts +688 -0
  6. package/dist/index-N2GvRGik.d.cts +688 -0
  7. package/dist/index.d.cts +1 -1
  8. package/dist/index.d.ts +1 -1
  9. package/dist/index.js +1 -1
  10. package/dist/{src-Z1RpfPZt.js → src-KQzfNIm4.js} +1 -1
  11. package/package.json +7 -5
  12. package/tsconfig.json +6 -4
  13. package/tsdown.config.ts +1 -1
  14. package/dist/index-Cl11-WdU.d.cts +0 -965
  15. package/dist/index-Dtx0Mkqc.d.ts +0 -965
package/dist/index-Cl11-WdU.d.cts DELETED
@@ -1,965 +0,0 @@
1
- import * as better_call0 from "better-call";
2
- import { OAuth2Tokens, User } from "better-auth";
3
- import * as z from "zod/v4";
4
-
5
- //#region src/index.d.ts
6
- interface OIDCMapping {
7
- id?: string;
8
- email?: string;
9
- emailVerified?: string;
10
- name?: string;
11
- image?: string;
12
- extraFields?: Record<string, string>;
13
- }
14
- interface SAMLMapping {
15
- id?: string;
16
- email?: string;
17
- emailVerified?: string;
18
- name?: string;
19
- firstName?: string;
20
- lastName?: string;
21
- extraFields?: Record<string, string>;
22
- }
23
- interface OIDCConfig {
24
- issuer: string;
25
- pkce: boolean;
26
- clientId: string;
27
- clientSecret: string;
28
- authorizationEndpoint?: string;
29
- discoveryEndpoint: string;
30
- userInfoEndpoint?: string;
31
- scopes?: string[];
32
- overrideUserInfo?: boolean;
33
- tokenEndpoint?: string;
34
- tokenEndpointAuthentication?: "client_secret_post" | "client_secret_basic";
35
- jwksEndpoint?: string;
36
- mapping?: OIDCMapping;
37
- }
38
- interface SAMLConfig {
39
- issuer: string;
40
- entryPoint: string;
41
- cert: string;
42
- callbackUrl: string;
43
- audience?: string;
44
- idpMetadata?: {
45
- metadata?: string;
46
- entityID?: string;
47
- entityURL?: string;
48
- redirectURL?: string;
49
- cert?: string;
50
- privateKey?: string;
51
- privateKeyPass?: string;
52
- isAssertionEncrypted?: boolean;
53
- encPrivateKey?: string;
54
- encPrivateKeyPass?: string;
55
- singleSignOnService?: Array<{
56
- Binding: string;
57
- Location: string;
58
- }>;
59
- };
60
- spMetadata: {
61
- metadata?: string;
62
- entityID?: string;
63
- binding?: string;
64
- privateKey?: string;
65
- privateKeyPass?: string;
66
- isAssertionEncrypted?: boolean;
67
- encPrivateKey?: string;
68
- encPrivateKeyPass?: string;
69
- };
70
- wantAssertionsSigned?: boolean;
71
- signatureAlgorithm?: string;
72
- digestAlgorithm?: string;
73
- identifierFormat?: string;
74
- privateKey?: string;
75
- decryptionPvk?: string;
76
- additionalParams?: Record<string, any>;
77
- mapping?: SAMLMapping;
78
- }
79
- interface SSOProvider {
80
- issuer: string;
81
- oidcConfig?: OIDCConfig;
82
- samlConfig?: SAMLConfig;
83
- userId: string;
84
- providerId: string;
85
- organizationId?: string;
86
- }
87
- interface SSOOptions {
88
- /**
89
- * custom function to provision a user when they sign in with an SSO provider.
90
- */
91
- provisionUser?: (data: {
92
- /**
93
- * The user object from the database
94
- */
95
- user: User & Record<string, any>;
96
- /**
97
- * The user info object from the provider
98
- */
99
- userInfo: Record<string, any>;
100
- /**
101
- * The OAuth2 tokens from the provider
102
- */
103
- token?: OAuth2Tokens;
104
- /**
105
- * The SSO provider
106
- */
107
- provider: SSOProvider;
108
- }) => Promise<void>;
109
- /**
110
- * Organization provisioning options
111
- */
112
- organizationProvisioning?: {
113
- disabled?: boolean;
114
- defaultRole?: "member" | "admin";
115
- getRole?: (data: {
116
- /**
117
- * The user object from the database
118
- */
119
- user: User & Record<string, any>;
120
- /**
121
- * The user info object from the provider
122
- */
123
- userInfo: Record<string, any>;
124
- /**
125
- * The OAuth2 tokens from the provider
126
- */
127
- token?: OAuth2Tokens;
128
- /**
129
- * The SSO provider
130
- */
131
- provider: SSOProvider;
132
- }) => Promise<"member" | "admin">;
133
- };
134
- /**
135
- * Default SSO provider configurations for testing.
136
- * These will take the precedence over the database providers.
137
- */
138
- defaultSSO?: Array<{
139
- /**
140
- * The domain to match for this default provider.
141
- * This is only used to match incoming requests to this default provider.
142
- */
143
- domain: string;
144
- /**
145
- * The provider ID to use
146
- */
147
- providerId: string;
148
- /**
149
- * SAML configuration
150
- */
151
- samlConfig?: SAMLConfig;
152
- /**
153
- * OIDC configuration
154
- */
155
- oidcConfig?: OIDCConfig;
156
- }>;
157
- /**
158
- * Override user info with the provider info.
159
- * @default false
160
- */
161
- defaultOverrideUserInfo?: boolean;
162
- /**
163
- * Disable implicit sign up for new users. When set to true for the provider,
164
- * sign-in need to be called with with requestSignUp as true to create new users.
165
- */
166
- disableImplicitSignUp?: boolean;
167
- /**
168
- * Configure the maximum number of SSO providers a user can register.
169
- * You can also pass a function that returns a number.
170
- * Set to 0 to disable SSO provider registration.
171
- *
172
- * @example
173
- * ```ts
174
- * providersLimit: async (user) => {
175
- * const plan = await getUserPlan(user);
176
- * return plan.name === "pro" ? 10 : 1;
177
- * }
178
- * ```
179
- * @default 10
180
- */
181
- providersLimit?: number | ((user: User) => Promise<number> | number);
182
- /**
183
- * Trust the email verified flag from the provider.
184
- * @default false
185
- */
186
- trustEmailVerified?: boolean;
187
- }
188
- declare const sso: (options?: SSOOptions) => {
189
- id: "sso";
190
- endpoints: {
191
- spMetadata: {
192
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
193
- body?: undefined;
194
- } & {
195
- method?: "GET" | undefined;
196
- } & {
197
- query: {
198
- providerId: string;
199
- format?: "xml" | "json" | undefined;
200
- };
201
- } & {
202
- params?: Record<string, any>;
203
- } & {
204
- request?: Request;
205
- } & {
206
- headers?: HeadersInit;
207
- } & {
208
- asResponse?: boolean;
209
- returnHeaders?: boolean;
210
- use?: better_call0.Middleware[];
211
- path?: string;
212
- } & {
213
- asResponse?: AsResponse | undefined;
214
- returnHeaders?: ReturnHeaders | undefined;
215
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
216
- headers: Headers;
217
- response: Response;
218
- } : Response>;
219
- options: {
220
- method: "GET";
221
- query: z.ZodObject<{
222
- providerId: z.ZodString;
223
- format: z.ZodDefault<z.ZodEnum<{
224
- xml: "xml";
225
- json: "json";
226
- }>>;
227
- }, z.core.$strip>;
228
- metadata: {
229
- openapi: {
230
- summary: string;
231
- description: string;
232
- responses: {
233
- "200": {
234
- description: string;
235
- };
236
- };
237
- };
238
- };
239
- } & {
240
- use: any[];
241
- };
242
- path: "/sso/saml2/sp/metadata";
243
- };
244
- registerSSOProvider: {
245
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
246
- body: {
247
- providerId: string;
248
- issuer: string;
249
- domain: string;
250
- oidcConfig?: {
251
- clientId: string;
252
- clientSecret: string;
253
- authorizationEndpoint?: string | undefined;
254
- tokenEndpoint?: string | undefined;
255
- userInfoEndpoint?: string | undefined;
256
- tokenEndpointAuthentication?: "client_secret_post" | "client_secret_basic" | undefined;
257
- jwksEndpoint?: string | undefined;
258
- discoveryEndpoint?: string | undefined;
259
- scopes?: string[] | undefined;
260
- pkce?: boolean | undefined;
261
- mapping?: {
262
- id: string;
263
- email: string;
264
- name: string;
265
- emailVerified?: string | undefined;
266
- image?: string | undefined;
267
- extraFields?: Record<string, any> | undefined;
268
- } | undefined;
269
- } | undefined;
270
- samlConfig?: {
271
- entryPoint: string;
272
- cert: string;
273
- callbackUrl: string;
274
- spMetadata: {
275
- metadata?: string | undefined;
276
- entityID?: string | undefined;
277
- binding?: string | undefined;
278
- privateKey?: string | undefined;
279
- privateKeyPass?: string | undefined;
280
- isAssertionEncrypted?: boolean | undefined;
281
- encPrivateKey?: string | undefined;
282
- encPrivateKeyPass?: string | undefined;
283
- };
284
- audience?: string | undefined;
285
- idpMetadata?: {
286
- metadata?: string | undefined;
287
- entityID?: string | undefined;
288
- cert?: string | undefined;
289
- privateKey?: string | undefined;
290
- privateKeyPass?: string | undefined;
291
- isAssertionEncrypted?: boolean | undefined;
292
- encPrivateKey?: string | undefined;
293
- encPrivateKeyPass?: string | undefined;
294
- singleSignOnService?: {
295
- Binding: string;
296
- Location: string;
297
- }[] | undefined;
298
- } | undefined;
299
- wantAssertionsSigned?: boolean | undefined;
300
- signatureAlgorithm?: string | undefined;
301
- digestAlgorithm?: string | undefined;
302
- identifierFormat?: string | undefined;
303
- privateKey?: string | undefined;
304
- decryptionPvk?: string | undefined;
305
- additionalParams?: Record<string, any> | undefined;
306
- mapping?: {
307
- id: string;
308
- email: string;
309
- name: string;
310
- emailVerified?: string | undefined;
311
- firstName?: string | undefined;
312
- lastName?: string | undefined;
313
- extraFields?: Record<string, any> | undefined;
314
- } | undefined;
315
- } | undefined;
316
- organizationId?: string | undefined;
317
- overrideUserInfo?: boolean | undefined;
318
- };
319
- } & {
320
- method?: "POST" | undefined;
321
- } & {
322
- query?: Record<string, any> | undefined;
323
- } & {
324
- params?: Record<string, any>;
325
- } & {
326
- request?: Request;
327
- } & {
328
- headers?: HeadersInit;
329
- } & {
330
- asResponse?: boolean;
331
- returnHeaders?: boolean;
332
- use?: better_call0.Middleware[];
333
- path?: string;
334
- } & {
335
- asResponse?: AsResponse | undefined;
336
- returnHeaders?: ReturnHeaders | undefined;
337
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
338
- headers: Headers;
339
- response: {
340
- oidcConfig: OIDCConfig;
341
- samlConfig: SAMLConfig;
342
- redirectURI: string;
343
- issuer: string;
344
- userId: string;
345
- providerId: string;
346
- organizationId?: string;
347
- };
348
- } : {
349
- oidcConfig: OIDCConfig;
350
- samlConfig: SAMLConfig;
351
- redirectURI: string;
352
- issuer: string;
353
- userId: string;
354
- providerId: string;
355
- organizationId?: string;
356
- }>;
357
- options: {
358
- method: "POST";
359
- body: z.ZodObject<{
360
- providerId: z.ZodString;
361
- issuer: z.ZodString;
362
- domain: z.ZodString;
363
- oidcConfig: z.ZodOptional<z.ZodObject<{
364
- clientId: z.ZodString;
365
- clientSecret: z.ZodString;
366
- authorizationEndpoint: z.ZodOptional<z.ZodString>;
367
- tokenEndpoint: z.ZodOptional<z.ZodString>;
368
- userInfoEndpoint: z.ZodOptional<z.ZodString>;
369
- tokenEndpointAuthentication: z.ZodOptional<z.ZodEnum<{
370
- client_secret_post: "client_secret_post";
371
- client_secret_basic: "client_secret_basic";
372
- }>>;
373
- jwksEndpoint: z.ZodOptional<z.ZodString>;
374
- discoveryEndpoint: z.ZodOptional<z.ZodString>;
375
- scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
376
- pkce: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
377
- mapping: z.ZodOptional<z.ZodObject<{
378
- id: z.ZodString;
379
- email: z.ZodString;
380
- emailVerified: z.ZodOptional<z.ZodString>;
381
- name: z.ZodString;
382
- image: z.ZodOptional<z.ZodString>;
383
- extraFields: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
384
- }, z.core.$strip>>;
385
- }, z.core.$strip>>;
386
- samlConfig: z.ZodOptional<z.ZodObject<{
387
- entryPoint: z.ZodString;
388
- cert: z.ZodString;
389
- callbackUrl: z.ZodString;
390
- audience: z.ZodOptional<z.ZodString>;
391
- idpMetadata: z.ZodOptional<z.ZodObject<{
392
- metadata: z.ZodOptional<z.ZodString>;
393
- entityID: z.ZodOptional<z.ZodString>;
394
- cert: z.ZodOptional<z.ZodString>;
395
- privateKey: z.ZodOptional<z.ZodString>;
396
- privateKeyPass: z.ZodOptional<z.ZodString>;
397
- isAssertionEncrypted: z.ZodOptional<z.ZodBoolean>;
398
- encPrivateKey: z.ZodOptional<z.ZodString>;
399
- encPrivateKeyPass: z.ZodOptional<z.ZodString>;
400
- singleSignOnService: z.ZodOptional<z.ZodArray<z.ZodObject<{
401
- Binding: z.ZodString;
402
- Location: z.ZodString;
403
- }, z.core.$strip>>>;
404
- }, z.core.$strip>>;
405
- spMetadata: z.ZodObject<{
406
- metadata: z.ZodOptional<z.ZodString>;
407
- entityID: z.ZodOptional<z.ZodString>;
408
- binding: z.ZodOptional<z.ZodString>;
409
- privateKey: z.ZodOptional<z.ZodString>;
410
- privateKeyPass: z.ZodOptional<z.ZodString>;
411
- isAssertionEncrypted: z.ZodOptional<z.ZodBoolean>;
412
- encPrivateKey: z.ZodOptional<z.ZodString>;
413
- encPrivateKeyPass: z.ZodOptional<z.ZodString>;
414
- }, z.core.$strip>;
415
- wantAssertionsSigned: z.ZodOptional<z.ZodBoolean>;
416
- signatureAlgorithm: z.ZodOptional<z.ZodString>;
417
- digestAlgorithm: z.ZodOptional<z.ZodString>;
418
- identifierFormat: z.ZodOptional<z.ZodString>;
419
- privateKey: z.ZodOptional<z.ZodString>;
420
- decryptionPvk: z.ZodOptional<z.ZodString>;
421
- additionalParams: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
422
- mapping: z.ZodOptional<z.ZodObject<{
423
- id: z.ZodString;
424
- email: z.ZodString;
425
- emailVerified: z.ZodOptional<z.ZodString>;
426
- name: z.ZodString;
427
- firstName: z.ZodOptional<z.ZodString>;
428
- lastName: z.ZodOptional<z.ZodString>;
429
- extraFields: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
430
- }, z.core.$strip>>;
431
- }, z.core.$strip>>;
432
- organizationId: z.ZodOptional<z.ZodString>;
433
- overrideUserInfo: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
434
- }, z.core.$strip>;
435
- use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
436
- session: {
437
- session: Record<string, any> & {
438
- id: string;
439
- createdAt: Date;
440
- updatedAt: Date;
441
- userId: string;
442
- expiresAt: Date;
443
- token: string;
444
- ipAddress?: string | null | undefined;
445
- userAgent?: string | null | undefined;
446
- };
447
- user: Record<string, any> & {
448
- id: string;
449
- createdAt: Date;
450
- updatedAt: Date;
451
- email: string;
452
- emailVerified: boolean;
453
- name: string;
454
- image?: string | null | undefined;
455
- };
456
- };
457
- }>)[];
458
- metadata: {
459
- openapi: {
460
- summary: string;
461
- description: string;
462
- responses: {
463
- "200": {
464
- description: string;
465
- content: {
466
- "application/json": {
467
- schema: {
468
- type: "object";
469
- properties: {
470
- issuer: {
471
- type: string;
472
- format: string;
473
- description: string;
474
- };
475
- domain: {
476
- type: string;
477
- description: string;
478
- };
479
- oidcConfig: {
480
- type: string;
481
- properties: {
482
- issuer: {
483
- type: string;
484
- format: string;
485
- description: string;
486
- };
487
- pkce: {
488
- type: string;
489
- description: string;
490
- };
491
- clientId: {
492
- type: string;
493
- description: string;
494
- };
495
- clientSecret: {
496
- type: string;
497
- description: string;
498
- };
499
- authorizationEndpoint: {
500
- type: string;
501
- format: string;
502
- nullable: boolean;
503
- description: string;
504
- };
505
- discoveryEndpoint: {
506
- type: string;
507
- format: string;
508
- description: string;
509
- };
510
- userInfoEndpoint: {
511
- type: string;
512
- format: string;
513
- nullable: boolean;
514
- description: string;
515
- };
516
- scopes: {
517
- type: string;
518
- items: {
519
- type: string;
520
- };
521
- nullable: boolean;
522
- description: string;
523
- };
524
- tokenEndpoint: {
525
- type: string;
526
- format: string;
527
- nullable: boolean;
528
- description: string;
529
- };
530
- tokenEndpointAuthentication: {
531
- type: string;
532
- enum: string[];
533
- nullable: boolean;
534
- description: string;
535
- };
536
- jwksEndpoint: {
537
- type: string;
538
- format: string;
539
- nullable: boolean;
540
- description: string;
541
- };
542
- mapping: {
543
- type: string;
544
- nullable: boolean;
545
- properties: {
546
- id: {
547
- type: string;
548
- description: string;
549
- };
550
- email: {
551
- type: string;
552
- description: string;
553
- };
554
- emailVerified: {
555
- type: string;
556
- nullable: boolean;
557
- description: string;
558
- };
559
- name: {
560
- type: string;
561
- description: string;
562
- };
563
- image: {
564
- type: string;
565
- nullable: boolean;
566
- description: string;
567
- };
568
- extraFields: {
569
- type: string;
570
- additionalProperties: {
571
- type: string;
572
- };
573
- nullable: boolean;
574
- description: string;
575
- };
576
- };
577
- required: string[];
578
- };
579
- };
580
- required: string[];
581
- description: string;
582
- };
583
- organizationId: {
584
- type: string;
585
- nullable: boolean;
586
- description: string;
587
- };
588
- userId: {
589
- type: string;
590
- description: string;
591
- };
592
- providerId: {
593
- type: string;
594
- description: string;
595
- };
596
- redirectURI: {
597
- type: string;
598
- format: string;
599
- description: string;
600
- };
601
- };
602
- required: string[];
603
- };
604
- };
605
- };
606
- };
607
- };
608
- };
609
- };
610
- } & {
611
- use: any[];
612
- };
613
- path: "/sso/register";
614
- };
615
- signInSSO: {
616
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
617
- body: {
618
- callbackURL: string;
619
- email?: string | undefined;
620
- organizationSlug?: string | undefined;
621
- providerId?: string | undefined;
622
- domain?: string | undefined;
623
- errorCallbackURL?: string | undefined;
624
- newUserCallbackURL?: string | undefined;
625
- scopes?: string[] | undefined;
626
- loginHint?: string | undefined;
627
- requestSignUp?: boolean | undefined;
628
- providerType?: "oidc" | "saml" | undefined;
629
- };
630
- } & {
631
- method?: "POST" | undefined;
632
- } & {
633
- query?: Record<string, any> | undefined;
634
- } & {
635
- params?: Record<string, any>;
636
- } & {
637
- request?: Request;
638
- } & {
639
- headers?: HeadersInit;
640
- } & {
641
- asResponse?: boolean;
642
- returnHeaders?: boolean;
643
- use?: better_call0.Middleware[];
644
- path?: string;
645
- } & {
646
- asResponse?: AsResponse | undefined;
647
- returnHeaders?: ReturnHeaders | undefined;
648
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
649
- headers: Headers;
650
- response: {
651
- url: string;
652
- redirect: boolean;
653
- };
654
- } : {
655
- url: string;
656
- redirect: boolean;
657
- }>;
658
- options: {
659
- method: "POST";
660
- body: z.ZodObject<{
661
- email: z.ZodOptional<z.ZodString>;
662
- organizationSlug: z.ZodOptional<z.ZodString>;
663
- providerId: z.ZodOptional<z.ZodString>;
664
- domain: z.ZodOptional<z.ZodString>;
665
- callbackURL: z.ZodString;
666
- errorCallbackURL: z.ZodOptional<z.ZodString>;
667
- newUserCallbackURL: z.ZodOptional<z.ZodString>;
668
- scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
669
- loginHint: z.ZodOptional<z.ZodString>;
670
- requestSignUp: z.ZodOptional<z.ZodBoolean>;
671
- providerType: z.ZodOptional<z.ZodEnum<{
672
- oidc: "oidc";
673
- saml: "saml";
674
- }>>;
675
- }, z.core.$strip>;
676
- metadata: {
677
- openapi: {
678
- summary: string;
679
- description: string;
680
- requestBody: {
681
- content: {
682
- "application/json": {
683
- schema: {
684
- type: "object";
685
- properties: {
686
- email: {
687
- type: string;
688
- description: string;
689
- };
690
- issuer: {
691
- type: string;
692
- description: string;
693
- };
694
- providerId: {
695
- type: string;
696
- description: string;
697
- };
698
- callbackURL: {
699
- type: string;
700
- description: string;
701
- };
702
- errorCallbackURL: {
703
- type: string;
704
- description: string;
705
- };
706
- newUserCallbackURL: {
707
- type: string;
708
- description: string;
709
- };
710
- loginHint: {
711
- type: string;
712
- description: string;
713
- };
714
- };
715
- required: string[];
716
- };
717
- };
718
- };
719
- };
720
- responses: {
721
- "200": {
722
- description: string;
723
- content: {
724
- "application/json": {
725
- schema: {
726
- type: "object";
727
- properties: {
728
- url: {
729
- type: string;
730
- format: string;
731
- description: string;
732
- };
733
- redirect: {
734
- type: string;
735
- description: string;
736
- enum: boolean[];
737
- };
738
- };
739
- required: string[];
740
- };
741
- };
742
- };
743
- };
744
- };
745
- };
746
- };
747
- } & {
748
- use: any[];
749
- };
750
- path: "/sign-in/sso";
751
- };
752
- callbackSSO: {
753
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
754
- body?: undefined;
755
- } & {
756
- method?: "GET" | undefined;
757
- } & {
758
- query: {
759
- state: string;
760
- code?: string | undefined;
761
- error?: string | undefined;
762
- error_description?: string | undefined;
763
- };
764
- } & {
765
- params: {
766
- providerId: string;
767
- };
768
- } & {
769
- request?: Request;
770
- } & {
771
- headers?: HeadersInit;
772
- } & {
773
- asResponse?: boolean;
774
- returnHeaders?: boolean;
775
- use?: better_call0.Middleware[];
776
- path?: string;
777
- } & {
778
- asResponse?: AsResponse | undefined;
779
- returnHeaders?: ReturnHeaders | undefined;
780
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
781
- headers: Headers;
782
- response: never;
783
- } : never>;
784
- options: {
785
- method: "GET";
786
- query: z.ZodObject<{
787
- code: z.ZodOptional<z.ZodString>;
788
- state: z.ZodString;
789
- error: z.ZodOptional<z.ZodString>;
790
- error_description: z.ZodOptional<z.ZodString>;
791
- }, z.core.$strip>;
792
- metadata: {
793
- isAction: boolean;
794
- openapi: {
795
- summary: string;
796
- description: string;
797
- responses: {
798
- "302": {
799
- description: string;
800
- };
801
- };
802
- };
803
- };
804
- } & {
805
- use: any[];
806
- };
807
- path: "/sso/callback/:providerId";
808
- };
809
- callbackSSOSAML: {
810
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
811
- body: {
812
- SAMLResponse: string;
813
- RelayState?: string | undefined;
814
- };
815
- } & {
816
- method?: "POST" | undefined;
817
- } & {
818
- query?: Record<string, any> | undefined;
819
- } & {
820
- params: {
821
- providerId: string;
822
- };
823
- } & {
824
- request?: Request;
825
- } & {
826
- headers?: HeadersInit;
827
- } & {
828
- asResponse?: boolean;
829
- returnHeaders?: boolean;
830
- use?: better_call0.Middleware[];
831
- path?: string;
832
- } & {
833
- asResponse?: AsResponse | undefined;
834
- returnHeaders?: ReturnHeaders | undefined;
835
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
836
- headers: Headers;
837
- response: never;
838
- } : never>;
839
- options: {
840
- method: "POST";
841
- body: z.ZodObject<{
842
- SAMLResponse: z.ZodString;
843
- RelayState: z.ZodOptional<z.ZodString>;
844
- }, z.core.$strip>;
845
- metadata: {
846
- isAction: boolean;
847
- openapi: {
848
- summary: string;
849
- description: string;
850
- responses: {
851
- "302": {
852
- description: string;
853
- };
854
- "400": {
855
- description: string;
856
- };
857
- "401": {
858
- description: string;
859
- };
860
- };
861
- };
862
- };
863
- } & {
864
- use: any[];
865
- };
866
- path: "/sso/saml2/callback/:providerId";
867
- };
868
- acsEndpoint: {
869
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
870
- body: {
871
- SAMLResponse: string;
872
- RelayState?: string | undefined;
873
- };
874
- } & {
875
- method?: "POST" | undefined;
876
- } & {
877
- query?: Record<string, any> | undefined;
878
- } & {
879
- params: {
880
- providerId: string;
881
- };
882
- } & {
883
- request?: Request;
884
- } & {
885
- headers?: HeadersInit;
886
- } & {
887
- asResponse?: boolean;
888
- returnHeaders?: boolean;
889
- use?: better_call0.Middleware[];
890
- path?: string;
891
- } & {
892
- asResponse?: AsResponse | undefined;
893
- returnHeaders?: ReturnHeaders | undefined;
894
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
895
- headers: Headers;
896
- response: never;
897
- } : never>;
898
- options: {
899
- method: "POST";
900
- params: z.ZodObject<{
901
- providerId: z.ZodOptional<z.ZodString>;
902
- }, z.core.$strip>;
903
- body: z.ZodObject<{
904
- SAMLResponse: z.ZodString;
905
- RelayState: z.ZodOptional<z.ZodString>;
906
- }, z.core.$strip>;
907
- metadata: {
908
- isAction: boolean;
909
- openapi: {
910
- summary: string;
911
- description: string;
912
- responses: {
913
- "302": {
914
- description: string;
915
- };
916
- };
917
- };
918
- };
919
- } & {
920
- use: any[];
921
- };
922
- path: "/sso/saml2/sp/acs/:providerId";
923
- };
924
- };
925
- schema: {
926
- ssoProvider: {
927
- fields: {
928
- issuer: {
929
- type: "string";
930
- required: true;
931
- };
932
- oidcConfig: {
933
- type: "string";
934
- required: false;
935
- };
936
- samlConfig: {
937
- type: "string";
938
- required: false;
939
- };
940
- userId: {
941
- type: "string";
942
- references: {
943
- model: string;
944
- field: string;
945
- };
946
- };
947
- providerId: {
948
- type: "string";
949
- required: true;
950
- unique: true;
951
- };
952
- organizationId: {
953
- type: "string";
954
- required: false;
955
- };
956
- domain: {
957
- type: "string";
958
- required: true;
959
- };
960
- };
961
- };
962
- };
963
- };
964
- //#endregion
965
- export { OIDCConfig, OIDCMapping, SAMLConfig, SAMLMapping, SSOOptions, SSOProvider, sso };