@better-auth/sso 1.4.0-beta.2 → 1.4.0-beta.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (22) hide show
  1. package/.turbo/turbo-build.log +14 -15
  2. package/dist/client.d.mts +6 -8
  3. package/dist/client.mjs +7 -5
  4. package/dist/index-C091fIpa.d.mts +675 -0
  5. package/dist/index.d.mts +2 -959
  6. package/dist/index.mjs +1220 -1579
  7. package/package.json +28 -21
  8. package/src/client.ts +1 -1
  9. package/src/index.ts +34 -2112
  10. package/src/oidc.test.ts +133 -212
  11. package/src/routes/sso.ts +2033 -0
  12. package/src/saml.test.ts +204 -28
  13. package/src/types.ts +208 -0
  14. package/tsconfig.json +7 -16
  15. package/tsdown.config.ts +8 -0
  16. package/build.config.ts +0 -12
  17. package/dist/client.cjs +0 -10
  18. package/dist/client.d.cts +0 -11
  19. package/dist/client.d.ts +0 -11
  20. package/dist/index.cjs +0 -1600
  21. package/dist/index.d.cts +0 -959
  22. package/dist/index.d.ts +0 -959
package/dist/index.d.mts CHANGED
@@ -1,959 +1,2 @@
1
- import * as better_call from 'better-call';
2
- import { User, OAuth2Tokens } from 'better-auth';
3
- import * as z from 'zod/v4';
4
-
5
- interface OIDCMapping {
6
- id?: string;
7
- email?: string;
8
- emailVerified?: string;
9
- name?: string;
10
- image?: string;
11
- extraFields?: Record<string, string>;
12
- }
13
- interface SAMLMapping {
14
- id?: string;
15
- email?: string;
16
- emailVerified?: string;
17
- name?: string;
18
- firstName?: string;
19
- lastName?: string;
20
- extraFields?: Record<string, string>;
21
- }
22
- interface OIDCConfig {
23
- issuer: string;
24
- pkce: boolean;
25
- clientId: string;
26
- clientSecret: string;
27
- authorizationEndpoint?: string;
28
- discoveryEndpoint: string;
29
- userInfoEndpoint?: string;
30
- scopes?: string[];
31
- overrideUserInfo?: boolean;
32
- tokenEndpoint?: string;
33
- tokenEndpointAuthentication?: "client_secret_post" | "client_secret_basic";
34
- jwksEndpoint?: string;
35
- mapping?: OIDCMapping;
36
- }
37
- interface SAMLConfig {
38
- issuer: string;
39
- entryPoint: string;
40
- cert: string;
41
- callbackUrl: string;
42
- audience?: string;
43
- idpMetadata?: {
44
- metadata?: string;
45
- entityID?: string;
46
- entityURL?: string;
47
- redirectURL?: string;
48
- cert?: string;
49
- privateKey?: string;
50
- privateKeyPass?: string;
51
- isAssertionEncrypted?: boolean;
52
- encPrivateKey?: string;
53
- encPrivateKeyPass?: string;
54
- singleSignOnService?: Array<{
55
- Binding: string;
56
- Location: string;
57
- }>;
58
- };
59
- spMetadata: {
60
- metadata?: string;
61
- entityID?: string;
62
- binding?: string;
63
- privateKey?: string;
64
- privateKeyPass?: string;
65
- isAssertionEncrypted?: boolean;
66
- encPrivateKey?: string;
67
- encPrivateKeyPass?: string;
68
- };
69
- wantAssertionsSigned?: boolean;
70
- signatureAlgorithm?: string;
71
- digestAlgorithm?: string;
72
- identifierFormat?: string;
73
- privateKey?: string;
74
- decryptionPvk?: string;
75
- additionalParams?: Record<string, any>;
76
- mapping?: SAMLMapping;
77
- }
78
- interface SSOProvider {
79
- issuer: string;
80
- oidcConfig?: OIDCConfig;
81
- samlConfig?: SAMLConfig;
82
- userId: string;
83
- providerId: string;
84
- organizationId?: string;
85
- }
86
- interface SSOOptions {
87
- /**
88
- * custom function to provision a user when they sign in with an SSO provider.
89
- */
90
- provisionUser?: (data: {
91
- /**
92
- * The user object from the database
93
- */
94
- user: User & Record<string, any>;
95
- /**
96
- * The user info object from the provider
97
- */
98
- userInfo: Record<string, any>;
99
- /**
100
- * The OAuth2 tokens from the provider
101
- */
102
- token?: OAuth2Tokens;
103
- /**
104
- * The SSO provider
105
- */
106
- provider: SSOProvider;
107
- }) => Promise<void>;
108
- /**
109
- * Organization provisioning options
110
- */
111
- organizationProvisioning?: {
112
- disabled?: boolean;
113
- defaultRole?: "member" | "admin";
114
- getRole?: (data: {
115
- /**
116
- * The user object from the database
117
- */
118
- user: User & Record<string, any>;
119
- /**
120
- * The user info object from the provider
121
- */
122
- userInfo: Record<string, any>;
123
- /**
124
- * The OAuth2 tokens from the provider
125
- */
126
- token?: OAuth2Tokens;
127
- /**
128
- * The SSO provider
129
- */
130
- provider: SSOProvider;
131
- }) => Promise<"member" | "admin">;
132
- };
133
- /**
134
- * Default SSO provider configurations for testing.
135
- * These will take the precedence over the database providers.
136
- */
137
- defaultSSO?: Array<{
138
- /**
139
- * The domain to match for this default provider.
140
- * This is only used to match incoming requests to this default provider.
141
- */
142
- domain: string;
143
- /**
144
- * The provider ID to use
145
- */
146
- providerId: string;
147
- /**
148
- * SAML configuration
149
- */
150
- samlConfig?: SAMLConfig;
151
- /**
152
- * OIDC configuration
153
- */
154
- oidcConfig?: OIDCConfig;
155
- }>;
156
- /**
157
- * Override user info with the provider info.
158
- * @default false
159
- */
160
- defaultOverrideUserInfo?: boolean;
161
- /**
162
- * Disable implicit sign up for new users. When set to true for the provider,
163
- * sign-in need to be called with with requestSignUp as true to create new users.
164
- */
165
- disableImplicitSignUp?: boolean;
166
- /**
167
- * Configure the maximum number of SSO providers a user can register.
168
- * You can also pass a function that returns a number.
169
- * Set to 0 to disable SSO provider registration.
170
- *
171
- * @example
172
- * ```ts
173
- * providersLimit: async (user) => {
174
- * const plan = await getUserPlan(user);
175
- * return plan.name === "pro" ? 10 : 1;
176
- * }
177
- * ```
178
- * @default 10
179
- */
180
- providersLimit?: number | ((user: User) => Promise<number> | number);
181
- /**
182
- * Trust the email verified flag from the provider.
183
- * @default false
184
- */
185
- trustEmailVerified?: boolean;
186
- }
187
- declare const sso: (options?: SSOOptions) => {
188
- id: "sso";
189
- endpoints: {
190
- spMetadata: {
191
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
192
- body?: undefined;
193
- } & {
194
- method?: "GET" | undefined;
195
- } & {
196
- query: {
197
- providerId: string;
198
- format?: "xml" | "json" | undefined;
199
- };
200
- } & {
201
- params?: Record<string, any>;
202
- } & {
203
- request?: Request;
204
- } & {
205
- headers?: HeadersInit;
206
- } & {
207
- asResponse?: boolean;
208
- returnHeaders?: boolean;
209
- use?: better_call.Middleware[];
210
- path?: string;
211
- } & {
212
- asResponse?: AsResponse | undefined;
213
- returnHeaders?: ReturnHeaders | undefined;
214
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
215
- headers: Headers;
216
- response: Response;
217
- } : Response>;
218
- options: {
219
- method: "GET";
220
- query: z.ZodObject<{
221
- providerId: z.ZodString;
222
- format: z.ZodDefault<z.ZodEnum<{
223
- xml: "xml";
224
- json: "json";
225
- }>>;
226
- }, z.core.$strip>;
227
- metadata: {
228
- openapi: {
229
- summary: string;
230
- description: string;
231
- responses: {
232
- "200": {
233
- description: string;
234
- };
235
- };
236
- };
237
- };
238
- } & {
239
- use: any[];
240
- };
241
- path: "/sso/saml2/sp/metadata";
242
- };
243
- registerSSOProvider: {
244
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
245
- body: {
246
- providerId: string;
247
- issuer: string;
248
- domain: string;
249
- oidcConfig?: {
250
- clientId: string;
251
- clientSecret: string;
252
- authorizationEndpoint?: string | undefined;
253
- tokenEndpoint?: string | undefined;
254
- userInfoEndpoint?: string | undefined;
255
- tokenEndpointAuthentication?: "client_secret_post" | "client_secret_basic" | undefined;
256
- jwksEndpoint?: string | undefined;
257
- discoveryEndpoint?: string | undefined;
258
- scopes?: string[] | undefined;
259
- pkce?: boolean | undefined;
260
- mapping?: {
261
- id: string;
262
- email: string;
263
- name: string;
264
- emailVerified?: string | undefined;
265
- image?: string | undefined;
266
- extraFields?: Record<string, any> | undefined;
267
- } | undefined;
268
- } | undefined;
269
- samlConfig?: {
270
- entryPoint: string;
271
- cert: string;
272
- callbackUrl: string;
273
- spMetadata: {
274
- metadata?: string | undefined;
275
- entityID?: string | undefined;
276
- binding?: string | undefined;
277
- privateKey?: string | undefined;
278
- privateKeyPass?: string | undefined;
279
- isAssertionEncrypted?: boolean | undefined;
280
- encPrivateKey?: string | undefined;
281
- encPrivateKeyPass?: string | undefined;
282
- };
283
- audience?: string | undefined;
284
- idpMetadata?: {
285
- metadata?: string | undefined;
286
- entityID?: string | undefined;
287
- cert?: string | undefined;
288
- privateKey?: string | undefined;
289
- privateKeyPass?: string | undefined;
290
- isAssertionEncrypted?: boolean | undefined;
291
- encPrivateKey?: string | undefined;
292
- encPrivateKeyPass?: string | undefined;
293
- singleSignOnService?: {
294
- Binding: string;
295
- Location: string;
296
- }[] | undefined;
297
- } | undefined;
298
- wantAssertionsSigned?: boolean | undefined;
299
- signatureAlgorithm?: string | undefined;
300
- digestAlgorithm?: string | undefined;
301
- identifierFormat?: string | undefined;
302
- privateKey?: string | undefined;
303
- decryptionPvk?: string | undefined;
304
- additionalParams?: Record<string, any> | undefined;
305
- mapping?: {
306
- id: string;
307
- email: string;
308
- name: string;
309
- emailVerified?: string | undefined;
310
- firstName?: string | undefined;
311
- lastName?: string | undefined;
312
- extraFields?: Record<string, any> | undefined;
313
- } | undefined;
314
- } | undefined;
315
- organizationId?: string | undefined;
316
- overrideUserInfo?: boolean | undefined;
317
- };
318
- } & {
319
- method?: "POST" | undefined;
320
- } & {
321
- query?: Record<string, any> | undefined;
322
- } & {
323
- params?: Record<string, any>;
324
- } & {
325
- request?: Request;
326
- } & {
327
- headers?: HeadersInit;
328
- } & {
329
- asResponse?: boolean;
330
- returnHeaders?: boolean;
331
- use?: better_call.Middleware[];
332
- path?: string;
333
- } & {
334
- asResponse?: AsResponse | undefined;
335
- returnHeaders?: ReturnHeaders | undefined;
336
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
337
- headers: Headers;
338
- response: {
339
- oidcConfig: OIDCConfig;
340
- samlConfig: SAMLConfig;
341
- redirectURI: string;
342
- issuer: string;
343
- userId: string;
344
- providerId: string;
345
- organizationId?: string;
346
- };
347
- } : {
348
- oidcConfig: OIDCConfig;
349
- samlConfig: SAMLConfig;
350
- redirectURI: string;
351
- issuer: string;
352
- userId: string;
353
- providerId: string;
354
- organizationId?: string;
355
- }>;
356
- options: {
357
- method: "POST";
358
- body: z.ZodObject<{
359
- providerId: z.ZodString;
360
- issuer: z.ZodString;
361
- domain: z.ZodString;
362
- oidcConfig: z.ZodOptional<z.ZodObject<{
363
- clientId: z.ZodString;
364
- clientSecret: z.ZodString;
365
- authorizationEndpoint: z.ZodOptional<z.ZodString>;
366
- tokenEndpoint: z.ZodOptional<z.ZodString>;
367
- userInfoEndpoint: z.ZodOptional<z.ZodString>;
368
- tokenEndpointAuthentication: z.ZodOptional<z.ZodEnum<{
369
- client_secret_post: "client_secret_post";
370
- client_secret_basic: "client_secret_basic";
371
- }>>;
372
- jwksEndpoint: z.ZodOptional<z.ZodString>;
373
- discoveryEndpoint: z.ZodOptional<z.ZodString>;
374
- scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
375
- pkce: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
376
- mapping: z.ZodOptional<z.ZodObject<{
377
- id: z.ZodString;
378
- email: z.ZodString;
379
- emailVerified: z.ZodOptional<z.ZodString>;
380
- name: z.ZodString;
381
- image: z.ZodOptional<z.ZodString>;
382
- extraFields: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
383
- }, z.core.$strip>>;
384
- }, z.core.$strip>>;
385
- samlConfig: z.ZodOptional<z.ZodObject<{
386
- entryPoint: z.ZodString;
387
- cert: z.ZodString;
388
- callbackUrl: z.ZodString;
389
- audience: z.ZodOptional<z.ZodString>;
390
- idpMetadata: z.ZodOptional<z.ZodObject<{
391
- metadata: z.ZodOptional<z.ZodString>;
392
- entityID: z.ZodOptional<z.ZodString>;
393
- cert: z.ZodOptional<z.ZodString>;
394
- privateKey: z.ZodOptional<z.ZodString>;
395
- privateKeyPass: z.ZodOptional<z.ZodString>;
396
- isAssertionEncrypted: z.ZodOptional<z.ZodBoolean>;
397
- encPrivateKey: z.ZodOptional<z.ZodString>;
398
- encPrivateKeyPass: z.ZodOptional<z.ZodString>;
399
- singleSignOnService: z.ZodOptional<z.ZodArray<z.ZodObject<{
400
- Binding: z.ZodString;
401
- Location: z.ZodString;
402
- }, z.core.$strip>>>;
403
- }, z.core.$strip>>;
404
- spMetadata: z.ZodObject<{
405
- metadata: z.ZodOptional<z.ZodString>;
406
- entityID: z.ZodOptional<z.ZodString>;
407
- binding: z.ZodOptional<z.ZodString>;
408
- privateKey: z.ZodOptional<z.ZodString>;
409
- privateKeyPass: z.ZodOptional<z.ZodString>;
410
- isAssertionEncrypted: z.ZodOptional<z.ZodBoolean>;
411
- encPrivateKey: z.ZodOptional<z.ZodString>;
412
- encPrivateKeyPass: z.ZodOptional<z.ZodString>;
413
- }, z.core.$strip>;
414
- wantAssertionsSigned: z.ZodOptional<z.ZodBoolean>;
415
- signatureAlgorithm: z.ZodOptional<z.ZodString>;
416
- digestAlgorithm: z.ZodOptional<z.ZodString>;
417
- identifierFormat: z.ZodOptional<z.ZodString>;
418
- privateKey: z.ZodOptional<z.ZodString>;
419
- decryptionPvk: z.ZodOptional<z.ZodString>;
420
- additionalParams: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
421
- mapping: z.ZodOptional<z.ZodObject<{
422
- id: z.ZodString;
423
- email: z.ZodString;
424
- emailVerified: z.ZodOptional<z.ZodString>;
425
- name: z.ZodString;
426
- firstName: z.ZodOptional<z.ZodString>;
427
- lastName: z.ZodOptional<z.ZodString>;
428
- extraFields: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
429
- }, z.core.$strip>>;
430
- }, z.core.$strip>>;
431
- organizationId: z.ZodOptional<z.ZodString>;
432
- overrideUserInfo: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
433
- }, z.core.$strip>;
434
- use: ((inputContext: better_call.MiddlewareInputContext<better_call.MiddlewareOptions>) => Promise<{
435
- session: {
436
- session: Record<string, any> & {
437
- id: string;
438
- createdAt: Date;
439
- updatedAt: Date;
440
- userId: string;
441
- expiresAt: Date;
442
- token: string;
443
- ipAddress?: string | null | undefined;
444
- userAgent?: string | null | undefined;
445
- };
446
- user: Record<string, any> & {
447
- id: string;
448
- createdAt: Date;
449
- updatedAt: Date;
450
- email: string;
451
- emailVerified: boolean;
452
- name: string;
453
- image?: string | null | undefined;
454
- };
455
- };
456
- }>)[];
457
- metadata: {
458
- openapi: {
459
- summary: string;
460
- description: string;
461
- responses: {
462
- "200": {
463
- description: string;
464
- content: {
465
- "application/json": {
466
- schema: {
467
- type: "object";
468
- properties: {
469
- issuer: {
470
- type: string;
471
- format: string;
472
- description: string;
473
- };
474
- domain: {
475
- type: string;
476
- description: string;
477
- };
478
- oidcConfig: {
479
- type: string;
480
- properties: {
481
- issuer: {
482
- type: string;
483
- format: string;
484
- description: string;
485
- };
486
- pkce: {
487
- type: string;
488
- description: string;
489
- };
490
- clientId: {
491
- type: string;
492
- description: string;
493
- };
494
- clientSecret: {
495
- type: string;
496
- description: string;
497
- };
498
- authorizationEndpoint: {
499
- type: string;
500
- format: string;
501
- nullable: boolean;
502
- description: string;
503
- };
504
- discoveryEndpoint: {
505
- type: string;
506
- format: string;
507
- description: string;
508
- };
509
- userInfoEndpoint: {
510
- type: string;
511
- format: string;
512
- nullable: boolean;
513
- description: string;
514
- };
515
- scopes: {
516
- type: string;
517
- items: {
518
- type: string;
519
- };
520
- nullable: boolean;
521
- description: string;
522
- };
523
- tokenEndpoint: {
524
- type: string;
525
- format: string;
526
- nullable: boolean;
527
- description: string;
528
- };
529
- tokenEndpointAuthentication: {
530
- type: string;
531
- enum: string[];
532
- nullable: boolean;
533
- description: string;
534
- };
535
- jwksEndpoint: {
536
- type: string;
537
- format: string;
538
- nullable: boolean;
539
- description: string;
540
- };
541
- mapping: {
542
- type: string;
543
- nullable: boolean;
544
- properties: {
545
- id: {
546
- type: string;
547
- description: string;
548
- };
549
- email: {
550
- type: string;
551
- description: string;
552
- };
553
- emailVerified: {
554
- type: string;
555
- nullable: boolean;
556
- description: string;
557
- };
558
- name: {
559
- type: string;
560
- description: string;
561
- };
562
- image: {
563
- type: string;
564
- nullable: boolean;
565
- description: string;
566
- };
567
- extraFields: {
568
- type: string;
569
- additionalProperties: {
570
- type: string;
571
- };
572
- nullable: boolean;
573
- description: string;
574
- };
575
- };
576
- required: string[];
577
- };
578
- };
579
- required: string[];
580
- description: string;
581
- };
582
- organizationId: {
583
- type: string;
584
- nullable: boolean;
585
- description: string;
586
- };
587
- userId: {
588
- type: string;
589
- description: string;
590
- };
591
- providerId: {
592
- type: string;
593
- description: string;
594
- };
595
- redirectURI: {
596
- type: string;
597
- format: string;
598
- description: string;
599
- };
600
- };
601
- required: string[];
602
- };
603
- };
604
- };
605
- };
606
- };
607
- };
608
- };
609
- } & {
610
- use: any[];
611
- };
612
- path: "/sso/register";
613
- };
614
- signInSSO: {
615
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
616
- body: {
617
- callbackURL: string;
618
- email?: string | undefined;
619
- organizationSlug?: string | undefined;
620
- providerId?: string | undefined;
621
- domain?: string | undefined;
622
- errorCallbackURL?: string | undefined;
623
- newUserCallbackURL?: string | undefined;
624
- scopes?: string[] | undefined;
625
- requestSignUp?: boolean | undefined;
626
- providerType?: "oidc" | "saml" | undefined;
627
- };
628
- } & {
629
- method?: "POST" | undefined;
630
- } & {
631
- query?: Record<string, any> | undefined;
632
- } & {
633
- params?: Record<string, any>;
634
- } & {
635
- request?: Request;
636
- } & {
637
- headers?: HeadersInit;
638
- } & {
639
- asResponse?: boolean;
640
- returnHeaders?: boolean;
641
- use?: better_call.Middleware[];
642
- path?: string;
643
- } & {
644
- asResponse?: AsResponse | undefined;
645
- returnHeaders?: ReturnHeaders | undefined;
646
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
647
- headers: Headers;
648
- response: {
649
- url: string;
650
- redirect: boolean;
651
- };
652
- } : {
653
- url: string;
654
- redirect: boolean;
655
- }>;
656
- options: {
657
- method: "POST";
658
- body: z.ZodObject<{
659
- email: z.ZodOptional<z.ZodString>;
660
- organizationSlug: z.ZodOptional<z.ZodString>;
661
- providerId: z.ZodOptional<z.ZodString>;
662
- domain: z.ZodOptional<z.ZodString>;
663
- callbackURL: z.ZodString;
664
- errorCallbackURL: z.ZodOptional<z.ZodString>;
665
- newUserCallbackURL: z.ZodOptional<z.ZodString>;
666
- scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
667
- requestSignUp: z.ZodOptional<z.ZodBoolean>;
668
- providerType: z.ZodOptional<z.ZodEnum<{
669
- oidc: "oidc";
670
- saml: "saml";
671
- }>>;
672
- }, z.core.$strip>;
673
- metadata: {
674
- openapi: {
675
- summary: string;
676
- description: string;
677
- requestBody: {
678
- content: {
679
- "application/json": {
680
- schema: {
681
- type: "object";
682
- properties: {
683
- email: {
684
- type: string;
685
- description: string;
686
- };
687
- issuer: {
688
- type: string;
689
- description: string;
690
- };
691
- providerId: {
692
- type: string;
693
- description: string;
694
- };
695
- callbackURL: {
696
- type: string;
697
- description: string;
698
- };
699
- errorCallbackURL: {
700
- type: string;
701
- description: string;
702
- };
703
- newUserCallbackURL: {
704
- type: string;
705
- description: string;
706
- };
707
- };
708
- required: string[];
709
- };
710
- };
711
- };
712
- };
713
- responses: {
714
- "200": {
715
- description: string;
716
- content: {
717
- "application/json": {
718
- schema: {
719
- type: "object";
720
- properties: {
721
- url: {
722
- type: string;
723
- format: string;
724
- description: string;
725
- };
726
- redirect: {
727
- type: string;
728
- description: string;
729
- enum: boolean[];
730
- };
731
- };
732
- required: string[];
733
- };
734
- };
735
- };
736
- };
737
- };
738
- };
739
- };
740
- } & {
741
- use: any[];
742
- };
743
- path: "/sign-in/sso";
744
- };
745
- callbackSSO: {
746
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
747
- body?: undefined;
748
- } & {
749
- method?: "GET" | undefined;
750
- } & {
751
- query: {
752
- state: string;
753
- code?: string | undefined;
754
- error?: string | undefined;
755
- error_description?: string | undefined;
756
- };
757
- } & {
758
- params: {
759
- providerId: string;
760
- };
761
- } & {
762
- request?: Request;
763
- } & {
764
- headers?: HeadersInit;
765
- } & {
766
- asResponse?: boolean;
767
- returnHeaders?: boolean;
768
- use?: better_call.Middleware[];
769
- path?: string;
770
- } & {
771
- asResponse?: AsResponse | undefined;
772
- returnHeaders?: ReturnHeaders | undefined;
773
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
774
- headers: Headers;
775
- response: never;
776
- } : never>;
777
- options: {
778
- method: "GET";
779
- query: z.ZodObject<{
780
- code: z.ZodOptional<z.ZodString>;
781
- state: z.ZodString;
782
- error: z.ZodOptional<z.ZodString>;
783
- error_description: z.ZodOptional<z.ZodString>;
784
- }, z.core.$strip>;
785
- metadata: {
786
- isAction: boolean;
787
- openapi: {
788
- summary: string;
789
- description: string;
790
- responses: {
791
- "302": {
792
- description: string;
793
- };
794
- };
795
- };
796
- };
797
- } & {
798
- use: any[];
799
- };
800
- path: "/sso/callback/:providerId";
801
- };
802
- callbackSSOSAML: {
803
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
804
- body: {
805
- SAMLResponse: string;
806
- RelayState?: string | undefined;
807
- };
808
- } & {
809
- method?: "POST" | undefined;
810
- } & {
811
- query?: Record<string, any> | undefined;
812
- } & {
813
- params: {
814
- providerId: string;
815
- };
816
- } & {
817
- request?: Request;
818
- } & {
819
- headers?: HeadersInit;
820
- } & {
821
- asResponse?: boolean;
822
- returnHeaders?: boolean;
823
- use?: better_call.Middleware[];
824
- path?: string;
825
- } & {
826
- asResponse?: AsResponse | undefined;
827
- returnHeaders?: ReturnHeaders | undefined;
828
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
829
- headers: Headers;
830
- response: never;
831
- } : never>;
832
- options: {
833
- method: "POST";
834
- body: z.ZodObject<{
835
- SAMLResponse: z.ZodString;
836
- RelayState: z.ZodOptional<z.ZodString>;
837
- }, z.core.$strip>;
838
- metadata: {
839
- isAction: boolean;
840
- openapi: {
841
- summary: string;
842
- description: string;
843
- responses: {
844
- "302": {
845
- description: string;
846
- };
847
- "400": {
848
- description: string;
849
- };
850
- "401": {
851
- description: string;
852
- };
853
- };
854
- };
855
- };
856
- } & {
857
- use: any[];
858
- };
859
- path: "/sso/saml2/callback/:providerId";
860
- };
861
- acsEndpoint: {
862
- <AsResponse extends boolean = false, ReturnHeaders extends boolean = false>(inputCtx_0: {
863
- body: {
864
- SAMLResponse: string;
865
- RelayState?: string | undefined;
866
- };
867
- } & {
868
- method?: "POST" | undefined;
869
- } & {
870
- query?: Record<string, any> | undefined;
871
- } & {
872
- params: {
873
- providerId: string;
874
- };
875
- } & {
876
- request?: Request;
877
- } & {
878
- headers?: HeadersInit;
879
- } & {
880
- asResponse?: boolean;
881
- returnHeaders?: boolean;
882
- use?: better_call.Middleware[];
883
- path?: string;
884
- } & {
885
- asResponse?: AsResponse | undefined;
886
- returnHeaders?: ReturnHeaders | undefined;
887
- }): Promise<[AsResponse] extends [true] ? Response : [ReturnHeaders] extends [true] ? {
888
- headers: Headers;
889
- response: never;
890
- } : never>;
891
- options: {
892
- method: "POST";
893
- params: z.ZodObject<{
894
- providerId: z.ZodOptional<z.ZodString>;
895
- }, z.core.$strip>;
896
- body: z.ZodObject<{
897
- SAMLResponse: z.ZodString;
898
- RelayState: z.ZodOptional<z.ZodString>;
899
- }, z.core.$strip>;
900
- metadata: {
901
- isAction: boolean;
902
- openapi: {
903
- summary: string;
904
- description: string;
905
- responses: {
906
- "302": {
907
- description: string;
908
- };
909
- };
910
- };
911
- };
912
- } & {
913
- use: any[];
914
- };
915
- path: "/sso/saml2/sp/acs/:providerId";
916
- };
917
- };
918
- schema: {
919
- ssoProvider: {
920
- fields: {
921
- issuer: {
922
- type: "string";
923
- required: true;
924
- };
925
- oidcConfig: {
926
- type: "string";
927
- required: false;
928
- };
929
- samlConfig: {
930
- type: "string";
931
- required: false;
932
- };
933
- userId: {
934
- type: "string";
935
- references: {
936
- model: string;
937
- field: string;
938
- };
939
- };
940
- providerId: {
941
- type: "string";
942
- required: true;
943
- unique: true;
944
- };
945
- organizationId: {
946
- type: "string";
947
- required: false;
948
- };
949
- domain: {
950
- type: "string";
951
- required: true;
952
- };
953
- };
954
- };
955
- };
956
- };
957
-
958
- export { sso };
959
- export type { OIDCConfig, OIDCMapping, SAMLConfig, SAMLMapping, SSOOptions, SSOProvider };
1
+ import { a as SSOProvider, i as SSOOptions, n as OIDCConfig, r as SAMLConfig, t as sso } from "./index-C091fIpa.mjs";
2
+ export { OIDCConfig, SAMLConfig, SSOOptions, SSOProvider, sso };