@enterprisestandard/react 0.0.5-beta.20251125.1 → 0.0.5-beta.20260114.1

package/dist/group-store.d.ts

@@ -0,0 +1,164 @@
+/**
+ * Group storage for persisting group data.
+ *
+ * Group stores are an optional extension for the IAM Groups functionality.
+ * They enable:
+ * - Caching group data locally for fast lookups
+ * - Receiving group provisioning from external IAM providers (SCIM server)
+ * - Storing groups close to your application (in-memory, Redis, database)
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import { InMemoryGroupStore } from '@enterprisestandard/react';
+ *
+ * const groupStore = new InMemoryGroupStore();
+ *
+ * // Store a group
+ * await groupStore.upsert({
+ *   id: 'group-123',
+ *   displayName: 'Administrators',
+ *   createdAt: new Date(),
+ *   updatedAt: new Date(),
+ * });
+ *
+ * // Look up groups
+ * const group = await groupStore.get('group-123');
+ * const allGroups = await groupStore.list();
+ * ```
+ */
+import type { GroupMember } from './types/scim-schema';
+/**
+ * Stored group data with required id and tracking metadata.
+ *
+ * @template TExtended - Type-safe custom data that consumers can add to groups
+ */
+export type StoredGroup<TExtended = {}> = {
+    /**
+     * Required unique identifier for the group.
+     * This is the primary key for group storage.
+     */
+    id: string;
+    /**
+     * Required human-readable name for the group.
+     */
+    displayName: string;
+    /**
+     * Optional external identifier from provisioning client.
+     */
+    externalId?: string;
+    /**
+     * List of members in the group.
+     */
+    members?: GroupMember[];
+    /**
+     * Timestamp when the group was first stored.
+     */
+    createdAt: Date;
+    /**
+     * Timestamp when the group was last updated.
+     */
+    updatedAt: Date;
+} & TExtended;
+/**
+ * Abstract interface for group storage backends.
+ *
+ * Consumers can implement this interface to use different storage backends:
+ * - In-memory (for development/testing)
+ * - Redis (for production with fast lookups)
+ * - Database (PostgreSQL, MySQL, etc.)
+ *
+ * @template TExtended - Type-safe custom data that consumers can add to groups
+ */
+export interface GroupStore<TExtended = {}> {
+    /**
+     * Retrieve a group by its unique identifier.
+     *
+     * @param id - The group's unique identifier
+     * @returns The group if found, null otherwise
+     */
+    get(id: string): Promise<StoredGroup<TExtended> | null>;
+    /**
+     * Retrieve a group by its external identifier.
+     *
+     * @param externalId - The external identifier from the provisioning client
+     * @returns The group if found, null otherwise
+     */
+    getByExternalId(externalId: string): Promise<StoredGroup<TExtended> | null>;
+    /**
+     * Retrieve a group by its display name.
+     *
+     * @param displayName - The group's display name
+     * @returns The group if found, null otherwise
+     */
+    getByDisplayName(displayName: string): Promise<StoredGroup<TExtended> | null>;
+    /**
+     * List all groups in the store.
+     *
+     * @returns Array of all stored groups
+     */
+    list(): Promise<StoredGroup<TExtended>[]>;
+    /**
+     * Create or update a group in the store.
+     *
+     * If a group with the same `id` exists, it will be updated.
+     * Otherwise, a new group will be created.
+     *
+     * @param group - The group data to store
+     */
+    upsert(group: StoredGroup<TExtended>): Promise<void>;
+    /**
+     * Delete a group by its unique identifier.
+     *
+     * @param id - The group's unique identifier to delete
+     */
+    delete(id: string): Promise<void>;
+    /**
+     * Add a member to a group.
+     *
+     * @param groupId - The group's unique identifier
+     * @param member - The member to add
+     */
+    addMember(groupId: string, member: GroupMember): Promise<void>;
+    /**
+     * Remove a member from a group.
+     *
+     * @param groupId - The group's unique identifier
+     * @param memberId - The member's value/id to remove
+     */
+    removeMember(groupId: string, memberId: string): Promise<void>;
+}
+/**
+ * In-memory group store implementation using Maps.
+ *
+ * Suitable for:
+ * - Development and testing
+ * - Single-server deployments
+ * - Applications without high availability requirements
+ *
+ * NOT suitable for:
+ * - Multi-server deployments (groups not shared)
+ * - High availability scenarios (groups lost on restart)
+ * - Production applications with distributed architecture
+ *
+ * For production, implement GroupStore with Redis or a database.
+ *
+ * @template TExtended - Type-safe custom data that consumers can add to groups
+ */
+export declare class InMemoryGroupStore<TExtended = {}> implements GroupStore<TExtended> {
+    /** Primary storage: id -> group */
+    private groups;
+    /** Secondary index: externalId -> id */
+    private externalIdIndex;
+    /** Secondary index: displayName (lowercase) -> id */
+    private displayNameIndex;
+    get(id: string): Promise<StoredGroup<TExtended> | null>;
+    getByExternalId(externalId: string): Promise<StoredGroup<TExtended> | null>;
+    getByDisplayName(displayName: string): Promise<StoredGroup<TExtended> | null>;
+    list(): Promise<StoredGroup<TExtended>[]>;
+    upsert(group: StoredGroup<TExtended>): Promise<void>;
+    delete(id: string): Promise<void>;
+    addMember(groupId: string, member: GroupMember): Promise<void>;
+    removeMember(groupId: string, memberId: string): Promise<void>;
+}
+//# sourceMappingURL=group-store.d.ts.map

package/dist/group-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"group-store.d.ts","sourceRoot":"","sources":["../src/group-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAEvD;;;;GAIG;AACH,MAAM,MAAM,WAAW,CAAC,SAAS,GAAG,EAAE,IAAI;IACxC;;;OAGG;IACH,EAAE,EAAE,MAAM,CAAC;IAEX;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,OAAO,CAAC,EAAE,WAAW,EAAE,CAAC;IAExB;;OAEG;IACH,SAAS,EAAE,IAAI,CAAC;IAEhB;;OAEG;IACH,SAAS,EAAE,IAAI,CAAC;CACjB,GAAG,SAAS,CAAC;AAEd;;;;;;;;;GASG;AACH,MAAM,WAAW,UAAU,CAAC,SAAS,GAAG,EAAE;IACxC;;;;;OAKG;IACH,GAAG,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC;IAExD;;;;;OAKG;IACH,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC;IAE5E;;;;;OAKG;IACH,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC;IAE9E;;;;OAIG;IACH,IAAI,IAAI,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;IAE1C;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,EAAE,WAAW,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAErD;;;;OAIG;IACH,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAElC;;;;;OAKG;IACH,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE/D;;;;;OAKG;IACH,YAAY,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAChE;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,qBAAa,kBAAkB,CAAC,SAAS,GAAG,EAAE,CAAE,YAAW,UAAU,CAAC,SAAS,CAAC;IAC9E,mCAAmC;IACnC,OAAO,CAAC,MAAM,CAA6C;IAE3D,wCAAwC;IACxC,OAAO,CAAC,eAAe,CAA6B;IAEpD,qDAAqD;IACrD,OAAO,CAAC,gBAAgB,CAA6B;IAE/C,GAAG,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;IAIvD,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;IAM3E,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;IAM7E,IAAI,IAAI,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC;IAIzC,MAAM,CAAC,KAAK,EAAE,WAAW,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAuBpD,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAYjC,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAgB9D,YAAY,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAWrE"}

package/dist/iam.d.ts

@@ -1,6 +1,206 @@
-export type { User, Name, Email, PhoneNumber, Address, Group, Role, X509Certificate, EnterpriseUser, } from './scim-schema';
-export { userSchema } from './scim-schema';
-type IAMConfig = {};
-export type IAM = {};
-export declare function iam(config: IAMConfig): Promise<IAM>;
+import type { GroupStore } from './group-store';
+import type { GroupMember, GroupResource, User } from './types/scim-schema';
+import type { StandardSchemaV1 } from './types/standard-schema';
+import type { UserStore } from './user-store';
+import type { Workload } from './workload';
+/**
+ * SCIM Error response structure
+ */
+export interface ScimError {
+    schemas: string[];
+    status: string;
+    scimType?: string;
+    detail?: string;
+}
+/**
+ * SCIM List Response for bulk operations
+ */
+export interface ScimListResponse<T> {
+    schemas: string[];
+    totalResults: number;
+    startIndex?: number;
+    itemsPerPage?: number;
+    Resources: T[];
+}
+/**
+ * Result of a SCIM operation
+ */
+export interface ScimResult<T> {
+    success: boolean;
+    data?: T;
+    error?: ScimError;
+    status: number;
+}
+/**
+ * Handler configuration for IAM
+ */
+export interface IAMHandlerConfig {
+    /**
+     * Base path for the SCIM Users endpoints (e.g., '/api/iam/Users')
+     */
+    usersUrl?: string;
+    /**
+     * Base path for the SCIM Groups endpoints (e.g., '/api/iam/Groups')
+     */
+    groupsUrl?: string;
+}
+/**
+ * IAM configuration
+ *
+ * - If `url` is provided, groups_outbound is enabled (app calls external IAM)
+ * - If `group_store` is provided, groups_inbound is enabled (external IAM calls app)
+ * - If `user_store` is provided, users_inbound is enabled (external IAM calls app)
+ */
+export type IAMConfig = {
+    /**
+     * Base URL of the external SCIM endpoint (e.g., https://sailpoint.example.com/scim/v2)
+     * If provided, enables outbound SCIM operations (app -> external IAM)
+     */
+    url?: string;
+    /**
+     * Store for inbound user provisioning from external IAM providers.
+     * When configured, the app can receive user CRUD operations via SCIM.
+     */
+    user_store?: UserStore;
+    /**
+     * Store for inbound group provisioning from external IAM providers.
+     * When configured, enables groups_inbound (external IAM -> app).
+     */
+    group_store?: GroupStore;
+    /**
+     * Optional handler defaults. These are merged with per-call overrides in
+     * `iam.handler`, with per-call values taking precedence.
+     */
+    usersUrl?: string;
+    groupsUrl?: string;
+};
+/**
+ * Options for creating a group
+ */
+export interface CreateGroupOptions {
+    /**
+     * External identifier for the group
+     */
+    externalId?: string;
+    /**
+     * Initial members to add to the group
+     */
+    members?: GroupMember[];
+    /**
+     * Custom validation schema for the response
+     */
+    validation?: StandardSchemaV1<unknown, GroupResource>;
+}
+/**
+ * Options for creating a user
+ */
+export interface CreateUserOptions {
+    /**
+     * Custom validation schema for the response
+     */
+    validation?: StandardSchemaV1<unknown, User>;
+}
+/**
+ * Handler configuration for groups_inbound
+ */
+export interface GroupsInboundHandlerConfig {
+    /**
+     * Base path for the SCIM Groups endpoints (e.g., '/api/iam/Groups')
+     */
+    basePath?: string;
+}
+/**
+ * Handler configuration for users_inbound
+ */
+export interface UsersInboundHandlerConfig {
+    /**
+     * Base path for the SCIM Users endpoints (e.g., '/api/iam/Users')
+     */
+    basePath?: string;
+}
+/**
+ * Groups Outbound extension - for creating groups in external IAM providers.
+ * Enabled when `url` is configured in IAMConfig.
+ */
+export type IAMGroupsOutbound = {
+    /**
+     * Create a new group in the external IAM provider
+     * @param displayName - The display name for the group
+     * @param options - Optional configuration for the group creation
+     * @returns The created group resource from the provider
+     */
+    createGroup: (displayName: string, options?: CreateGroupOptions) => Promise<ScimResult<GroupResource>>;
+};
+/**
+ * Groups Inbound extension - for receiving group provisioning from external IAM providers.
+ * Enabled when `group_store` is configured in IAMConfig.
+ */
+export type IAMGroupsInbound = {
+    /**
+     * Handle inbound SCIM requests for group management.
+     * Routes: GET/POST /Groups, GET/PUT/PATCH/DELETE /Groups/:id
+     */
+    handler: (request: Request, config?: GroupsInboundHandlerConfig) => Promise<Response>;
+};
+/**
+ * Users Inbound extension - for receiving user provisioning from external IAM providers.
+ * Enabled when `user_store` is configured in IAMConfig.
+ */
+export type IAMUsersInbound = {
+    /**
+     * Handle inbound SCIM requests for user management.
+     * Routes: GET/POST /Users, GET/PUT/PATCH/DELETE /Users/:id
+     */
+    handler: (request: Request, config?: UsersInboundHandlerConfig) => Promise<Response>;
+};
+/**
+ * Core IAM service interface.
+ *
+ * - Core functions are user-related (outbound to external IAM)
+ * - `groups_outbound` is available when `url` is configured
+ * - `groups_inbound` is available when `group_store` is configured
+ * - `users_inbound` is available when `user_store` is configured
+ */
+export type IAM = IAMConfig & {
+    /**
+     * Create a new user/account in the external IAM provider
+     * Only available when `url` is configured.
+     */
+    createUser?: (user: User, options?: CreateUserOptions) => Promise<ScimResult<User>>;
+    /**
+     * Get the configured external SCIM base URL
+     */
+    getBaseUrl: () => string | undefined;
+    /**
+     * Groups Outbound extension - create groups in external IAM provider.
+     * Available when `url` is configured in IAMConfig.
+     */
+    groups_outbound?: IAMGroupsOutbound;
+    /**
+     * Groups Inbound extension - receive group provisioning from external IAM.
+     * Available when `group_store` is configured in IAMConfig.
+     */
+    groups_inbound?: IAMGroupsInbound;
+    /**
+     * Users Inbound extension - receive user provisioning from external IAM.
+     * Available when `user_store` is configured in IAMConfig.
+     */
+    users_inbound?: IAMUsersInbound;
+    /**
+     * Framework-agnostic request handler for IAM endpoints.
+     * Routes to users_inbound or groups_inbound handlers based on the request path.
+     */
+    handler: (request: Request, config?: IAMHandlerConfig) => Promise<Response>;
+};
+/**
+ * Creates an IAM service instance.
+ *
+ * - If `url` is configured, enables outbound SCIM operations to external IAM
+ * - If `group_store` is configured, enables inbound SCIM operations from external IAM
+ *
+ * @param config - IAM configuration
+ * @param workload - Workload instance for authentication
+ * @returns IAM service instance
+ */
+export declare function iam(config: IAMConfig, workload: Workload): IAM;
 //# sourceMappingURL=iam.d.ts.map

package/dist/iam.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"iam.d.ts","sourceRoot":"","sources":["../src/iam.ts"],"names":[],"mappings":"AAEA,YAAY,EACV,IAAI,EACJ,IAAI,EACJ,KAAK,EACL,WAAW,EACX,OAAO,EACP,KAAK,EACL,IAAI,EACJ,eAAe,EACf,cAAc,GACf,MAAM,eAAe,CAAC;AAEvB,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAE3C,KAAK,SAAS,GAAG,EAEhB,CAAC;AAEF,MAAM,MAAM,GAAG,GAAG,EAEjB,CAAC;AAEF,wBAAsB,GAAG,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,CAMzD"}
+{"version":3,"file":"iam.d.ts","sourceRoot":"","sources":["../src/iam.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAe,MAAM,eAAe,CAAC;AAC7D,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAE5E,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAE3C;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB,CAAC,CAAC;IACjC,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,CAAC,EAAE,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU,CAAC,CAAC;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,CAAC,EAAE,CAAC,CAAC;IACT,KAAK,CAAC,EAAE,SAAS,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,GAAG;IACtB;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb;;;OAGG;IACH,UAAU,CAAC,EAAE,SAAS,CAAC;IAEvB;;;OAGG;IACH,WAAW,CAAC,EAAE,UAAU,CAAC;IAEzB;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;OAEG;IACH,OAAO,CAAC,EAAE,WAAW,EAAE,CAAC;IACxB;;OAEG;IACH,UAAU,CAAC,EAAE,gBAAgB,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;CACvD;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,UAAU,CAAC,EAAE,gBAAgB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;CAC9C;AAED;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,MAAM,iBAAiB,GAAG;IAC9B;;;;;OAKG;IACH,WAAW,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,kBAAkB,KAAK,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC;CACxG,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,gBAAgB,GAAG;IAC7B;;;OAGG;IACH,OAAO,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,EAAE,0BAA0B,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;CACvF,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,eAAe,GAAG;IAC5B;;;OAGG;IACH,OAAO,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,EAAE,yBAAyB,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;CACtF,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,MAAM,GAAG,GAAG,SAAS,GAAG;IAC5B;;;OAGG;IACH,UAAU,CAAC,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,EAAE,iBAAiB,KAAK,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;IAEpF;;OAEG;IACH,UAAU,EAAE,MAAM,MAAM,GAAG,SAAS,CAAC;IAErC;;;OAGG;IACH,eAAe,CAAC,EAAE,iBAAiB,CAAC;IAEpC;;;OAGG;IACH,cAAc,CAAC,EAAE,gBAAgB,CAAC;IAElC;;;OAGG;IACH,aAAa,CAAC,EAAE,eAAe,CAAC;IAEhC;;;OAGG;IACH,OAAO,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,EAAE,gBAAgB,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;CAC7E,CAAC;AA4EF;;;;;;;;;GASG;AACH,wBAAgB,GAAG,CAAC,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,GAAG,GAAG,CAuqB9D"}

package/dist/index.d.ts

@@ -1,29 +1,57 @@
-import { type IAM } from './iam';
-import { type SSO, type SSOConfig } from './sso';
+import { type IAM, type IAMConfig } from './iam';
+import { type SSO, type SSOConfig, type SSOHandlerConfig } from './sso';
 import { type Vault } from './vault';
-export type EnterpriseStandard = {
-    ioniteUrl: string;
+import { type Workload, type WorkloadConfig } from './workload';
+export type EnterpriseStandard = ESConfig & {
     defaultInstance: boolean;
     vault: Vault;
-    sso?: SSO;
-    iam?: IAM;
+    sso: SSO;
+    iam: IAM;
+    workload: Workload;
 };
 type ESConfig = {
-    ioniteUrl?: string;
     defaultInstance?: boolean;
     sso?: SSOConfig;
+    iam?: IAMConfig;
+    workload?: WorkloadConfig;
+    validation?: {
+        sso?: SSOHandlerConfig['validation'];
+        workload?: WorkloadConfig['validation'];
+    } | SSOHandlerConfig['validation'] | WorkloadConfig['validation'];
 };
-export declare function enterpriseStandard(appKey?: string, initConfig?: ESConfig): Promise<EnterpriseStandard>;
-export type * from './enterprise-user';
-export { oidcCallbackSchema, tokenResponseSchema, idTokenClaimsSchema } from './oidc-schema';
-export type { OidcCallbackParams, TokenResponse, IdTokenClaims } from './oidc-schema';
-export type { StandardSchemaV1 } from './standard-schema';
+export declare function enterpriseStandard(appId?: string, initConfig?: ESConfig): Promise<EnterpriseStandard>;
+export type { GroupStore, StoredGroup } from './group-store';
+export { InMemoryGroupStore } from './group-store';
+export type { CreateGroupOptions, CreateUserOptions, GroupsInboundHandlerConfig, IAM, IAMConfig, IAMGroupsInbound, IAMGroupsOutbound, IAMHandlerConfig, IAMUsersInbound, ScimError, ScimListResponse, ScimResult, UsersInboundHandlerConfig, } from './iam';
+export { iam } from './iam';
 export * from './server';
 export type { SessionStore } from './session-store';
 export { InMemorySessionStore } from './session-store';
-export type { SSOConfig, SSOHandlerConfig } from './sso';
+export type { SSO, SSOConfig, SSOHandlerConfig } from './sso';
+export { sso } from './sso';
+export type { CreateTenantRequest, CreateTenantResponse, EnvironmentType, StoredTenant, TenantStatus, TenantStore, TenantWebhookPayload, } from './tenant';
+export { InMemoryTenantStore, parseTenantRequest, sendTenantWebhook, serializeESConfig, TenantRequestError, } from './tenant';
+export type { BaseUser } from './types/base-user';
+export type { EnterpriseUser } from './types/enterprise-user';
+export type { IdTokenClaims, OidcCallbackParams, TokenResponse } from './types/oidc-schema';
+export { idTokenClaimsSchema, oidcCallbackSchema, tokenResponseSchema } from './types/oidc-schema';
+export type { Address, Email, EnterpriseExtension, Group, GroupMember, GroupResource, Name, PhoneNumber, Role, User as ScimUser, X509Certificate, } from './types/scim-schema';
+export { groupResourceSchema, userSchema } from './types/scim-schema';
+export type { StandardSchemaV1 } from './types/standard-schema';
+export type { User } from './types/user';
+export type { JWTAssertionClaims, TokenValidationResult, WorkloadTokenResponse, } from './types/workload-schema';
+export { jwtAssertionClaimsSchema, workloadTokenResponseSchema } from './types/workload-schema';
 export { SignInLoading } from './ui/sign-in-loading';
 export { SignedIn } from './ui/signed-in';
 export { SignedOut } from './ui/signed-out';
 export * from './ui/sso-provider';
+export type { StoredUser, UserStore } from './user-store';
+export { InMemoryUserStore } from './user-store';
+export { getDefaultInstance, getES } from './utils';
+export type { Vault } from './vault';
+export { vault } from './vault';
+export type { ClientCredentialsWorkloadConfig, JwtBearerWorkloadConfig, ServerOnlyWorkloadConfig, Workload, WorkloadConfig, WorkloadIdentity, } from './workload';
+export { workload } from './workload';
+export type { CachedWorkloadToken, WorkloadTokenStore } from './workload-token-store';
+export { InMemoryWorkloadTokenStore } from './workload-token-store';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,GAAG,EAAO,MAAM,OAAO,CAAC;AACtC,OAAO,EAAE,KAAK,GAAG,EAAE,KAAK,SAAS,EAAO,MAAM,OAAO,CAAC;AAEtD,OAAO,EAAE,KAAK,KAAK,EAAS,MAAM,SAAS,CAAC;AAE5C,MAAM,MAAM,kBAAkB,GAAG;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,EAAE,OAAO,CAAC;IACzB,KAAK,EAAE,KAAK,CAAC;IACb,GAAG,CAAC,EAAE,GAAG,CAAC;IACV,GAAG,CAAC,EAAE,GAAG,CAAC;CACX,CAAC;AAEF,KAAK,QAAQ,GAAG;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,GAAG,CAAC,EAAE,SAAS,CAAC;CACjB,CAAC;AAOF,wBAAsB,kBAAkB,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,QAAQ,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAiD5G;AAED,mBAAmB,mBAAmB,CAAC;AACvC,OAAO,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAC7F,YAAY,EAAE,kBAAkB,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACtF,YAAY,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAC1D,cAAc,UAAU,CAAC;AACzB,YAAY,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AACvD,YAAY,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,OAAO,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,cAAc,mBAAmB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,GAAG,EAAE,KAAK,SAAS,EAAO,MAAM,OAAO,CAAC;AACtD,OAAO,EAAE,KAAK,GAAG,EAAE,KAAK,SAAS,EAAE,KAAK,gBAAgB,EAAO,MAAM,OAAO,CAAC;AAE7E,OAAO,EAAE,KAAK,KAAK,EAAS,MAAM,SAAS,CAAC;AAC5C,OAAO,EAAE,KAAK,QAAQ,EAAE,KAAK,cAAc,EAAY,MAAM,YAAY,CAAC;AAE1E,MAAM,MAAM,kBAAkB,GAAG,QAAQ,GAAG;IAC1C,eAAe,EAAE,OAAO,CAAC;IACzB,KAAK,EAAE,KAAK,CAAC;IACb,GAAG,EAAE,GAAG,CAAC;IACT,GAAG,EAAE,GAAG,CAAC;IACT,QAAQ,EAAE,QAAQ,CAAC;CACpB,CAAC;AAEF,KAAK,QAAQ,GAAG;IACd,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,GAAG,CAAC,EAAE,SAAS,CAAC;IAChB,GAAG,CAAC,EAAE,SAAS,CAAC;IAChB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAC1B,UAAU,CAAC,EACP;QACE,GAAG,CAAC,EAAE,gBAAgB,CAAC,YAAY,CAAC,CAAC;QACrC,QAAQ,CAAC,EAAE,cAAc,CAAC,YAAY,CAAC,CAAC;KACzC,GACD,gBAAgB,CAAC,YAAY,CAAC,GAC9B,cAAc,CAAC,YAAY,CAAC,CAAC;CAClC,CAAC;AAuCF,wBAAsB,kBAAkB,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,QAAQ,GAAG,OAAO,CAAC,kBAAkB,CAAC,CA4F3G;AAGD,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEnD,YAAY,EACV,kBAAkB,EAClB,iBAAiB,EACjB,0BAA0B,EAC1B,GAAG,EACH,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,EACf,SAAS,EACT,gBAAgB,EAChB,UAAU,EACV,yBAAyB,GAC1B,MAAM,OAAO,CAAC;AAEf,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAC;AAE5B,cAAc,UAAU,CAAC;AACzB,YAAY,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAEvD,YAAY,EAAE,GAAG,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,OAAO,CAAC;AAE9D,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAC;AAE5B,YAAY,EACV,mBAAmB,EACnB,oBAAoB,EACpB,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,WAAW,EACX,oBAAoB,GACrB,MAAM,UAAU,CAAC;AAClB,OAAO,EACL,mBAAmB,EACnB,kBAAkB,EAClB,iBAAiB,EACjB,iBAAiB,EACjB,kBAAkB,GACnB,MAAM,UAAU,CAAC;AAElB,YAAY,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAClD,YAAY,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAC9D,YAAY,EAAE,aAAa,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAE5F,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AACnG,YAAY,EACV,OAAO,EACP,KAAK,EACL,mBAAmB,EACnB,KAAK,EACL,WAAW,EACX,aAAa,EACb,IAAI,EACJ,WAAW,EACX,IAAI,EACJ,IAAI,IAAI,QAAQ,EAChB,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,mBAAmB,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEtE,YAAY,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAChE,YAAY,EAAE,IAAI,EAAE,MAAM,cAAc,CAAC;AACzC,YAAY,EACV,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,wBAAwB,EAAE,2BAA2B,EAAE,MAAM,yBAAyB,CAAC;AAEhG,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,cAAc,mBAAmB,CAAC;AAElC,YAAY,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAEjD,OAAO,EAAE,kBAAkB,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AACpD,YAAY,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAErC,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAEhC,YAAY,EACV,+BAA+B,EAC/B,uBAAuB,EACvB,wBAAwB,EACxB,QAAQ,EACR,cAAc,EACd,gBAAgB,GACjB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,YAAY,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AACtF,OAAO,EAAE,0BAA0B,EAAE,MAAM,wBAAwB,CAAC"}