@hearth-auth/sdk 0.0.1 → 1.0.1

package/src/generated/hearth/identity/v1/oauth_pb.ts

@@ -1,1138 +0,0 @@
-// @generated by protoc-gen-es v2.12.0 with parameter "target=ts"
-// @generated from file hearth/identity/v1/oauth.proto (package hearth.identity.v1, syntax proto3)
-/* eslint-disable */
-
-import type { GenEnum, GenFile, GenMessage, GenService } from "@bufbuild/protobuf/codegenv2";
-import { enumDesc, fileDesc, messageDesc, serviceDesc } from "@bufbuild/protobuf/codegenv2";
-import { file_google_api_annotations } from "../../../google/api/annotations_pb";
-import type { Message } from "@bufbuild/protobuf";
-
-/**
- * Describes the file hearth/identity/v1/oauth.proto.
- */
-export const file_hearth_identity_v1_oauth: GenFile = /*@__PURE__*/
-  fileDesc("Ch5oZWFydGgvaWRlbnRpdHkvdjEvb2F1dGgucHJvdG8SEmhlYXJ0aC5pZGVudGl0eS52MSK7AgoUQXV0aG9yaXphdGlvblJlcXVlc3QSEQoJY2xpZW50X2lkGAEgASgJEhQKDHJlZGlyZWN0X3VyaRgCIAEoCRINCgVzY29wZRgDIAEoCRINCgVzdGF0ZRgEIAEoCRIVCg1yZXNwb25zZV90eXBlGAUgASgJEg8KB3VzZXJfaWQYBiABKAkSGwoOY29kZV9jaGFsbGVuZ2UYByABKAlIAIgBARIiChVjb2RlX2NoYWxsZW5nZV9tZXRob2QYCCABKAlIAYgBARISCgVub25jZRgJIAEoCUgCiAEBEhgKC3JlcXVlc3RfdXJpGAogASgJSAOIAQFCEQoPX2NvZGVfY2hhbGxlbmdlQhgKFl9jb2RlX2NoYWxsZW5nZV9tZXRob2RCCAoGX25vbmNlQg4KDF9yZXF1ZXN0X3VyaSI0ChVBdXRob3JpemF0aW9uUmVzcG9uc2USDAoEY29kZRgBIAEoCRINCgVzdGF0ZRgCIAEoCSJ7ChRUb2tlbkV4Y2hhbmdlUmVxdWVzdBIRCgljbGllbnRfaWQYASABKAkSDAoEY29kZRgCIAEoCRIUCgxyZWRpcmVjdF91cmkYAyABKAkSGgoNY29kZV92ZXJpZmllchgEIAEoCUgAiAEBQhAKDl9jb2RlX3ZlcmlmaWVyInoKEU9pZGNUb2tlblJlc3BvbnNlEhQKDGFjY2Vzc190b2tlbhgBIAEoCRIQCghpZF90b2tlbhgCIAEoCRISCgp0b2tlbl90eXBlGAMgASgJEhIKCmV4cGlyZXNfaW4YBCABKAMSFQoNcmVmcmVzaF90b2tlbhgFIAEoCSLYAQoVUmVnaXN0ZXJDbGllbnRSZXF1ZXN0EhMKC2NsaWVudF9uYW1lGAEgASgJEhUKDXJlZGlyZWN0X3VyaXMYAiADKAkSGgoNY2xpZW50X3NlY3JldBgDIAEoCUgAiAEBEhMKC2dyYW50X3R5cGVzGAQgAygJElAKGmFjY2Vzc190b2tlbl9hdXRob3JpemF0aW9uGAUgASgOMiwuaGVhcnRoLmlkZW50aXR5LnYxLkFjY2Vzc1Rva2VuQXV0aG9yaXphdGlvbkIQCg5fY2xpZW50X3NlY3JldCLhAQoTVXBkYXRlQ2xpZW50UmVxdWVzdBIYCgtjbGllbnRfbmFtZRgBIAEoCUgAiAEBEhUKDXJlZGlyZWN0X3VyaXMYAiADKAkSEwoLZ3JhbnRfdHlwZXMYAyADKAkSVQoaYWNjZXNzX3Rva2VuX2F1dGhvcml6YXRpb24YBCABKA4yLC5oZWFydGguaWRlbnRpdHkudjEuQWNjZXNzVG9rZW5BdXRob3JpemF0aW9uSAGIAQFCDgoMX2NsaWVudF9uYW1lQh0KG19hY2Nlc3NfdG9rZW5fYXV0aG9yaXphdGlvbiLgAQoLT0F1dGhDbGllbnQSEQoJY2xpZW50X2lkGAEgASgJEhMKC2NsaWVudF9uYW1lGAIgASgJEhUKDXJlZGlyZWN0X3VyaXMYAyADKAkSEgoKY3JlYXRlZF9hdBgEIAEoAxIXCg9pc19jb25maWRlbnRpYWwYBSABKAgSEwoLZ3JhbnRfdHlwZXMYBiADKAkSUAoaYWNjZXNzX3Rva2VuX2F1dGhvcml6YXRpb24YByABKA4yLC5oZWFydGguaWRlbnRpdHkudjEuQWNjZXNzVG9rZW5BdXRob3JpemF0aW9uImsKD09BdXRoQ2xpZW50UGFnZRIuCgVpdGVtcxgBIAMoCzIfLmhlYXJ0aC5pZGVudGl0eS52MS5PQXV0aENsaWVudBIYCgtuZXh0X2N1cnNvchgCIAEoCUgAiAEBQg4KDF9uZXh0X2N1cnNvciJiChhDbGllbnRDcmVkZW50aWFsc1JlcXVlc3QSEQoJY2xpZW50X2lkGAEgASgJEhUKDWNsaWVudF9zZWNyZXQYAiABKAkSEgoFc2NvcGUYAyABKAlIAIgBAUIICgZfc2NvcGUidwoZQ2xpZW50Q3JlZGVudGlhbHNSZXNwb25zZRIUCgxhY2Nlc3NfdG9rZW4YASABKAkSEgoKdG9rZW5fdHlwZRgCIAEoCRISCgpleHBpcmVzX2luGAMgASgDEhIKBXNjb3BlGAQgASgJSACIAQFCCAoGX3Njb3BlIk0KGkRldmljZUF1dGhvcml6YXRpb25SZXF1ZXN0EhEKCWNsaWVudF9pZBgBIAEoCRISCgVzY29wZRgCIAEoCUgAiAEBQggKBl9zY29wZSKFAQobRGV2aWNlQXV0aG9yaXphdGlvblJlc3BvbnNlEhMKC2RldmljZV9jb2RlGAEgASgJEhEKCXVzZXJfY29kZRgCIAEoCRIYChB2ZXJpZmljYXRpb25fdXJpGAMgASgJEhIKCmV4cGlyZXNfaW4YBCABKAMSEAoIaW50ZXJ2YWwYBSABKAMiWQoWVG9rZW5SZXZvY2F0aW9uUmVxdWVzdBINCgV0b2tlbhgBIAEoCRIcCg90b2tlbl90eXBlX2hpbnQYAiABKAlIAIgBAUISChBfdG9rZW5fdHlwZV9oaW50IlwKGVRva2VuSW50cm9zcGVjdGlvblJlcXVlc3QSDQoFdG9rZW4YASABKAkSHAoPdG9rZW5fdHlwZV9oaW50GAIgASgJSACIAQFCEgoQX3Rva2VuX3R5cGVfaGludCKTAwoVSW50cm9zcGVjdGlvblJlc3BvbnNlEg4KBmFjdGl2ZRgBIAEoCBISCgVzY29wZRgCIAEoCUgAiAEBEhYKCWNsaWVudF9pZBgDIAEoCUgBiAEBEhAKA3N1YhgEIAEoCUgCiAEBEhAKA2V4cBgFIAEoA0gDiAEBEhAKA2lhdBgGIAEoA0gEiAEBEhcKCnRva2VuX3R5cGUYByABKAlIBYgBARIQCgNpc3MYCCABKAlIBogBARIQCgNhdWQYCSABKAlIB4gBARI/CgRtb2RlGAogASgOMiwuaGVhcnRoLmlkZW50aXR5LnYxLkFjY2Vzc1Rva2VuQXV0aG9yaXphdGlvbkgIiAEBEhMKC3Blcm1pc3Npb25zGAsgAygJEg0KBXJvbGVzGAwgAygJEg4KBmdyb3VwcxgNIAMoCUIICgZfc2NvcGVCDAoKX2NsaWVudF9pZEIGCgRfc3ViQgYKBF9leHBCBgoEX2lhdEINCgtfdG9rZW5fdHlwZUIGCgRfaXNzQgYKBF9hdWRCBwoFX21vZGUigAEKFFRva2VuRGVjaXNpb25SZXF1ZXN0EhIKCnBlcm1pc3Npb24YASABKAkSHAoPb3JnYW5pemF0aW9uX2lkGAIgASgJSACIAQESFQoIcmVzb3VyY2UYAyABKAlIAYgBAUISChBfb3JnYW5pemF0aW9uX2lkQgsKCV9yZXNvdXJjZSIoChVUb2tlbkRlY2lzaW9uUmVzcG9uc2USDwoHYWxsb3dlZBgBIAEoCCKJAQoQVXNlckluZm9SZXNwb25zZRILCgNzdWIYASABKAkSEgoFZW1haWwYAiABKAlIAIgBARIbCg5lbWFpbF92ZXJpZmllZBgDIAEoCEgBiAEBEhEKBG5hbWUYBCABKAlIAogBAUIICgZfZW1haWxCEQoPX2VtYWlsX3ZlcmlmaWVkQgcKBV9uYW1lItIFChVPaWRjRGlzY292ZXJ5RG9jdW1lbnQSDgoGaXNzdWVyGAEgASgJEh4KFmF1dGhvcml6YXRpb25fZW5kcG9pbnQYAiABKAkSFgoOdG9rZW5fZW5kcG9pbnQYAyABKAkSEAoIandrc191cmkYBCABKAkSGQoRdXNlcmluZm9fZW5kcG9pbnQYBSABKAkSIAoYcmVzcG9uc2VfdHlwZXNfc3VwcG9ydGVkGAYgAygJEiAKGHJlc3BvbnNlX21vZGVzX3N1cHBvcnRlZBgHIAMoCRIfChdzdWJqZWN0X3R5cGVzX3N1cHBvcnRlZBgIIAMoCRItCiVpZF90b2tlbl9zaWduaW5nX2FsZ192YWx1ZXNfc3VwcG9ydGVkGAkgAygJEhgKEHNjb3Blc19zdXBwb3J0ZWQYCiADKAkSGAoQY2xhaW1zX3N1cHBvcnRlZBgLIAMoCRItCiV0b2tlbl9lbmRwb2ludF9hdXRoX21ldGhvZHNfc3VwcG9ydGVkGAwgAygJEigKIGNvZGVfY2hhbGxlbmdlX21ldGhvZHNfc3VwcG9ydGVkGA0gAygJEh0KFWdyYW50X3R5cGVzX3N1cHBvcnRlZBgOIAMoCRIiChVyZWdpc3RyYXRpb25fZW5kcG9pbnQYDyABKAlIAIgBARIqCh1kZXZpY2VfYXV0aG9yaXphdGlvbl9lbmRwb2ludBgQIAEoCUgBiAEBEiAKE3Jldm9jYXRpb25fZW5kcG9pbnQYESABKAlIAogBARIjChZpbnRyb3NwZWN0aW9uX2VuZHBvaW50GBIgASgJSAOIAQFCGAoWX3JlZ2lzdHJhdGlvbl9lbmRwb2ludEIgCh5fZGV2aWNlX2F1dGhvcml6YXRpb25fZW5kcG9pbnRCFgoUX3Jldm9jYXRpb25fZW5kcG9pbnRCGQoXX2ludHJvc3BlY3Rpb25fZW5kcG9pbnQiWAoKSnNvbldlYktleRILCgNrdHkYASABKAkSCwoDY3J2GAIgASgJEgkKAXgYAyABKAkSCwoDa2lkGAQgASgJEgsKA3VzZRgFIAEoCRILCgNhbGcYBiABKAkiPAoMSndrc0RvY3VtZW50EiwKBGtleXMYASADKAsyHi5oZWFydGguaWRlbnRpdHkudjEuSnNvbldlYktleSJ3ChFCb290c3RyYXBSZXNwb25zZRIQCghyZWFsbV9pZBgBIAEoCRIPCgd1c2VyX2lkGAIgASgJEhQKDGFjY2Vzc190b2tlbhgDIAEoCRIVCg1yZWZyZXNoX3Rva2VuGAQgASgJEhIKCnF1aWNrc3RhcnQYBSABKAkiVwoXTGlzdEFwcGxpY2F0aW9uc1JlcXVlc3QSEwoGY3Vyc29yGAEgASgJSACIAQESEgoFbGltaXQYAiABKA1IAYgBAUIJCgdfY3Vyc29yQggKBl9saW1pdCIqChVHZXRBcHBsaWNhdGlvblJlcXVlc3QSEQoJY2xpZW50X2lkGAEgASgJIi0KGERlbGV0ZUFwcGxpY2F0aW9uUmVxdWVzdBIRCgljbGllbnRfaWQYASABKAkiYQoVVXBkYXRlQXBwbGljYXRpb25DYWxsEhEKCWNsaWVudF9pZBgBIAEoCRI1CgRib2R5GAIgASgLMicuaGVhcnRoLmlkZW50aXR5LnYxLlVwZGF0ZUNsaWVudFJlcXVlc3QiDAoKT0F1dGhFbXB0eSpJChhBY2Nlc3NUb2tlbkF1dGhvcml6YXRpb24SDAoIRU1CRURERUQQABIRCg1JTlRST1NQRUNUSU9OEAESDAoIREVDSVNJT04QAjLEBQoXQXBwbGljYXRpb25BZG1pblNlcnZpY2USgQEKEExpc3RBcHBsaWNhdGlvbnMSKy5oZWFydGguaWRlbnRpdHkudjEuTGlzdEFwcGxpY2F0aW9uc1JlcXVlc3QaIy5oZWFydGguaWRlbnRpdHkudjEuT0F1dGhDbGllbnRQYWdlIhuC0+STAhUSEy9hZG1pbi9hcHBsaWNhdGlvbnMShQEKDkdldEFwcGxpY2F0aW9uEikuaGVhcnRoLmlkZW50aXR5LnYxLkdldEFwcGxpY2F0aW9uUmVxdWVzdBofLmhlYXJ0aC5pZGVudGl0eS52MS5PQXV0aENsaWVudCIngtPkkwIhEh8vYWRtaW4vYXBwbGljYXRpb25zL3tjbGllbnRfaWR9En8KEUNyZWF0ZUFwcGxpY2F0aW9uEikuaGVhcnRoLmlkZW50aXR5LnYxLlJlZ2lzdGVyQ2xpZW50UmVxdWVzdBofLmhlYXJ0aC5pZGVudGl0eS52MS5PQXV0aENsaWVudCIegtPkkwIYOgEqIhMvYWRtaW4vYXBwbGljYXRpb25zEo4BChFVcGRhdGVBcHBsaWNhdGlvbhIpLmhlYXJ0aC5pZGVudGl0eS52MS5VcGRhdGVBcHBsaWNhdGlvbkNhbGwaHy5oZWFydGguaWRlbnRpdHkudjEuT0F1dGhDbGllbnQiLYLT5JMCJzoEYm9keTIfL2FkbWluL2FwcGxpY2F0aW9ucy97Y2xpZW50X2lkfRKKAQoRRGVsZXRlQXBwbGljYXRpb24SLC5oZWFydGguaWRlbnRpdHkudjEuRGVsZXRlQXBwbGljYXRpb25SZXF1ZXN0Gh4uaGVhcnRoLmlkZW50aXR5LnYxLk9BdXRoRW1wdHkiJ4LT5JMCISofL2FkbWluL2FwcGxpY2F0aW9ucy97Y2xpZW50X2lkfTLvBwoMT0F1dGhTZXJ2aWNlEncKCUF1dGhvcml6ZRIoLmhlYXJ0aC5pZGVudGl0eS52MS5BdXRob3JpemF0aW9uUmVxdWVzdBopLmhlYXJ0aC5pZGVudGl0eS52MS5BdXRob3JpemF0aW9uUmVzcG9uc2UiFYLT5JMCDzoBKiIKL2F1dGhvcml6ZRJzCg1Ub2tlbkV4Y2hhbmdlEiguaGVhcnRoLmlkZW50aXR5LnYxLlRva2VuRXhjaGFuZ2VSZXF1ZXN0GiUuaGVhcnRoLmlkZW50aXR5LnYxLk9pZGNUb2tlblJlc3BvbnNlIhGC0+STAgs6ASoiBi90b2tlbhJoCgZSZXZva2USKi5oZWFydGguaWRlbnRpdHkudjEuVG9rZW5SZXZvY2F0aW9uUmVxdWVzdBoeLmhlYXJ0aC5pZGVudGl0eS52MS5PQXV0aEVtcHR5IhKC0+STAgw6ASoiBy9yZXZva2USfgoKSW50cm9zcGVjdBItLmhlYXJ0aC5pZGVudGl0eS52MS5Ub2tlbkludHJvc3BlY3Rpb25SZXF1ZXN0GikuaGVhcnRoLmlkZW50aXR5LnYxLkludHJvc3BlY3Rpb25SZXNwb25zZSIWgtPkkwIQOgEqIgsvaW50cm9zcGVjdBKUAQoPRGV2aWNlQXV0aG9yaXplEi4uaGVhcnRoLmlkZW50aXR5LnYxLkRldmljZUF1dGhvcml6YXRpb25SZXF1ZXN0Gi8uaGVhcnRoLmlkZW50aXR5LnYxLkRldmljZUF1dGhvcml6YXRpb25SZXNwb25zZSIggtPkkwIaOgEqIhUvZGV2aWNlX2F1dGhvcml6YXRpb24ScAoRQ2xpZW50Q3JlZGVudGlhbHMSLC5oZWFydGguaWRlbnRpdHkudjEuQ2xpZW50Q3JlZGVudGlhbHNSZXF1ZXN0Gi0uaGVhcnRoLmlkZW50aXR5LnYxLkNsaWVudENyZWRlbnRpYWxzUmVzcG9uc2USgQEKDlJlZ2lzdGVyQ2xpZW50EikuaGVhcnRoLmlkZW50aXR5LnYxLlJlZ2lzdGVyQ2xpZW50UmVxdWVzdBofLmhlYXJ0aC5pZGVudGl0eS52MS5PQXV0aENsaWVudCIjgtPkkwIdOgEqWg06ASoiCC9jbGllbnRzIgkvcmVnaXN0ZXISegoGRGVjaWRlEiguaGVhcnRoLmlkZW50aXR5LnYxLlRva2VuRGVjaXNpb25SZXF1ZXN0GikuaGVhcnRoLmlkZW50aXR5LnYxLlRva2VuRGVjaXNpb25SZXNwb25zZSIbgtPkkwIVOgEqIhAvb2F1dGgvYXV0aG9yaXplQkVaQ2dpdGh1Yi5jb20vaGVhcnRoZGIvaGVhcnRoL3Nka3MvZ28vZ2VuZXJhdGVkL2lkZW50aXR5L3YxO2lkZW50aXR5djFiBnByb3RvMw", [file_google_api_annotations]);
-
-/**
- * Request to initiate an OAuth 2.0 authorization.
- *
- * @generated from message hearth.identity.v1.AuthorizationRequest
- */
-export type AuthorizationRequest = Message<"hearth.identity.v1.AuthorizationRequest"> & {
-  /**
-   * @generated from field: string client_id = 1;
-   */
-  clientId: string;
-
-  /**
-   * @generated from field: string redirect_uri = 2;
-   */
-  redirectUri: string;
-
-  /**
-   * @generated from field: string scope = 3;
-   */
-  scope: string;
-
-  /**
-   * @generated from field: string state = 4;
-   */
-  state: string;
-
-  /**
-   * @generated from field: string response_type = 5;
-   */
-  responseType: string;
-
-  /**
-   * @generated from field: string user_id = 6;
-   */
-  userId: string;
-
-  /**
-   * @generated from field: optional string code_challenge = 7;
-   */
-  codeChallenge?: string | undefined;
-
-  /**
-   * @generated from field: optional string code_challenge_method = 8;
-   */
-  codeChallengeMethod?: string | undefined;
-
-  /**
-   * @generated from field: optional string nonce = 9;
-   */
-  nonce?: string | undefined;
-
-  /**
-   * PAR request_uri (RFC 9126). When set, the server expands the stored
-   * pushed authorization parameters and treats this as a PAR-backed request
-   * (via_par = true). Other authorization fields are ignored when this is set.
-   *
-   * @generated from field: optional string request_uri = 10;
-   */
-  requestUri?: string | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.AuthorizationRequest.
- * Use `create(AuthorizationRequestSchema)` to create a new message.
- */
-export const AuthorizationRequestSchema: GenMessage<AuthorizationRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 0);
-
-/**
- * Response from a successful authorization request.
- *
- * @generated from message hearth.identity.v1.AuthorizationResponse
- */
-export type AuthorizationResponse = Message<"hearth.identity.v1.AuthorizationResponse"> & {
-  /**
-   * @generated from field: string code = 1;
-   */
-  code: string;
-
-  /**
-   * @generated from field: string state = 2;
-   */
-  state: string;
-};
-
-/**
- * Describes the message hearth.identity.v1.AuthorizationResponse.
- * Use `create(AuthorizationResponseSchema)` to create a new message.
- */
-export const AuthorizationResponseSchema: GenMessage<AuthorizationResponse> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 1);
-
-/**
- * Request to exchange an authorization code for tokens.
- *
- * @generated from message hearth.identity.v1.TokenExchangeRequest
- */
-export type TokenExchangeRequest = Message<"hearth.identity.v1.TokenExchangeRequest"> & {
-  /**
-   * @generated from field: string client_id = 1;
-   */
-  clientId: string;
-
-  /**
-   * @generated from field: string code = 2;
-   */
-  code: string;
-
-  /**
-   * @generated from field: string redirect_uri = 3;
-   */
-  redirectUri: string;
-
-  /**
-   * @generated from field: optional string code_verifier = 4;
-   */
-  codeVerifier?: string | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.TokenExchangeRequest.
- * Use `create(TokenExchangeRequestSchema)` to create a new message.
- */
-export const TokenExchangeRequestSchema: GenMessage<TokenExchangeRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 2);
-
-/**
- * Response from a successful token exchange.
- *
- * @generated from message hearth.identity.v1.OidcTokenResponse
- */
-export type OidcTokenResponse = Message<"hearth.identity.v1.OidcTokenResponse"> & {
-  /**
-   * @generated from field: string access_token = 1;
-   */
-  accessToken: string;
-
-  /**
-   * @generated from field: string id_token = 2;
-   */
-  idToken: string;
-
-  /**
-   * @generated from field: string token_type = 3;
-   */
-  tokenType: string;
-
-  /**
-   * @generated from field: int64 expires_in = 4;
-   */
-  expiresIn: bigint;
-
-  /**
-   * @generated from field: string refresh_token = 5;
-   */
-  refreshToken: string;
-};
-
-/**
- * Describes the message hearth.identity.v1.OidcTokenResponse.
- * Use `create(OidcTokenResponseSchema)` to create a new message.
- */
-export const OidcTokenResponseSchema: GenMessage<OidcTokenResponse> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 3);
-
-/**
- * Request to register a new OAuth 2.0 client.
- *
- * @generated from message hearth.identity.v1.RegisterClientRequest
- */
-export type RegisterClientRequest = Message<"hearth.identity.v1.RegisterClientRequest"> & {
-  /**
-   * @generated from field: string client_name = 1;
-   */
-  clientName: string;
-
-  /**
-   * @generated from field: repeated string redirect_uris = 2;
-   */
-  redirectUris: string[];
-
-  /**
-   * @generated from field: optional string client_secret = 3;
-   */
-  clientSecret?: string | undefined;
-
-  /**
-   * @generated from field: repeated string grant_types = 4;
-   */
-  grantTypes: string[];
-
-  /**
-   * @generated from field: hearth.identity.v1.AccessTokenAuthorization access_token_authorization = 5;
-   */
-  accessTokenAuthorization: AccessTokenAuthorization;
-};
-
-/**
- * Describes the message hearth.identity.v1.RegisterClientRequest.
- * Use `create(RegisterClientRequestSchema)` to create a new message.
- */
-export const RegisterClientRequestSchema: GenMessage<RegisterClientRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 4);
-
-/**
- * Request to update an existing OAuth 2.0 client.
- *
- * @generated from message hearth.identity.v1.UpdateClientRequest
- */
-export type UpdateClientRequest = Message<"hearth.identity.v1.UpdateClientRequest"> & {
-  /**
-   * @generated from field: optional string client_name = 1;
-   */
-  clientName?: string | undefined;
-
-  /**
-   * @generated from field: repeated string redirect_uris = 2;
-   */
-  redirectUris: string[];
-
-  /**
-   * @generated from field: repeated string grant_types = 3;
-   */
-  grantTypes: string[];
-
-  /**
-   * @generated from field: optional hearth.identity.v1.AccessTokenAuthorization access_token_authorization = 4;
-   */
-  accessTokenAuthorization?: AccessTokenAuthorization | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.UpdateClientRequest.
- * Use `create(UpdateClientRequestSchema)` to create a new message.
- */
-export const UpdateClientRequestSchema: GenMessage<UpdateClientRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 5);
-
-/**
- * A registered OAuth 2.0 client.
- *
- * @generated from message hearth.identity.v1.OAuthClient
- */
-export type OAuthClient = Message<"hearth.identity.v1.OAuthClient"> & {
-  /**
-   * @generated from field: string client_id = 1;
-   */
-  clientId: string;
-
-  /**
-   * @generated from field: string client_name = 2;
-   */
-  clientName: string;
-
-  /**
-   * @generated from field: repeated string redirect_uris = 3;
-   */
-  redirectUris: string[];
-
-  /**
-   * @generated from field: int64 created_at = 4;
-   */
-  createdAt: bigint;
-
-  /**
-   * @generated from field: bool is_confidential = 5;
-   */
-  isConfidential: boolean;
-
-  /**
-   * @generated from field: repeated string grant_types = 6;
-   */
-  grantTypes: string[];
-
-  /**
-   * @generated from field: hearth.identity.v1.AccessTokenAuthorization access_token_authorization = 7;
-   */
-  accessTokenAuthorization: AccessTokenAuthorization;
-};
-
-/**
- * Describes the message hearth.identity.v1.OAuthClient.
- * Use `create(OAuthClientSchema)` to create a new message.
- */
-export const OAuthClientSchema: GenMessage<OAuthClient> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 6);
-
-/**
- * A cursor-based page of OAuth clients.
- *
- * @generated from message hearth.identity.v1.OAuthClientPage
- */
-export type OAuthClientPage = Message<"hearth.identity.v1.OAuthClientPage"> & {
-  /**
-   * @generated from field: repeated hearth.identity.v1.OAuthClient items = 1;
-   */
-  items: OAuthClient[];
-
-  /**
-   * @generated from field: optional string next_cursor = 2;
-   */
-  nextCursor?: string | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.OAuthClientPage.
- * Use `create(OAuthClientPageSchema)` to create a new message.
- */
-export const OAuthClientPageSchema: GenMessage<OAuthClientPage> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 7);
-
-/**
- * Request for the Client Credentials Grant (RFC 6749 s4.4).
- *
- * @generated from message hearth.identity.v1.ClientCredentialsRequest
- */
-export type ClientCredentialsRequest = Message<"hearth.identity.v1.ClientCredentialsRequest"> & {
-  /**
-   * @generated from field: string client_id = 1;
-   */
-  clientId: string;
-
-  /**
-   * @generated from field: string client_secret = 2;
-   */
-  clientSecret: string;
-
-  /**
-   * @generated from field: optional string scope = 3;
-   */
-  scope?: string | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.ClientCredentialsRequest.
- * Use `create(ClientCredentialsRequestSchema)` to create a new message.
- */
-export const ClientCredentialsRequestSchema: GenMessage<ClientCredentialsRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 8);
-
-/**
- * Response from a client credentials grant.
- *
- * @generated from message hearth.identity.v1.ClientCredentialsResponse
- */
-export type ClientCredentialsResponse = Message<"hearth.identity.v1.ClientCredentialsResponse"> & {
-  /**
-   * @generated from field: string access_token = 1;
-   */
-  accessToken: string;
-
-  /**
-   * @generated from field: string token_type = 2;
-   */
-  tokenType: string;
-
-  /**
-   * @generated from field: int64 expires_in = 3;
-   */
-  expiresIn: bigint;
-
-  /**
-   * @generated from field: optional string scope = 4;
-   */
-  scope?: string | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.ClientCredentialsResponse.
- * Use `create(ClientCredentialsResponseSchema)` to create a new message.
- */
-export const ClientCredentialsResponseSchema: GenMessage<ClientCredentialsResponse> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 9);
-
-/**
- * Request for the Device Authorization Grant (RFC 8628).
- *
- * @generated from message hearth.identity.v1.DeviceAuthorizationRequest
- */
-export type DeviceAuthorizationRequest = Message<"hearth.identity.v1.DeviceAuthorizationRequest"> & {
-  /**
-   * @generated from field: string client_id = 1;
-   */
-  clientId: string;
-
-  /**
-   * @generated from field: optional string scope = 2;
-   */
-  scope?: string | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.DeviceAuthorizationRequest.
- * Use `create(DeviceAuthorizationRequestSchema)` to create a new message.
- */
-export const DeviceAuthorizationRequestSchema: GenMessage<DeviceAuthorizationRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 10);
-
-/**
- * Response from a device authorization request (RFC 8628 s3.2).
- *
- * @generated from message hearth.identity.v1.DeviceAuthorizationResponse
- */
-export type DeviceAuthorizationResponse = Message<"hearth.identity.v1.DeviceAuthorizationResponse"> & {
-  /**
-   * @generated from field: string device_code = 1;
-   */
-  deviceCode: string;
-
-  /**
-   * @generated from field: string user_code = 2;
-   */
-  userCode: string;
-
-  /**
-   * @generated from field: string verification_uri = 3;
-   */
-  verificationUri: string;
-
-  /**
-   * @generated from field: int64 expires_in = 4;
-   */
-  expiresIn: bigint;
-
-  /**
-   * @generated from field: int64 interval = 5;
-   */
-  interval: bigint;
-};
-
-/**
- * Describes the message hearth.identity.v1.DeviceAuthorizationResponse.
- * Use `create(DeviceAuthorizationResponseSchema)` to create a new message.
- */
-export const DeviceAuthorizationResponseSchema: GenMessage<DeviceAuthorizationResponse> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 11);
-
-/**
- * Request to revoke an OAuth 2.0 token (RFC 7009).
- *
- * @generated from message hearth.identity.v1.TokenRevocationRequest
- */
-export type TokenRevocationRequest = Message<"hearth.identity.v1.TokenRevocationRequest"> & {
-  /**
-   * @generated from field: string token = 1;
-   */
-  token: string;
-
-  /**
-   * @generated from field: optional string token_type_hint = 2;
-   */
-  tokenTypeHint?: string | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.TokenRevocationRequest.
- * Use `create(TokenRevocationRequestSchema)` to create a new message.
- */
-export const TokenRevocationRequestSchema: GenMessage<TokenRevocationRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 12);
-
-/**
- * Request for token introspection (RFC 7662).
- *
- * @generated from message hearth.identity.v1.TokenIntrospectionRequest
- */
-export type TokenIntrospectionRequest = Message<"hearth.identity.v1.TokenIntrospectionRequest"> & {
-  /**
-   * @generated from field: string token = 1;
-   */
-  token: string;
-
-  /**
-   * @generated from field: optional string token_type_hint = 2;
-   */
-  tokenTypeHint?: string | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.TokenIntrospectionRequest.
- * Use `create(TokenIntrospectionRequestSchema)` to create a new message.
- */
-export const TokenIntrospectionRequestSchema: GenMessage<TokenIntrospectionRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 13);
-
-/**
- * Response from token introspection (RFC 7662).
- *
- * @generated from message hearth.identity.v1.IntrospectionResponse
- */
-export type IntrospectionResponse = Message<"hearth.identity.v1.IntrospectionResponse"> & {
-  /**
-   * @generated from field: bool active = 1;
-   */
-  active: boolean;
-
-  /**
-   * @generated from field: optional string scope = 2;
-   */
-  scope?: string | undefined;
-
-  /**
-   * @generated from field: optional string client_id = 3;
-   */
-  clientId?: string | undefined;
-
-  /**
-   * @generated from field: optional string sub = 4;
-   */
-  sub?: string | undefined;
-
-  /**
-   * @generated from field: optional int64 exp = 5;
-   */
-  exp?: bigint | undefined;
-
-  /**
-   * @generated from field: optional int64 iat = 6;
-   */
-  iat?: bigint | undefined;
-
-  /**
-   * @generated from field: optional string token_type = 7;
-   */
-  tokenType?: string | undefined;
-
-  /**
-   * @generated from field: optional string iss = 8;
-   */
-  iss?: string | undefined;
-
-  /**
-   * @generated from field: optional string aud = 9;
-   */
-  aud?: string | undefined;
-
-  /**
-   * @generated from field: optional hearth.identity.v1.AccessTokenAuthorization mode = 10;
-   */
-  mode?: AccessTokenAuthorization | undefined;
-
-  /**
-   * @generated from field: repeated string permissions = 11;
-   */
-  permissions: string[];
-
-  /**
-   * @generated from field: repeated string roles = 12;
-   */
-  roles: string[];
-
-  /**
-   * @generated from field: repeated string groups = 13;
-   */
-  groups: string[];
-};
-
-/**
- * Describes the message hearth.identity.v1.IntrospectionResponse.
- * Use `create(IntrospectionResponseSchema)` to create a new message.
- */
-export const IntrospectionResponseSchema: GenMessage<IntrospectionResponse> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 14);
-
-/**
- * Request for the per-request permission decision endpoint (HEA-922).
- *
- * @generated from message hearth.identity.v1.TokenDecisionRequest
- */
-export type TokenDecisionRequest = Message<"hearth.identity.v1.TokenDecisionRequest"> & {
-  /**
-   * @generated from field: string permission = 1;
-   */
-  permission: string;
-
-  /**
-   * @generated from field: optional string organization_id = 2;
-   */
-  organizationId?: string | undefined;
-
-  /**
-   * @generated from field: optional string resource = 3;
-   */
-  resource?: string | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.TokenDecisionRequest.
- * Use `create(TokenDecisionRequestSchema)` to create a new message.
- */
-export const TokenDecisionRequestSchema: GenMessage<TokenDecisionRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 15);
-
-/**
- * Response from the decision endpoint.
- *
- * @generated from message hearth.identity.v1.TokenDecisionResponse
- */
-export type TokenDecisionResponse = Message<"hearth.identity.v1.TokenDecisionResponse"> & {
-  /**
-   * @generated from field: bool allowed = 1;
-   */
-  allowed: boolean;
-};
-
-/**
- * Describes the message hearth.identity.v1.TokenDecisionResponse.
- * Use `create(TokenDecisionResponseSchema)` to create a new message.
- */
-export const TokenDecisionResponseSchema: GenMessage<TokenDecisionResponse> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 16);
-
-/**
- * Response from the UserInfo endpoint (OIDC Core s5.3).
- *
- * @generated from message hearth.identity.v1.UserInfoResponse
- */
-export type UserInfoResponse = Message<"hearth.identity.v1.UserInfoResponse"> & {
-  /**
-   * @generated from field: string sub = 1;
-   */
-  sub: string;
-
-  /**
-   * @generated from field: optional string email = 2;
-   */
-  email?: string | undefined;
-
-  /**
-   * @generated from field: optional bool email_verified = 3;
-   */
-  emailVerified?: boolean | undefined;
-
-  /**
-   * @generated from field: optional string name = 4;
-   */
-  name?: string | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.UserInfoResponse.
- * Use `create(UserInfoResponseSchema)` to create a new message.
- */
-export const UserInfoResponseSchema: GenMessage<UserInfoResponse> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 17);
-
-/**
- * OIDC Discovery document (OpenID Connect Discovery 1.0).
- *
- * @generated from message hearth.identity.v1.OidcDiscoveryDocument
- */
-export type OidcDiscoveryDocument = Message<"hearth.identity.v1.OidcDiscoveryDocument"> & {
-  /**
-   * @generated from field: string issuer = 1;
-   */
-  issuer: string;
-
-  /**
-   * @generated from field: string authorization_endpoint = 2;
-   */
-  authorizationEndpoint: string;
-
-  /**
-   * @generated from field: string token_endpoint = 3;
-   */
-  tokenEndpoint: string;
-
-  /**
-   * @generated from field: string jwks_uri = 4;
-   */
-  jwksUri: string;
-
-  /**
-   * @generated from field: string userinfo_endpoint = 5;
-   */
-  userinfoEndpoint: string;
-
-  /**
-   * @generated from field: repeated string response_types_supported = 6;
-   */
-  responseTypesSupported: string[];
-
-  /**
-   * @generated from field: repeated string response_modes_supported = 7;
-   */
-  responseModesSupported: string[];
-
-  /**
-   * @generated from field: repeated string subject_types_supported = 8;
-   */
-  subjectTypesSupported: string[];
-
-  /**
-   * @generated from field: repeated string id_token_signing_alg_values_supported = 9;
-   */
-  idTokenSigningAlgValuesSupported: string[];
-
-  /**
-   * @generated from field: repeated string scopes_supported = 10;
-   */
-  scopesSupported: string[];
-
-  /**
-   * @generated from field: repeated string claims_supported = 11;
-   */
-  claimsSupported: string[];
-
-  /**
-   * @generated from field: repeated string token_endpoint_auth_methods_supported = 12;
-   */
-  tokenEndpointAuthMethodsSupported: string[];
-
-  /**
-   * @generated from field: repeated string code_challenge_methods_supported = 13;
-   */
-  codeChallengeMethodsSupported: string[];
-
-  /**
-   * @generated from field: repeated string grant_types_supported = 14;
-   */
-  grantTypesSupported: string[];
-
-  /**
-   * @generated from field: optional string registration_endpoint = 15;
-   */
-  registrationEndpoint?: string | undefined;
-
-  /**
-   * @generated from field: optional string device_authorization_endpoint = 16;
-   */
-  deviceAuthorizationEndpoint?: string | undefined;
-
-  /**
-   * @generated from field: optional string revocation_endpoint = 17;
-   */
-  revocationEndpoint?: string | undefined;
-
-  /**
-   * @generated from field: optional string introspection_endpoint = 18;
-   */
-  introspectionEndpoint?: string | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.OidcDiscoveryDocument.
- * Use `create(OidcDiscoveryDocumentSchema)` to create a new message.
- */
-export const OidcDiscoveryDocumentSchema: GenMessage<OidcDiscoveryDocument> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 18);
-
-/**
- * A JSON Web Key.
- *
- * @generated from message hearth.identity.v1.JsonWebKey
- */
-export type JsonWebKey = Message<"hearth.identity.v1.JsonWebKey"> & {
-  /**
-   * @generated from field: string kty = 1;
-   */
-  kty: string;
-
-  /**
-   * @generated from field: string crv = 2;
-   */
-  crv: string;
-
-  /**
-   * @generated from field: string x = 3;
-   */
-  x: string;
-
-  /**
-   * @generated from field: string kid = 4;
-   */
-  kid: string;
-
-  /**
-   * Always "sig".
-   *
-   * @generated from field: string use = 5;
-   */
-  use: string;
-
-  /**
-   * Always "EdDSA".
-   *
-   * @generated from field: string alg = 6;
-   */
-  alg: string;
-};
-
-/**
- * Describes the message hearth.identity.v1.JsonWebKey.
- * Use `create(JsonWebKeySchema)` to create a new message.
- */
-export const JsonWebKeySchema: GenMessage<JsonWebKey> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 19);
-
-/**
- * A JWKS document.
- *
- * @generated from message hearth.identity.v1.JwksDocument
- */
-export type JwksDocument = Message<"hearth.identity.v1.JwksDocument"> & {
-  /**
-   * @generated from field: repeated hearth.identity.v1.JsonWebKey keys = 1;
-   */
-  keys: JsonWebKey[];
-};
-
-/**
- * Describes the message hearth.identity.v1.JwksDocument.
- * Use `create(JwksDocumentSchema)` to create a new message.
- */
-export const JwksDocumentSchema: GenMessage<JwksDocument> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 20);
-
-/**
- * Response from the dev bootstrap endpoint.
- *
- * @generated from message hearth.identity.v1.BootstrapResponse
- */
-export type BootstrapResponse = Message<"hearth.identity.v1.BootstrapResponse"> & {
-  /**
-   * @generated from field: string realm_id = 1;
-   */
-  realmId: string;
-
-  /**
-   * @generated from field: string user_id = 2;
-   */
-  userId: string;
-
-  /**
-   * @generated from field: string access_token = 3;
-   */
-  accessToken: string;
-
-  /**
-   * @generated from field: string refresh_token = 4;
-   */
-  refreshToken: string;
-
-  /**
-   * Ready-to-copy shell commands with actual realm_id and token interpolated.
-   * Only populated in --dev mode.
-   *
-   * @generated from field: string quickstart = 5;
-   */
-  quickstart: string;
-};
-
-/**
- * Describes the message hearth.identity.v1.BootstrapResponse.
- * Use `create(BootstrapResponseSchema)` to create a new message.
- */
-export const BootstrapResponseSchema: GenMessage<BootstrapResponse> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 21);
-
-/**
- * @generated from message hearth.identity.v1.ListApplicationsRequest
- */
-export type ListApplicationsRequest = Message<"hearth.identity.v1.ListApplicationsRequest"> & {
-  /**
-   * @generated from field: optional string cursor = 1;
-   */
-  cursor?: string | undefined;
-
-  /**
-   * @generated from field: optional uint32 limit = 2;
-   */
-  limit?: number | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.ListApplicationsRequest.
- * Use `create(ListApplicationsRequestSchema)` to create a new message.
- */
-export const ListApplicationsRequestSchema: GenMessage<ListApplicationsRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 22);
-
-/**
- * @generated from message hearth.identity.v1.GetApplicationRequest
- */
-export type GetApplicationRequest = Message<"hearth.identity.v1.GetApplicationRequest"> & {
-  /**
-   * @generated from field: string client_id = 1;
-   */
-  clientId: string;
-};
-
-/**
- * Describes the message hearth.identity.v1.GetApplicationRequest.
- * Use `create(GetApplicationRequestSchema)` to create a new message.
- */
-export const GetApplicationRequestSchema: GenMessage<GetApplicationRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 23);
-
-/**
- * @generated from message hearth.identity.v1.DeleteApplicationRequest
- */
-export type DeleteApplicationRequest = Message<"hearth.identity.v1.DeleteApplicationRequest"> & {
-  /**
-   * @generated from field: string client_id = 1;
-   */
-  clientId: string;
-};
-
-/**
- * Describes the message hearth.identity.v1.DeleteApplicationRequest.
- * Use `create(DeleteApplicationRequestSchema)` to create a new message.
- */
-export const DeleteApplicationRequestSchema: GenMessage<DeleteApplicationRequest> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 24);
-
-/**
- * @generated from message hearth.identity.v1.UpdateApplicationCall
- */
-export type UpdateApplicationCall = Message<"hearth.identity.v1.UpdateApplicationCall"> & {
-  /**
-   * @generated from field: string client_id = 1;
-   */
-  clientId: string;
-
-  /**
-   * @generated from field: hearth.identity.v1.UpdateClientRequest body = 2;
-   */
-  body?: UpdateClientRequest | undefined;
-};
-
-/**
- * Describes the message hearth.identity.v1.UpdateApplicationCall.
- * Use `create(UpdateApplicationCallSchema)` to create a new message.
- */
-export const UpdateApplicationCallSchema: GenMessage<UpdateApplicationCall> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 25);
-
-/**
- * Empty response type for delete RPCs (local to oauth.proto to avoid
- * cross-file service dependencies that complicate generated code).
- *
- * @generated from message hearth.identity.v1.OAuthEmpty
- */
-export type OAuthEmpty = Message<"hearth.identity.v1.OAuthEmpty"> & {
-};
-
-/**
- * Describes the message hearth.identity.v1.OAuthEmpty.
- * Use `create(OAuthEmptySchema)` to create a new message.
- */
-export const OAuthEmptySchema: GenMessage<OAuthEmpty> = /*@__PURE__*/
-  messageDesc(file_hearth_identity_v1_oauth, 26);
-
-/**
- * Controls how access-token authorization data is exposed to resource servers.
- *
- * @generated from enum hearth.identity.v1.AccessTokenAuthorization
- */
-export enum AccessTokenAuthorization {
-  /**
-   * Permissions, roles, and groups are embedded in the JWT at issuance (default).
-   *
-   * @generated from enum value: EMBEDDED = 0;
-   */
-  EMBEDDED = 0,
-
-  /**
-   * JWT carries only identity claims; resource servers call /introspect.
-   *
-   * @generated from enum value: INTROSPECTION = 1;
-   */
-  INTROSPECTION = 1,
-
-  /**
-   * JWT carries only identity claims; resource servers call POST /oauth/authorize.
-   *
-   * @generated from enum value: DECISION = 2;
-   */
-  DECISION = 2,
-}
-
-/**
- * Describes the enum hearth.identity.v1.AccessTokenAuthorization.
- */
-export const AccessTokenAuthorizationSchema: GenEnum<AccessTokenAuthorization> = /*@__PURE__*/
-  enumDesc(file_hearth_identity_v1_oauth, 0);
-
-/**
- * Application admin service — separated from IdentityAdminService so the
- * generated code stays within a single proto file. Both share the admin
- * interceptor.
- *
- * @generated from service hearth.identity.v1.ApplicationAdminService
- */
-export const ApplicationAdminService: GenService<{
-  /**
-   * @generated from rpc hearth.identity.v1.ApplicationAdminService.ListApplications
-   */
-  listApplications: {
-    methodKind: "unary";
-    input: typeof ListApplicationsRequestSchema;
-    output: typeof OAuthClientPageSchema;
-  },
-  /**
-   * @generated from rpc hearth.identity.v1.ApplicationAdminService.GetApplication
-   */
-  getApplication: {
-    methodKind: "unary";
-    input: typeof GetApplicationRequestSchema;
-    output: typeof OAuthClientSchema;
-  },
-  /**
-   * @generated from rpc hearth.identity.v1.ApplicationAdminService.CreateApplication
-   */
-  createApplication: {
-    methodKind: "unary";
-    input: typeof RegisterClientRequestSchema;
-    output: typeof OAuthClientSchema;
-  },
-  /**
-   * @generated from rpc hearth.identity.v1.ApplicationAdminService.UpdateApplication
-   */
-  updateApplication: {
-    methodKind: "unary";
-    input: typeof UpdateApplicationCallSchema;
-    output: typeof OAuthClientSchema;
-  },
-  /**
-   * @generated from rpc hearth.identity.v1.ApplicationAdminService.DeleteApplication
-   */
-  deleteApplication: {
-    methodKind: "unary";
-    input: typeof DeleteApplicationRequestSchema;
-    output: typeof OAuthEmptySchema;
-  },
-}> = /*@__PURE__*/
-  serviceDesc(file_hearth_identity_v1_oauth, 0);
-
-/**
- * @generated from service hearth.identity.v1.OAuthService
- */
-export const OAuthService: GenService<{
-  /**
-   * @generated from rpc hearth.identity.v1.OAuthService.Authorize
-   */
-  authorize: {
-    methodKind: "unary";
-    input: typeof AuthorizationRequestSchema;
-    output: typeof AuthorizationResponseSchema;
-  },
-  /**
-   * TokenExchange handles authorization_code and refresh_token grants.
-   * ClientCredentials (client_credentials grant) maps to the same POST /token
-   * endpoint via grant_type discriminator — see grpc-only.txt for the
-   * ClientCredentials RPC.
-   *
-   * @generated from rpc hearth.identity.v1.OAuthService.TokenExchange
-   */
-  tokenExchange: {
-    methodKind: "unary";
-    input: typeof TokenExchangeRequestSchema;
-    output: typeof OidcTokenResponseSchema;
-  },
-  /**
-   * @generated from rpc hearth.identity.v1.OAuthService.Revoke
-   */
-  revoke: {
-    methodKind: "unary";
-    input: typeof TokenRevocationRequestSchema;
-    output: typeof OAuthEmptySchema;
-  },
-  /**
-   * @generated from rpc hearth.identity.v1.OAuthService.Introspect
-   */
-  introspect: {
-    methodKind: "unary";
-    input: typeof TokenIntrospectionRequestSchema;
-    output: typeof IntrospectionResponseSchema;
-  },
-  /**
-   * @generated from rpc hearth.identity.v1.OAuthService.DeviceAuthorize
-   */
-  deviceAuthorize: {
-    methodKind: "unary";
-    input: typeof DeviceAuthorizationRequestSchema;
-    output: typeof DeviceAuthorizationResponseSchema;
-  },
-  /**
-   * ClientCredentials maps to POST /token with grant_type=client_credentials.
-   * Listed here for gRPC clients; the HTTP binding duplicates TokenExchange's
-   * path intentionally — see grpc-only.txt.
-   *
-   * @generated from rpc hearth.identity.v1.OAuthService.ClientCredentials
-   */
-  clientCredentials: {
-    methodKind: "unary";
-    input: typeof ClientCredentialsRequestSchema;
-    output: typeof ClientCredentialsResponseSchema;
-  },
-  /**
-   * Dynamic client registration (RFC 7591). Maps to POST /register (preferred)
-   * and POST /clients (legacy).
-   *
-   * @generated from rpc hearth.identity.v1.OAuthService.RegisterClient
-   */
-  registerClient: {
-    methodKind: "unary";
-    input: typeof RegisterClientRequestSchema;
-    output: typeof OAuthClientSchema;
-  },
-  /**
-   * Per-request permission decision endpoint (HEA-922). Requires bearer auth.
-   *
-   * @generated from rpc hearth.identity.v1.OAuthService.Decide
-   */
-  decide: {
-    methodKind: "unary";
-    input: typeof TokenDecisionRequestSchema;
-    output: typeof TokenDecisionResponseSchema;
-  },
-}> = /*@__PURE__*/
-  serviceDesc(file_hearth_identity_v1_oauth, 1);
-