@lobehub/chat 1.79.7 → 1.79.9

package/src/app/[variants]/oauth/consent/[uid]/ClientError.tsx

@@ -0,0 +1,46 @@
+'use client';
+
+import { Typography } from 'antd';
+import { createStyles } from 'antd-style';
+import React, { memo } from 'react';
+import { Center } from 'react-layout-kit';
+
+interface ClientProps {
+  error: {
+    message: string;
+    title: string;
+  };
+}
+
+const { Title, Paragraph } = Typography;
+
+const useStyles = createStyles(({ css, token }) => ({
+  container: css`
+    width: 100%;
+    min-height: 100vh;
+    color: ${token.colorTextBase};
+    background-color: ${token.colorBgLayout};
+  `,
+  error: css`
+    text-align: center;
+  `,
+}));
+
+const ConsentClientError = memo<ClientProps>(({ error }) => {
+  const { styles } = useStyles();
+
+  return (
+    <Center className={styles.container}>
+      <div className={styles.error}>
+        <Title level={2} style={{ color: 'inherit' }}>
+          {error.title}
+        </Title>
+        <Paragraph style={{ color: 'inherit' }}>{error.message}</Paragraph>
+      </div>
+    </Center>
+  );
+});
+
+ConsentClientError.displayName = 'ConsentClientError';
+
+export default ConsentClientError;

package/src/app/[variants]/oauth/consent/[uid]/failed/page.tsx

@@ -0,0 +1,36 @@
+'use client';
+
+import { Icon } from '@lobehub/ui';
+import { Button, Card, Result } from 'antd';
+import { XCircle } from 'lucide-react';
+import Link from 'next/link';
+import React, { memo } from 'react';
+import { useTranslation } from 'react-i18next';
+import { Center } from 'react-layout-kit';
+
+const FailedPage = memo(() => {
+  const { t } = useTranslation('oauth');
+
+  return (
+    <Center height="100vh">
+      <Card style={{ maxWidth: 500, width: '100%' }}>
+        <Result
+          extra={
+            <Link href="/">
+              <Button type="primary">{t('failed.backToHome')}</Button>
+            </Link>
+          }
+          icon={<Icon icon={XCircle} />}
+          status="error"
+          style={{ padding: 0 }}
+          subTitle={t('failed.subTitle')}
+          title={t('failed.title')}
+        />
+      </Card>
+    </Center>
+  );
+});
+
+FailedPage.displayName = 'FailedPage';
+
+export default FailedPage;

package/src/app/[variants]/oauth/consent/[uid]/page.tsx

@@ -0,0 +1,69 @@
+import { notFound } from 'next/navigation';
+
+import { oidcEnv } from '@/envs/oidc';
+import { OIDCService } from '@/server/services/oidc';
+
+import ConsentClient from './Client';
+import ConsentClientError from './ClientError';
+
+const InteractionPage = async (props: { params: Promise<{ uid: string }> }) => {
+  if (!oidcEnv.ENABLE_OIDC) return notFound();
+
+  const params = await props.params;
+  const uid = params.uid;
+
+  try {
+    const oidcService = await OIDCService.initialize();
+
+    // 获取交互详情，传入请求和响应对象
+    const details = await oidcService.getInteractionDetails(uid);
+
+    // 支持 login 和 consent 类型的交互
+    if (details.prompt.name !== 'consent' && details.prompt.name !== 'login') {
+      return (
+        <ConsentClientError
+          error={{
+            message: `不支持的交互类型: ${details.prompt.name}`,
+            title: '不支持的交互类型',
+          }}
+        />
+      );
+    }
+
+    // 获取客户端 ID 和授权范围
+    const clientId = (details.params.client_id as string) || 'unknown';
+    const scopes = (details.params.scope as string)?.split(' ') || [];
+
+    const clientDetail = await oidcService.getClientMetadata(clientId);
+
+    // 渲染客户端组件，无论是 login 还是 consent 类型
+    return (
+      <ConsentClient
+        clientId={clientId}
+        clientMetadata={{
+          clientName: clientDetail?.client_name,
+          logo: clientDetail?.logo_uri,
+        }}
+        redirectUri={details.params.redirect_uri as string}
+        scopes={scopes}
+        uid={params.uid}
+      />
+    );
+  } catch (error) {
+    console.error('Error handling OIDC interaction:', error);
+    // 确保错误处理能正确显示
+    const errorMessage = error instanceof Error ? error.message : '获取授权详情时发生未知错误';
+    // 检查是否是 'interaction session not found' 错误，可以给用户更友好的提示
+    if (errorMessage.includes('interaction session not found')) {
+      return (
+        <ConsentClientError
+          error={{ message: '授权会话已过期或无效，请重新发起授权流程。', title: '授权会话无效' }}
+        />
+      );
+    }
+
+    return <ConsentClientError error={{ message: errorMessage, title: '发生错误' }} />;
+  }
+};
+
+export default InteractionPage;

package/src/app/[variants]/oauth/consent/[uid]/success/page.tsx

@@ -0,0 +1,30 @@
+'use client';
+
+import { Icon } from '@lobehub/ui';
+import { Card, Result } from 'antd';
+import { CheckCircle } from 'lucide-react';
+import React, { memo } from 'react';
+import { useTranslation } from 'react-i18next';
+import { Center } from 'react-layout-kit';
+
+const SuccessPage = memo(() => {
+  const { t } = useTranslation('oauth');
+
+  return (
+    <Center height="100vh">
+      <Card style={{ maxWidth: 500, width: '100%' }}>
+        <Result
+          icon={<Icon icon={CheckCircle} />}
+          status="success"
+          style={{ padding: 0 }}
+          subTitle={t('success.subTitle')}
+          title={t('success.title')}
+        />
+      </Card>
+    </Center>
+  );
+});
+
+SuccessPage.displayName = 'SuccessPage';
+
+export default SuccessPage;

package/src/components/Branding/ProductLogo/index.tsx

@@ -5,7 +5,12 @@ import { isCustomBranding } from '@/const/version';
 
 import CustomLogo from './Custom';
 
-export const ProductLogo = memo<LobeHubProps>((props) => {
+interface ProductLogoProps extends LobeHubProps {
+  height?: number;
+  width?: number;
+}
+
+export const ProductLogo = memo<ProductLogoProps>((props) => {
   if (isCustomBranding) {
     return <CustomLogo {...props} />;
   }

package/src/config/aiModels/openai.ts

@@ -8,6 +8,66 @@ import {
 } from '@/types/aiModel';
 
 export const openaiChatModels: AIChatModelCard[] = [
+  {
+    abilities: {
+      functionCall: true,
+      vision: true,
+    },
+    contextWindowTokens: 1_047_576,
+    description:
+      'GPT-4.1 是我们用于复杂任务的旗舰模型。它非常适合跨领域解决问题。',
+    displayName: 'GPT-4.1',
+    enabled: true,
+    id: 'gpt-4.1',
+    maxOutput: 32_768,
+    pricing: {
+      cachedInput: 0.5,
+      input: 2,
+      output: 8,
+    },
+    releasedAt: '2025-04-14',
+    type: 'chat',
+  },
+  {
+    abilities: {
+      functionCall: true,
+      vision: true,
+    },
+    contextWindowTokens: 1_047_576,
+    description:
+      'GPT-4.1 mini 提供了智能、速度和成本之间的平衡，使其成为许多用例中有吸引力的模型。',
+    displayName: 'GPT-4.1 mini',
+    enabled: true,
+    id: 'gpt-4.1-mini',
+    maxOutput: 32_768,
+    pricing: {
+      cachedInput: 0.1,
+      input: 0.4,
+      output: 1.6,
+    },
+    releasedAt: '2025-04-14',
+    type: 'chat',
+  },
+  {
+    abilities: {
+      functionCall: true,
+      vision: true,
+    },
+    contextWindowTokens: 1_047_576,
+    description:
+      'GPT-4.1 mini 提供了智能、速度和成本之间的平衡，使其成为许多用例中有吸引力的模型。',
+    displayName: 'GPT-4.1 nano',
+    enabled: true,
+    id: 'gpt-4.1-nano',
+    maxOutput: 32_768,
+    pricing: {
+      cachedInput: 0.025,
+      input: 0.1,
+      output: 0.4,
+    },
+    releasedAt: '2025-04-14',
+    type: 'chat',
+  },
   {
     abilities: {
       functionCall: true,
@@ -36,7 +96,6 @@ export const openaiChatModels: AIChatModelCard[] = [
     description:
       'o1-mini是一款针对编程、数学和科学应用场景而设计的快速、经济高效的推理模型。该模型具有128K上下文和2023年10月的知识截止日期。',
     displayName: 'OpenAI o1-mini',
-    enabled: true,
     id: 'o1-mini',
     maxOutput: 65_536,
     pricing: {
@@ -75,7 +134,6 @@ export const openaiChatModels: AIChatModelCard[] = [
     description:
       'o1是OpenAI新的推理模型，适用于需要广泛通用知识的复杂任务。该模型具有128K上下文和2023年10月的知识截止日期。',
     displayName: 'OpenAI o1-preview',
-    enabled: true,
     id: 'o1-preview',
     maxOutput: 32_768,
     pricing: {
@@ -94,8 +152,7 @@ export const openaiChatModels: AIChatModelCard[] = [
     description:
       'GPT-4.5 的研究预览版，它是我们迄今为止最大、最强大的 GPT 模型。它拥有广泛的世界知识，并能更好地理解用户意图，使其在创造性任务和自主规划方面表现出色。GPT-4.5 可接受文本和图像输入，并生成文本输出（包括结构化输出）。支持关键的开发者功能，如函数调用、批量 API 和流式输出。在需要创造性、开放式思考和对话的任务（如写作、学习或探索新想法）中，GPT-4.5 表现尤为出色。知识截止日期为 2023 年 10 月。',
     displayName: 'GPT-4.5 Preview',
-    enabled: true,
-    id: 'gpt-4.5-preview',
+    id: 'gpt-4.5-preview', // deprecated on 2025-07-14
     maxOutput: 16_384,
     pricing: {
       cachedInput: 37.5,
@@ -114,7 +171,6 @@ export const openaiChatModels: AIChatModelCard[] = [
     description:
       'GPT-4o mini是OpenAI在GPT-4 Omni之后推出的最新模型，支持图文输入并输出文本。作为他们最先进的小型模型，它比其他近期的前沿模型便宜很多，并且比GPT-3.5 Turbo便宜超过60%。它保持了最先进的智能，同时具有显著的性价比。GPT-4o mini在MMLU测试中获得了 82% 的得分，目前在聊天偏好上排名高于 GPT-4。',
     displayName: 'GPT-4o mini',
-    enabled: true,
     id: 'gpt-4o-mini',
     maxOutput: 16_384,
     pricing: {
@@ -136,6 +192,7 @@ export const openaiChatModels: AIChatModelCard[] = [
     displayName: 'GPT-4o 1120',
     id: 'gpt-4o-2024-11-20',
     pricing: {
+      cachedInput: 1.25,
       input: 2.5,
       output: 10,
     },
@@ -151,7 +208,6 @@ export const openaiChatModels: AIChatModelCard[] = [
     description:
       'ChatGPT-4o 是一款动态模型，实时更新以保持当前最新版本。它结合了强大的语言理解与生成能力，适合于大规模应用场景，包括客户服务、教育和技术支持。',
     displayName: 'GPT-4o',
-    enabled: true,
     id: 'gpt-4o',
     pricing: {
       cachedInput: 1.25,
@@ -161,23 +217,6 @@ export const openaiChatModels: AIChatModelCard[] = [
     releasedAt: '2024-05-13',
     type: 'chat',
   },
-  {
-    abilities: {
-      functionCall: true,
-      vision: true,
-    },
-    contextWindowTokens: 128_000,
-    description:
-      'ChatGPT-4o 是一款动态模型，实时更新以保持当前最新版本。它结合了强大的语言理解与生成能力，适合于大规模应用场景，包括客户服务、教育和技术支持。',
-    displayName: 'GPT-4o 0806',
-    id: 'gpt-4o-2024-08-06',
-    pricing: {
-      input: 2.5,
-      output: 10,
-    },
-    releasedAt: '2024-08-06',
-    type: 'chat',
-  },
   {
     abilities: {
       functionCall: true,
@@ -345,8 +384,7 @@ export const openaiChatModels: AIChatModelCard[] = [
     description:
       'GPT-4 提供了一个更大的上下文窗口，能够处理更长的文本输入，适用于需要广泛信息整合和数据分析的场景。',
     displayName: 'GPT-4 32K',
-    id: 'gpt-4-32k',
-    // Will be discontinued on June 6, 2025
+    id: 'gpt-4-32k', // deprecated on 2025-06-06
     legacy: true,
     pricing: {
       input: 60,
@@ -354,22 +392,6 @@ export const openaiChatModels: AIChatModelCard[] = [
     },
     type: 'chat',
   },
-  {
-    abilities: {
-      functionCall: true,
-    },
-    contextWindowTokens: 32_768,
-    description:
-      'GPT-4 提供了一个更大的上下文窗口，能够处理更长的文本输入，适用于需要广泛信息整合和数据分析的场景。',
-    displayName: 'GPT-4 32K 0613',
-    id: 'gpt-4-32k-0613',
-    pricing: {
-      input: 60,
-      output: 120,
-    },
-    releasedAt: '2023-06-13',
-    type: 'chat',
-  },
   {
     abilities: {
       functionCall: true,

package/src/database/client/migrations.json

@@ -223,10 +223,7 @@
     "hash": "9646161fa041354714f823d726af27247bcd6e60fa3be5698c0d69f337a5700b"
   },
   {
-    "sql": [
-      "DROP TABLE \"user_budgets\";",
-      "\nDROP TABLE \"user_subscriptions\";"
-    ],
+    "sql": ["DROP TABLE \"user_budgets\";", "\nDROP TABLE \"user_subscriptions\";"],
     "bps": true,
     "folderMillis": 1729699958471,
     "hash": "7dad43a2a25d1aec82124a4e53f8d82f8505c3073f23606c1dc5d2a4598eacf9"
@@ -298,9 +295,7 @@
     "hash": "845a692ceabbfc3caf252a97d3e19a213bc0c433df2689900135f9cfded2cf49"
   },
   {
-    "sql": [
-      "ALTER TABLE \"messages\" ADD COLUMN \"reasoning\" jsonb;"
-    ],
+    "sql": ["ALTER TABLE \"messages\" ADD COLUMN \"reasoning\" jsonb;"],
     "bps": true,
     "folderMillis": 1737609172353,
     "hash": "2cb36ae4fcdd7b7064767e04bfbb36ae34518ff4bb1b39006f2dd394d1893868"
@@ -429,5 +424,29 @@
     "bps": true,
     "folderMillis": 1742806552131,
     "hash": "d9032edf59f717e0e71da5a95b3545ec251c311155cafe14df01a12800a9eae0"
+  },
+  {
+    "sql": [
+      "CREATE TABLE IF NOT EXISTS \"oidc_access_tokens\" (\n\t\"id\" varchar(255) PRIMARY KEY NOT NULL,\n\t\"data\" jsonb NOT NULL,\n\t\"expires_at\" timestamp with time zone NOT NULL,\n\t\"consumed_at\" timestamp with time zone,\n\t\"user_id\" text NOT NULL,\n\t\"client_id\" varchar(255) NOT NULL,\n\t\"grant_id\" varchar(255),\n\t\"accessed_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"created_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"updated_at\" timestamp with time zone DEFAULT now() NOT NULL\n);\n",
+      "\nCREATE TABLE IF NOT EXISTS \"oidc_authorization_codes\" (\n\t\"id\" varchar(255) PRIMARY KEY NOT NULL,\n\t\"data\" jsonb NOT NULL,\n\t\"expires_at\" timestamp with time zone NOT NULL,\n\t\"consumed_at\" timestamp with time zone,\n\t\"user_id\" text NOT NULL,\n\t\"client_id\" varchar(255) NOT NULL,\n\t\"grant_id\" varchar(255),\n\t\"accessed_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"created_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"updated_at\" timestamp with time zone DEFAULT now() NOT NULL\n);\n",
+      "\nCREATE TABLE IF NOT EXISTS \"oidc_clients\" (\n\t\"id\" varchar(255) PRIMARY KEY NOT NULL,\n\t\"name\" text NOT NULL,\n\t\"description\" text,\n\t\"client_secret\" varchar(255),\n\t\"redirect_uris\" text[] NOT NULL,\n\t\"grants\" text[] NOT NULL,\n\t\"response_types\" text[] NOT NULL,\n\t\"scopes\" text[] NOT NULL,\n\t\"token_endpoint_auth_method\" varchar(20),\n\t\"application_type\" varchar(20),\n\t\"client_uri\" text,\n\t\"logo_uri\" text,\n\t\"policy_uri\" text,\n\t\"tos_uri\" text,\n\t\"is_first_party\" boolean DEFAULT false,\n\t\"accessed_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"created_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"updated_at\" timestamp with time zone DEFAULT now() NOT NULL\n);\n",
+      "\nCREATE TABLE IF NOT EXISTS \"oidc_consents\" (\n\t\"user_id\" text NOT NULL,\n\t\"client_id\" varchar(255) NOT NULL,\n\t\"scopes\" text[] NOT NULL,\n\t\"expires_at\" timestamp with time zone,\n\t\"accessed_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"created_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"updated_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\tCONSTRAINT \"oidc_consents_user_id_client_id_pk\" PRIMARY KEY(\"user_id\",\"client_id\")\n);\n",
+      "\nCREATE TABLE IF NOT EXISTS \"oidc_device_codes\" (\n\t\"id\" varchar(255) PRIMARY KEY NOT NULL,\n\t\"data\" jsonb NOT NULL,\n\t\"expires_at\" timestamp with time zone NOT NULL,\n\t\"consumed_at\" timestamp with time zone,\n\t\"user_id\" text,\n\t\"client_id\" varchar(255) NOT NULL,\n\t\"grant_id\" varchar(255),\n\t\"user_code\" varchar(255),\n\t\"accessed_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"created_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"updated_at\" timestamp with time zone DEFAULT now() NOT NULL\n);\n",
+      "\nCREATE TABLE IF NOT EXISTS \"oidc_grants\" (\n\t\"id\" varchar(255) PRIMARY KEY NOT NULL,\n\t\"data\" jsonb NOT NULL,\n\t\"expires_at\" timestamp with time zone NOT NULL,\n\t\"consumed_at\" timestamp with time zone,\n\t\"user_id\" text NOT NULL,\n\t\"client_id\" varchar(255) NOT NULL,\n\t\"accessed_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"created_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"updated_at\" timestamp with time zone DEFAULT now() NOT NULL\n);\n",
+      "\nCREATE TABLE IF NOT EXISTS \"oidc_interactions\" (\n\t\"id\" varchar(255) PRIMARY KEY NOT NULL,\n\t\"data\" jsonb NOT NULL,\n\t\"expires_at\" timestamp with time zone NOT NULL,\n\t\"accessed_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"created_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"updated_at\" timestamp with time zone DEFAULT now() NOT NULL\n);\n",
+      "\nCREATE TABLE IF NOT EXISTS \"oidc_refresh_tokens\" (\n\t\"id\" varchar(255) PRIMARY KEY NOT NULL,\n\t\"data\" jsonb NOT NULL,\n\t\"expires_at\" timestamp with time zone NOT NULL,\n\t\"consumed_at\" timestamp with time zone,\n\t\"user_id\" text NOT NULL,\n\t\"client_id\" varchar(255) NOT NULL,\n\t\"grant_id\" varchar(255),\n\t\"accessed_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"created_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"updated_at\" timestamp with time zone DEFAULT now() NOT NULL\n);\n",
+      "\nCREATE TABLE IF NOT EXISTS \"oidc_sessions\" (\n\t\"id\" varchar(255) PRIMARY KEY NOT NULL,\n\t\"data\" jsonb NOT NULL,\n\t\"expires_at\" timestamp with time zone NOT NULL,\n\t\"user_id\" text NOT NULL,\n\t\"accessed_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"created_at\" timestamp with time zone DEFAULT now() NOT NULL,\n\t\"updated_at\" timestamp with time zone DEFAULT now() NOT NULL\n);\n",
+      "\nALTER TABLE \"oidc_access_tokens\" ADD CONSTRAINT \"oidc_access_tokens_user_id_users_id_fk\" FOREIGN KEY (\"user_id\") REFERENCES \"public\".\"users\"(\"id\") ON DELETE cascade ON UPDATE no action;",
+      "\nALTER TABLE \"oidc_authorization_codes\" ADD CONSTRAINT \"oidc_authorization_codes_user_id_users_id_fk\" FOREIGN KEY (\"user_id\") REFERENCES \"public\".\"users\"(\"id\") ON DELETE cascade ON UPDATE no action;",
+      "\nALTER TABLE \"oidc_consents\" ADD CONSTRAINT \"oidc_consents_user_id_users_id_fk\" FOREIGN KEY (\"user_id\") REFERENCES \"public\".\"users\"(\"id\") ON DELETE cascade ON UPDATE no action;",
+      "\nALTER TABLE \"oidc_consents\" ADD CONSTRAINT \"oidc_consents_client_id_oidc_clients_id_fk\" FOREIGN KEY (\"client_id\") REFERENCES \"public\".\"oidc_clients\"(\"id\") ON DELETE cascade ON UPDATE no action;",
+      "\nALTER TABLE \"oidc_device_codes\" ADD CONSTRAINT \"oidc_device_codes_user_id_users_id_fk\" FOREIGN KEY (\"user_id\") REFERENCES \"public\".\"users\"(\"id\") ON DELETE cascade ON UPDATE no action;",
+      "\nALTER TABLE \"oidc_grants\" ADD CONSTRAINT \"oidc_grants_user_id_users_id_fk\" FOREIGN KEY (\"user_id\") REFERENCES \"public\".\"users\"(\"id\") ON DELETE cascade ON UPDATE no action;",
+      "\nALTER TABLE \"oidc_refresh_tokens\" ADD CONSTRAINT \"oidc_refresh_tokens_user_id_users_id_fk\" FOREIGN KEY (\"user_id\") REFERENCES \"public\".\"users\"(\"id\") ON DELETE cascade ON UPDATE no action;",
+      "\nALTER TABLE \"oidc_sessions\" ADD CONSTRAINT \"oidc_sessions_user_id_users_id_fk\" FOREIGN KEY (\"user_id\") REFERENCES \"public\".\"users\"(\"id\") ON DELETE cascade ON UPDATE no action;\n"
+    ],
+    "bps": true,
+    "folderMillis": 1744458287757,
+    "hash": "f3a80b900906b54ba658208cd448610647fc03f1f4d51963509c07f4e53ef4de"
   }
-]
+]

package/src/database/migrations/0020_add_oidc.sql

@@ -0,0 +1,124 @@
+CREATE TABLE IF NOT EXISTS "oidc_access_tokens" (
+	"id" varchar(255) PRIMARY KEY NOT NULL,
+	"data" jsonb NOT NULL,
+	"expires_at" timestamp with time zone NOT NULL,
+	"consumed_at" timestamp with time zone,
+	"user_id" text NOT NULL,
+	"client_id" varchar(255) NOT NULL,
+	"grant_id" varchar(255),
+	"accessed_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"created_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"updated_at" timestamp with time zone DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE IF NOT EXISTS "oidc_authorization_codes" (
+	"id" varchar(255) PRIMARY KEY NOT NULL,
+	"data" jsonb NOT NULL,
+	"expires_at" timestamp with time zone NOT NULL,
+	"consumed_at" timestamp with time zone,
+	"user_id" text NOT NULL,
+	"client_id" varchar(255) NOT NULL,
+	"grant_id" varchar(255),
+	"accessed_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"created_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"updated_at" timestamp with time zone DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE IF NOT EXISTS "oidc_clients" (
+	"id" varchar(255) PRIMARY KEY NOT NULL,
+	"name" text NOT NULL,
+	"description" text,
+	"client_secret" varchar(255),
+	"redirect_uris" text[] NOT NULL,
+	"grants" text[] NOT NULL,
+	"response_types" text[] NOT NULL,
+	"scopes" text[] NOT NULL,
+	"token_endpoint_auth_method" varchar(20),
+	"application_type" varchar(20),
+	"client_uri" text,
+	"logo_uri" text,
+	"policy_uri" text,
+	"tos_uri" text,
+	"is_first_party" boolean DEFAULT false,
+	"accessed_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"created_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"updated_at" timestamp with time zone DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE IF NOT EXISTS "oidc_consents" (
+	"user_id" text NOT NULL,
+	"client_id" varchar(255) NOT NULL,
+	"scopes" text[] NOT NULL,
+	"expires_at" timestamp with time zone,
+	"accessed_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"created_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"updated_at" timestamp with time zone DEFAULT now() NOT NULL,
+	CONSTRAINT "oidc_consents_user_id_client_id_pk" PRIMARY KEY("user_id","client_id")
+);
+--> statement-breakpoint
+CREATE TABLE IF NOT EXISTS "oidc_device_codes" (
+	"id" varchar(255) PRIMARY KEY NOT NULL,
+	"data" jsonb NOT NULL,
+	"expires_at" timestamp with time zone NOT NULL,
+	"consumed_at" timestamp with time zone,
+	"user_id" text,
+	"client_id" varchar(255) NOT NULL,
+	"grant_id" varchar(255),
+	"user_code" varchar(255),
+	"accessed_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"created_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"updated_at" timestamp with time zone DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE IF NOT EXISTS "oidc_grants" (
+	"id" varchar(255) PRIMARY KEY NOT NULL,
+	"data" jsonb NOT NULL,
+	"expires_at" timestamp with time zone NOT NULL,
+	"consumed_at" timestamp with time zone,
+	"user_id" text NOT NULL,
+	"client_id" varchar(255) NOT NULL,
+	"accessed_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"created_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"updated_at" timestamp with time zone DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE IF NOT EXISTS "oidc_interactions" (
+	"id" varchar(255) PRIMARY KEY NOT NULL,
+	"data" jsonb NOT NULL,
+	"expires_at" timestamp with time zone NOT NULL,
+	"accessed_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"created_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"updated_at" timestamp with time zone DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE IF NOT EXISTS "oidc_refresh_tokens" (
+	"id" varchar(255) PRIMARY KEY NOT NULL,
+	"data" jsonb NOT NULL,
+	"expires_at" timestamp with time zone NOT NULL,
+	"consumed_at" timestamp with time zone,
+	"user_id" text NOT NULL,
+	"client_id" varchar(255) NOT NULL,
+	"grant_id" varchar(255),
+	"accessed_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"created_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"updated_at" timestamp with time zone DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+CREATE TABLE IF NOT EXISTS "oidc_sessions" (
+	"id" varchar(255) PRIMARY KEY NOT NULL,
+	"data" jsonb NOT NULL,
+	"expires_at" timestamp with time zone NOT NULL,
+	"user_id" text NOT NULL,
+	"accessed_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"created_at" timestamp with time zone DEFAULT now() NOT NULL,
+	"updated_at" timestamp with time zone DEFAULT now() NOT NULL
+);
+--> statement-breakpoint
+ALTER TABLE "oidc_access_tokens" ADD CONSTRAINT "oidc_access_tokens_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "oidc_authorization_codes" ADD CONSTRAINT "oidc_authorization_codes_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "oidc_consents" ADD CONSTRAINT "oidc_consents_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "oidc_consents" ADD CONSTRAINT "oidc_consents_client_id_oidc_clients_id_fk" FOREIGN KEY ("client_id") REFERENCES "public"."oidc_clients"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "oidc_device_codes" ADD CONSTRAINT "oidc_device_codes_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "oidc_grants" ADD CONSTRAINT "oidc_grants_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "oidc_refresh_tokens" ADD CONSTRAINT "oidc_refresh_tokens_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "oidc_sessions" ADD CONSTRAINT "oidc_sessions_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE cascade ON UPDATE no action;