npm - @open-mercato/enterprise - Versions diffs - 0.4.6-develop-15c18897fc → 0.4.6-develop-34aa847ce6 - Mend

@open-mercato/enterprise 0.4.6-develop-15c18897fc → 0.4.6-develop-34aa847ce6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (195) hide show

package/dist/modules/sso/lib/scim-response.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/lib/scim-response.ts"],
+  "sourcesContent": ["export const SCIM_CONTENT_TYPE = 'application/scim+json'\n\nconst SCIM_ERROR_SCHEMA = 'urn:ietf:params:scim:api:messages:2.0:Error'\nconst SCIM_LIST_SCHEMA = 'urn:ietf:params:scim:api:messages:2.0:ListResponse'\n\nexport function scimJson(data: unknown, status = 200): Response {\n  return new Response(JSON.stringify(data), {\n    status,\n    headers: { 'Content-Type': SCIM_CONTENT_TYPE },\n  })\n}\n\nexport function buildScimError(\n  status: number,\n  detail: string,\n  scimType?: string,\n): Record<string, unknown> {\n  const body: Record<string, unknown> = {\n    schemas: [SCIM_ERROR_SCHEMA],\n    status: String(status),\n    detail,\n  }\n  if (scimType) body.scimType = scimType\n  return body\n}\n\nexport function buildListResponse(\n  resources: unknown[],\n  totalResults: number,\n  startIndex: number,\n  itemsPerPage: number,\n): Record<string, unknown> {\n  return {\n    schemas: [SCIM_LIST_SCHEMA],\n    totalResults,\n    startIndex,\n    itemsPerPage,\n    Resources: resources,\n  }\n}\n"],
+  "mappings": "AAAO,MAAM,oBAAoB;AAEjC,MAAM,oBAAoB;AAC1B,MAAM,mBAAmB;AAElB,SAAS,SAAS,MAAe,SAAS,KAAe;AAC9D,SAAO,IAAI,SAAS,KAAK,UAAU,IAAI,GAAG;AAAA,IACxC;AAAA,IACA,SAAS,EAAE,gBAAgB,kBAAkB;AAAA,EAC/C,CAAC;AACH;AAEO,SAAS,eACd,QACA,QACA,UACyB;AACzB,QAAM,OAAgC;AAAA,IACpC,SAAS,CAAC,iBAAiB;AAAA,IAC3B,QAAQ,OAAO,MAAM;AAAA,IACrB;AAAA,EACF;AACA,MAAI,SAAU,MAAK,WAAW;AAC9B,SAAO;AACT;AAEO,SAAS,kBACd,WACA,cACA,YACA,cACyB;AACzB,SAAO;AAAA,IACL,SAAS,CAAC,gBAAgB;AAAA,IAC1B;AAAA,IACA;AAAA,IACA;AAAA,IACA,WAAW;AAAA,EACb;AACF;",
+  "names": []
+}

package/dist/modules/sso/lib/scim-utils.js ADDED Viewed

@@ -0,0 +1,9 @@
+function coerceBoolean(value) {
+  if (typeof value === "boolean") return value;
+  if (typeof value === "string") return value.toLowerCase() === "true";
+  return Boolean(value);
+}
+export {
+  coerceBoolean
+};
+//# sourceMappingURL=scim-utils.js.map

package/dist/modules/sso/lib/scim-utils.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/lib/scim-utils.ts"],
+  "sourcesContent": ["export function coerceBoolean(value: unknown): boolean {\n  if (typeof value === 'boolean') return value\n  if (typeof value === 'string') return value.toLowerCase() === 'true'\n  return Boolean(value)\n}\n"],
+  "mappings": "AAAO,SAAS,cAAc,OAAyB;AACrD,MAAI,OAAO,UAAU,UAAW,QAAO;AACvC,MAAI,OAAO,UAAU,SAAU,QAAO,MAAM,YAAY,MAAM;AAC9D,SAAO,QAAQ,KAAK;AACtB;",
+  "names": []
+}

package/dist/modules/sso/lib/state-cookie.js ADDED Viewed

@@ -0,0 +1,67 @@
+import crypto from "node:crypto";
+const ALGORITHM = "aes-256-gcm";
+const IV_LENGTH = 12;
+const TAG_LENGTH = 16;
+const TTL_MS = 5 * 60 * 1e3;
+const HKDF_SALT = Buffer.from("open-mercato-sso-state-v1");
+const HKDF_INFO = Buffer.from("sso-state-cookie");
+function deriveKey(secret) {
+  return Buffer.from(crypto.hkdfSync("sha256", secret, HKDF_SALT, HKDF_INFO, 32));
+}
+function getSecret() {
+  const secret = process.env.SSO_STATE_SECRET || process.env.JWT_SECRET;
+  if (!secret) throw new Error("SSO_STATE_SECRET or JWT_SECRET must be set");
+  return secret;
+}
+function encryptStateCookie(payload) {
+  const secret = getSecret();
+  const key = deriveKey(secret);
+  const iv = crypto.randomBytes(IV_LENGTH);
+  const json = JSON.stringify(payload);
+  const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
+  const ciphertext = Buffer.concat([cipher.update(json, "utf8"), cipher.final()]);
+  const tag = cipher.getAuthTag();
+  const combined = Buffer.concat([iv, tag, ciphertext]);
+  return combined.toString("base64url");
+}
+function decryptStateCookie(cookie) {
+  try {
+    const secret = getSecret();
+    const key = deriveKey(secret);
+    const combined = Buffer.from(cookie, "base64url");
+    if (combined.length < IV_LENGTH + TAG_LENGTH) return null;
+    const iv = combined.subarray(0, IV_LENGTH);
+    const tag = combined.subarray(IV_LENGTH, IV_LENGTH + TAG_LENGTH);
+    const ciphertext = combined.subarray(IV_LENGTH + TAG_LENGTH);
+    const decipher = crypto.createDecipheriv(ALGORITHM, key, iv);
+    decipher.setAuthTag(tag);
+    const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]).toString("utf8");
+    const payload = JSON.parse(decrypted);
+    if (payload.expiresAt < Date.now()) return null;
+    return payload;
+  } catch {
+    return null;
+  }
+}
+function createFlowState(params) {
+  const state = crypto.randomBytes(32).toString("base64url");
+  const nonce = crypto.randomBytes(16).toString("base64url");
+  const codeVerifier = crypto.randomBytes(32).toString("base64url");
+  return {
+    state: {
+      state,
+      nonce,
+      codeVerifier,
+      configId: params.configId,
+      returnUrl: params.returnUrl,
+      expiresAt: Date.now() + TTL_MS
+    },
+    codeVerifier
+  };
+}
+export {
+  createFlowState,
+  decryptStateCookie,
+  encryptStateCookie
+};
+//# sourceMappingURL=state-cookie.js.map

package/dist/modules/sso/lib/state-cookie.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/lib/state-cookie.ts"],
+  "sourcesContent": ["import crypto from 'node:crypto'\nimport type { SsoFlowState } from './types'\n\nconst ALGORITHM = 'aes-256-gcm'\nconst IV_LENGTH = 12\nconst TAG_LENGTH = 16\nconst TTL_MS = 5 * 60 * 1000\nconst HKDF_SALT = Buffer.from('open-mercato-sso-state-v1')\nconst HKDF_INFO = Buffer.from('sso-state-cookie')\n\nfunction deriveKey(secret: string): Buffer {\n  return Buffer.from(crypto.hkdfSync('sha256', secret, HKDF_SALT, HKDF_INFO, 32))\n}\n\nfunction getSecret(): string {\n  const secret = process.env.SSO_STATE_SECRET || process.env.JWT_SECRET\n  if (!secret) throw new Error('SSO_STATE_SECRET or JWT_SECRET must be set')\n  return secret\n}\n\nexport function encryptStateCookie(payload: SsoFlowState): string {\n  const secret = getSecret()\n  const key = deriveKey(secret)\n  const iv = crypto.randomBytes(IV_LENGTH)\n  const json = JSON.stringify(payload)\n\n  const cipher = crypto.createCipheriv(ALGORITHM, key, iv)\n  const ciphertext = Buffer.concat([cipher.update(json, 'utf8'), cipher.final()])\n  const tag = cipher.getAuthTag()\n\n  const combined = Buffer.concat([iv, tag, ciphertext])\n  return combined.toString('base64url')\n}\n\nexport function decryptStateCookie(cookie: string): SsoFlowState | null {\n  try {\n    const secret = getSecret()\n    const key = deriveKey(secret)\n    const combined = Buffer.from(cookie, 'base64url')\n\n    if (combined.length < IV_LENGTH + TAG_LENGTH) return null\n\n    const iv = combined.subarray(0, IV_LENGTH)\n    const tag = combined.subarray(IV_LENGTH, IV_LENGTH + TAG_LENGTH)\n    const ciphertext = combined.subarray(IV_LENGTH + TAG_LENGTH)\n\n    const decipher = crypto.createDecipheriv(ALGORITHM, key, iv)\n    decipher.setAuthTag(tag)\n    const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]).toString('utf8')\n\n    const payload = JSON.parse(decrypted) as SsoFlowState\n    if (payload.expiresAt < Date.now()) return null\n\n    return payload\n  } catch {\n    return null\n  }\n}\n\nexport function createFlowState(params: {\n  configId: string\n  returnUrl: string\n}): { state: SsoFlowState; codeVerifier: string } {\n  const state = crypto.randomBytes(32).toString('base64url')\n  const nonce = crypto.randomBytes(16).toString('base64url')\n  const codeVerifier = crypto.randomBytes(32).toString('base64url')\n\n  return {\n    state: {\n      state,\n      nonce,\n      codeVerifier,\n      configId: params.configId,\n      returnUrl: params.returnUrl,\n      expiresAt: Date.now() + TTL_MS,\n    },\n    codeVerifier,\n  }\n}\n"],
+  "mappings": "AAAA,OAAO,YAAY;AAGnB,MAAM,YAAY;AAClB,MAAM,YAAY;AAClB,MAAM,aAAa;AACnB,MAAM,SAAS,IAAI,KAAK;AACxB,MAAM,YAAY,OAAO,KAAK,2BAA2B;AACzD,MAAM,YAAY,OAAO,KAAK,kBAAkB;AAEhD,SAAS,UAAU,QAAwB;AACzC,SAAO,OAAO,KAAK,OAAO,SAAS,UAAU,QAAQ,WAAW,WAAW,EAAE,CAAC;AAChF;AAEA,SAAS,YAAoB;AAC3B,QAAM,SAAS,QAAQ,IAAI,oBAAoB,QAAQ,IAAI;AAC3D,MAAI,CAAC,OAAQ,OAAM,IAAI,MAAM,4CAA4C;AACzE,SAAO;AACT;AAEO,SAAS,mBAAmB,SAA+B;AAChE,QAAM,SAAS,UAAU;AACzB,QAAM,MAAM,UAAU,MAAM;AAC5B,QAAM,KAAK,OAAO,YAAY,SAAS;AACvC,QAAM,OAAO,KAAK,UAAU,OAAO;AAEnC,QAAM,SAAS,OAAO,eAAe,WAAW,KAAK,EAAE;AACvD,QAAM,aAAa,OAAO,OAAO,CAAC,OAAO,OAAO,MAAM,MAAM,GAAG,OAAO,MAAM,CAAC,CAAC;AAC9E,QAAM,MAAM,OAAO,WAAW;AAE9B,QAAM,WAAW,OAAO,OAAO,CAAC,IAAI,KAAK,UAAU,CAAC;AACpD,SAAO,SAAS,SAAS,WAAW;AACtC;AAEO,SAAS,mBAAmB,QAAqC;AACtE,MAAI;AACF,UAAM,SAAS,UAAU;AACzB,UAAM,MAAM,UAAU,MAAM;AAC5B,UAAM,WAAW,OAAO,KAAK,QAAQ,WAAW;AAEhD,QAAI,SAAS,SAAS,YAAY,WAAY,QAAO;AAErD,UAAM,KAAK,SAAS,SAAS,GAAG,SAAS;AACzC,UAAM,MAAM,SAAS,SAAS,WAAW,YAAY,UAAU;AAC/D,UAAM,aAAa,SAAS,SAAS,YAAY,UAAU;AAE3D,UAAM,WAAW,OAAO,iBAAiB,WAAW,KAAK,EAAE;AAC3D,aAAS,WAAW,GAAG;AACvB,UAAM,YAAY,OAAO,OAAO,CAAC,SAAS,OAAO,UAAU,GAAG,SAAS,MAAM,CAAC,CAAC,EAAE,SAAS,MAAM;AAEhG,UAAM,UAAU,KAAK,MAAM,SAAS;AACpC,QAAI,QAAQ,YAAY,KAAK,IAAI,EAAG,QAAO;AAE3C,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,SAAS,gBAAgB,QAGkB;AAChD,QAAM,QAAQ,OAAO,YAAY,EAAE,EAAE,SAAS,WAAW;AACzD,QAAM,QAAQ,OAAO,YAAY,EAAE,EAAE,SAAS,WAAW;AACzD,QAAM,eAAe,OAAO,YAAY,EAAE,EAAE,SAAS,WAAW;AAEhE,SAAO;AAAA,IACL,OAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA;AAAA,MACA,UAAU,OAAO;AAAA,MACjB,WAAW,OAAO;AAAA,MAClB,WAAW,KAAK,IAAI,IAAI;AAAA,IAC1B;AAAA,IACA;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/modules/sso/lib/types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=types.js.map

package/dist/modules/sso/lib/types.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": [],
+  "sourcesContent": [],
+  "mappings": "",
+  "names": []
+}

package/dist/modules/sso/migrations/Migration20260219000000_sso.js ADDED Viewed

@@ -0,0 +1,20 @@
+import { Migration } from "@mikro-orm/migrations";
+class Migration20260219000000_sso extends Migration {
+  async up() {
+    this.addSql(`create table "sso_configs" ("id" uuid not null default gen_random_uuid(), "tenant_id" uuid null, "organization_id" uuid not null, "protocol" text not null, "issuer" text null, "client_id" text null, "client_secret_enc" text null, "allowed_domains" jsonb not null default '[]', "jit_enabled" boolean not null default true, "auto_link_by_email" boolean not null default true, "is_active" boolean not null default false, "sso_required" boolean not null default false, "default_role_id" uuid null, "created_at" timestamptz not null, "updated_at" timestamptz not null, "deleted_at" timestamptz null, constraint "sso_configs_pkey" primary key ("id"));`);
+    this.addSql(`alter table "sso_configs" add constraint "sso_configs_organization_id_unique" unique ("organization_id");`);
+    this.addSql(`create table "sso_identities" ("id" uuid not null default gen_random_uuid(), "tenant_id" uuid null, "organization_id" uuid not null, "sso_config_id" uuid not null, "user_id" uuid not null, "idp_subject" text not null, "idp_email" text not null, "idp_name" text null, "idp_groups" jsonb not null default '[]', "provisioning_method" text not null, "first_login_at" timestamptz null, "last_login_at" timestamptz null, "created_at" timestamptz not null, "updated_at" timestamptz not null, "deleted_at" timestamptz null, constraint "sso_identities_pkey" primary key ("id"));`);
+    this.addSql(`alter table "sso_identities" add constraint "sso_identities_config_user_unique" unique ("sso_config_id", "user_id");`);
+    this.addSql(`alter table "sso_identities" add constraint "sso_identities_config_subject_unique" unique ("sso_config_id", "idp_subject");`);
+    this.addSql(`create index "sso_identities_config_id_idx" on "sso_identities" ("sso_config_id");`);
+    this.addSql(`create index "sso_identities_user_id_idx" on "sso_identities" ("user_id");`);
+  }
+  async down() {
+    this.addSql(`drop table if exists "sso_configs" cascade;`);
+    this.addSql(`drop table if exists "sso_identities" cascade;`);
+  }
+}
+export {
+  Migration20260219000000_sso
+};
+//# sourceMappingURL=Migration20260219000000_sso.js.map

package/dist/modules/sso/migrations/Migration20260219000000_sso.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/migrations/Migration20260219000000_sso.ts"],
+  "sourcesContent": ["import { Migration } from '@mikro-orm/migrations';\n\nexport class Migration20260219000000_sso extends Migration {\n\n  override async up(): Promise<void> {\n    this.addSql(`create table \"sso_configs\" (\"id\" uuid not null default gen_random_uuid(), \"tenant_id\" uuid null, \"organization_id\" uuid not null, \"protocol\" text not null, \"issuer\" text null, \"client_id\" text null, \"client_secret_enc\" text null, \"allowed_domains\" jsonb not null default '[]', \"jit_enabled\" boolean not null default true, \"auto_link_by_email\" boolean not null default true, \"is_active\" boolean not null default false, \"sso_required\" boolean not null default false, \"default_role_id\" uuid null, \"created_at\" timestamptz not null, \"updated_at\" timestamptz not null, \"deleted_at\" timestamptz null, constraint \"sso_configs_pkey\" primary key (\"id\"));`);\n    this.addSql(`alter table \"sso_configs\" add constraint \"sso_configs_organization_id_unique\" unique (\"organization_id\");`);\n\n    this.addSql(`create table \"sso_identities\" (\"id\" uuid not null default gen_random_uuid(), \"tenant_id\" uuid null, \"organization_id\" uuid not null, \"sso_config_id\" uuid not null, \"user_id\" uuid not null, \"idp_subject\" text not null, \"idp_email\" text not null, \"idp_name\" text null, \"idp_groups\" jsonb not null default '[]', \"provisioning_method\" text not null, \"first_login_at\" timestamptz null, \"last_login_at\" timestamptz null, \"created_at\" timestamptz not null, \"updated_at\" timestamptz not null, \"deleted_at\" timestamptz null, constraint \"sso_identities_pkey\" primary key (\"id\"));`);\n    this.addSql(`alter table \"sso_identities\" add constraint \"sso_identities_config_user_unique\" unique (\"sso_config_id\", \"user_id\");`);\n    this.addSql(`alter table \"sso_identities\" add constraint \"sso_identities_config_subject_unique\" unique (\"sso_config_id\", \"idp_subject\");`);\n    this.addSql(`create index \"sso_identities_config_id_idx\" on \"sso_identities\" (\"sso_config_id\");`);\n    this.addSql(`create index \"sso_identities_user_id_idx\" on \"sso_identities\" (\"user_id\");`);\n  }\n\n  override async down(): Promise<void> {\n    this.addSql(`drop table if exists \"sso_configs\" cascade;`);\n    this.addSql(`drop table if exists \"sso_identities\" cascade;`);\n  }\n\n}\n"],
+  "mappings": "AAAA,SAAS,iBAAiB;AAEnB,MAAM,oCAAoC,UAAU;AAAA,EAEzD,MAAe,KAAoB;AACjC,SAAK,OAAO,uoBAAuoB;AACnpB,SAAK,OAAO,2GAA2G;AAEvH,SAAK,OAAO,2jBAA2jB;AACvkB,SAAK,OAAO,sHAAsH;AAClI,SAAK,OAAO,6HAA6H;AACzI,SAAK,OAAO,oFAAoF;AAChG,SAAK,OAAO,4EAA4E;AAAA,EAC1F;AAAA,EAEA,MAAe,OAAsB;AACnC,SAAK,OAAO,6CAA6C;AACzD,SAAK,OAAO,gDAAgD;AAAA,EAC9D;AAEF;",
+  "names": []
+}

package/dist/modules/sso/migrations/Migration20260222000000_sso_add_name.js ADDED Viewed

@@ -0,0 +1,13 @@
+import { Migration } from "@mikro-orm/migrations";
+class Migration20260222000000_sso_add_name extends Migration {
+  async up() {
+    this.addSql(`alter table "sso_configs" add column "name" text null;`);
+  }
+  async down() {
+    this.addSql(`alter table "sso_configs" drop column "name";`);
+  }
+}
+export {
+  Migration20260222000000_sso_add_name
+};
+//# sourceMappingURL=Migration20260222000000_sso_add_name.js.map

package/dist/modules/sso/migrations/Migration20260222000000_sso_add_name.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/migrations/Migration20260222000000_sso_add_name.ts"],
+  "sourcesContent": ["import { Migration } from '@mikro-orm/migrations';\n\nexport class Migration20260222000000_sso_add_name extends Migration {\n\n  override async up(): Promise<void> {\n    this.addSql(`alter table \"sso_configs\" add column \"name\" text null;`);\n  }\n\n  override async down(): Promise<void> {\n    this.addSql(`alter table \"sso_configs\" drop column \"name\";`);\n  }\n\n}\n"],
+  "mappings": "AAAA,SAAS,iBAAiB;AAEnB,MAAM,6CAA6C,UAAU;AAAA,EAElE,MAAe,KAAoB;AACjC,SAAK,OAAO,wDAAwD;AAAA,EACtE;AAAA,EAEA,MAAe,OAAsB;AACnC,SAAK,OAAO,+CAA+C;AAAA,EAC7D;AAEF;",
+  "names": []
+}

package/dist/modules/sso/migrations/Migration20260222000001_sso_partial_unique_org.js ADDED Viewed

@@ -0,0 +1,15 @@
+import { Migration } from "@mikro-orm/migrations";
+class Migration20260222000001_sso_partial_unique_org extends Migration {
+  async up() {
+    this.addSql(`alter table "sso_configs" drop constraint "sso_configs_organization_id_unique";`);
+    this.addSql(`create unique index "sso_configs_organization_id_unique" on "sso_configs" ("organization_id") where "deleted_at" is null;`);
+  }
+  async down() {
+    this.addSql(`drop index "sso_configs_organization_id_unique";`);
+    this.addSql(`alter table "sso_configs" add constraint "sso_configs_organization_id_unique" unique ("organization_id");`);
+  }
+}
+export {
+  Migration20260222000001_sso_partial_unique_org
+};
+//# sourceMappingURL=Migration20260222000001_sso_partial_unique_org.js.map

package/dist/modules/sso/migrations/Migration20260222000001_sso_partial_unique_org.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/migrations/Migration20260222000001_sso_partial_unique_org.ts"],
+  "sourcesContent": ["import { Migration } from '@mikro-orm/migrations';\n\nexport class Migration20260222000001_sso_partial_unique_org extends Migration {\n\n  override async up(): Promise<void> {\n    this.addSql(`alter table \"sso_configs\" drop constraint \"sso_configs_organization_id_unique\";`);\n    this.addSql(`create unique index \"sso_configs_organization_id_unique\" on \"sso_configs\" (\"organization_id\") where \"deleted_at\" is null;`);\n  }\n\n  override async down(): Promise<void> {\n    this.addSql(`drop index \"sso_configs_organization_id_unique\";`);\n    this.addSql(`alter table \"sso_configs\" add constraint \"sso_configs_organization_id_unique\" unique (\"organization_id\");`);\n  }\n\n}\n"],
+  "mappings": "AAAA,SAAS,iBAAiB;AAEnB,MAAM,uDAAuD,UAAU;AAAA,EAE5E,MAAe,KAAoB;AACjC,SAAK,OAAO,iFAAiF;AAC7F,SAAK,OAAO,2HAA2H;AAAA,EACzI;AAAA,EAEA,MAAe,OAAsB;AACnC,SAAK,OAAO,kDAAkD;AAC9D,SAAK,OAAO,2GAA2G;AAAA,EACzH;AAEF;",
+  "names": []
+}

package/dist/modules/sso/migrations/Migration20260223000000_scim_tables.js ADDED Viewed

@@ -0,0 +1,22 @@
+import { Migration } from "@mikro-orm/migrations";
+class Migration20260223000000_scim_tables extends Migration {
+  async up() {
+    this.addSql(`create table "scim_tokens" ("id" uuid not null default gen_random_uuid(), "tenant_id" uuid null, "organization_id" uuid not null, "sso_config_id" uuid not null, "name" text not null, "token_hash" text not null, "token_prefix" text not null, "is_active" boolean not null default true, "created_by" uuid null, "created_at" timestamptz not null, "updated_at" timestamptz not null, constraint "scim_tokens_pkey" primary key ("id"));`);
+    this.addSql(`create index "scim_tokens_sso_config_id_idx" on "scim_tokens" ("sso_config_id");`);
+    this.addSql(`create index "scim_tokens_token_prefix_idx" on "scim_tokens" ("token_prefix");`);
+    this.addSql(`create table "sso_user_deactivations" ("id" uuid not null default gen_random_uuid(), "tenant_id" uuid null, "organization_id" uuid not null, "user_id" uuid not null, "sso_config_id" uuid not null, "deactivated_at" timestamptz not null, "reactivated_at" timestamptz null, "created_at" timestamptz not null, constraint "sso_user_deactivations_pkey" primary key ("id"));`);
+    this.addSql(`create index "sso_user_deactivations_user_id_idx" on "sso_user_deactivations" ("user_id");`);
+    this.addSql(`alter table "sso_user_deactivations" add constraint "sso_user_deactivations_user_config_unique" unique ("user_id", "sso_config_id");`);
+    this.addSql(`create table "scim_provisioning_log" ("id" uuid not null default gen_random_uuid(), "tenant_id" uuid null, "organization_id" uuid not null, "sso_config_id" uuid not null, "operation" text not null, "resource_type" text not null, "resource_id" uuid null, "scim_external_id" text null, "response_status" int not null, "error_message" text null, "created_at" timestamptz not null, constraint "scim_provisioning_log_pkey" primary key ("id"));`);
+    this.addSql(`create index "scim_provisioning_log_config_created_idx" on "scim_provisioning_log" ("sso_config_id", "created_at");`);
+  }
+  async down() {
+    this.addSql(`drop table if exists "scim_provisioning_log" cascade;`);
+    this.addSql(`drop table if exists "sso_user_deactivations" cascade;`);
+    this.addSql(`drop table if exists "scim_tokens" cascade;`);
+  }
+}
+export {
+  Migration20260223000000_scim_tables
+};
+//# sourceMappingURL=Migration20260223000000_scim_tables.js.map

package/dist/modules/sso/migrations/Migration20260223000000_scim_tables.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/migrations/Migration20260223000000_scim_tables.ts"],
+  "sourcesContent": ["import { Migration } from '@mikro-orm/migrations';\n\nexport class Migration20260223000000_scim_tables extends Migration {\n\n  override async up(): Promise<void> {\n    this.addSql(`create table \"scim_tokens\" (\"id\" uuid not null default gen_random_uuid(), \"tenant_id\" uuid null, \"organization_id\" uuid not null, \"sso_config_id\" uuid not null, \"name\" text not null, \"token_hash\" text not null, \"token_prefix\" text not null, \"is_active\" boolean not null default true, \"created_by\" uuid null, \"created_at\" timestamptz not null, \"updated_at\" timestamptz not null, constraint \"scim_tokens_pkey\" primary key (\"id\"));`);\n    this.addSql(`create index \"scim_tokens_sso_config_id_idx\" on \"scim_tokens\" (\"sso_config_id\");`);\n    this.addSql(`create index \"scim_tokens_token_prefix_idx\" on \"scim_tokens\" (\"token_prefix\");`);\n\n    this.addSql(`create table \"sso_user_deactivations\" (\"id\" uuid not null default gen_random_uuid(), \"tenant_id\" uuid null, \"organization_id\" uuid not null, \"user_id\" uuid not null, \"sso_config_id\" uuid not null, \"deactivated_at\" timestamptz not null, \"reactivated_at\" timestamptz null, \"created_at\" timestamptz not null, constraint \"sso_user_deactivations_pkey\" primary key (\"id\"));`);\n    this.addSql(`create index \"sso_user_deactivations_user_id_idx\" on \"sso_user_deactivations\" (\"user_id\");`);\n    this.addSql(`alter table \"sso_user_deactivations\" add constraint \"sso_user_deactivations_user_config_unique\" unique (\"user_id\", \"sso_config_id\");`);\n\n    this.addSql(`create table \"scim_provisioning_log\" (\"id\" uuid not null default gen_random_uuid(), \"tenant_id\" uuid null, \"organization_id\" uuid not null, \"sso_config_id\" uuid not null, \"operation\" text not null, \"resource_type\" text not null, \"resource_id\" uuid null, \"scim_external_id\" text null, \"response_status\" int not null, \"error_message\" text null, \"created_at\" timestamptz not null, constraint \"scim_provisioning_log_pkey\" primary key (\"id\"));`);\n    this.addSql(`create index \"scim_provisioning_log_config_created_idx\" on \"scim_provisioning_log\" (\"sso_config_id\", \"created_at\");`);\n  }\n\n  override async down(): Promise<void> {\n    this.addSql(`drop table if exists \"scim_provisioning_log\" cascade;`);\n    this.addSql(`drop table if exists \"sso_user_deactivations\" cascade;`);\n    this.addSql(`drop table if exists \"scim_tokens\" cascade;`);\n  }\n\n}\n"],
+  "mappings": "AAAA,SAAS,iBAAiB;AAEnB,MAAM,4CAA4C,UAAU;AAAA,EAEjE,MAAe,KAAoB;AACjC,SAAK,OAAO,8aAA8a;AAC1b,SAAK,OAAO,kFAAkF;AAC9F,SAAK,OAAO,gFAAgF;AAE5F,SAAK,OAAO,iXAAiX;AAC7X,SAAK,OAAO,4FAA4F;AACxG,SAAK,OAAO,sIAAsI;AAElJ,SAAK,OAAO,wbAAwb;AACpc,SAAK,OAAO,qHAAqH;AAAA,EACnI;AAAA,EAEA,MAAe,OAAsB;AACnC,SAAK,OAAO,uDAAuD;AACnE,SAAK,OAAO,wDAAwD;AACpE,SAAK,OAAO,6CAA6C;AAAA,EAC3D;AAEF;",
+  "names": []
+}

package/dist/modules/sso/migrations/Migration20260224000000_sso_external_id.js ADDED Viewed

@@ -0,0 +1,15 @@
+import { Migration } from "@mikro-orm/migrations";
+class Migration20260224000000_sso_external_id extends Migration {
+  async up() {
+    this.addSql(`alter table "sso_identities" add column "external_id" text null;`);
+    this.addSql(`alter table "sso_identities" add constraint "sso_identities_config_external_id_unique" unique ("sso_config_id", "external_id");`);
+  }
+  async down() {
+    this.addSql(`alter table "sso_identities" drop constraint if exists "sso_identities_config_external_id_unique";`);
+    this.addSql(`alter table "sso_identities" drop column if exists "external_id";`);
+  }
+}
+export {
+  Migration20260224000000_sso_external_id
+};
+//# sourceMappingURL=Migration20260224000000_sso_external_id.js.map

package/dist/modules/sso/migrations/Migration20260224000000_sso_external_id.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/migrations/Migration20260224000000_sso_external_id.ts"],
+  "sourcesContent": ["import { Migration } from '@mikro-orm/migrations';\n\nexport class Migration20260224000000_sso_external_id extends Migration {\n\n  override async up(): Promise<void> {\n    this.addSql(`alter table \"sso_identities\" add column \"external_id\" text null;`);\n    this.addSql(`alter table \"sso_identities\" add constraint \"sso_identities_config_external_id_unique\" unique (\"sso_config_id\", \"external_id\");`);\n  }\n\n  override async down(): Promise<void> {\n    this.addSql(`alter table \"sso_identities\" drop constraint if exists \"sso_identities_config_external_id_unique\";`);\n    this.addSql(`alter table \"sso_identities\" drop column if exists \"external_id\";`);\n  }\n\n}\n"],
+  "mappings": "AAAA,SAAS,iBAAiB;AAEnB,MAAM,gDAAgD,UAAU;AAAA,EAErE,MAAe,KAAoB;AACjC,SAAK,OAAO,kEAAkE;AAC9E,SAAK,OAAO,iIAAiI;AAAA,EAC/I;AAAA,EAEA,MAAe,OAAsB;AACnC,SAAK,OAAO,oGAAoG;AAChH,SAAK,OAAO,mEAAmE;AAAA,EACjF;AAEF;",
+  "names": []
+}

package/dist/modules/sso/migrations/Migration20260224100000_sso_role_grants.js ADDED Viewed

@@ -0,0 +1,17 @@
+import { Migration } from "@mikro-orm/migrations";
+class Migration20260224100000_sso_role_grants extends Migration {
+  async up() {
+    this.addSql(`create table "sso_role_grants" ("id" uuid not null default gen_random_uuid(), "tenant_id" uuid null, "user_id" uuid not null, "role_id" uuid not null, "sso_config_id" uuid not null, "created_at" timestamptz not null, constraint "sso_role_grants_pkey" primary key ("id"));`);
+    this.addSql(`create index "sso_role_grants_user_id_idx" on "sso_role_grants" ("user_id");`);
+    this.addSql(`alter table "sso_role_grants" add constraint "sso_role_grants_user_role_config_unique" unique ("user_id", "role_id", "sso_config_id");`);
+    this.addSql(`alter table "sso_configs" add column "app_role_mappings" jsonb not null default '{}';`);
+  }
+  async down() {
+    this.addSql(`drop table if exists "sso_role_grants";`);
+    this.addSql(`alter table "sso_configs" drop column "app_role_mappings";`);
+  }
+}
+export {
+  Migration20260224100000_sso_role_grants
+};
+//# sourceMappingURL=Migration20260224100000_sso_role_grants.js.map

package/dist/modules/sso/migrations/Migration20260224100000_sso_role_grants.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/migrations/Migration20260224100000_sso_role_grants.ts"],
+  "sourcesContent": ["import { Migration } from '@mikro-orm/migrations';\n\nexport class Migration20260224100000_sso_role_grants extends Migration {\n\n  override async up(): Promise<void> {\n    this.addSql(`create table \"sso_role_grants\" (\"id\" uuid not null default gen_random_uuid(), \"tenant_id\" uuid null, \"user_id\" uuid not null, \"role_id\" uuid not null, \"sso_config_id\" uuid not null, \"created_at\" timestamptz not null, constraint \"sso_role_grants_pkey\" primary key (\"id\"));`);\n    this.addSql(`create index \"sso_role_grants_user_id_idx\" on \"sso_role_grants\" (\"user_id\");`);\n    this.addSql(`alter table \"sso_role_grants\" add constraint \"sso_role_grants_user_role_config_unique\" unique (\"user_id\", \"role_id\", \"sso_config_id\");`);\n\n    this.addSql(`alter table \"sso_configs\" add column \"app_role_mappings\" jsonb not null default '{}';`);\n  }\n\n  override async down(): Promise<void> {\n    this.addSql(`drop table if exists \"sso_role_grants\";`);\n    this.addSql(`alter table \"sso_configs\" drop column \"app_role_mappings\";`);\n  }\n\n}\n"],
+  "mappings": "AAAA,SAAS,iBAAiB;AAEnB,MAAM,gDAAgD,UAAU;AAAA,EAErE,MAAe,KAAoB;AACjC,SAAK,OAAO,iRAAiR;AAC7R,SAAK,OAAO,8EAA8E;AAC1F,SAAK,OAAO,wIAAwI;AAEpJ,SAAK,OAAO,uFAAuF;AAAA,EACrG;AAAA,EAEA,MAAe,OAAsB;AACnC,SAAK,OAAO,yCAAyC;AACrD,SAAK,OAAO,4DAA4D;AAAA,EAC1E;AAEF;",
+  "names": []
+}

package/dist/modules/sso/migrations/Migration20260224200000_drop_default_role_id.js ADDED Viewed

@@ -0,0 +1,13 @@
+import { Migration } from "@mikro-orm/migrations";
+class Migration20260224200000_drop_default_role_id extends Migration {
+  async up() {
+    this.addSql(`alter table "sso_configs" drop column if exists "default_role_id";`);
+  }
+  async down() {
+    this.addSql(`alter table "sso_configs" add column "default_role_id" uuid null;`);
+  }
+}
+export {
+  Migration20260224200000_drop_default_role_id
+};
+//# sourceMappingURL=Migration20260224200000_drop_default_role_id.js.map

package/dist/modules/sso/migrations/Migration20260224200000_drop_default_role_id.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/migrations/Migration20260224200000_drop_default_role_id.ts"],
+  "sourcesContent": ["import { Migration } from '@mikro-orm/migrations';\n\nexport class Migration20260224200000_drop_default_role_id extends Migration {\n\n  override async up(): Promise<void> {\n    this.addSql(`alter table \"sso_configs\" drop column if exists \"default_role_id\";`);\n  }\n\n  override async down(): Promise<void> {\n    this.addSql(`alter table \"sso_configs\" add column \"default_role_id\" uuid null;`);\n  }\n\n}\n"],
+  "mappings": "AAAA,SAAS,iBAAiB;AAEnB,MAAM,qDAAqD,UAAU;AAAA,EAE1E,MAAe,KAAoB;AACjC,SAAK,OAAO,oEAAoE;AAAA,EAClF;AAAA,EAEA,MAAe,OAAsB;AACnC,SAAK,OAAO,mEAAmE;AAAA,EACjF;AAEF;",
+  "names": []
+}

package/dist/modules/sso/migrations/Migration20260225000000_sso_identities_partial_unique.js ADDED Viewed

@@ -0,0 +1,23 @@
+import { Migration } from "@mikro-orm/migrations";
+class Migration20260225000000_sso_identities_partial_unique extends Migration {
+  async up() {
+    this.addSql(`alter table "sso_identities" drop constraint "sso_identities_config_user_unique";`);
+    this.addSql(`alter table "sso_identities" drop constraint "sso_identities_config_subject_unique";`);
+    this.addSql(`alter table "sso_identities" drop constraint "sso_identities_config_external_id_unique";`);
+    this.addSql(`create unique index "sso_identities_config_user_unique" on "sso_identities" ("sso_config_id", "user_id") where "deleted_at" is null;`);
+    this.addSql(`create unique index "sso_identities_config_subject_unique" on "sso_identities" ("sso_config_id", "idp_subject") where "deleted_at" is null;`);
+    this.addSql(`create unique index "sso_identities_config_external_id_unique" on "sso_identities" ("sso_config_id", "external_id") where "deleted_at" is null;`);
+  }
+  async down() {
+    this.addSql(`drop index "sso_identities_config_user_unique";`);
+    this.addSql(`drop index "sso_identities_config_subject_unique";`);
+    this.addSql(`drop index "sso_identities_config_external_id_unique";`);
+    this.addSql(`alter table "sso_identities" add constraint "sso_identities_config_user_unique" unique ("sso_config_id", "user_id");`);
+    this.addSql(`alter table "sso_identities" add constraint "sso_identities_config_subject_unique" unique ("sso_config_id", "idp_subject");`);
+    this.addSql(`alter table "sso_identities" add constraint "sso_identities_config_external_id_unique" unique ("sso_config_id", "external_id");`);
+  }
+}
+export {
+  Migration20260225000000_sso_identities_partial_unique
+};
+//# sourceMappingURL=Migration20260225000000_sso_identities_partial_unique.js.map

package/dist/modules/sso/migrations/Migration20260225000000_sso_identities_partial_unique.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/migrations/Migration20260225000000_sso_identities_partial_unique.ts"],
+  "sourcesContent": ["import { Migration } from '@mikro-orm/migrations';\n\nexport class Migration20260225000000_sso_identities_partial_unique extends Migration {\n\n  override async up(): Promise<void> {\n    this.addSql(`alter table \"sso_identities\" drop constraint \"sso_identities_config_user_unique\";`);\n    this.addSql(`alter table \"sso_identities\" drop constraint \"sso_identities_config_subject_unique\";`);\n    this.addSql(`alter table \"sso_identities\" drop constraint \"sso_identities_config_external_id_unique\";`);\n\n    this.addSql(`create unique index \"sso_identities_config_user_unique\" on \"sso_identities\" (\"sso_config_id\", \"user_id\") where \"deleted_at\" is null;`);\n    this.addSql(`create unique index \"sso_identities_config_subject_unique\" on \"sso_identities\" (\"sso_config_id\", \"idp_subject\") where \"deleted_at\" is null;`);\n    this.addSql(`create unique index \"sso_identities_config_external_id_unique\" on \"sso_identities\" (\"sso_config_id\", \"external_id\") where \"deleted_at\" is null;`);\n  }\n\n  override async down(): Promise<void> {\n    this.addSql(`drop index \"sso_identities_config_user_unique\";`);\n    this.addSql(`drop index \"sso_identities_config_subject_unique\";`);\n    this.addSql(`drop index \"sso_identities_config_external_id_unique\";`);\n\n    this.addSql(`alter table \"sso_identities\" add constraint \"sso_identities_config_user_unique\" unique (\"sso_config_id\", \"user_id\");`);\n    this.addSql(`alter table \"sso_identities\" add constraint \"sso_identities_config_subject_unique\" unique (\"sso_config_id\", \"idp_subject\");`);\n    this.addSql(`alter table \"sso_identities\" add constraint \"sso_identities_config_external_id_unique\" unique (\"sso_config_id\", \"external_id\");`);\n  }\n\n}\n"],
+  "mappings": "AAAA,SAAS,iBAAiB;AAEnB,MAAM,8DAA8D,UAAU;AAAA,EAEnF,MAAe,KAAoB;AACjC,SAAK,OAAO,mFAAmF;AAC/F,SAAK,OAAO,sFAAsF;AAClG,SAAK,OAAO,0FAA0F;AAEtG,SAAK,OAAO,sIAAsI;AAClJ,SAAK,OAAO,6IAA6I;AACzJ,SAAK,OAAO,iJAAiJ;AAAA,EAC/J;AAAA,EAEA,MAAe,OAAsB;AACnC,SAAK,OAAO,iDAAiD;AAC7D,SAAK,OAAO,oDAAoD;AAChE,SAAK,OAAO,wDAAwD;AAEpE,SAAK,OAAO,sHAAsH;AAClI,SAAK,OAAO,6HAA6H;AACzI,SAAK,OAAO,iIAAiI;AAAA,EAC/I;AAEF;",
+  "names": []
+}

package/dist/modules/sso/migrations/Migration20260305000000_sso_role_grants_org_id.js ADDED Viewed

@@ -0,0 +1,14 @@
+import { Migration } from "@mikro-orm/migrations";
+class Migration20260305000000_sso_role_grants_org_id extends Migration {
+  async up() {
+    this.addSql(`alter table "sso_role_grants" add column "organization_id" uuid not null default '00000000-0000-0000-0000-000000000000';`);
+    this.addSql(`alter table "sso_role_grants" alter column "organization_id" drop default;`);
+  }
+  async down() {
+    this.addSql(`alter table "sso_role_grants" drop column "organization_id";`);
+  }
+}
+export {
+  Migration20260305000000_sso_role_grants_org_id
+};
+//# sourceMappingURL=Migration20260305000000_sso_role_grants_org_id.js.map

package/dist/modules/sso/migrations/Migration20260305000000_sso_role_grants_org_id.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/modules/sso/migrations/Migration20260305000000_sso_role_grants_org_id.ts"],
+  "sourcesContent": ["import { Migration } from '@mikro-orm/migrations';\n\nexport class Migration20260305000000_sso_role_grants_org_id extends Migration {\n\n  override async up(): Promise<void> {\n    this.addSql(`alter table \"sso_role_grants\" add column \"organization_id\" uuid not null default '00000000-0000-0000-0000-000000000000';`);\n    this.addSql(`alter table \"sso_role_grants\" alter column \"organization_id\" drop default;`);\n  }\n\n  override async down(): Promise<void> {\n    this.addSql(`alter table \"sso_role_grants\" drop column \"organization_id\";`);\n  }\n\n}\n"],
+  "mappings": "AAAA,SAAS,iBAAiB;AAEnB,MAAM,uDAAuD,UAAU;AAAA,EAE5E,MAAe,KAAoB;AACjC,SAAK,OAAO,0HAA0H;AACtI,SAAK,OAAO,4EAA4E;AAAA,EAC1F;AAAA,EAEA,MAAe,OAAsB;AACnC,SAAK,OAAO,8DAA8D;AAAA,EAC5E;AAEF;",
+  "names": []
+}