npm - @robelest/convex-auth - Versions diffs - 0.0.4-preview.2 → 0.0.4-preview.21 - Mend

@robelest/convex-auth 0.0.4-preview.2 → 0.0.4-preview.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (798) hide show

package/README.md +67 -26
package/dist/authorization/index.d.ts +63 -0
package/dist/authorization/index.d.ts.map +1 -0
package/dist/authorization/index.js +63 -0
package/dist/authorization/index.js.map +1 -0
package/dist/bin.js +6185 -0
package/dist/client/core/types.d.ts +20 -0
package/dist/client/core/types.d.ts.map +1 -0
package/dist/client/index.d.ts +2 -299
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +407 -534
package/dist/client/index.js.map +1 -1
package/dist/component/_generated/api.d.ts +42 -0
package/dist/component/_generated/api.d.ts.map +1 -1
package/dist/component/_generated/api.js.map +1 -1
package/dist/component/_generated/component.d.ts +2546 -90
package/dist/component/_generated/component.d.ts.map +1 -1
package/dist/component/client/core/types.d.ts +2 -0
package/dist/component/client/index.d.ts +2 -0
package/dist/component/convex.config.d.ts +2 -2
package/dist/component/functions.d.ts +11 -9
package/dist/component/functions.d.ts.map +1 -1
package/dist/component/functions.js.map +1 -1
package/dist/component/index.d.ts +7 -11
package/dist/component/index.js +2 -3
package/dist/component/model.d.ts +153 -0
package/dist/component/model.d.ts.map +1 -0
package/dist/component/model.js +349 -0
package/dist/component/model.js.map +1 -0
package/dist/component/providers/anonymous.d.ts +54 -0
package/dist/component/providers/anonymous.d.ts.map +1 -0
package/dist/component/providers/credentials.d.ts +5 -5
package/dist/component/providers/credentials.d.ts.map +1 -1
package/dist/component/providers/device.d.ts +67 -0
package/dist/component/providers/device.d.ts.map +1 -0
package/dist/component/providers/email.d.ts +62 -0
package/dist/component/providers/email.d.ts.map +1 -0
package/dist/component/providers/oauth.d.ts.map +1 -1
package/dist/component/providers/oauth.js.map +1 -1
package/dist/component/providers/passkey.d.ts +57 -0
package/dist/component/providers/passkey.d.ts.map +1 -0
package/dist/component/providers/password.d.ts +88 -0
package/dist/component/providers/password.d.ts.map +1 -0
package/dist/component/providers/phone.d.ts +48 -0
package/dist/component/providers/phone.d.ts.map +1 -0
package/dist/component/providers/sso.d.ts +50 -0
package/dist/component/providers/sso.d.ts.map +1 -0
package/dist/component/providers/totp.d.ts +45 -0
package/dist/component/providers/totp.d.ts.map +1 -0
package/dist/component/public/enterprise/audit.d.ts +73 -0
package/dist/component/public/enterprise/audit.d.ts.map +1 -0
package/dist/component/public/enterprise/audit.js +108 -0
package/dist/component/public/enterprise/audit.js.map +1 -0
package/dist/component/public/enterprise/core.d.ts +176 -0
package/dist/component/public/enterprise/core.d.ts.map +1 -0
package/dist/component/public/enterprise/core.js +292 -0
package/dist/component/public/enterprise/core.js.map +1 -0
package/dist/component/public/enterprise/domains.d.ts +174 -0
package/dist/component/public/enterprise/domains.d.ts.map +1 -0
package/dist/component/public/enterprise/domains.js +271 -0
package/dist/component/public/enterprise/domains.js.map +1 -0
package/dist/component/public/enterprise/scim.d.ts +245 -0
package/dist/component/public/enterprise/scim.d.ts.map +1 -0
package/dist/component/public/enterprise/scim.js +344 -0
package/dist/component/public/enterprise/scim.js.map +1 -0
package/dist/component/public/enterprise/secrets.d.ts +78 -0
package/dist/component/public/enterprise/secrets.d.ts.map +1 -0
package/dist/component/public/enterprise/secrets.js +118 -0
package/dist/component/public/enterprise/secrets.js.map +1 -0
package/dist/component/public/enterprise/webhooks.d.ts +211 -0
package/dist/component/public/enterprise/webhooks.d.ts.map +1 -0
package/dist/component/public/enterprise/webhooks.js +300 -0
package/dist/component/public/enterprise/webhooks.js.map +1 -0
package/dist/component/public/factors/devices.d.ts +157 -0
package/dist/component/public/factors/devices.d.ts.map +1 -0
package/dist/component/public/factors/devices.js +216 -0
package/dist/component/public/factors/devices.js.map +1 -0
package/dist/component/public/factors/passkeys.d.ts +175 -0
package/dist/component/public/factors/passkeys.d.ts.map +1 -0
package/dist/component/public/factors/passkeys.js +238 -0
package/dist/component/public/factors/passkeys.js.map +1 -0
package/dist/component/public/factors/totp.d.ts +189 -0
package/dist/component/public/factors/totp.d.ts.map +1 -0
package/dist/component/public/factors/totp.js +254 -0
package/dist/component/public/factors/totp.js.map +1 -0
package/dist/component/public/groups/core.d.ts +137 -0
package/dist/component/public/groups/core.d.ts.map +1 -0
package/dist/component/public/groups/core.js +321 -0
package/dist/component/public/groups/core.js.map +1 -0
package/dist/component/public/groups/invites.d.ts +217 -0
package/dist/component/public/groups/invites.d.ts.map +1 -0
package/dist/component/public/groups/invites.js +457 -0
package/dist/component/public/groups/invites.js.map +1 -0
package/dist/component/public/groups/members.d.ts +204 -0
package/dist/component/public/groups/members.d.ts.map +1 -0
package/dist/component/public/groups/members.js +355 -0
package/dist/component/public/groups/members.js.map +1 -0
package/dist/component/public/identity/accounts.d.ts +147 -0
package/dist/component/public/identity/accounts.d.ts.map +1 -0
package/dist/component/public/identity/accounts.js +200 -0
package/dist/component/public/identity/accounts.js.map +1 -0
package/dist/component/public/identity/codes.d.ts +104 -0
package/dist/component/public/identity/codes.d.ts.map +1 -0
package/dist/component/public/identity/codes.js +140 -0
package/dist/component/public/identity/codes.js.map +1 -0
package/dist/component/public/identity/sessions.d.ts +128 -0
package/dist/component/public/identity/sessions.d.ts.map +1 -0
package/dist/component/public/identity/sessions.js +192 -0
package/dist/component/public/identity/sessions.js.map +1 -0
package/dist/component/public/identity/tokens.d.ts +169 -0
package/dist/component/public/identity/tokens.d.ts.map +1 -0
package/dist/component/public/identity/tokens.js +227 -0
package/dist/component/public/identity/tokens.js.map +1 -0
package/dist/component/public/identity/users.d.ts +212 -0
package/dist/component/public/identity/users.d.ts.map +1 -0
package/dist/component/public/identity/users.js +311 -0
package/dist/component/public/identity/users.js.map +1 -0
package/dist/component/public/identity/verifiers.d.ts +116 -0
package/dist/component/public/identity/verifiers.d.ts.map +1 -0
package/dist/component/public/identity/verifiers.js +154 -0
package/dist/component/public/identity/verifiers.js.map +1 -0
package/dist/component/public/security/keys.d.ts +209 -0
package/dist/component/public/security/keys.d.ts.map +1 -0
package/dist/component/public/security/keys.js +319 -0
package/dist/component/public/security/keys.js.map +1 -0
package/dist/component/public/security/limits.d.ts +114 -0
package/dist/component/public/security/limits.d.ts.map +1 -0
package/dist/component/public/security/limits.js +169 -0
package/dist/component/public/security/limits.js.map +1 -0
package/dist/component/public.d.ts +24 -271
package/dist/component/public.d.ts.map +1 -1
package/dist/component/public.js +21 -1229
package/dist/component/schema.d.ts +473 -110
package/dist/component/schema.js +162 -73
package/dist/component/schema.js.map +1 -1
package/dist/component/server/auth.d.ts +318 -373
package/dist/component/server/auth.d.ts.map +1 -1
package/dist/component/server/auth.js +204 -123
package/dist/component/server/auth.js.map +1 -1
package/dist/component/server/authError.js +34 -0
package/dist/component/server/authError.js.map +1 -0
package/dist/component/server/{providers.js → config.js} +43 -12
package/dist/component/server/config.js.map +1 -0
package/dist/component/server/cookies.js +3 -0
package/dist/component/server/cookies.js.map +1 -1
package/dist/component/server/core.js +713 -0
package/dist/component/server/core.js.map +1 -0
package/dist/component/server/crypto.js +38 -0
package/dist/component/server/crypto.js.map +1 -0
package/dist/component/server/{implementation/db.js → db.js} +2 -1
package/dist/component/server/db.js.map +1 -0
package/dist/component/server/device.js +109 -0
package/dist/component/server/device.js.map +1 -0
package/dist/component/server/enterprise/config.js +46 -0
package/dist/component/server/enterprise/config.js.map +1 -0
package/dist/component/server/enterprise/domain.js +885 -0
package/dist/component/server/enterprise/domain.js.map +1 -0
package/dist/component/server/enterprise/http.js +766 -0
package/dist/component/server/enterprise/http.js.map +1 -0
package/dist/component/server/enterprise/oidc.js +248 -0
package/dist/component/server/enterprise/oidc.js.map +1 -0
package/dist/component/server/enterprise/policy.js +85 -0
package/dist/component/server/enterprise/policy.js.map +1 -0
package/dist/component/server/enterprise/saml.js +338 -0
package/dist/component/server/enterprise/saml.js.map +1 -0
package/dist/component/server/enterprise/scim.js +97 -0
package/dist/component/server/enterprise/scim.js.map +1 -0
package/dist/component/server/enterprise/shared.js +51 -0
package/dist/component/server/enterprise/shared.js.map +1 -0
package/dist/component/server/errors.d.ts +1 -0
package/dist/component/server/errors.js +24 -16
package/dist/component/server/errors.js.map +1 -1
package/dist/component/server/http.js +288 -0
package/dist/component/server/http.js.map +1 -0
package/dist/component/server/identity.js +13 -0
package/dist/component/server/identity.js.map +1 -0
package/dist/{server/implementation → component/server}/keys.js +9 -31
package/dist/component/server/keys.js.map +1 -0
package/dist/component/server/limits.js +61 -0
package/dist/component/server/limits.js.map +1 -0
package/dist/component/server/mutations/account.js +44 -0
package/dist/component/server/mutations/account.js.map +1 -0
package/dist/component/server/{implementation/mutations → mutations}/code.js +7 -4
package/dist/component/server/mutations/code.js.map +1 -0
package/dist/component/server/mutations/invalidate.js +32 -0
package/dist/component/server/mutations/invalidate.js.map +1 -0
package/dist/component/server/mutations/oauth.js +110 -0
package/dist/component/server/mutations/oauth.js.map +1 -0
package/dist/component/server/mutations/refresh.js +119 -0
package/dist/component/server/mutations/refresh.js.map +1 -0
package/dist/component/server/mutations/register.js +83 -0
package/dist/component/server/mutations/register.js.map +1 -0
package/dist/component/server/mutations/retrieve.js +65 -0
package/dist/component/server/mutations/retrieve.js.map +1 -0
package/dist/component/server/mutations/signature.js +32 -0
package/dist/component/server/mutations/signature.js.map +1 -0
package/dist/component/server/{implementation/mutations → mutations}/signin.js +2 -2
package/dist/component/server/mutations/signin.js.map +1 -0
package/dist/component/server/mutations/signout.js +27 -0
package/dist/component/server/mutations/signout.js.map +1 -0
package/dist/component/server/mutations/store/refs.js +15 -0
package/dist/component/server/mutations/store/refs.js.map +1 -0
package/dist/component/server/mutations/store.js +85 -0
package/dist/component/server/mutations/store.js.map +1 -0
package/dist/component/server/mutations/verifier.js +18 -0
package/dist/component/server/mutations/verifier.js.map +1 -0
package/dist/component/server/mutations/verify.js +98 -0
package/dist/component/server/mutations/verify.js.map +1 -0
package/dist/component/server/oauth.js +106 -60
package/dist/component/server/oauth.js.map +1 -1
package/dist/component/server/passkey.js +328 -0
package/dist/component/server/passkey.js.map +1 -0
package/dist/{server/implementation → component/server}/redirects.js +13 -11
package/dist/component/server/redirects.js.map +1 -0
package/dist/component/server/refresh.js +96 -0
package/dist/component/server/refresh.js.map +1 -0
package/dist/component/server/runtime.d.ts +136 -0
package/dist/component/server/runtime.d.ts.map +1 -0
package/dist/component/server/runtime.js +413 -0
package/dist/component/server/runtime.js.map +1 -0
package/dist/{server/implementation → component/server}/sessions.js +14 -8
package/dist/component/server/sessions.js.map +1 -0
package/dist/component/server/signin.js +201 -0
package/dist/component/server/signin.js.map +1 -0
package/dist/component/server/tokens.js +17 -0
package/dist/component/server/tokens.js.map +1 -0
package/dist/component/server/totp.js +148 -0
package/dist/component/server/totp.js.map +1 -0
package/dist/component/server/types.d.ts +387 -298
package/dist/component/server/types.d.ts.map +1 -1
package/dist/component/server/{implementation/types.js → types.js} +1 -1
package/dist/component/server/types.js.map +1 -0
package/dist/component/server/{implementation/users.js → users.js} +54 -35
package/dist/component/server/users.js.map +1 -0
package/dist/component/server/utils.js +110 -4
package/dist/component/server/utils.js.map +1 -1
package/dist/core/types.d.ts +369 -0
package/dist/core/types.d.ts.map +1 -0
package/dist/factors/device.js +105 -0
package/dist/factors/device.js.map +1 -0
package/dist/factors/passkey.js +181 -0
package/dist/factors/passkey.js.map +1 -0
package/dist/factors/totp.js +122 -0
package/dist/factors/totp.js.map +1 -0
package/dist/providers/anonymous.d.ts +3 -9
package/dist/providers/anonymous.d.ts.map +1 -1
package/dist/providers/anonymous.js +1 -18
package/dist/providers/anonymous.js.map +1 -1
package/dist/providers/credentials.d.ts +8 -10
package/dist/providers/credentials.d.ts.map +1 -1
package/dist/providers/credentials.js +3 -5
package/dist/providers/credentials.js.map +1 -1
package/dist/providers/device.d.ts +18 -10
package/dist/providers/device.d.ts.map +1 -1
package/dist/providers/device.js +4 -8
package/dist/providers/device.js.map +1 -1
package/dist/providers/email.d.ts +50 -23
package/dist/providers/email.d.ts.map +1 -1
package/dist/providers/email.js +58 -34
package/dist/providers/email.js.map +1 -1
package/dist/providers/index.d.ts +7 -3
package/dist/providers/index.js +4 -1
package/dist/providers/oauth.d.ts.map +1 -1
package/dist/providers/oauth.js.map +1 -1
package/dist/providers/passkey.d.ts +12 -9
package/dist/providers/passkey.d.ts.map +1 -1
package/dist/providers/passkey.js +1 -7
package/dist/providers/passkey.js.map +1 -1
package/dist/providers/password.d.ts +6 -12
package/dist/providers/password.d.ts.map +1 -1
package/dist/providers/password.js +189 -89
package/dist/providers/password.js.map +1 -1
package/dist/providers/phone.d.ts +40 -11
package/dist/providers/phone.d.ts.map +1 -1
package/dist/providers/phone.js +52 -21
package/dist/providers/phone.js.map +1 -1
package/dist/providers/sso.d.ts +50 -0
package/dist/providers/sso.d.ts.map +1 -0
package/dist/providers/sso.js +34 -0
package/dist/providers/sso.js.map +1 -0
package/dist/providers/totp.d.ts +12 -9
package/dist/providers/totp.d.ts.map +1 -1
package/dist/providers/totp.js +1 -7
package/dist/providers/totp.js.map +1 -1
package/dist/runtime/browser.js +68 -0
package/dist/runtime/browser.js.map +1 -0
package/dist/runtime/invite.js +51 -0
package/dist/runtime/invite.js.map +1 -0
package/dist/runtime/proxy.js +70 -0
package/dist/runtime/proxy.js.map +1 -0
package/dist/runtime/storage.js +37 -0
package/dist/runtime/storage.js.map +1 -0
package/dist/server/auth.d.ts +335 -370
package/dist/server/auth.d.ts.map +1 -1
package/dist/server/auth.js +204 -123
package/dist/server/auth.js.map +1 -1
package/dist/server/authError.d.ts +46 -0
package/dist/server/authError.d.ts.map +1 -0
package/dist/server/authError.js +34 -0
package/dist/server/authError.js.map +1 -0
package/dist/server/config.d.ts +1 -0
package/dist/server/{providers.js → config.js} +43 -12
package/dist/server/config.js.map +1 -0
package/dist/server/cookies.d.ts +1 -38
package/dist/server/cookies.js +3 -0
package/dist/server/cookies.js.map +1 -1
package/dist/server/core.d.ts +1436 -0
package/dist/server/core.d.ts.map +1 -0
package/dist/server/core.js +713 -0
package/dist/server/core.js.map +1 -0
package/dist/server/crypto.d.ts +8 -0
package/dist/server/crypto.d.ts.map +1 -0
package/dist/server/crypto.js +38 -0
package/dist/server/crypto.js.map +1 -0
package/dist/server/db.d.ts +1 -0
package/dist/server/{implementation/db.js → db.js} +2 -1
package/dist/server/db.js.map +1 -0
package/dist/server/device.d.ts +1 -0
package/dist/server/device.js +109 -0
package/dist/server/device.js.map +1 -0
package/dist/server/enterprise/config.d.ts +1 -0
package/dist/server/enterprise/config.js +46 -0
package/dist/server/enterprise/config.js.map +1 -0
package/dist/server/enterprise/domain.d.ts +409 -0
package/dist/server/enterprise/domain.d.ts.map +1 -0
package/dist/server/enterprise/domain.js +885 -0
package/dist/server/enterprise/domain.js.map +1 -0
package/dist/server/enterprise/http.d.ts +26 -0
package/dist/server/enterprise/http.d.ts.map +1 -0
package/dist/server/enterprise/http.js +766 -0
package/dist/server/enterprise/http.js.map +1 -0
package/dist/server/enterprise/oidc.d.ts +1 -0
package/dist/server/enterprise/oidc.js +248 -0
package/dist/server/enterprise/oidc.js.map +1 -0
package/dist/server/enterprise/policy.d.ts +1 -0
package/dist/server/enterprise/policy.js +85 -0
package/dist/server/enterprise/policy.js.map +1 -0
package/dist/server/enterprise/saml.d.ts +1 -0
package/dist/server/enterprise/saml.js +338 -0
package/dist/server/enterprise/saml.js.map +1 -0
package/dist/server/enterprise/scim.d.ts +1 -0
package/dist/server/enterprise/scim.js +97 -0
package/dist/server/enterprise/scim.js.map +1 -0
package/dist/server/enterprise/shared.d.ts +5 -0
package/dist/server/enterprise/shared.d.ts.map +1 -0
package/dist/server/enterprise/shared.js +51 -0
package/dist/server/enterprise/shared.js.map +1 -0
package/dist/server/enterprise/validators.d.ts +1 -0
package/dist/server/enterprise/validators.js +60 -0
package/dist/server/enterprise/validators.js.map +1 -0
package/dist/server/errors.d.ts +33 -1
package/dist/server/errors.d.ts.map +1 -1
package/dist/server/errors.js +44 -1
package/dist/server/errors.js.map +1 -1
package/dist/server/http.d.ts +59 -0
package/dist/server/http.d.ts.map +1 -0
package/dist/server/http.js +288 -0
package/dist/server/http.js.map +1 -0
package/dist/server/identity.d.ts +1 -0
package/dist/server/identity.js +13 -0
package/dist/server/identity.js.map +1 -0
package/dist/server/index.d.ts +4 -182
package/dist/server/index.js +4 -376
package/dist/server/keys.d.ts +1 -0
package/dist/{component/server/implementation → server}/keys.js +9 -31
package/dist/server/keys.js.map +1 -0
package/dist/server/limits.d.ts +1 -0
package/dist/server/limits.js +61 -0
package/dist/server/limits.js.map +1 -0
package/dist/server/mounts.d.ts +647 -0
package/dist/server/mounts.d.ts.map +1 -0
package/dist/server/mounts.js +643 -0
package/dist/server/mounts.js.map +1 -0
package/dist/server/mutations/account.d.ts +30 -0
package/dist/server/mutations/account.d.ts.map +1 -0
package/dist/server/mutations/account.js +44 -0
package/dist/server/mutations/account.js.map +1 -0
package/dist/server/mutations/code.d.ts +30 -0
package/dist/server/mutations/code.d.ts.map +1 -0
package/dist/server/{implementation/mutations → mutations}/code.js +7 -4
package/dist/server/mutations/code.js.map +1 -0
package/dist/server/mutations/index.d.ts +14 -0
package/dist/server/mutations/index.js +15 -0
package/dist/server/mutations/invalidate.d.ts +20 -0
package/dist/server/mutations/invalidate.d.ts.map +1 -0
package/dist/server/mutations/invalidate.js +32 -0
package/dist/server/mutations/invalidate.js.map +1 -0
package/dist/server/mutations/oauth.d.ts +28 -0
package/dist/server/mutations/oauth.d.ts.map +1 -0
package/dist/server/mutations/oauth.js +110 -0
package/dist/server/mutations/oauth.js.map +1 -0
package/dist/server/mutations/refresh.d.ts +21 -0
package/dist/server/mutations/refresh.d.ts.map +1 -0
package/dist/server/mutations/refresh.js +119 -0
package/dist/server/mutations/refresh.js.map +1 -0
package/dist/server/mutations/register.d.ts +38 -0
package/dist/server/mutations/register.d.ts.map +1 -0
package/dist/server/mutations/register.js +83 -0
package/dist/server/mutations/register.js.map +1 -0
package/dist/server/mutations/retrieve.d.ts +33 -0
package/dist/server/mutations/retrieve.d.ts.map +1 -0
package/dist/server/mutations/retrieve.js +65 -0
package/dist/server/mutations/retrieve.js.map +1 -0
package/dist/server/mutations/signature.d.ts +22 -0
package/dist/server/mutations/signature.d.ts.map +1 -0
package/dist/server/mutations/signature.js +32 -0
package/dist/server/mutations/signature.js.map +1 -0
package/dist/server/mutations/signin.d.ts +22 -0
package/dist/server/mutations/signin.d.ts.map +1 -0
package/dist/server/{implementation/mutations → mutations}/signin.js +2 -2
package/dist/server/mutations/signin.js.map +1 -0
package/dist/server/mutations/signout.d.ts +16 -0
package/dist/server/mutations/signout.d.ts.map +1 -0
package/dist/server/mutations/signout.js +27 -0
package/dist/server/mutations/signout.js.map +1 -0
package/dist/server/mutations/store/refs.d.ts +12 -0
package/dist/server/mutations/store/refs.d.ts.map +1 -0
package/dist/server/mutations/store/refs.js +15 -0
package/dist/server/mutations/store/refs.js.map +1 -0
package/dist/server/mutations/store.d.ts +306 -0
package/dist/server/mutations/store.d.ts.map +1 -0
package/dist/server/mutations/store.js +85 -0
package/dist/server/mutations/store.js.map +1 -0
package/dist/server/mutations/verifier.d.ts +13 -0
package/dist/server/mutations/verifier.d.ts.map +1 -0
package/dist/server/mutations/verifier.js +18 -0
package/dist/server/mutations/verifier.js.map +1 -0
package/dist/server/mutations/verify.d.ts +26 -0
package/dist/server/mutations/verify.d.ts.map +1 -0
package/dist/server/mutations/verify.js +98 -0
package/dist/server/mutations/verify.js.map +1 -0
package/dist/server/oauth.d.ts +1 -48
package/dist/server/oauth.js +107 -64
package/dist/server/oauth.js.map +1 -1
package/dist/server/passkey.d.ts +27 -0
package/dist/server/passkey.d.ts.map +1 -0
package/dist/server/passkey.js +328 -0
package/dist/server/passkey.js.map +1 -0
package/dist/server/redirects.d.ts +1 -0
package/dist/{component/server/implementation → server}/redirects.js +13 -11
package/dist/server/redirects.js.map +1 -0
package/dist/server/refresh.d.ts +1 -0
package/dist/server/refresh.js +96 -0
package/dist/server/refresh.js.map +1 -0
package/dist/server/runtime.d.ts +136 -0
package/dist/server/runtime.d.ts.map +1 -0
package/dist/server/runtime.js +413 -0
package/dist/server/runtime.js.map +1 -0
package/dist/server/sessions.d.ts +1 -0
package/dist/{component/server/implementation → server}/sessions.js +14 -8
package/dist/server/sessions.js.map +1 -0
package/dist/server/signin.d.ts +1 -0
package/dist/server/signin.js +201 -0
package/dist/server/signin.js.map +1 -0
package/dist/server/ssr.d.ts +226 -0
package/dist/server/ssr.d.ts.map +1 -0
package/dist/server/ssr.js +786 -0
package/dist/server/ssr.js.map +1 -0
package/dist/server/templates.d.ts +1 -21
package/dist/server/templates.js +2 -1
package/dist/server/templates.js.map +1 -1
package/dist/server/tokens.d.ts +1 -0
package/dist/server/tokens.js +17 -0
package/dist/server/tokens.js.map +1 -0
package/dist/server/totp.d.ts +1 -0
package/dist/server/totp.js +148 -0
package/dist/server/totp.js.map +1 -0
package/dist/server/types.d.ts +498 -306
package/dist/server/types.d.ts.map +1 -1
package/dist/server/types.js +108 -1
package/dist/server/types.js.map +1 -0
package/dist/server/users.d.ts +1 -0
package/dist/server/{implementation/users.js → users.js} +54 -35
package/dist/server/users.js.map +1 -0
package/dist/server/utils.d.ts +1 -6
package/dist/server/utils.js +110 -4
package/dist/server/utils.js.map +1 -1
package/package.json +49 -46
package/src/authorization/index.ts +83 -0
package/src/cli/bin.ts +5 -0
package/src/cli/command.ts +6 -5
package/src/cli/index.ts +456 -248
package/src/cli/keys.ts +3 -0
package/src/client/core/types.ts +437 -0
package/src/client/factors/device.ts +160 -0
package/src/client/factors/passkey.ts +282 -0
package/src/client/factors/totp.ts +150 -0
package/src/client/index.ts +745 -989
package/src/client/runtime/browser.ts +112 -0
package/src/client/runtime/invite.ts +65 -0
package/src/client/runtime/proxy.ts +111 -0
package/src/client/runtime/storage.ts +79 -0
package/src/component/_generated/api.ts +42 -0
package/src/component/_generated/component.ts +3123 -102
package/src/component/functions.ts +38 -22
package/src/component/index.ts +10 -20
package/src/component/model.ts +449 -0
package/src/component/public/enterprise/audit.ts +120 -0
package/src/component/public/enterprise/core.ts +354 -0
package/src/component/public/enterprise/domains.ts +323 -0
package/src/component/public/enterprise/scim.ts +396 -0
package/src/component/public/enterprise/secrets.ts +132 -0
package/src/component/public/enterprise/webhooks.ts +306 -0
package/src/component/public/factors/devices.ts +223 -0
package/src/component/public/factors/passkeys.ts +242 -0
package/src/component/public/factors/totp.ts +258 -0
package/src/component/public/groups/core.ts +481 -0
package/src/component/public/groups/invites.ts +602 -0
package/src/component/public/groups/members.ts +409 -0
package/src/component/public/identity/accounts.ts +206 -0
package/src/component/public/identity/codes.ts +148 -0
package/src/component/public/identity/sessions.ts +209 -0
package/src/component/public/identity/tokens.ts +250 -0
package/src/component/public/identity/users.ts +354 -0
package/src/component/public/identity/verifiers.ts +157 -0
package/src/component/public/security/keys.ts +365 -0
package/src/component/public/security/limits.ts +173 -0
package/src/component/public.ts +26 -1766
package/src/component/schema.ts +273 -100
package/src/providers/anonymous.ts +10 -20
package/src/providers/credentials.ts +14 -22
package/src/providers/device.ts +3 -14
package/src/providers/email.ts +83 -47
package/src/providers/index.ts +7 -0
package/src/providers/oauth.ts +5 -3
package/src/providers/passkey.ts +0 -13
package/src/providers/password.ts +307 -130
package/src/providers/phone.ts +81 -37
package/src/providers/sso.ts +54 -0
package/src/providers/totp.ts +0 -13
package/src/samlify.d.ts +53 -0
package/src/server/auth.ts +701 -247
package/src/server/authError.ts +44 -0
package/src/server/{providers.ts → config.ts} +84 -15
package/src/server/cookies.ts +8 -1
package/src/server/core.ts +2095 -0
package/src/server/crypto.ts +88 -0
package/src/server/{implementation/db.ts → db.ts} +90 -15
package/src/server/device.ts +221 -0
package/src/server/enterprise/config.ts +51 -0
package/src/server/enterprise/domain.ts +1751 -0
package/src/server/enterprise/http.ts +1324 -0
package/src/server/enterprise/oidc.ts +500 -0
package/src/server/enterprise/policy.ts +128 -0
package/src/server/enterprise/saml.ts +578 -0
package/src/server/enterprise/scim.ts +135 -0
package/src/server/enterprise/shared.ts +134 -0
package/src/server/enterprise/validators.ts +93 -0
package/src/server/errors.ts +130 -119
package/src/server/http.ts +531 -0
package/src/server/identity.ts +18 -0
package/src/server/index.ts +32 -650
package/src/server/{implementation/keys.ts → keys.ts} +16 -44
package/src/server/limits.ts +134 -0
package/src/server/mounts.ts +948 -0
package/src/server/mutations/account.ts +76 -0
package/src/server/{implementation/mutations → mutations}/code.ts +22 -11
package/src/server/mutations/index.ts +13 -0
package/src/server/mutations/invalidate.ts +50 -0
package/src/server/mutations/oauth.ts +237 -0
package/src/server/mutations/refresh.ts +298 -0
package/src/server/mutations/register.ts +200 -0
package/src/server/mutations/retrieve.ts +109 -0
package/src/server/mutations/signature.ts +50 -0
package/src/server/{implementation/mutations → mutations}/signin.ts +9 -7
package/src/server/mutations/signout.ts +43 -0
package/src/server/mutations/store/refs.ts +10 -0
package/src/server/mutations/store.ts +138 -0
package/src/server/mutations/verifier.ts +34 -0
package/src/server/mutations/verify.ts +202 -0
package/src/server/oauth.ts +243 -131
package/src/server/passkey.ts +784 -0
package/src/server/{implementation/redirects.ts → redirects.ts} +21 -16
package/src/server/refresh.ts +222 -0
package/src/server/runtime.ts +880 -0
package/src/server/{implementation/sessions.ts → sessions.ts} +33 -25
package/src/server/signin.ts +438 -0
package/src/server/ssr.ts +1764 -0
package/src/server/templates.ts +8 -3
package/src/server/{implementation/tokens.ts → tokens.ts} +11 -5
package/src/server/totp.ts +349 -0
package/src/server/types.ts +972 -207
package/src/server/{implementation/users.ts → users.ts} +129 -75
package/src/server/utils.ts +192 -5
package/src/test.ts +28 -4
package/dist/bin.cjs +0 -27757
package/dist/component/providers/email.js +0 -47
package/dist/component/providers/email.js.map +0 -1
package/dist/component/public.js.map +0 -1
package/dist/component/server/implementation/db.js.map +0 -1
package/dist/component/server/implementation/device.js +0 -135
package/dist/component/server/implementation/device.js.map +0 -1
package/dist/component/server/implementation/index.d.ts +0 -870
package/dist/component/server/implementation/index.d.ts.map +0 -1
package/dist/component/server/implementation/index.js +0 -610
package/dist/component/server/implementation/index.js.map +0 -1
package/dist/component/server/implementation/keys.js.map +0 -1
package/dist/component/server/implementation/mutations/account.js +0 -39
package/dist/component/server/implementation/mutations/account.js.map +0 -1
package/dist/component/server/implementation/mutations/code.js.map +0 -1
package/dist/component/server/implementation/mutations/index.js +0 -70
package/dist/component/server/implementation/mutations/index.js.map +0 -1
package/dist/component/server/implementation/mutations/invalidate.js +0 -29
package/dist/component/server/implementation/mutations/invalidate.js.map +0 -1
package/dist/component/server/implementation/mutations/oauth.js +0 -51
package/dist/component/server/implementation/mutations/oauth.js.map +0 -1
package/dist/component/server/implementation/mutations/refresh.js +0 -85
package/dist/component/server/implementation/mutations/refresh.js.map +0 -1
package/dist/component/server/implementation/mutations/register.js +0 -65
package/dist/component/server/implementation/mutations/register.js.map +0 -1
package/dist/component/server/implementation/mutations/retrieve.js +0 -50
package/dist/component/server/implementation/mutations/retrieve.js.map +0 -1
package/dist/component/server/implementation/mutations/signature.js +0 -27
package/dist/component/server/implementation/mutations/signature.js.map +0 -1
package/dist/component/server/implementation/mutations/signin.js.map +0 -1
package/dist/component/server/implementation/mutations/signout.js +0 -27
package/dist/component/server/implementation/mutations/signout.js.map +0 -1
package/dist/component/server/implementation/mutations/store.js +0 -12
package/dist/component/server/implementation/mutations/store.js.map +0 -1
package/dist/component/server/implementation/mutations/verifier.js +0 -16
package/dist/component/server/implementation/mutations/verifier.js.map +0 -1
package/dist/component/server/implementation/mutations/verify.js +0 -105
package/dist/component/server/implementation/mutations/verify.js.map +0 -1
package/dist/component/server/implementation/passkey.js +0 -307
package/dist/component/server/implementation/passkey.js.map +0 -1
package/dist/component/server/implementation/provider.js +0 -19
package/dist/component/server/implementation/provider.js.map +0 -1
package/dist/component/server/implementation/ratelimit.js +0 -48
package/dist/component/server/implementation/ratelimit.js.map +0 -1
package/dist/component/server/implementation/redirects.js.map +0 -1
package/dist/component/server/implementation/refresh.js +0 -109
package/dist/component/server/implementation/refresh.js.map +0 -1
package/dist/component/server/implementation/sessions.js.map +0 -1
package/dist/component/server/implementation/signin.js +0 -148
package/dist/component/server/implementation/signin.js.map +0 -1
package/dist/component/server/implementation/tokens.js +0 -15
package/dist/component/server/implementation/tokens.js.map +0 -1
package/dist/component/server/implementation/totp.js +0 -142
package/dist/component/server/implementation/totp.js.map +0 -1
package/dist/component/server/implementation/types.d.ts +0 -42
package/dist/component/server/implementation/types.d.ts.map +0 -1
package/dist/component/server/implementation/types.js.map +0 -1
package/dist/component/server/implementation/users.js.map +0 -1
package/dist/component/server/implementation/utils.js +0 -56
package/dist/component/server/implementation/utils.js.map +0 -1
package/dist/component/server/providers.js.map +0 -1
package/dist/component/server/templates.js +0 -84
package/dist/component/server/templates.js.map +0 -1
package/dist/server/cookies.d.ts.map +0 -1
package/dist/server/implementation/db.d.ts +0 -86
package/dist/server/implementation/db.d.ts.map +0 -1
package/dist/server/implementation/db.js.map +0 -1
package/dist/server/implementation/device.d.ts +0 -30
package/dist/server/implementation/device.d.ts.map +0 -1
package/dist/server/implementation/device.js +0 -135
package/dist/server/implementation/device.js.map +0 -1
package/dist/server/implementation/index.d.ts +0 -870
package/dist/server/implementation/index.d.ts.map +0 -1
package/dist/server/implementation/index.js +0 -610
package/dist/server/implementation/index.js.map +0 -1
package/dist/server/implementation/keys.d.ts +0 -66
package/dist/server/implementation/keys.d.ts.map +0 -1
package/dist/server/implementation/keys.js.map +0 -1
package/dist/server/implementation/mutations/account.d.ts +0 -27
package/dist/server/implementation/mutations/account.d.ts.map +0 -1
package/dist/server/implementation/mutations/account.js +0 -39
package/dist/server/implementation/mutations/account.js.map +0 -1
package/dist/server/implementation/mutations/code.d.ts +0 -29
package/dist/server/implementation/mutations/code.d.ts.map +0 -1
package/dist/server/implementation/mutations/code.js.map +0 -1
package/dist/server/implementation/mutations/index.d.ts +0 -310
package/dist/server/implementation/mutations/index.d.ts.map +0 -1
package/dist/server/implementation/mutations/index.js +0 -70
package/dist/server/implementation/mutations/index.js.map +0 -1
package/dist/server/implementation/mutations/invalidate.d.ts +0 -18
package/dist/server/implementation/mutations/invalidate.d.ts.map +0 -1
package/dist/server/implementation/mutations/invalidate.js +0 -29
package/dist/server/implementation/mutations/invalidate.js.map +0 -1
package/dist/server/implementation/mutations/oauth.d.ts +0 -23
package/dist/server/implementation/mutations/oauth.d.ts.map +0 -1
package/dist/server/implementation/mutations/oauth.js +0 -51
package/dist/server/implementation/mutations/oauth.js.map +0 -1
package/dist/server/implementation/mutations/refresh.d.ts +0 -20
package/dist/server/implementation/mutations/refresh.d.ts.map +0 -1
package/dist/server/implementation/mutations/refresh.js +0 -85
package/dist/server/implementation/mutations/refresh.js.map +0 -1
package/dist/server/implementation/mutations/register.d.ts +0 -37
package/dist/server/implementation/mutations/register.d.ts.map +0 -1
package/dist/server/implementation/mutations/register.js +0 -65
package/dist/server/implementation/mutations/register.js.map +0 -1
package/dist/server/implementation/mutations/retrieve.d.ts +0 -31
package/dist/server/implementation/mutations/retrieve.d.ts.map +0 -1
package/dist/server/implementation/mutations/retrieve.js +0 -50
package/dist/server/implementation/mutations/retrieve.js.map +0 -1
package/dist/server/implementation/mutations/signature.d.ts +0 -19
package/dist/server/implementation/mutations/signature.d.ts.map +0 -1
package/dist/server/implementation/mutations/signature.js +0 -27
package/dist/server/implementation/mutations/signature.js.map +0 -1
package/dist/server/implementation/mutations/signin.d.ts +0 -21
package/dist/server/implementation/mutations/signin.d.ts.map +0 -1
package/dist/server/implementation/mutations/signin.js.map +0 -1
package/dist/server/implementation/mutations/signout.d.ts +0 -14
package/dist/server/implementation/mutations/signout.d.ts.map +0 -1
package/dist/server/implementation/mutations/signout.js +0 -27
package/dist/server/implementation/mutations/signout.js.map +0 -1
package/dist/server/implementation/mutations/store.d.ts +0 -11
package/dist/server/implementation/mutations/store.d.ts.map +0 -1
package/dist/server/implementation/mutations/store.js +0 -12
package/dist/server/implementation/mutations/store.js.map +0 -1
package/dist/server/implementation/mutations/verifier.d.ts +0 -11
package/dist/server/implementation/mutations/verifier.d.ts.map +0 -1
package/dist/server/implementation/mutations/verifier.js +0 -16
package/dist/server/implementation/mutations/verifier.js.map +0 -1
package/dist/server/implementation/mutations/verify.d.ts +0 -25
package/dist/server/implementation/mutations/verify.d.ts.map +0 -1
package/dist/server/implementation/mutations/verify.js +0 -105
package/dist/server/implementation/mutations/verify.js.map +0 -1
package/dist/server/implementation/passkey.d.ts +0 -24
package/dist/server/implementation/passkey.d.ts.map +0 -1
package/dist/server/implementation/passkey.js +0 -307
package/dist/server/implementation/passkey.js.map +0 -1
package/dist/server/implementation/provider.d.ts +0 -10
package/dist/server/implementation/provider.d.ts.map +0 -1
package/dist/server/implementation/provider.js +0 -19
package/dist/server/implementation/provider.js.map +0 -1
package/dist/server/implementation/ratelimit.d.ts +0 -10
package/dist/server/implementation/ratelimit.d.ts.map +0 -1
package/dist/server/implementation/ratelimit.js +0 -48
package/dist/server/implementation/ratelimit.js.map +0 -1
package/dist/server/implementation/redirects.d.ts +0 -10
package/dist/server/implementation/redirects.d.ts.map +0 -1
package/dist/server/implementation/redirects.js.map +0 -1
package/dist/server/implementation/refresh.d.ts +0 -37
package/dist/server/implementation/refresh.d.ts.map +0 -1
package/dist/server/implementation/refresh.js +0 -109
package/dist/server/implementation/refresh.js.map +0 -1
package/dist/server/implementation/sessions.d.ts +0 -29
package/dist/server/implementation/sessions.d.ts.map +0 -1
package/dist/server/implementation/sessions.js.map +0 -1
package/dist/server/implementation/signin.d.ts +0 -55
package/dist/server/implementation/signin.d.ts.map +0 -1
package/dist/server/implementation/signin.js +0 -148
package/dist/server/implementation/signin.js.map +0 -1
package/dist/server/implementation/tokens.d.ts +0 -11
package/dist/server/implementation/tokens.d.ts.map +0 -1
package/dist/server/implementation/tokens.js +0 -15
package/dist/server/implementation/tokens.js.map +0 -1
package/dist/server/implementation/totp.d.ts +0 -31
package/dist/server/implementation/totp.d.ts.map +0 -1
package/dist/server/implementation/totp.js +0 -142
package/dist/server/implementation/totp.js.map +0 -1
package/dist/server/implementation/types.d.ts +0 -189
package/dist/server/implementation/types.d.ts.map +0 -1
package/dist/server/implementation/types.js +0 -97
package/dist/server/implementation/types.js.map +0 -1
package/dist/server/implementation/users.d.ts +0 -30
package/dist/server/implementation/users.d.ts.map +0 -1
package/dist/server/implementation/users.js.map +0 -1
package/dist/server/implementation/utils.d.ts +0 -19
package/dist/server/implementation/utils.d.ts.map +0 -1
package/dist/server/implementation/utils.js +0 -56
package/dist/server/implementation/utils.js.map +0 -1
package/dist/server/index.d.ts.map +0 -1
package/dist/server/index.js.map +0 -1
package/dist/server/oauth.d.ts.map +0 -1
package/dist/server/providers.d.ts +0 -72
package/dist/server/providers.d.ts.map +0 -1
package/dist/server/providers.js.map +0 -1
package/dist/server/templates.d.ts.map +0 -1
package/dist/server/utils.d.ts.map +0 -1
package/dist/server/version.d.ts +0 -5
package/dist/server/version.d.ts.map +0 -1
package/dist/server/version.js +0 -6
package/dist/server/version.js.map +0 -1
package/src/cli/utils.ts +0 -248
package/src/server/implementation/device.ts +0 -307
package/src/server/implementation/index.ts +0 -1583
package/src/server/implementation/mutations/account.ts +0 -50
package/src/server/implementation/mutations/index.ts +0 -157
package/src/server/implementation/mutations/invalidate.ts +0 -42
package/src/server/implementation/mutations/oauth.ts +0 -73
package/src/server/implementation/mutations/refresh.ts +0 -175
package/src/server/implementation/mutations/register.ts +0 -100
package/src/server/implementation/mutations/retrieve.ts +0 -79
package/src/server/implementation/mutations/signature.ts +0 -39
package/src/server/implementation/mutations/signout.ts +0 -35
package/src/server/implementation/mutations/store.ts +0 -7
package/src/server/implementation/mutations/verifier.ts +0 -24
package/src/server/implementation/mutations/verify.ts +0 -194
package/src/server/implementation/passkey.ts +0 -620
package/src/server/implementation/provider.ts +0 -36
package/src/server/implementation/ratelimit.ts +0 -79
package/src/server/implementation/refresh.ts +0 -172
package/src/server/implementation/signin.ts +0 -296
package/src/server/implementation/totp.ts +0 -342
package/src/server/implementation/types.ts +0 -444
package/src/server/implementation/utils.ts +0 -91
package/src/server/version.ts +0 -2

package/dist/component/public/enterprise/domains.js ADDED Viewed

@@ -0,0 +1,271 @@
+import { mutation, query } from "../../functions.js";
+import { vEnterpriseDomainDoc, vEnterpriseDomainVerificationDoc } from "../../model.js";
+import { ConvexError, v } from "convex/values";
+//#region src/component/public/enterprise/domains.ts
+/**
+* Link a domain to an enterprise record, or update an existing link.
+*
+* If the domain is already attached to a different enterprise, an
+* `ENTERPRISE_DOMAIN_TAKEN` error is thrown. If the domain already exists for
+* this enterprise, it is updated in place (e.g. toggling `isPrimary`). When
+* `isPrimary` is `true`, any previously primary domain on the same enterprise
+* is demoted. The first domain added to an enterprise becomes primary by default.
+*
+* @param args.enterpriseId - The ID of the enterprise to attach the domain to.
+* @param args.groupId - The ID of the root group that owns the enterprise.
+* @param args.domain - The domain name to link (e.g. `"acme.com"`).
+* @param args.isPrimary - Whether this domain should be set as the primary domain for the enterprise. Defaults to `true` for the first domain.
+* @returns The ID of the created or updated `EnterpriseDomain` document.
+*
+* @example
+* ```ts
+* const domainId = await ctx.runMutation(
+*   components.auth.enterprise.enterpriseDomainAdd,
+*   {
+*     enterpriseId,
+*     groupId: orgGroupId,
+*     domain: "acme.com",
+*     isPrimary: true,
+*   },
+* );
+* ```
+*/
+const enterpriseDomainAdd = mutation({
+	args: {
+		enterpriseId: v.id("Enterprise"),
+		groupId: v.id("Group"),
+		domain: v.string(),
+		isPrimary: v.optional(v.boolean())
+	},
+	returns: v.id("EnterpriseDomain"),
+	handler: async (ctx, args) => {
+		const existingByDomain = await ctx.db.query("EnterpriseDomain").withIndex("domain", (idx) => idx.eq("domain", args.domain)).first();
+		if (existingByDomain && existingByDomain.enterpriseId !== args.enterpriseId) throw new ConvexError({
+			code: "ENTERPRISE_DOMAIN_TAKEN",
+			message: "That domain is already attached to another enterprise."
+		});
+		const existingForEnterprise = await ctx.db.query("EnterpriseDomain").withIndex("enterprise_id", (idx) => idx.eq("enterpriseId", args.enterpriseId)).collect();
+		for (const row of existingForEnterprise) if (row.domain === args.domain) {
+			await ctx.db.patch(row._id, { isPrimary: args.isPrimary ?? row.isPrimary });
+			return row._id;
+		}
+		if (args.isPrimary === true) {
+			for (const row of existingForEnterprise) if (row.isPrimary) await ctx.db.patch(row._id, { isPrimary: false });
+		}
+		return await ctx.db.insert("EnterpriseDomain", {
+			...args,
+			isPrimary: args.isPrimary ?? existingForEnterprise.length === 0
+		});
+	}
+});
+/**
+* List all domains linked to a specific enterprise.
+*
+* Returns all `EnterpriseDomain` documents associated with the given enterprise,
+* queried via the `enterprise_id` index. The result includes both verified and
+* unverified domains.
+*
+* @param args.enterpriseId - The ID of the enterprise whose domains to list.
+* @returns An array of enterprise domain documents.
+*
+* @example
+* ```ts
+* const domains = await ctx.runQuery(
+*   components.auth.enterprise.enterpriseDomainList,
+*   { enterpriseId },
+* );
+* for (const d of domains) {
+*   console.log(d.domain, d.isPrimary, d.verifiedAt);
+* }
+* ```
+*/
+const enterpriseDomainList = query({
+	args: { enterpriseId: v.id("Enterprise") },
+	returns: v.array(vEnterpriseDomainDoc),
+	handler: async (ctx, { enterpriseId }) => {
+		return await ctx.db.query("EnterpriseDomain").withIndex("enterprise_id", (idx) => idx.eq("enterpriseId", enterpriseId)).collect();
+	}
+});
+/**
+* Remove a linked enterprise domain and its associated verification record.
+*
+* Deletes the `EnterpriseDomain` document and, if one exists, the related
+* `EnterpriseDomainVerification` record. This is a permanent deletion.
+*
+* @param args.domainId - The document ID of the enterprise domain to remove.
+* @returns `null` on success.
+*
+* @example
+* ```ts
+* await ctx.runMutation(
+*   components.auth.enterprise.enterpriseDomainDelete,
+*   { domainId },
+* );
+* ```
+*/
+const enterpriseDomainDelete = mutation({
+	args: { domainId: v.id("EnterpriseDomain") },
+	returns: v.null(),
+	handler: async (ctx, { domainId }) => {
+		const verification = await ctx.db.query("EnterpriseDomainVerification").withIndex("domain_id", (idx) => idx.eq("domainId", domainId)).first();
+		if (verification) await ctx.db.delete(verification._id);
+		await ctx.db.delete(domainId);
+		return null;
+	}
+});
+/**
+* Retrieve the pending domain verification record for a given enterprise domain.
+*
+* Returns the `EnterpriseDomainVerification` document associated with the
+* specified domain, or `null` if no verification has been initiated.
+*
+* @param args.domainId - The document ID of the enterprise domain whose verification to retrieve.
+* @returns The domain verification document, or `null` if none exists.
+*
+* @example
+* ```ts
+* const verification = await ctx.runQuery(
+*   components.auth.enterprise.enterpriseDomainVerificationGet,
+*   { domainId },
+* );
+* if (verification) {
+*   console.log(verification.recordName, verification.expiresAt);
+* }
+* ```
+*/
+const enterpriseDomainVerificationGet = query({
+	args: { domainId: v.id("EnterpriseDomain") },
+	returns: v.union(vEnterpriseDomainVerificationDoc, v.null()),
+	handler: async (ctx, { domainId }) => {
+		return await ctx.db.query("EnterpriseDomainVerification").withIndex("domain_id", (idx) => idx.eq("domainId", domainId)).first();
+	}
+});
+/**
+* Create or update a domain verification challenge for an enterprise domain.
+*
+* If a verification record already exists for the domain, all fields are
+* updated in place (e.g. to rotate the token). Otherwise a new record is
+* created. The caller is responsible for generating the DNS record name,
+* token, and token hash.
+*
+* @param args.enterpriseId - The ID of the enterprise that owns the domain.
+* @param args.groupId - The ID of the root group that owns the enterprise.
+* @param args.domainId - The document ID of the enterprise domain to verify.
+* @param args.domain - The domain name string (e.g. `"acme.com"`).
+* @param args.recordName - The DNS TXT record name to be published (e.g. `"_convex-verify.acme.com"`).
+* @param args.token - The plaintext verification token value.
+* @param args.tokenHash - A hash of the verification token for secure storage.
+* @param args.requestedAt - Epoch timestamp (ms) when the verification was requested.
+* @param args.expiresAt - Epoch timestamp (ms) after which the challenge expires.
+* @returns The ID of the created or updated `EnterpriseDomainVerification` document.
+*
+* @example
+* ```ts
+* const verificationId = await ctx.runMutation(
+*   components.auth.enterprise.enterpriseDomainVerificationUpsert,
+*   {
+*     enterpriseId,
+*     groupId: orgGroupId,
+*     domainId,
+*     domain: "acme.com",
+*     recordName: "_convex-verify.acme.com",
+*     token: "abc123",
+*     tokenHash: "sha256:...",
+*     requestedAt: Date.now(),
+*     expiresAt: Date.now() + 7 * 24 * 60 * 60 * 1000,
+*   },
+* );
+* ```
+*/
+const enterpriseDomainVerificationUpsert = mutation({
+	args: {
+		enterpriseId: v.id("Enterprise"),
+		groupId: v.id("Group"),
+		domainId: v.id("EnterpriseDomain"),
+		domain: v.string(),
+		recordName: v.string(),
+		token: v.string(),
+		tokenHash: v.string(),
+		requestedAt: v.number(),
+		expiresAt: v.number()
+	},
+	returns: v.id("EnterpriseDomainVerification"),
+	handler: async (ctx, args) => {
+		const existing = await ctx.db.query("EnterpriseDomainVerification").withIndex("domain_id", (idx) => idx.eq("domainId", args.domainId)).first();
+		if (existing) {
+			await ctx.db.patch(existing._id, args);
+			return existing._id;
+		}
+		return await ctx.db.insert("EnterpriseDomainVerification", args);
+	}
+});
+/**
+* Delete the pending domain verification record for an enterprise domain.
+*
+* Removes the `EnterpriseDomainVerification` document associated with the
+* given domain, effectively cancelling the verification challenge. If no
+* verification record exists, this is a no-op.
+*
+* @param args.domainId - The document ID of the enterprise domain whose verification to delete.
+* @returns `null` on success.
+*
+* @example
+* ```ts
+* await ctx.runMutation(
+*   components.auth.enterprise.enterpriseDomainVerificationDelete,
+*   { domainId },
+* );
+* ```
+*/
+const enterpriseDomainVerificationDelete = mutation({
+	args: { domainId: v.id("EnterpriseDomain") },
+	returns: v.null(),
+	handler: async (ctx, { domainId }) => {
+		const existing = await ctx.db.query("EnterpriseDomainVerification").withIndex("domain_id", (idx) => idx.eq("domainId", domainId)).first();
+		if (existing) await ctx.db.delete(existing._id);
+		return null;
+	}
+});
+/**
+* Mark an enterprise domain as verified and clean up the verification record.
+*
+* Sets the `verifiedAt` timestamp on the domain document and deletes the
+* associated `EnterpriseDomainVerification` record (if any). Throws an
+* `INVALID_PARAMETERS` error if the domain document does not exist.
+*
+* @param args.domainId - The document ID of the enterprise domain to mark as verified.
+* @param args.verifiedAt - Epoch timestamp (ms) at which the domain was verified.
+* @returns The updated enterprise domain document with the `verifiedAt` field set.
+*
+* @example
+* ```ts
+* const verifiedDomain = await ctx.runMutation(
+*   components.auth.enterprise.enterpriseDomainVerify,
+*   { domainId, verifiedAt: Date.now() },
+* );
+* console.log("Domain verified:", verifiedDomain.domain);
+* ```
+*/
+const enterpriseDomainVerify = mutation({
+	args: {
+		domainId: v.id("EnterpriseDomain"),
+		verifiedAt: v.number()
+	},
+	returns: vEnterpriseDomainDoc,
+	handler: async (ctx, { domainId, verifiedAt }) => {
+		await ctx.db.patch(domainId, { verifiedAt });
+		const domain = await ctx.db.get("EnterpriseDomain", domainId);
+		if (!domain) throw new ConvexError({
+			code: "INVALID_PARAMETERS",
+			message: "Enterprise domain not found."
+		});
+		const verification = await ctx.db.query("EnterpriseDomainVerification").withIndex("domain_id", (idx) => idx.eq("domainId", domainId)).first();
+		if (verification) await ctx.db.delete(verification._id);
+		return domain;
+	}
+});
+//#endregion
+export { enterpriseDomainAdd, enterpriseDomainDelete, enterpriseDomainList, enterpriseDomainVerificationDelete, enterpriseDomainVerificationGet, enterpriseDomainVerificationUpsert, enterpriseDomainVerify };
+//# sourceMappingURL=domains.js.map

package/dist/component/public/enterprise/domains.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"domains.js","names":[],"sources":["../../../../src/component/public/enterprise/domains.ts"],"sourcesContent":["import { ConvexError, v } from \"convex/values\";\nimport { mutation, query } from \"../../functions\";\nimport { vEnterpriseDomainDoc, vEnterpriseDomainVerificationDoc } from \"../../model\";\n\n/**\n * Link a domain to an enterprise record, or update an existing link.\n *\n * If the domain is already attached to a different enterprise, an\n * `ENTERPRISE_DOMAIN_TAKEN` error is thrown. If the domain already exists for\n * this enterprise, it is updated in place (e.g. toggling `isPrimary`). When\n * `isPrimary` is `true`, any previously primary domain on the same enterprise\n * is demoted. The first domain added to an enterprise becomes primary by default.\n *\n * @param args.enterpriseId - The ID of the enterprise to attach the domain to.\n * @param args.groupId - The ID of the root group that owns the enterprise.\n * @param args.domain - The domain name to link (e.g. `\"acme.com\"`).\n * @param args.isPrimary - Whether this domain should be set as the primary domain for the enterprise. Defaults to `true` for the first domain.\n * @returns The ID of the created or updated `EnterpriseDomain` document.\n *\n * @example\n * ```ts\n * const domainId = await ctx.runMutation(\n * components.auth.enterprise.enterpriseDomainAdd,\n * {\n * enterpriseId,\n * groupId: orgGroupId,\n * domain: \"acme.com\",\n * isPrimary: true,\n * },\n * );\n * ```\n */\nexport const enterpriseDomainAdd = mutation({\n args: {\n enterpriseId: v.id(\"Enterprise\"),\n groupId: v.id(\"Group\"),\n domain: v.string(),\n isPrimary: v.optional(v.boolean()),\n },\n returns: v.id(\"EnterpriseDomain\"),\n handler: async (ctx, args) => {\n const existingByDomain = await ctx.db\n .query(\"EnterpriseDomain\")\n .withIndex(\"domain\", (idx) => idx.eq(\"domain\", args.domain))\n .first();\n if (\n existingByDomain &&\n existingByDomain.enterpriseId !== args.enterpriseId\n ) {\n throw new ConvexError({\n code: \"ENTERPRISE_DOMAIN_TAKEN\",\n message: \"That domain is already attached to another enterprise.\",\n });\n }\n\n const existingForEnterprise = await ctx.db\n .query(\"EnterpriseDomain\")\n .withIndex(\"enterprise_id\", (idx) =>\n idx.eq(\"enterpriseId\", args.enterpriseId),\n )\n .collect();\n\n for (const row of existingForEnterprise) {\n if (row.domain === args.domain) {\n await ctx.db.patch(row._id, {\n isPrimary: args.isPrimary ?? row.isPrimary,\n });\n return row._id;\n }\n }\n\n if (args.isPrimary === true) {\n for (const row of existingForEnterprise) {\n if (row.isPrimary) {\n await ctx.db.patch(row._id, { isPrimary: false });\n }\n }\n }\n\n return await ctx.db.insert(\"EnterpriseDomain\", {\n ...args,\n isPrimary: args.isPrimary ?? existingForEnterprise.length === 0,\n });\n },\n});\n\n/**\n * List all domains linked to a specific enterprise.\n *\n * Returns all `EnterpriseDomain` documents associated with the given enterprise,\n * queried via the `enterprise_id` index. The result includes both verified and\n * unverified domains.\n *\n * @param args.enterpriseId - The ID of the enterprise whose domains to list.\n * @returns An array of enterprise domain documents.\n *\n * @example\n * ```ts\n * const domains = await ctx.runQuery(\n * components.auth.enterprise.enterpriseDomainList,\n * { enterpriseId },\n * );\n * for (const d of domains) {\n * console.log(d.domain, d.isPrimary, d.verifiedAt);\n * }\n * ```\n */\nexport const enterpriseDomainList = query({\n args: { enterpriseId: v.id(\"Enterprise\") },\n returns: v.array(vEnterpriseDomainDoc),\n handler: async (ctx, { enterpriseId }) => {\n return await ctx.db\n .query(\"EnterpriseDomain\")\n .withIndex(\"enterprise_id\", (idx) => idx.eq(\"enterpriseId\", enterpriseId))\n .collect();\n },\n});\n\n/**\n * Remove a linked enterprise domain and its associated verification record.\n *\n * Deletes the `EnterpriseDomain` document and, if one exists, the related\n * `EnterpriseDomainVerification` record. This is a permanent deletion.\n *\n * @param args.domainId - The document ID of the enterprise domain to remove.\n * @returns `null` on success.\n *\n * @example\n * ```ts\n * await ctx.runMutation(\n * components.auth.enterprise.enterpriseDomainDelete,\n * { domainId },\n * );\n * ```\n */\nexport const enterpriseDomainDelete = mutation({\n args: { domainId: v.id(\"EnterpriseDomain\") },\n returns: v.null(),\n handler: async (ctx, { domainId }) => {\n const verification = await ctx.db\n .query(\"EnterpriseDomainVerification\")\n .withIndex(\"domain_id\", (idx) => idx.eq(\"domainId\", domainId))\n .first();\n if (verification) {\n await ctx.db.delete(verification._id);\n }\n await ctx.db.delete(domainId);\n return null;\n },\n});\n\n/**\n * Retrieve the pending domain verification record for a given enterprise domain.\n *\n * Returns the `EnterpriseDomainVerification` document associated with the\n * specified domain, or `null` if no verification has been initiated.\n *\n * @param args.domainId - The document ID of the enterprise domain whose verification to retrieve.\n * @returns The domain verification document, or `null` if none exists.\n *\n * @example\n * ```ts\n * const verification = await ctx.runQuery(\n * components.auth.enterprise.enterpriseDomainVerificationGet,\n * { domainId },\n * );\n * if (verification) {\n * console.log(verification.recordName, verification.expiresAt);\n * }\n * ```\n */\nexport const enterpriseDomainVerificationGet = query({\n args: { domainId: v.id(\"EnterpriseDomain\") },\n returns: v.union(vEnterpriseDomainVerificationDoc, v.null()),\n handler: async (ctx, { domainId }) => {\n return await ctx.db\n .query(\"EnterpriseDomainVerification\")\n .withIndex(\"domain_id\", (idx) => idx.eq(\"domainId\", domainId))\n .first();\n },\n});\n\n/**\n * Create or update a domain verification challenge for an enterprise domain.\n *\n * If a verification record already exists for the domain, all fields are\n * updated in place (e.g. to rotate the token). Otherwise a new record is\n * created. The caller is responsible for generating the DNS record name,\n * token, and token hash.\n *\n * @param args.enterpriseId - The ID of the enterprise that owns the domain.\n * @param args.groupId - The ID of the root group that owns the enterprise.\n * @param args.domainId - The document ID of the enterprise domain to verify.\n * @param args.domain - The domain name string (e.g. `\"acme.com\"`).\n * @param args.recordName - The DNS TXT record name to be published (e.g. `\"_convex-verify.acme.com\"`).\n * @param args.token - The plaintext verification token value.\n * @param args.tokenHash - A hash of the verification token for secure storage.\n * @param args.requestedAt - Epoch timestamp (ms) when the verification was requested.\n * @param args.expiresAt - Epoch timestamp (ms) after which the challenge expires.\n * @returns The ID of the created or updated `EnterpriseDomainVerification` document.\n *\n * @example\n * ```ts\n * const verificationId = await ctx.runMutation(\n * components.auth.enterprise.enterpriseDomainVerificationUpsert,\n * {\n * enterpriseId,\n * groupId: orgGroupId,\n * domainId,\n * domain: \"acme.com\",\n * recordName: \"_convex-verify.acme.com\",\n * token: \"abc123\",\n * tokenHash: \"sha256:...\",\n * requestedAt: Date.now(),\n * expiresAt: Date.now() + 7 * 24 * 60 * 60 * 1000,\n * },\n * );\n * ```\n */\nexport const enterpriseDomainVerificationUpsert = mutation({\n args: {\n enterpriseId: v.id(\"Enterprise\"),\n groupId: v.id(\"Group\"),\n domainId: v.id(\"EnterpriseDomain\"),\n domain: v.string(),\n recordName: v.string(),\n token: v.string(),\n tokenHash: v.string(),\n requestedAt: v.number(),\n expiresAt: v.number(),\n },\n returns: v.id(\"EnterpriseDomainVerification\"),\n handler: async (ctx, args) => {\n const existing = await ctx.db\n .query(\"EnterpriseDomainVerification\")\n .withIndex(\"domain_id\", (idx) => idx.eq(\"domainId\", args.domainId))\n .first();\n if (existing) {\n await ctx.db.patch(existing._id, args);\n return existing._id;\n }\n return await ctx.db.insert(\"EnterpriseDomainVerification\", args);\n },\n});\n\n/**\n * Delete the pending domain verification record for an enterprise domain.\n *\n * Removes the `EnterpriseDomainVerification` document associated with the\n * given domain, effectively cancelling the verification challenge. If no\n * verification record exists, this is a no-op.\n *\n * @param args.domainId - The document ID of the enterprise domain whose verification to delete.\n * @returns `null` on success.\n *\n * @example\n * ```ts\n * await ctx.runMutation(\n * components.auth.enterprise.enterpriseDomainVerificationDelete,\n * { domainId },\n * );\n * ```\n */\nexport const enterpriseDomainVerificationDelete = mutation({\n args: { domainId: v.id(\"EnterpriseDomain\") },\n returns: v.null(),\n handler: async (ctx, { domainId }) => {\n const existing = await ctx.db\n .query(\"EnterpriseDomainVerification\")\n .withIndex(\"domain_id\", (idx) => idx.eq(\"domainId\", domainId))\n .first();\n if (existing) {\n await ctx.db.delete(existing._id);\n }\n return null;\n },\n});\n\n/**\n * Mark an enterprise domain as verified and clean up the verification record.\n *\n * Sets the `verifiedAt` timestamp on the domain document and deletes the\n * associated `EnterpriseDomainVerification` record (if any). Throws an\n * `INVALID_PARAMETERS` error if the domain document does not exist.\n *\n * @param args.domainId - The document ID of the enterprise domain to mark as verified.\n * @param args.verifiedAt - Epoch timestamp (ms) at which the domain was verified.\n * @returns The updated enterprise domain document with the `verifiedAt` field set.\n *\n * @example\n * ```ts\n * const verifiedDomain = await ctx.runMutation(\n * components.auth.enterprise.enterpriseDomainVerify,\n * { domainId, verifiedAt: Date.now() },\n * );\n * console.log(\"Domain verified:\", verifiedDomain.domain);\n * ```\n */\nexport const enterpriseDomainVerify = mutation({\n args: {\n domainId: v.id(\"EnterpriseDomain\"),\n verifiedAt: v.number(),\n },\n returns: vEnterpriseDomainDoc,\n handler: async (ctx, { domainId, verifiedAt }) => {\n await ctx.db.patch(domainId, { verifiedAt });\n const domain = await ctx.db.get(\"EnterpriseDomain\", domainId);\n if (!domain) {\n throw new ConvexError({\n code: \"INVALID_PARAMETERS\",\n message: \"Enterprise domain not found.\",\n });\n }\n const verification = await ctx.db\n .query(\"EnterpriseDomainVerification\")\n .withIndex(\"domain_id\", (idx) => idx.eq(\"domainId\", domainId))\n .first();\n if (verification) {\n await ctx.db.delete(verification._id);\n }\n return domain;\n },\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgCA,MAAa,sBAAsB,SAAS;CAC1C,MAAM;EACJ,cAAc,EAAE,GAAG,aAAa;EAChC,SAAS,EAAE,GAAG,QAAQ;EACtB,QAAQ,EAAE,QAAQ;EAClB,WAAW,EAAE,SAAS,EAAE,SAAS,CAAC;EACnC;CACD,SAAS,EAAE,GAAG,mBAAmB;CACjC,SAAS,OAAO,KAAK,SAAS;EAC5B,MAAM,mBAAmB,MAAM,IAAI,GAChC,MAAM,mBAAmB,CACzB,UAAU,WAAW,QAAQ,IAAI,GAAG,UAAU,KAAK,OAAO,CAAC,CAC3D,OAAO;AACV,MACE,oBACA,iBAAiB,iBAAiB,KAAK,aAEvC,OAAM,IAAI,YAAY;GACpB,MAAM;GACN,SAAS;GACV,CAAC;EAGJ,MAAM,wBAAwB,MAAM,IAAI,GACrC,MAAM,mBAAmB,CACzB,UAAU,kBAAkB,QAC3B,IAAI,GAAG,gBAAgB,KAAK,aAAa,CAC1C,CACA,SAAS;AAEZ,OAAK,MAAM,OAAO,sBAChB,KAAI,IAAI,WAAW,KAAK,QAAQ;AAC9B,SAAM,IAAI,GAAG,MAAM,IAAI,KAAK,EAC1B,WAAW,KAAK,aAAa,IAAI,WAClC,CAAC;AACF,UAAO,IAAI;;AAIf,MAAI,KAAK,cAAc,MACrB;QAAK,MAAM,OAAO,sBAChB,KAAI,IAAI,UACN,OAAM,IAAI,GAAG,MAAM,IAAI,KAAK,EAAE,WAAW,OAAO,CAAC;;AAKvD,SAAO,MAAM,IAAI,GAAG,OAAO,oBAAoB;GAC7C,GAAG;GACH,WAAW,KAAK,aAAa,sBAAsB,WAAW;GAC/D,CAAC;;CAEL,CAAC;;;;;;;;;;;;;;;;;;;;;;AAuBF,MAAa,uBAAuB,MAAM;CACxC,MAAM,EAAE,cAAc,EAAE,GAAG,aAAa,EAAE;CAC1C,SAAS,EAAE,MAAM,qBAAqB;CACtC,SAAS,OAAO,KAAK,EAAE,mBAAmB;AACxC,SAAO,MAAM,IAAI,GACd,MAAM,mBAAmB,CACzB,UAAU,kBAAkB,QAAQ,IAAI,GAAG,gBAAgB,aAAa,CAAC,CACzE,SAAS;;CAEf,CAAC;;;;;;;;;;;;;;;;;;AAmBF,MAAa,yBAAyB,SAAS;CAC7C,MAAM,EAAE,UAAU,EAAE,GAAG,mBAAmB,EAAE;CAC5C,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,eAAe;EACpC,MAAM,eAAe,MAAM,IAAI,GAC5B,MAAM,+BAA+B,CACrC,UAAU,cAAc,QAAQ,IAAI,GAAG,YAAY,SAAS,CAAC,CAC7D,OAAO;AACV,MAAI,aACF,OAAM,IAAI,GAAG,OAAO,aAAa,IAAI;AAEvC,QAAM,IAAI,GAAG,OAAO,SAAS;AAC7B,SAAO;;CAEV,CAAC;;;;;;;;;;;;;;;;;;;;;AAsBF,MAAa,kCAAkC,MAAM;CACnD,MAAM,EAAE,UAAU,EAAE,GAAG,mBAAmB,EAAE;CAC5C,SAAS,EAAE,MAAM,kCAAkC,EAAE,MAAM,CAAC;CAC5D,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,SAAO,MAAM,IAAI,GACd,MAAM,+BAA+B,CACrC,UAAU,cAAc,QAAQ,IAAI,GAAG,YAAY,SAAS,CAAC,CAC7D,OAAO;;CAEb,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuCF,MAAa,qCAAqC,SAAS;CACzD,MAAM;EACJ,cAAc,EAAE,GAAG,aAAa;EAChC,SAAS,EAAE,GAAG,QAAQ;EACtB,UAAU,EAAE,GAAG,mBAAmB;EAClC,QAAQ,EAAE,QAAQ;EAClB,YAAY,EAAE,QAAQ;EACtB,OAAO,EAAE,QAAQ;EACjB,WAAW,EAAE,QAAQ;EACrB,aAAa,EAAE,QAAQ;EACvB,WAAW,EAAE,QAAQ;EACtB;CACD,SAAS,EAAE,GAAG,+BAA+B;CAC7C,SAAS,OAAO,KAAK,SAAS;EAC5B,MAAM,WAAW,MAAM,IAAI,GACxB,MAAM,+BAA+B,CACrC,UAAU,cAAc,QAAQ,IAAI,GAAG,YAAY,KAAK,SAAS,CAAC,CAClE,OAAO;AACV,MAAI,UAAU;AACZ,SAAM,IAAI,GAAG,MAAM,SAAS,KAAK,KAAK;AACtC,UAAO,SAAS;;AAElB,SAAO,MAAM,IAAI,GAAG,OAAO,gCAAgC,KAAK;;CAEnE,CAAC;;;;;;;;;;;;;;;;;;;AAoBF,MAAa,qCAAqC,SAAS;CACzD,MAAM,EAAE,UAAU,EAAE,GAAG,mBAAmB,EAAE;CAC5C,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,eAAe;EACpC,MAAM,WAAW,MAAM,IAAI,GACxB,MAAM,+BAA+B,CACrC,UAAU,cAAc,QAAQ,IAAI,GAAG,YAAY,SAAS,CAAC,CAC7D,OAAO;AACV,MAAI,SACF,OAAM,IAAI,GAAG,OAAO,SAAS,IAAI;AAEnC,SAAO;;CAEV,CAAC;;;;;;;;;;;;;;;;;;;;;AAsBF,MAAa,yBAAyB,SAAS;CAC7C,MAAM;EACJ,UAAU,EAAE,GAAG,mBAAmB;EAClC,YAAY,EAAE,QAAQ;EACvB;CACD,SAAS;CACT,SAAS,OAAO,KAAK,EAAE,UAAU,iBAAiB;AAChD,QAAM,IAAI,GAAG,MAAM,UAAU,EAAE,YAAY,CAAC;EAC5C,MAAM,SAAS,MAAM,IAAI,GAAG,IAAI,oBAAoB,SAAS;AAC7D,MAAI,CAAC,OACH,OAAM,IAAI,YAAY;GACpB,MAAM;GACN,SAAS;GACV,CAAC;EAEJ,MAAM,eAAe,MAAM,IAAI,GAC5B,MAAM,+BAA+B,CACrC,UAAU,cAAc,QAAQ,IAAI,GAAG,YAAY,SAAS,CAAC,CAC7D,OAAO;AACV,MAAI,aACF,OAAM,IAAI,GAAG,OAAO,aAAa,IAAI;AAEvC,SAAO;;CAEV,CAAC"}

package/dist/component/public/enterprise/scim.d.ts ADDED Viewed

@@ -0,0 +1,245 @@
+declare namespace scim_d_exports {
+  export { enterpriseScimConfigGetByEnterprise, enterpriseScimConfigGetByTokenHash, enterpriseScimConfigUpsert, enterpriseScimIdentityDelete, enterpriseScimIdentityGet, enterpriseScimIdentityGetByEnterpriseAndUser, enterpriseScimIdentityGetByMappedGroup, enterpriseScimIdentityGetByUser, enterpriseScimIdentityListByEnterprise, enterpriseScimIdentityUpsert };
+}
+/**
+ * Create or update the SCIM provisioning configuration for an enterprise.
+ *
+ * If a SCIM config already exists for the given enterprise, all fields are
+ * patched in place (useful for rotating the bearer token). Otherwise a new
+ * config document is created. Only one SCIM config is allowed per enterprise.
+ *
+ * @param args.enterpriseId - The ID of the enterprise to configure SCIM for.
+ * @param args.groupId - The ID of the root group that owns the enterprise.
+ * @param args.status - The SCIM config lifecycle status: `"draft"`, `"active"`, or `"disabled"`.
+ * @param args.basePath - The base URL path for the SCIM endpoint (e.g. `"/scim/v2"`).
+ * @param args.tokenHash - A hash of the bearer token used to authenticate SCIM requests.
+ * @param args.lastRotatedAt - An optional epoch timestamp (ms) recording when the token was last rotated.
+ * @param args.extend - An optional arbitrary extension object for custom SCIM settings.
+ * @returns The ID of the created or updated `EnterpriseScimConfig` document.
+ *
+ * @example
+ * ```ts
+ * const configId = await ctx.runMutation(
+ *   components.auth.enterprise.enterpriseScimConfigUpsert,
+ *   {
+ *     enterpriseId,
+ *     groupId: orgGroupId,
+ *     status: "active",
+ *     basePath: "/scim/v2",
+ *     tokenHash: "sha256:abc123...",
+ *     lastRotatedAt: Date.now(),
+ *   },
+ * );
+ * ```
+ */
+declare const enterpriseScimConfigUpsert: any;
+/**
+ * Retrieve the SCIM configuration for a specific enterprise.
+ *
+ * Looks up the SCIM config document by enterprise ID using the
+ * `enterprise_id` index. Returns `null` if SCIM has not been configured.
+ *
+ * @param args.enterpriseId - The ID of the enterprise whose SCIM config to retrieve.
+ * @returns The SCIM configuration document, or `null` if not configured.
+ *
+ * @example
+ * ```ts
+ * const config = await ctx.runQuery(
+ *   components.auth.enterprise.enterpriseScimConfigGetByEnterprise,
+ *   { enterpriseId },
+ * );
+ * if (config) {
+ *   console.log(config.status, config.basePath);
+ * }
+ * ```
+ */
+declare const enterpriseScimConfigGetByEnterprise: any;
+/**
+ * Look up a SCIM configuration by its bearer token hash.
+ *
+ * Used during SCIM request authentication to resolve which enterprise a
+ * given bearer token belongs to. Returns `null` if no config matches.
+ *
+ * @param args.tokenHash - The hash of the bearer token from the incoming SCIM request.
+ * @returns The matching SCIM configuration document, or `null` if not found.
+ *
+ * @example
+ * ```ts
+ * const config = await ctx.runQuery(
+ *   components.auth.enterprise.enterpriseScimConfigGetByTokenHash,
+ *   { tokenHash: "sha256:abc123..." },
+ * );
+ * if (config) {
+ *   console.log("Authenticated enterprise:", config.enterpriseId);
+ * }
+ * ```
+ */
+declare const enterpriseScimConfigGetByTokenHash: any;
+/**
+ * Retrieve a SCIM identity by enterprise, resource type, and external ID.
+ *
+ * Looks up a SCIM-provisioned identity using the composite index on
+ * `(enterpriseId, resourceType, externalId)`. This is the primary lookup
+ * used when processing incoming SCIM user or group operations.
+ *
+ * @param args.enterpriseId - The ID of the enterprise that owns the SCIM identity.
+ * @param args.resourceType - The SCIM resource type: `"user"` or `"group"`.
+ * @param args.externalId - The external identifier assigned by the identity provider.
+ * @returns The SCIM identity document, or `null` if not found.
+ *
+ * @example
+ * ```ts
+ * const identity = await ctx.runQuery(
+ *   components.auth.enterprise.enterpriseScimIdentityGet,
+ *   {
+ *     enterpriseId,
+ *     resourceType: "user",
+ *     externalId: "okta-user-abc123",
+ *   },
+ * );
+ * ```
+ */
+declare const enterpriseScimIdentityGet: any;
+/**
+ * Retrieve the SCIM identity linked to a specific user.
+ *
+ * Looks up the first SCIM identity document associated with the given user ID
+ * via the `user_id` index. Useful for checking whether a user was provisioned
+ * through SCIM.
+ *
+ * @param args.userId - The document ID of the user whose SCIM identity to retrieve.
+ * @returns The SCIM identity document, or `null` if the user has no SCIM identity.
+ *
+ * @example
+ * ```ts
+ * const scimIdentity = await ctx.runQuery(
+ *   components.auth.enterprise.enterpriseScimIdentityGetByUser,
+ *   { userId },
+ * );
+ * if (scimIdentity) {
+ *   console.log("User provisioned via SCIM:", scimIdentity.externalId);
+ * }
+ * ```
+ */
+declare const enterpriseScimIdentityGetByUser: any;
+/**
+ * Retrieve the SCIM identity for a specific user within a specific enterprise.
+ *
+ * Uses the composite `(enterpriseId, userId)` index to find the SCIM identity
+ * that links a user to a particular enterprise. This is useful when a user may
+ * belong to multiple enterprises.
+ *
+ * @param args.enterpriseId - The ID of the enterprise to scope the lookup to.
+ * @param args.userId - The document ID of the user.
+ * @returns The SCIM identity document, or `null` if not found.
+ *
+ * @example
+ * ```ts
+ * const identity = await ctx.runQuery(
+ *   components.auth.enterprise.enterpriseScimIdentityGetByEnterpriseAndUser,
+ *   { enterpriseId, userId },
+ * );
+ * ```
+ */
+declare const enterpriseScimIdentityGetByEnterpriseAndUser: any;
+/**
+ * Retrieve the SCIM identity that is mapped to a specific group.
+ *
+ * Looks up a SCIM identity by its `mappedGroupId` field. This is used when
+ * a SCIM group resource has been mapped to an internal group, and you need
+ * to find the corresponding SCIM identity record.
+ *
+ * @param args.mappedGroupId - The document ID of the internal group that a SCIM group is mapped to.
+ * @returns The SCIM identity document, or `null` if no mapping exists.
+ *
+ * @example
+ * ```ts
+ * const scimGroup = await ctx.runQuery(
+ *   components.auth.enterprise.enterpriseScimIdentityGetByMappedGroup,
+ *   { mappedGroupId: teamGroupId },
+ * );
+ * if (scimGroup) {
+ *   console.log("SCIM external group ID:", scimGroup.externalId);
+ * }
+ * ```
+ */
+declare const enterpriseScimIdentityGetByMappedGroup: any;
+/**
+ * List all SCIM identities belonging to a specific enterprise.
+ *
+ * Returns all `EnterpriseScimIdentity` documents for the given enterprise,
+ * including both user and group resource types. Useful for displaying all
+ * SCIM-provisioned resources or for bulk operations.
+ *
+ * @param args.enterpriseId - The ID of the enterprise whose SCIM identities to list.
+ * @returns An array of SCIM identity documents.
+ *
+ * @example
+ * ```ts
+ * const identities = await ctx.runQuery(
+ *   components.auth.enterprise.enterpriseScimIdentityListByEnterprise,
+ *   { enterpriseId },
+ * );
+ * const users = identities.filter((i) => i.resourceType === "user");
+ * const groups = identities.filter((i) => i.resourceType === "group");
+ * ```
+ */
+declare const enterpriseScimIdentityListByEnterprise: any;
+/**
+ * Create or update a SCIM-provisioned identity record.
+ *
+ * If a SCIM identity with the same `(enterpriseId, resourceType, externalId)`
+ * already exists, its fields are patched in place. Otherwise a new record is
+ * created. This is the core upsert used by the SCIM provisioning handler to
+ * sync users and groups from external identity providers.
+ *
+ * @param args.enterpriseId - The ID of the enterprise the identity belongs to.
+ * @param args.groupId - The ID of the root group that owns the enterprise.
+ * @param args.resourceType - The SCIM resource type: `"user"` or `"group"`.
+ * @param args.externalId - The external identifier assigned by the identity provider.
+ * @param args.userId - An optional link to the internal user document (for user resources).
+ * @param args.mappedGroupId - An optional link to an internal group document (for group resources).
+ * @param args.lastProvisionedAt - An optional epoch timestamp (ms) of the last sync.
+ * @param args.active - An optional flag indicating whether the identity is active.
+ * @param args.raw - An optional raw SCIM payload stored for debugging or re-processing.
+ * @returns The ID of the created or updated `EnterpriseScimIdentity` document.
+ *
+ * @example
+ * ```ts
+ * const identityId = await ctx.runMutation(
+ *   components.auth.enterprise.enterpriseScimIdentityUpsert,
+ *   {
+ *     enterpriseId,
+ *     groupId: orgGroupId,
+ *     resourceType: "user",
+ *     externalId: "okta-user-abc123",
+ *     userId,
+ *     active: true,
+ *     lastProvisionedAt: Date.now(),
+ *     raw: { schemas: ["urn:ietf:params:scim:schemas:core:2.0:User"], userName: "jane@acme.com" },
+ *   },
+ * );
+ * ```
+ */
+declare const enterpriseScimIdentityUpsert: any;
+/**
+ * Permanently delete a SCIM identity record.
+ *
+ * Removes the `EnterpriseScimIdentity` document. This is typically called
+ * when a SCIM DELETE request is received for a user or group resource.
+ *
+ * @param args.identityId - The document ID of the SCIM identity to delete.
+ * @returns `null` on success.
+ *
+ * @example
+ * ```ts
+ * await ctx.runMutation(
+ *   components.auth.enterprise.enterpriseScimIdentityDelete,
+ *   { identityId: scimIdentity._id },
+ * );
+ * ```
+ */
+declare const enterpriseScimIdentityDelete: any;
+//#endregion
+export { enterpriseScimConfigGetByEnterprise, enterpriseScimConfigGetByTokenHash, enterpriseScimConfigUpsert, enterpriseScimIdentityDelete, enterpriseScimIdentityGet, enterpriseScimIdentityGetByEnterpriseAndUser, enterpriseScimIdentityGetByMappedGroup, enterpriseScimIdentityGetByUser, enterpriseScimIdentityListByEnterprise, enterpriseScimIdentityUpsert, scim_d_exports };
+//# sourceMappingURL=scim.d.ts.map

package/dist/component/public/enterprise/scim.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"scim.d.ts","names":[],"sources":["../../../../src/component/public/enterprise/scim.ts"],"mappings":";;;;;;;;;;;;;;;;;;AAwCA;;;;;AA8CA;;;;;AA+BA;;;;;AAmCA;cAhHa,0BAAA;;;;AAyJb;;;;;AA8BA;;;;;AAqCA;;;;;AAiCA;;cA/Ma,mCAAA;;;AA8Pb;;;;;AAgDA;;;;;;;;;;;;;cA/Qa,kCAAA;;;;;;;;;;;;;;;;;;;;;;;;;cAmCA,yBAAA;;;;;;;;;;;;;;;;;;;;;;cAyCA,+BAAA;;;;;;;;;;;;;;;;;;;;cA8BA,4CAAA;;;;;;;;;;;;;;;;;;;;;;cAqCA,sCAAA;;;;;;;;;;;;;;;;;;;;;cAiCA,sCAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cA+CA,4BAAA;;;;;;;;;;;;;;;;;;cAgDA,4BAAA"}